India never invaded any country in her last 100000 years of history.
When many cultures were only nomadic forest dwellers over 5000 years ago, Indians established Harappan culture in Sindhu Valley (Indus Valley Civilization)
The name 'India' is derived from the River Indus, the valleys around which were the home of the early settlers. The Aryan worshippers referred to the river Indus as the Sindhu.
The Persian invaders converted it into Hindu. The name 'Hindustan' combines Sindhu and Hindu and thus refers to the land of the Hindus.
Chess was invented in India.
Algebra, Trigonometry and Calculus are studies, which originated in India.
The 'Place Value System' and the 'Decimal System' were developed in India in 100 B.C.
The World's First Granite Temple is the Brihadeswara Temple at Tanjavur, Tamil Nadu. The shikhara of the temple is made from a single 80-tonne piece of granite. This magnificent temple was built in just five years, (between 1004 AD and 1009 AD) during the reign of Rajaraja Chola.
India is the largest democracy in the world, the 6th largest Country in the world, and one of the most ancient civilizations.
The game of Snakes & Ladders was created by the 13th century poet saint Gyandev. It was originally called 'Mokshapat'. The ladders in the game represented virtues and the snakes indicated vices. The game was played with cowrie shells and dices. In time, the game underwent several modifications, but its meaning remained the same, i.e. good deeds take people to heaven and evil to a cycle of re-births.
The world's highest cricket ground is in Chail, Himachal Pradesh. Built in 1893 after leveling a hilltop, this cricket pitch is 2444 meters above sea level.
India has the largest number of Post Offices in the world.
The largest employer in the world is the Indian Railways, employing over a million people.
The world's first university was established in Takshila in 700 BC. More than 10,500 students from all over the world studied more than 60 subjects. The University of Nalanda built in the 4th century was one of the greatest achievements of ancient India in the field of education.
Ayurveda is the earliest school of medicine known to mankind. The Father of Medicine, Charaka, consolidated Ayurveda 2500 years ago.
India was one of the richest countries till the time of British rule in the early 17th Century. Christopher Columbus, attracted by India's wealth, had come looking for a sea route to India when he discovered America by mistake.
The Art of Navigation & Navigating was born in the river Sindh over 6000 years ago. The very word Navigation is derived from the Sanskrit word 'NAVGATIH'. The word navy is also derived from the Sanskrit word 'Nou'.
Bhaskaracharya rightly calculated the time taken by the earth to orbit the Sun hundreds of years before the astronomer Smart. According to his calculation, the time taken by the Earth to orbit the Sun was 365.258756484 days.
The value of "pi" was first calculated by the Indian Mathematician Budhayana, and he explained the concept of what is known as the Pythagorean Theorem. He discovered this in the 6th century, long before the European mathematicians.
Algebra, Trigonometry and Calculus also originated in India.Quadratic Equations were used by Sridharacharya in the 11th century. The largest numbers the Greeks and the Romans used were 106 whereas Hindus used numbers as big as 10*53 (i.e. 10 to the power of 53) with specific names as early as 5000 B.C.during the Vedic period.Even today, the largest used number is Terra: 10*12(10 to the power of 12).
Until 1896, India was the only source of diamonds in the world (Source: Gemological Institute of America).
The Baily Bridge is the highest bridge in the world. It is located in the Ladakh valley between the Dras and Suru rivers in the Himalayan mountains. It was built by the Indian Army in August 1982.
Sushruta is regarded as the Father of Surgery. Over2600 years ago Sushrata & his team conducted complicated surgeries like cataract, artificial limbs, cesareans, fractures, urinary stones, plastic surgery and brain surgeries.
Usage of anaesthesia was well known in ancient Indian medicine. Detailed knowledge of anatomy, embryology, digestion, metabolism,physiology, etiology, genetics and immunity is also found in many ancient Indian texts.
India exports software to 90 countries.
The four religions born in India - Hinduism, Buddhism, Jainism, and Sikhism, are followed by 25% of the world's population.
Jainism and Buddhism were founded in India in 600 B.C. and 500 B.C. respectively.
Islam is India's and the world's second largest religion.
There are 300,000 active mosques in India, more than in any other country, including the Muslim world.
The oldest European church and synagogue in India are in the city of Cochin. They were built in 1503 and 1568 respectively.
Jews and Christians have lived continuously in India since 200 B.C. and 52 A.D. respectively
The largest religious building in the world is Angkor Wat, a Hindu Temple in Cambodia built at the end of the 11th century.
The Vishnu Temple in the city of Tirupathi built in the 10th century, is the world's largest religious pilgrimage destination. Larger than either Rome or Mecca, an average of 30,000 visitors donate $6 million (US) to the temple everyday.
Sikhism originated in the Holy city of Amritsar in Punjab. Famous for housing the Golden Temple, the city was founded in 1577.
Varanasi, also known as Benaras, was called "the Ancient City" when Lord Buddha visited it in 500 B.C., and is the oldest, continuously inhabited city in the world today.
India provides safety for more than 300,000 refugees originally from Sri Lanka, Tibet, Bhutan, Afghanistan and Bangladesh, who escaped to flee religious and political persecution.
His Holiness, the Dalai Lama, the exiled spiritual leader of Tibetan Buddhists, runs his government in exile from Dharmashala in northern India.
Martial Arts were first created in India, and later spread to Asia by Buddhist missionaries.
Yoga has its origins in India and has existed for over 5,000 years.
“What is “collaborative computing?” It is the term that, we believe, will replace the traditional notion of “groupware.” Groupware as we know it today focuses on the asynchronous aspect of human collaboration. E-mail, discussion lists, list servers, and similar software products help people to electronically exchange information. In other words, these products electronically extend a letter, a fax, and a filing cabinet.
To communicate over a distance in real time, we invented the phone system. A phone conversation is an example of synchronous communication. The phone system serves us wonderfully. Is it the telephone the best possible real-time communication medium, though? It depends. Phones are ideal for person-to-person conversation, but when it comes to exchanging technical information, phones have information transfer limitations. Technical support over a telephone is imprecise and often difficult. It is much easier to share technical information in a shared web browser than try to describe the same content in a telephone conversation.
