khal Archive at IKIBLOGKU

Author Archive for khal

JAVA Hands on Lab (2)

Published

on August 20, 2008

. 0 Comments

Read data from a file.
Object Oriented Software Engineering - Java
Khalilur Rahman

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

package courseregistrationsystem2;

import java.io.BufferedReader;
import java.io.FileReader;

/**
 *
 * @author khal
 */
public class Main {

    /**
     * @param args the command line arguments
     */
    static Course[] allCourses;
    public static void main(String[] args) {
        // TODO code application logic here
        allCourses = new Course[50];
        readSourceFile("StudentDataInput.txt");
    }
    public static void readSourceFile(String fileName){
        String code, venue, title, instructor;
        try {
            FileReader fileReader = new FileReader(fileName);
            BufferedReader in = new BufferedReader(fileReader);
            int numberOfCourse = Integer.parseInt(in.readLine());
            for (int i = 0; i < numberOfCourse; i++){
                if ((code = in.readLine())== null) break;
                if ((venue = in.readLine())== null) break;
                if ((title = in.readLine())== null) break;
                if ((instructor = in.readLine())== null) break;
                createCourse(i, code, venue, title, instructor);
            }
        } catch (Exception e) {
            System.out.println(e.getMessage());
        }
    }
    public static void createCourse(int index, String code, String venue,
            String title, String instructor){

        allCourses[index]= new Course();
        allCourses[index].code = code;
        allCourses[index].venue = venue;
        allCourses[index].title = title;
        allCourses[index].instructor = instructor;

        System.out.println(allCourses[index].code);
        System.out.println(allCourses[index].venue);
        System.out.println(allCourses[index].title);
        System.out.println(allCourses[index].instructor);
    }
}

JAVA Hands on Lab (1)

Published

khal

on August 20, 2008

in Programming

. 0 Comments

Object oriented Software Engineering - Java
Khalilur Rahman

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

package courseregistration;

import java.io.BufferedReader;
import java.io.InputStreamReader;
import org.omg.PortableInterceptor.SYSTEM_EXCEPTION;

/**
 *
 * @author khal
 */
public class courseRegistration {

    /**
     * @param args the command line arguments
     */
    static Course[] allCourses;
    public static void main(String[] args) {
        // TODO code application logic here
        allCourses = new Course[50];

        allCourses[0] = new Course();
        allCourses[0].code =  "CI6201";
        allCourses[0].title =  "Professional Seminar";
        allCourses[0].venue =  "LT2";
        allCourses[0].instructor =  "Paul Wu";
        allCourses[0].academicUnit = 3;

        allCourses[1] = new Course();
        allCourses[1].code =  "CI6202";
        allCourses[1].title =  "Information Architecture";
        allCourses[1].venue =  "LT3";
        allCourses[1].instructor =  "Chris Khoo";
        allCourses[1].academicUnit = 3;

        allCourses[2] = new Course();
        allCourses[2].code =  "CI6203";
        allCourses[2].title =  "Software Engineering";
        allCourses[2].venue =  "LT5";
        allCourses[2].instructor =  "W K Ng";
        allCourses[2].academicUnit = 3;

        displayCourse();
        pickCourse();
        pickCourseCode();
    }
    public static void displayCourse(){
        try {
            for (int i = 0; i < 50; i++ ){
                if (allCourses[i]==null) break;
                System.out.println(allCourses[i].code);
                System.out.println(allCourses[i].title);
                System.out.println(allCourses[i].instructor);
                System.out.println(allCourses[i].venue);
                System.out.println(allCourses[i].academicUnit);
            }
        } catch (Exception e) {
            System.out.println(e.getMessage());
        }

    }
    public static void pickCourse(){
        try {
            System.out.print("Enter the course code: ");
            BufferedReader in = new BufferedReader(
                    new InputStreamReader(System.in));
            int i = Integer.parseInt(in.readLine());
                System.out.println(allCourses[i].code);
                System.out.println(allCourses[i].title);
                System.out.println(allCourses[i].instructor);
                System.out.println(allCourses[i].venue);
                System.out.println(allCourses[i].academicUnit);
        } catch (Exception e) {
        }
    }
    public static void pickCourseCode(){
        try {
            System.out.print("Enter course ID: ");
            BufferedReader in = new BufferedReader(
                    new InputStreamReader(System.in));
            String code = in.readLine();
            for (int i =0; i < 50; i++){
                if (allCourses[i]==null) break;
                if (allCourses[i].code.equals(code)){
                    System.out.println(allCourses[i].code);
                    System.out.println(allCourses[i].title);
                    System.out.println(allCourses[i].instructor);
                    System.out.println(allCourses[i].venue);
                    System.out.println(allCourses[i].academicUnit);
                }
            }
        } catch (Exception e) {
            System.out.println(e.getMessage());
        }
    }