In general, communication with strong visual component, with content ranging from technical to marketing, is ill suited for telephone communication.
Collaborativecomputing is a term describing a variety of activities where people interact with one another using desktops, laptops, palmtops, and sophisticated digital cellular phones. As computers are best at handling data and representing information, person-to-person communication is enriched by an ability to share, modify, or collaboratively create data and information.
We believe collaborative computing is the future of the Internet. The Internet will evolve from its current role as a channel for information dissemination to a person-to-person communication medium. This is precisely where CollabWorx sees its role: we build, deploy, and support tools for personal interaction over the Internet.”
Traditional Collaboration – Groupware & Computer-Supported Cooperative Work
The long-standing history of office automation has lead to the classification of collaborative computing into two broad categories: (1) groupware ; and (2) computer-supported collaborative work (CSCW) . Defined as “computer-based systems that support groups of people engaged in a common task (or goal) and that provide an interface to a shared environment” , the primary focus of groupware is to provide a group interface for a shared task. In a similar vein, computer-supported cooperative work systems deal with how technology (specifically computer systems) can assist in the work process. These two areas are often combined into a single focus which addresses how groups of people can work together in a (logically) shared environment with the assistance of computer support.
Groupware systems span a spectrum of usage patterns and the illustrated time/place matrix is a well-known taxonomy. Systems which support synchronous activity are known as real-time groupware while those that support asynchronous activity (such as electronic mail) are non-real-time. Synchronous systems therefore offer a concurrent shared environment in which multiple users can interact simultaneously while asynchronous systems provide for serial non-shared interaction. As a rule, most groupware systems primarily support interaction along only one such dimension.
Groupware systems have also been classified based on application functionality, including the categories of message systems, multi-user editors, computer conferencing, intelligent agents, (group) decision support and coordination systems. An overview and discussion can be found in . Systems often span multiple categories in this taxonomy and can be used in an overlapping manner by a group to accomplish its goal. Consequently, collaboration can be seen as a blend of activities used in varying ways across multiple participants. Therefore, the utility of a collaborative environment is directly influenced by its openness and flexibility such that it can support the integration of different technologies to support various collaborative tasks.
To support this diversity within collaboration, several different perspectives exist in the application of groupware technologies; these include: distributed systems, communications, human-computer interaction, artificial intelligence and social theory. For practical purposes, many systems (with some exceptions, such as ) support group work according to a particular approach and with their own unique focus. Such an example would be workflow management systems ( WfMS ), which generally aim at assisting business or government groups in communicating, coordinating and collaborating with a special emphasis on the facilitation (i.e., automation and/or augmentation) of business processes. To do so, WfMS deal with temporal aspects such as activity sequencing, deadlines, routing conditions and schedules. They are typically “organizationally aware,” containing an explicit representation of organizational processes and often provide a rigid work environment consisting of roles, associated activities and applications. Such systems are usually highly valuable in their organizational context but are either built-for-purpose or require significant customization to meet the needs of a particular group.
This study examines online culture by constructing an affectiveportrait of Internet users. Respondents were recruited througha highly visible advertisement on the Yahoo! search engine,and their sentiments were collected with a Web-based surveyinstrument using Osgood’s semantic-differential technique.The study had three particularly engaging findings: First, Internetusers hold extremely intense and nuanced affective sentimentstoward the components of their online world. Second, these sentimentsvary with the amount of time Internet users spend online aswell as their cumulative years of Internet experience. Third,men and women have slightly different affective responses towardmany components of online culture, suggesting that despite thesupposedly gender-free nature of the Internet, men and womenexperience somewhat different online social worlds.
Social Impact
The Internet has made possible entirely new forms of social interaction, activities and organizing, thanks to its basic features such as widespread usability and access. Social networking websites such as Facebook and MySpace have created a new form of socialization and interaction. Users of these sites are able to add a wide variety of items to their personal pages, to indicate common interests, and to connect with others. It is also possible to find a large circle of existing acquaintances, especially if a site allows users to utilize their real names, and to allow communication among large existing groups of people. Sites like meetup.com exist to allow wider announcement of groups which may exist mainly for face-to-face meetings, but which may have a variety of minor interactions over their group's site at meetup.org, or other similar sites.
The first generation is now being raised with widespread availability of Internet connectivity, with consequences for privacy, identity, and copyright concerns. These "Digital natives" face a variety of concerns that were not present for prior generations.
In democratic societies, the Internet has achieved new relevance as a political tool, leading to Internet censorship by some states. The presidential campaign of Howard Dean in 2004 in the United States became famous for its ability to generate donations via the Internet. Many political groups use the Internet to achieve a whole new method of organizing, in order to carry out Internet activism. Some governments, such as those of Iran, North Korea, Myanmar, the People's Republic of China, and Saudi Arabia, restrict what people in their countries can access on the Internet, especially political and religious content. This is accomplished through software that filters domains and content so that they may not be easily accessed or obtained without elaborate circumvention.
In Norway, Denmark, Finland and Sweden, major Internet service providers have voluntarily (possibly to avoid such an arrangement being turned into law) agreed to restrict access to sites listed by police. While this list of forbidden URLs is only supposed to contain addresses of known child pornography sites, the content of the list is secret. Many countries, including the United States, have enacted laws making the possession or distribution of certain material, such as child pornography, illegal, but do not use filtering software. There are many free and commercially available software programs, called content-control software, with which a user can choose to block offensive websites on individual computers or networks, such as to limit a child's access to pornography or violence.
The Internet has been a major source of leisure since before the World Wide Web, with entertaining social experiments such as MUDs and MOOs being conducted on university servers, and humor-related Usenet groups receiving much of the main traffic. Today, many Internet forums have sections devoted to games and funny videos; short cartoons in the form of Flash movies are also popular. Over 6 million people use blogs or message boards as a means of communication and for the sharing of ideas. The pornography and gambling industries have both taken full advantage of the World Wide Web, and often provide a significant source of advertising revenue for other websites. Although many governments have attempted to put restrictions on both industries' use of the Internet, this has generally failed to stop their widespread popularity.
One main area of leisure on the Internet is multiplayer gaming. This form of leisure creates communities, bringing people of all ages and origins to enjoy the fast-paced world of multiplayer games. These range from MMORPG to first-person shooters, from role-playing games to online gambling. This has revolutionized the way many people interact and spend their free time on the Internet. While online gaming has been around since the 1970s, modern modes of online gaming began with services such as GameSpy and MPlayer, to which players of games would typically subscribe. Non-subscribers were limited to certain types of game play or certain games. Many use the Internet to access and download music, movies and other works for their enjoyment and relaxation. As discussed above, there are paid and unpaid sources for all of these, using centralized servers and distributed peer-to-peer technologies. Some of these sources take more care over the original artists' rights and over copyright laws than others.
Many use the World Wide Web to access news, weather and sports reports, to plan and book holidays and to find out more about their random ideas and casual interests. People use chat, messaging and e-mail to make and stay in touch with friends worldwide, sometimes in the same way as some previously had pen pals. Social networking websites like MySpace, Facebook and many others like them also put and keep people in contact for their enjoyment. The Internet has seen a growing number of Web desktops, where users can access their files, folders, and settings via the Internet. Cyberslacking can become a serious drain on corporate resources; the average UK employee spent 57 minutes a day surfing the Web while at work, according to a 2003 study by Peninsula Business Services
The area of Internet congestion control was formed in 1986-1987 when the then ARPANET suffered ‘congestion collapse’. Congestion collapse had been predicted by Nagel in 1984. Congestion collapse occurs when mounting levels of traffic result in high packet loss inside the network, such that few or no packets are actually delivered to their destination, yet each link is highly loaded.
The initial response to ARPANET’s congestion collapse problem was to increase the capacity of the network. This helped temporarily, but the ARAPNET continued to suffer congestion collapses until a strategy to control the load of packets entering the network was developed. In 1988 Van Jackson enhanced the famous Transport control protocol (TCP) so that the transmission rate was responsive to the level of network congestion. TCP was made to reduce the rate of transmission of hosts when it sensed the network load was nearing congestion collapse. Since the introduction of this enhanced TCP, congestion collapse did not reoccur.
This history of the Internet reflects the two fundamental approaches to the problem of controlling congestion in networks 1) Capacity Provisioning and 2) Load control. Since Congestion collapse occurs when the load of packets placed onto the network exceeds the network’s capacity to carry the packets, the capacity provisioning approach is to ensure that there is enough capacity to meet the load. The load control approach is to ensure that the load of packets placed onto the network is within the capacity of the network. Capacity provisioning is achieved either by accurate performance analysis and traffic modeling, or the brute force approach of over provisioning. There is a range of load control strategies for networks, from connection admission control schemes through to best-effort flow control as on the Internet.
1. Congestion control principles.
1.1 What is congestion?
1.2 Congestion collapse.
1.3 Controlling congestion: design considerations.
1.4 Implicit feedback.
1.5 Source behaviour with binary feedback.
1.6 Stability.
1.7 Rate-based versus window-based control.
1.8 RTT estimation.
1.9 Traffic phase effects.
1.10 Queue management.
1.11 Scalability.
1.12 Explicit feedback.
1.13 Special environments.
1.14 Congestion control and OSI layers.
1.15 Multicast congestion control.
1.16 Incentive issues.
1.17 Fairness.
1.18 Conclusion.
2. Present technology.
2.1 Introducing TCP.
2.2 TCP window management.
2.3 TCP RTO calculation.
2.4 TCP congestion control and reliability.
2.5 Concluding remarks about TCP.
2.6 The Stream Control Transmission Protocol (SCTP).
2.7 Random Early Detection (RED).
2.8 The ATM‘Available Bit Rate’ service.
Internet Congestion
Internet refers to network of networks, so the network congestion is the situation in which an increase in data transmission than the network devices (routers and switches) can accommodate. This results in a proportionately reductions, in throughput.
Throughput is the amount of data that passes through the network per unit of time, such as the number of packets per second.
Packets are the fundamental unit of data transmission on the internet and all other TCP/IP networks, including most LANs.
For this we need buffer, buffer is a portion of a device’s memory that is set aside as a temporary holding place for data that is being sent to or received from another device. This ca result in delayed of lost packets, thus causing applications to retransmit the data, thereby adding more traffic and further increasing the congestion.
Congestion Collapse is the situation in which the congestion becomes so great that throughput drops to a low level and thus little useful communication occurs. It can be stable state with the same intrinsic load level that would by itself not produce congestion. This is because it is caused by the aggressive retransmission used by carious network protocols to compensate for the packet loss that occurs as a result of congestion, a retransmission that continues even after the load is reduced to a level that would not have induced congestion by itself.
Congestion Control
It is the process that is used to reduce congestion in a network. This includes making decisions such as: deciding when to accept new TRAFFIC, when to delete packets and when to adjust the ROUTING policies used in a network.
Network congestion is somewhat analogues to road congestion. One technique that has been used with some success to deal with road congestion is monitoring, in which rate of vehicles entering a road or area is restricted by signals.
The area of Internet congestion control was baptised in 1986-1987 when the then ARPANET suffered ‘congestion collapse’. Congestion collapse had been predicted by Nagel [89] in 1984. Congestion collapse occurs when mounting levels of traffic result in high packet loss inside the network, such that few or no packets are actually delivered to their destination, yet each link is highly loaded.
Various techniques have likewise been developed in attempt to minimize congestion collapse in communications networks.
1) Load control mechanisms
When the capacity available is less than the demand for capacity, load control is the critical element which determines how many packets are allowed onto each link of the network, who gets to send them and when.