A Windows Family Tree: Security Profile

Published

khal

on March 4, 2008

in Network & Security

. 0 Comments

Win9X/ME

No user or security infrasturcture (largely obsolete)

WinNT

Highly buggy RPC libraries make owning RPC services easy — RPC data structures are not verified by default the way they are in Win2K, so almost any bad data will make them crash.
Doesn’t support some NTLMv2 and other authentication options, making sniffing nicer.
IIS 4.0 runs entirely as system and doesn’t restart after it crashes.

Win2K

NTLMv2 makes headway among entirely Win2K installation bases.
RPC libraries much less buggy that NT 4.0 (which isn’t saying much).
SP4 — Exception registers are cleared.
IIS 5.0 runs as system, but most URL handlers don’t run as system (with the exception of FrontPage, WebDav, and the like).

WinXP

Addition of Vectored Exception Handling makes things easier for heap overflows.
SP1–Exception registers are cleared.
IIS 5.1–URLs are limited to a reasonable size.
SP2 introduces firewall, heavily modifies RPC, introduces Data Execution Prevention (DEP), SafeSEH makes exploiting exception handlers harder, various other miscellaneous security improvements.

Windows 2003 Server

Entire OS compiled with stack canary, including kernel.
Parts of IIS moved into the kernel.
IIS 6.0 still written in C++, now runs under an entirely different setup with a management process and a bunch of managed processes, each of which can serve port 80/443 from particular URLs and virtual hosts.
Can finally detach from a process without it crashing. In previous versions of Win32, if you attached to a process with the debugger, detaching would forcefully kill it. This was useful sometimes, but mostly just annoying.

Windows Vista

Everything compiled with a modified, better version of the / GS stack canary.
ASLR (Address Space Layout Randomisation) makes most exploits slightly harder; can be serious difficulty when combined with DEP.
Firewall now filters outbound traffic.

Source: The Shellcoder’s Handbook 2nd Edition.

A Random Number Generation Technique with Encryption and Genetic Algorithm Applications

Published

khal

on February 4, 2008

in Programming

. 0 Comments

This article has been taken from www.codeguru.com, it’s working great.

Andy McGovern (view profile)
May 26, 2004

Environment: VC++ 6, Win32

Introduction

Many exciting applications, such as data encryption and genetic algorithm programs, use randomly generated numbers to make choices. In some (rare) cases, only truly random numbers will do; that makes things complex because programs are based on logic, and the logic they use can generally be reversed. In other words, it is difficult to program a series of logical steps that produces numbers that don’t follow some kind of pattern. One approach for generating truly random numbers is to measure some kind of continuous natural phenomena; for instance, the noise power level in a radio-frequency receiver. The noise power level appears to be random because the power level at any instant in time depends on so many variables, such as cosmic radiation, solar energy, Earth thermal energy, and so forth. For most applications, pseudo-random numbers are sufficient. Pseudo-random numbers follow predictable patterns, but they do so over very long periods. The idea is that you would have to look at a very long (maybe in the billions) string of numbers before you would see a repeat of the pattern.

A conceptually simple way to generate long sequences of pseudo-random numbers is with a linear feedback shift register (lfsr). The tapped elements (the memory slots connected to the circle with the plus inside) are XOR’ed (0 xor 1 = 1; 0 xor 0 = 0; 1 xor 1 = 0) and then placed in the right-most bit slot, pushing all the previous bits one slot to the left. The sequence of 1s and 0s that pop off the left side of the register are the pseudo-random number sequence. The catch is that some tap positions cause the register to short cycle; in other words, some tap positions do not use the register to its greatest capability. A register’s maximum-length sequence will be (2^n - 1) bits long; n is the number of slots in the register. A short cycle in the register has occurred if the register ends up with the same fill that it started with before (2^n - 1) cycles elapse. Any book on spread spectrum communications or error correcting codes is bound to have a table listing tap positions corresponding to maximal length sequences for given LFSR lengths.