At one end of the spectrum are the connection admission control (CAC) schemes, such as the Resource Reservation Protocol (RSVP) [4]. Such schemes require the network to maintain information about each connection and arbitrate whether connections are admitted or rejected so that the connections that are admitted can be absolutely guaranteed their required bandwidth for the duration of the connection. When the load of requested connections is increased beyond the capacity of the network then some new users will be rejected in order to maintain the bandwidth guarantees made to already admit users. CAC is good for honoring bandwidth supply contracts that specify minimum rates.
2) Rethinking Best-Effort Networks
To introduce Kelly’s framework for describing best-effort networks, we will provide an example of how bandwidth allocation in a best effort network compares to bandwidth allocation in a CAC network. Let us consider an example where there are three users each requesting a 1 Mb/s connection across the same 2 Mb/s link. In a CAC network, one user will have to miss out. However, the best-effort network makes this situation less rigid by making the users’ demand for bandwidth elastic. When users do not need strict guarantees of minimum bandwidth then blocking one user is not necessarily the best solution possible. Let us assume that a user is able to quantify, by a single number, its perceived quality of service (QoS) value of sending at a certain rate. Say, transmitting at a rate of 1 Mb/s gives the maximum possible user perceived QoS value, but transmitting at a rate of less than 1 Mb/s still gives some, but less, QoS value to the user. Then, it is possible to conceive of a solution, where by making the three users transmit at 2/3 Mb/s each, the sum of the perceived QoS values of all three users is greater than the sum if only two users are allowed to transmit at the maximum 1 Mb/s and one user is blocked. In such a system, where the user demand has some flexibility, it is possible to achieve a compromise solution for sharing the available capacity which is better for the QoS of the whole community of users, despite giving less capacity to some users. This is exactly the solution that the best-effort network achieves.
3) Supply Demand Pricing
Fix the price as pay per bit.
4) Differentiated Bandwidth
Differentiate bandwidth according to the demand and price rule. More demand more price less demand less price.
One of the greatest things about the Internet is that nobody really owns it. It is a global collection of networks, both big and small. These networks connect together in many different ways to form the single entity that we know as the Internet. In fact, the very name comes from this idea of interconnected networks.
Since its beginning in 1969, the Internet has grown from four host computer systems to tens of millions. However, just because nobody owns the Internet, it doesn't mean it is not monitored and maintained in different ways. The Internet Society, a non-profit group established in 1992, oversees the formation of the policies and protocols that define how we use and interact with the Internet.
The Internet: Computer Network Hierarchy
Every computer that is connected to the Internet is part of a network, even the one in your home. For example, you may use a modem and dial a local number to connect to an Internet Service Provider (ISP). At work, you may be part of a local area network (LAN), but you most likely still connect to the Internet using an ISP that your company has contracted with. When you connect to your ISP, you become part of their network. The ISP may then connect to a larger network and become part of their network. The Internet is simply a network of networks.
Most large communications companies have their own dedicated backbones connecting various regions. In each region, the company has a Point of Presence (POP). The POP is a place for local users to access the company's network, often through a local phone number or dedicated line. The amazing thing here is that there is no overall controlling network. Instead, there are several high-level networks connecting to each other through Network Access Points or NAPs.
When you connect to the Internet, your computer
becomes part of a network.
MIME (Multipurpose Internet Mail Extensions) is an Internet standard for describes message content types.
MIME is a standard for describing different types of information This was originally meant to be used to specify encoding for different types of information into text. This made it possible to send them as e-mail.
The standard MIME is also used in other types of communication where there is a need for specifying which type of information is used. This could be your local operating system or a web server.
MIME defines mechanisms for sending other kinds of information in e-mail. These include text in languages other than English using character encodings other than ASCII, and 8-bit binary content such as files containing images, sounds, movies, and computer programs. MIME is also a fundamental component of communication protocols such as HTTP, which requires that data be transmitted in the context of e-mail-like messages even though the data might not (and usually doesn't) actually have anything to do with e-mail. Mapping messages into and out of MIME format is typically done automatically by an e-mail client or by mail servers when sending or receiving Internet (SMTP/MIME) e-mail.
How do I read MIME in my mail?
Mime is just a specification. Normally the information is encoded with some other standard format. When decoded it regains it original shape.
To be able to read the file you need an application that can handle the attached file. If two files, a word document and a image is sent by email they would both get encoded as mime. Upon receiving these files there need to be an application associated with each file type. Microsoft word or maybe another word processor would be associated with the word document making it possible to read the file. Photoshop or another image viewer would be associated with the image.
Normally the conversion from MIME to files is handled by the e-mail application. When the file is stored on disk it is up to the operating system to map an application to file type.
MIME messages can contain text, images, audio, video, and other application-specific data.
Official MIME info is provided by the Internet Engineering Task Force (IETF) in the following documents:
RFC-822 Standard for ARPA Internet text messages
RFC-2045 MIME Part 1: Format of Internet Message Bodies
RFC-2046 MIME Part 2: Media Types
RFC-2047 MIME Part 3: Header Extensions for Non-ASCII Text
RFC-2048 MIME Part 4: Registration Procedures
RFC-2049 MIME Part 5: Conformance Criteria and Examples
Different applications support different MIME types.
The reference below is a list of MIME types supported by Microsoft Internet Information Server version 5.
MIME Types
MIME Types (Application):
Type/sub-type
Extension
application/envoy
evy
application/fractals
fif
application/futuresplash
spl
application/hta
hta
application/internet-property-stream
acx
application/mac-binhex40
hqx
application/msword
doc
application/msword
dot
application/octet-stream
*
application/octet-stream
bin
application/octet-stream
class
application/octet-stream
dms
application/octet-stream
exe
application/octet-stream
lha
application/octet-stream
lzh
application/oda
oda
application/olescript
axs
application/pdf
pdf
application/pics-rules
prf
application/pkcs10
p10
application/pkix-crl
crl
application/postscript
ai
application/postscript
eps
application/postscript
ps
application/rtf
rtf
application/set-payment-initiation
setpay
application/set-registration-initiation
setreg
application/vnd.ms-excel
xla
application/vnd.ms-excel
xlc
application/vnd.ms-excel
xlm
application/vnd.ms-excel
xls
application/vnd.ms-excel
xlt
application/vnd.ms-excel
xlw
application/vnd.ms-outlook
msg
application/vnd.ms-pkicertstore
sst
application/vnd.ms-pkiseccat
cat
application/vnd.ms-pkistl
stl
application/vnd.ms-powerpoint
pot
application/vnd.ms-powerpoint
pps
application/vnd.ms-powerpoint
ppt
application/vnd.ms-project
mpp
application/vnd.ms-works
wcm
application/vnd.ms-works
wdb
application/vnd.ms-works
wks
application/vnd.ms-works
wps
application/winhlp
hlp
application/x-bcpio
bcpio
application/x-cdf
cdf
application/x-compress
z
application/x-compressed
tgz
application/x-cpio
cpio
application/x-csh
csh
application/x-director
dcr
application/x-director
dir
application/x-director
dxr
application/x-dvi
dvi
application/x-gtar
gtar
application/x-gzip
gz
application/x-hdf
hdf
application/x-internet-signup
ins
application/x-internet-signup
isp
application/x-iphone
iii
application/x-javascript
js
application/x-latex
latex
application/x-msaccess
mdb
application/x-mscardfile
crd
application/x-msclip
clp
application/x-msdownload
dll
application/x-msmediaview
m13
application/x-msmediaview
m14
application/x-msmediaview
mvb
application/x-msmetafile
wmf
application/x-msmoney
mny
application/x-mspublisher
pub
application/x-msschedule
scd
application/x-msterminal
trm
application/x-mswrite
wri
application/x-netcdf
cdf
application/x-netcdf
nc
application/x-perfmon
pma
application/x-perfmon
pmc
application/x-perfmon
pml
application/x-perfmon
pmr
application/x-perfmon
pmw
application/x-pkcs12
p12
application/x-pkcs12
pfx
application/x-pkcs7-certificates
p7b
application/x-pkcs7-certificates
spc
application/x-pkcs7-certreqresp
p7r
application/x-pkcs7-mime
p7c
application/x-pkcs7-mime
p7m
application/x-pkcs7-signature
p7s
application/x-sh
sh
application/x-shar
shar
application/x-shockwave-flash
swf
application/x-stuffit
sit
application/x-sv4cpio
sv4cpio
application/x-sv4crc
sv4crc
application/x-tar
tar
application/x-tcl
tcl
application/x-tex
tex
application/x-texinfo
texi
application/x-texinfo
texinfo
application/x-troff
roff
application/x-troff
t
application/x-troff
tr
application/x-troff-man
man
application/x-troff-me
me
application/x-troff-ms
ms
application/x-ustar
ustar
application/x-wais-source
src
application/x-x509-ca-cert
cer
application/x-x509-ca-cert
crt
application/x-x509-ca-cert
der
application/ynd.ms-pkipko
pko
application/zip
zip
MIME Types (Audio):
Type/sub-type
Extension
audio/basic
au
audio/basic
snd
audio/mid
mid
audio/mid
rmi
audio/mpeg
mp3
audio/x-aiff
aif
audio/x-aiff
aifc
audio/x-aiff
aiff
audio/x-mpegurl
m3u
audio/x-pn-realaudio
ra
audio/x-pn-realaudio
ram
audio/x-wav
wav
MIME Types (Image):
Type/sub-type
Extension
image/bmp
bmp
image/cis-cod
cod
image/gif
gif
image/ief
ief
image/jpeg
jpe
image/jpeg
jpeg
image/jpeg
jpg
image/pipeg
jfif
image/svg+xml
svg
image/tiff
tif
image/tiff
tiff
image/x-cmu-raster
ras
image/x-cmx
cmx
image/x-icon
ico
image/x-portable-anymap
pnm
image/x-portable-bitmap
pbm
image/x-portable-graymap
pgm
image/x-portable-pixmap
ppm
image/x-rgb
rgb
image/x-xbitmap
xbm
image/x-xpixmap
xpm
image/x-xwindowdump
xwd
MIME Types (Message):
Type/sub-type
Extension
message/rfc822
mht
message/rfc822
mhtml
message/rfc822
nws
MIME Types (Text):
Type/sub-type
Extension
text/css
css
text/h323
323
text/html
htm
text/html
html
text/html
stm
text/iuls
uls
text/plain
bas
text/plain
c
text/plain
h
text/plain
txt
text/richtext
rtx
text/scriptlet
sct
text/tab-separated-values
tsv
text/webviewhtml
htt
text/x-component
htc
text/x-setext
etx
text/x-vcard
vcf
MIME Types (Video):
Type/sub-type
Extension
video/mpeg
mp2
video/mpeg
mpa
video/mpeg
mpe
video/mpeg
mpeg
video/mpeg
mpg
video/mpeg
mpv2
video/quicktime
mov
video/quicktime
qt
video/x-la-asf
lsf
video/x-la-asf
lsx
video/x-ms-asf
asf
video/x-ms-asf
asr
video/x-ms-asf
asx
video/x-msvideo
avi
video/x-sgi-movie
movie
MIME Types (Video):
Type/sub-type
Extension
x-world/x-vrml
flr
x-world/x-vrml
vrml
x-world/x-vrml
wrl
x-world/x-vrml
wrz
x-world/x-vrml
xaf
x-world/x-vrml
xof
Mime Types By File Extension
Extension
Type/sub-type
application/octet-stream
323
text/h323
acx
application/internet-property-stream
ai
application/postscript
aif
audio/x-aiff
aifc
audio/x-aiff
aiff
audio/x-aiff
asf
video/x-ms-asf
asr
video/x-ms-asf
asx
video/x-ms-asf
au
audio/basic
avi
video/x-msvideo
axs
application/olescript
bas
text/plain
bcpio
application/x-bcpio
bin
application/octet-stream
bmp
image/bmp
c
text/plain
cat
application/vnd.ms-pkiseccat
cdf
application/x-cdf
cer
application/x-x509-ca-cert
class
application/octet-stream
clp
application/x-msclip
cmx
image/x-cmx
cod
image/cis-cod
cpio
application/x-cpio
crd
application/x-mscardfile
crl
application/pkix-crl
crt
application/x-x509-ca-cert
csh
application/x-csh
css
text/css
dcr
application/x-director
der
application/x-x509-ca-cert
dir
application/x-director
dll
application/x-msdownload
dms
application/octet-stream
doc
application/msword
dot
application/msword
dvi
application/x-dvi
dxr
application/x-director
eps
application/postscript
etx
text/x-setext
evy
application/envoy
exe
application/octet-stream
fif
application/fractals
flr
x-world/x-vrml
gif
image/gif
gtar
application/x-gtar
gz
application/x-gzip
h
text/plain
hdf
application/x-hdf
hlp
application/winhlp
hqx
application/mac-binhex40
hta
application/hta
htc
text/x-component
htm
text/html
html
text/html
htt
text/webviewhtml
ico
image/x-icon
ief
image/ief
iii
application/x-iphone
ins
application/x-internet-signup
isp
application/x-internet-signup
jfif
image/pipeg
jpe
image/jpeg
jpeg
image/jpeg
jpg
image/jpeg
js
application/x-javascript
latex
application/x-latex
lha
application/octet-stream
lsf
video/x-la-asf
lsx
video/x-la-asf
lzh
application/octet-stream
m13
application/x-msmediaview
m14
application/x-msmediaview
m3u
audio/x-mpegurl
man
application/x-troff-man
mdb
application/x-msaccess
me
application/x-troff-me
mht
message/rfc822
mhtml
message/rfc822
mid
audio/mid
mny
application/x-msmoney
mov
video/quicktime
movie
video/x-sgi-movie
mp2
video/mpeg
mp3
audio/mpeg
mpa
video/mpeg
mpe
video/mpeg
mpeg
video/mpeg
mpg
video/mpeg
mpp
application/vnd.ms-project
mpv2
video/mpeg
ms
application/x-troff-ms
mvb
application/x-msmediaview
nws
message/rfc822
oda
application/oda
p10
application/pkcs10
p12
application/x-pkcs12
p7b
application/x-pkcs7-certificates
p7c
application/x-pkcs7-mime
p7m
application/x-pkcs7-mime
p7r
application/x-pkcs7-certreqresp
p7s
application/x-pkcs7-signature
pbm
image/x-portable-bitmap
pdf
application/pdf
pfx
application/x-pkcs12
pgm
image/x-portable-graymap
pko
application/ynd.ms-pkipko
pma
application/x-perfmon
pmc
application/x-perfmon
pml
application/x-perfmon
pmr
application/x-perfmon
pmw
application/x-perfmon
pnm
image/x-portable-anymap
pot,
application/vnd.ms-powerpoint
ppm
image/x-portable-pixmap
pps
application/vnd.ms-powerpoint
ppt
application/vnd.ms-powerpoint
prf
application/pics-rules
ps
application/postscript
pub
application/x-mspublisher
qt
video/quicktime
ra
audio/x-pn-realaudio
ram
audio/x-pn-realaudio
ras
image/x-cmu-raster
rgb
image/x-rgb
rmi
audio/mid
roff
application/x-troff
rtf
application/rtf
rtx
text/richtext
scd
application/x-msschedule
sct
text/scriptlet
setpay
application/set-payment-initiation
setreg
application/set-registration-initiation
sh
application/x-sh
shar
application/x-shar
sit
application/x-stuffit
snd
audio/basic
spc
application/x-pkcs7-certificates
spl
application/futuresplash
src
application/x-wais-source
sst
application/vnd.ms-pkicertstore
stl
application/vnd.ms-pkistl
stm
text/html
svg
image/svg+xml
sv4cpio
application/x-sv4cpio
sv4crc
application/x-sv4crc
swf
application/x-shockwave-flash
t
application/x-troff
tar
application/x-tar
tcl
application/x-tcl
tex
application/x-tex
texi
application/x-texinfo
texinfo
application/x-texinfo
tgz
application/x-compressed
tif
image/tiff
tiff
image/tiff
tr
application/x-troff
trm
application/x-msterminal
tsv
text/tab-separated-values
txt
text/plain
uls
text/iuls
ustar
application/x-ustar
vcf
text/x-vcard
vrml
x-world/x-vrml
wav
audio/x-wav
wcm
application/vnd.ms-works
wdb
application/vnd.ms-works
wks
application/vnd.ms-works
wmf
application/x-msmetafile
wps
application/vnd.ms-works
wri
application/x-mswrite
wrl
x-world/x-vrml
wrz
x-world/x-vrml
xaf
x-world/x-vrml
xbm
image/x-xbitmap
xla
application/vnd.ms-excel
xlc
application/vnd.ms-excel
xlm
application/vnd.ms-excel
xls
application/vnd.ms-excel
xlt
application/vnd.ms-excel
xlw
application/vnd.ms-excel
xof
x-world/x-vrml
xpm
image/x-xpixmap
xwd
image/x-xwindowdump
z
application/x-compress
zip
application/zip
MIME Technical Summary
MIME is defined by an Internet standard document called RFC1521. This document summarizes the contents of RFC1521. Sufficient detail is presented here to understand the capabilities of MIME. For sufficient detail to implement MIME please read RFC1521.
MIME allows messages to contain multiple objects. When multiple objects are in a MIME message, they are represented in a form called a body part. A body part has a header and a body, so it makes sense to speak about the body of a body part. Also, body parts can be nested in bodies that contain one or multiple body parts.
The Content-Type values, subtypes, and parameter names defined in the MIME standard are case-insensitive. However, many parameter values are case sensitive
The MIME standard is written to allow MIME to be extended in certain ways, without having to revise the standard. MIME specifies sets of values that are allowed for various fields and parameters. The provides a procedure for extending these sets of values by registering them with an entity called the Internet Assigned Numbers Authority (IANA).
• A graph is a finite set of nodes with edges between nodes
• Formally, a graph G is a structure (V,E) consisting of
– a finite set V called the set of nodes, and
– a set E that is a subset of VxV. That is, E is a set of pairs of the form (x,y) where x and y are nodes in V
Graph Representation
• For graphs to be computationally useful, they have to be conveniently represented in programs
• There are two computer representations of graphs:
– Adjacency matrix representation
– Adjacency lists representation
Adjacency Matrix Representation
• In this representation, each graph of n nodes is represented by an n x n matrix A, that is, a two-dimensional array A
• The nodes are (re)-labeled 1,2,…,n
• A[i][j] = 1 if (i,j) is an edge
• A[i][j] = 0 if (i,j) is not an edge
Pros and Cons of Adjacency Matrices
• Pros:
– Simple to implement
– Easy and fast to tell if a pair (i,j) is an edge: simply check if A[i][j] is 1 or 0
• Cons:
– No matter how few edges the graph has, the matrix takes O(n2) in memory
Adjacency Lists Representation
• A graph of n nodes is represented by a one-dimensional array L of linked lists, where
– L[i] is the linked list containing all the nodes adjacent from node i.
– The nodes in the list L[i] are in no particular order
Pros and Cons of Adjacency Lists
• Pros:
– Saves on space (memory): the representation takes as many memory words as there are nodes and edge.
• Cons:
– It can take up to O(n) time to determine if a pair of nodes (i,j) is an edge: one would have to search the linked list L[i], which takes time proportional to the length of L[i].
Graph Traversal Techniques
• The previous connectivity problem, as well as many other graph problems, can be solved using graph traversal techniques
• There are two standard graph traversal techniques:
– Depth-First Search (DFS)
– Breadth-First Search (BFS)
• In both DFS and BFS, the nodes of the undirected graph are visited in a systematic manner so that every node is visited exactly one.
• Both BFS and DFS give rise to a tree:
– When a node x is visited, it is labeled as visited, and it is added to the tree
– If the traversal got to node x from node y, y is viewed as the parent of x, and x a child of y
Depth-First Search
• DFS follows the following rules:
1. Select an unvisited node x, visit it, and treat as the current node
2. Find an unvisited neighbor of the current node, visit it, and make it the new current node;
3. If the current node has no unvisited neighbors, backtrack to the its parent, and make that parent the new current node;
4. Repeat steps 3 and 4 until no more nodes can be visited.
5. If there are still unvisited nodes, repeat from step 1.
Implementation of DFS
• Observations:
– the last node visited is the first node from which to proceed.
– Also, the backtracking proceeds on the basis of "last visited, first to backtrack too".
– This suggests that a stack is the proper data structure to remember the current node and how to backtrack.
Breadth-First Search
• BFS follows the following rules:
1. Select an unvisited node x, visit it, have it be the root in a BFS tree being formed. Its level is called the current level.
2. From each node z in the current level, in the order in which the level nodes were visited, visit all the unvisited neighbors of z. The newly visited nodes from this level form a new level that becomes the next current level.
3. Repeat step 2 until no more nodes can be visited.
4. If there are still unvisited nodes, repeat from Step 1.
Implementation of DFS
• Observations:
– the first node visited in each level is the first node from which to proceed to visit new nodes.
• This suggests that a queue is the proper data structure to remember the order of the steps.
NetBIOS Definition: NetBIOS is a software protocol for providing computer communication services on local networks. Microsoft Windows uses NetBIOS on Ethernet or Token Ring networks.
Software applications on a NetBIOS network locate each other via their NetBIOS names. A NetBIOS name is up to 16 characters long and in Windows, separate from the computer name. Applications on other computers access NetBIOS names over UDP port 137. The Windows Internet Naming Service (WINS) provides name resolution services for NetBIOS.
Two applications start a NetBIOS session when one (the client) sends a command to "Call" another (the server) over TCP port 139 on a remote computer. Both sides issue "Send" and "Receive" commands to deliver messages in both directions. The "Hang-Up" command terminates a NetBIOS session.
NetBIOS also supports connectionless communications via UDP datagrams. Applications listen on UDP port 138 to receive NetBIOS datagrams.
NetBIOS and NetBEUI are separate but related technologies. NetBEUI extends NetBIOS with additional networking capabilities.
Also Known As: Network Basic Input/Output System
Host name
A Windows machine's NetBIOS name is not to be confused with the computer's host name. Generally a computer running TCP/IP (whether it's a Windows machine or not) has a host name (also sometimes called a machine name or a DNS name). Generally the host name of a Windows computer is based on the NetBIOS name plus the Primary DNS Suffix, which are both set in the System Control Panel.
There may also be "connection specific suffixes" which can be viewed or changed on the DNS tab in Control Panel → Network → TCP/IP → Advanced Properties. Host names are used by applications such as telnet, ftp, web browsers, etc. In order to connect to a computer running the TCP/IP protocol using its HOST name, the host name must be resolved into an IP Address. Host name- or Fully Qualified Domain Name (FQDN)-IP address resolution is typically done by a Domain Name System (DNS) server. Node types
The node type of a networked computer relates to the way it resolves NetBIOS names to IP addresses. There are four node types.
• B-node: 0x01 Broadcast
• P-node: 0x02 Peer (WINS only)
• M-node: 0x04 Mixed (broadcast, then WINS)
• H-node: 0x08 Hybrid (WINS, then broadcast)
The node type in use is displayed by opening a command line and typing ipconfig /all. A Windows computer registry may also be configured in such a way as to display "unknown" for the node type.
NetBIOS Suffixes
The NetBIOS suffix, alternately called the NetBIOS End Character (endchar) is the 16th character of a NetBIOS name. This character specifies the record or service type for the registered name record. The number of record types is limited to 255, the number that will fit into a single character. However in actual use the number of commonly used NetBIOS Suffixes is substantially smaller. The most common NetBIOS Suffixes:
ASCII Values of 16th characters of NetBIOS "names"
• 00: Workstation Service
• 03: Messenger Service
• 20: File Service (also called Host Record)
• 1B: Domain Master Browser - Primary Domain Controller for a domain
• 1C: Domain Controllers for a domain (group record with up to 25 IP addresses)
• 01: Master Browser
• 1E: Browser Service Elections
Remote Network Penetration via NetBios Hack/Hacking
These are basic techniques but very useful when penetration testing any Windows based network, the techniques were discovered on WinNT but are still very valid on Windows2000 and in some cases Windows2003 due to backwards compatibility.
This article is being written in a procedural manner. I have approached it much like an intruder would actually approach a network penetration. Most of the techniques discussed in this text are rather easy to accomplish once one understands how and why something is being done.
When targetting a given network, the first thing an intruder would do, would be to portscan the remote machine or network. A lot of information can be gathered by a simple port scan but what the intruder is looking for is an open port 139 – the Default NetBios port. It’s surprising how methodical an attack can become based on the open ports of a target machine. You should understand that it is the norm for an NT machine to display different open ports than a Unix machine.
Intruders learn to view a portscan and tell wether it is an NT or Unix machine with fairly accurate results. Obviously there are some exceptions to this, but generally it can be done.
Recently, several tools have been released to fingerprint a machine remotely, but this functionality has not been made available for NT.
Information gathering with NetBIOS can be a fairly easy thing to accomplish, albeit a bit time consuming. NetBIOS is generally considered a bulky protocol with high overhead and tends to be slow, which is where the consumption of time comes in.
If the portscan reports that port 139 is open on the target machine, a natural process follows. The first step is to issue an NBTSTAT command.
The NBTSTAT command can be used to query network machines concerning NetBIOS information. It can also be useful for purging the NetBIOS cache and preloading the LMHOSTS file. This one command can be extremely useful when performing security audits.
Interpretation the information can reveal more than one might think.
Unique (U): The name may have only one IP address assigned to it. On a network device, multiple occurences of a single name may appear to be registered, but the suffix will be unique, making the entire name unique.
Group (G): A normal group; the single name may exist with many IP addresses.
Multihomed (M): The name is unique, but due to multiple network interfaces on the same computer, this configuration is necessary to permit the registration. Maximum number of addresses is 25.
Internet Group (I): This is a special configuration of the group name used to manage WinNT domain names.
Domain Name (D): New in NT 4.0.
An intruder could use the table above and the output from an nbtstat against your machines to begin gathering information about them. With this information an intruder can tell, to an extent, what services are running on the target machine and sometimes what software packages have been installed. Traditionally, every service or major software package comes with it’s share of vulnerabilities, so this type of information is certainly useful to an intruder.
The next step for an intruder would be to try and list the open shares on the given computer, using the net view command, Here is an example of the net view command used against my box with the open shares C:\ and C:\MP3S\
This information would give the intruder a list of shares which he would then use in conjunction with the net use command, a command used to enable a computer to map a share to it’s local drive, below is an example of how an intruder would map the C Share to a local G: drive which he could then browse:
C:\>net use G: \\195.171.236.139\C
The command was completed successfully.
C:\>G:
G:\>
However, If the intruder was targetting a large network rather than a single remote computer, the next logical step would be to glean possible usernames from the remote machine.
A network login consists of two parts, a username and a password. Once an intruder has what he knows to be a valid list of usernames, he has half of several valid logins.
Now, using the nbtstat command, the intruder can get the login name of anyone logged on locally at that machine. In the results from the nbtstat command, entries with the <03> identifier are usernames or computernames. Gleaning usernames can also be accomplished through a null IPC session and the SID tools
The IPC$ (Inter-Process Communication) share is a standard hidden share on an NT machine which is mainly used for server to server communication. NT machines were designed to connect to each other and obtain different types of necessary information through this share. As with many design features in any operating system, intruders have learned to use this feature for their own purposes. By connecting to this share an intruder has, for all technical purposes, a valid connection to your server. By connecting to this share as null, the intruder has been able to establish this connection without providing it with credentials.
To connect to the IPC$ share as null, an intruder would issue the following command from a command prompt:
c:\>net use \\[ip address of target machine]\ipc$ "" /user:""
If the connection is successful, the intruder could do a number of things other than gleaning a user list, but lets start with that first. As mentioned earlier, this technique requires a null IPC session and the SID tools. Written by Evgenii Rudnyi, the SID tools come in two different parts, User2sid and Sid2user. User2sid will take an account name or group and give you the corresponding SID. Sid2user will take a SID and give you the name of the corresponding user or group. As a stand alone tool, this process is manual and very time consuming. Userlist.pl is a perl script written by Mnemonix that will automate this process of SID grinding, which drastically cuts down on the time it would take an intruder to glean this information.
At this point, the intruder knows what services are running on the remote machine, which major software packages have been installed (within limits), and has a list of valid usernames and groups for that machine. Although this may seem like a ton of information for an outsider to have about your network, the null IPC session has opened other venues for information gathering. The Rhino9 team has been able to retrieve the entire native security policy for the remote machine.
Such things as account lockout, minimum password length, password age cycling, password uniqueness settings as well as every user, the groups they belong to and the individual domain restrictions for that user – all through a null IPC session. This information gathering ability will appear in Rhino9’s soon to be released Leviathan tool. Some of the tools available now that can be used to gather more information via the IPC null session will be discussed below.
With the null IPC session, an intruder could also obtain a list of network shares that may not otherwise be obtainable. For obvious reasons, an intruder would like to know what network shares you have available on your machines. For this information gathering, the standard net view command is used, as follows:
c:\>net view \\[ip address of remote machine]
Depending on the security policy of the target machine, this list may or may not be denied. Take the example below (ip address has been left out for obvious reasons):
AcceleratorDiskAgent Accelerator share for Seagate backup
InetpubDisk
mircDisk
NETLOGONDiskLogon server share
www_pagesDisk
The command completed successfully.
As you can see, the list of shares on that server was not available until after the IPC null session had been established. At this point you may begin to realize just how dangerous this IPC connection can be, but the IPC techniques that are known to us now are actually very basic. The possibilities that are presented with the IPC share are just beginning to be explored.
