Saturday, March 30, 2013

Five reasons you should never work as an IT for free

,
We've all done it. A friend, a neighbor, a relative, a good client, a bad client, a pretty girl... Whoever it was, and for whatever reason, we all threw them a technological bone and fixed something for free. In rare instances, it can be a rewarding experience. Perhaps your buddy gave you a beer. Maybe someone said thank you. Maybe there was a smile on their face, and that was rewarding enough.

More likely, however, that five minute task you thought you were signing up for turned into 40 minutes, then an hour, then a commitment. Wow. You didn't see that coming.


You Break it You Bought it.
When you sit down to fix a problem that presented as a simple one you are creating a contract. Not a legal contract, but a social one. The computer owner is trusting their computer with you. It's their baby, and you're the doctor. So you sit down, and begin to fix a problem.
In the process, something else breaks. You fixed one thing, but something else goes awry. What's the best part? Neither you nor the user notice it is broken until a day later when they call you to blame you for breaking something else.
"I thought you were going to fix it." They complain.
This is the primary reason you charge money to fix something. You break it, you bought it. The user / owner will expect you to warranty your service even though THEY received all the value of your time, and you received nothing in exchange.

People don't respect things that are free.
I learned that quote from a man who runs a non-profit organization. Image that. A man who solicits donations for a living candidly told me "people don't respect things that are free." You know what? He's right. Free advice. Free upgrade. Free entry. None are valued. Free advice is seldom wanted. Free upgrade was something you were going to get anyway. Free entry? The band playing tonight must not be any good. People associate the value of service with the amount of money that is exchanged for it. How else do you think that lawyer can get away with charging $400 an hour? People naturally make the assumption that if it costs an arm and a leg, then it must be worth it. So, if customers and friends will assume that the most expensive car is the best one, what will they assume of the free car? Do you want the heart surgeon who charges $500,000 per surgery or the one who works for beer to operate on your mother?

They will expect it forever.
In law, the concept of a precedent is vitally important. Judges and lawyers look to previous cases to decide what the interpretation of the law was because if a case was settled one way before, chances are, it will be settled that way again.Gamblers playing craps look at the past behavior of the dice to, mistakenly, assume that the good luck will continue. Users will figure if you fixed it once for free, you'll do it forever for free. There is no reason why they should respect the thousands of hours you have spent learning and researching the art of computer science. There is no reason that they should respect the certifications you hold. There is no reason that they should honor your abilities by paying your fees. Why? Because you did it for free. Once!
When they come back and you try to get fees, they will meet you with resistance in the form of guilt. "I thought we were friends" they cry. "You didn't charge me anything last time." They argue.
Setup the expectation that they are going to pay (or barter) from the onset. Demand the respect that you deserve. Make sure they understand you are a professional. After all, that is the difference between a professional and an amateur. Professionals get compensated for their skills.

The demands will only grow with time.
Give them an inch, and they will take you through three operating system upgrades, two virus infections, and a crashed hard drive. Once you've set the precedent and created the expectation that you are their knight in shining armor, they will begin to call you for everything. They will suck up your time and resources. They will not be grateful. They will involve you in 30 minute hypothetical conversations then disagree with your expertise.

It Weakens Your Backbone
Working for free is not only unprofitable, it weakens your constitution as a professional consultant. For many consultants, asking for money is difficult. They email out a silent invoice after the fact and hope they get paid. This practice can lead to unbalanced books, debt, and a going out of business sign. The simple fact is: if you don't ask for your money, you're not going to get paid. No one just hands out checks. Setting up the expectation, especially when you fix a computer for the first time for a client, is vitally important in establishing boundaries that ensure you are paid in a timely fashion. Working for free, throwing out freebies, "comp"-ing your time hurts your ability to ask for the sale. It hurts your credibility because the client will assume that if you're not charging them for a given task, you didn't know what you were doing or you made mistakes.
It may give you butterflies, but ask for the money. Do it openly and notoriously. Your clients will take it as a sign of confidence.

Taken from http://www.experts-exchange.com/ .
Read more →

Thursday, March 28, 2013

Looking for Windows Explorer tabs? Then use this

,
Clover is an extension of the Windows Explorer, to add multi-tab functionality similar to Google Chrome browser. After install Clover, you will be able to open multiple folders within the same window, and you can also add folder bookmarks.

Clover can work either in XP, 7 or 8.


Convenient Tab page
Just remember that Ctrl + T to open the page, and Ctrl + W to close the page, Ctrl + Tab to switch pages, the work efficiency far more than doubled!

Seamless integration with operating system
Clover as a BHO plug-in, integrated into Windows Explorer, to keep your usual habits, without having to learn new software operation, and immediately you can use.

Lightning-fast bookmarks bar
Press Ctrl + D to add the current path, or drag the folder into the bookmarks bar. No longer around to look for the folder to access, instant reach, how happy!

Read more →

Monday, March 25, 2013

How to reduce or even remove packet loss in games

,
Back after a good day here in my soho, today i feel like posting a networking thread. So i`m gaming - anyone is gaming somehow - during a high packet loss there comes great ping - unable to play - rage!


How to minimise or remove packet loss completely?


There's a thing called MTU Limit which by default is set to 1500 in any system (unless jumbo frames) which is used to transfer packets across networks, actually it carries 1500 bytes of data in a single packet.
 - With jumbo frames that can go up to 9000 but that's another story. So why don't we go to check our current packet loss?


I`ll pick google.com for now, you can pick your gaming-server or anything that you connect to and needs some tweaking.

Run as Administrator command prompt & type:
netsh interface ipv4 show subinterfaces
after the execution you will notice a table where you can check your current MTU size, which by default should be 1500. -be sure to check your current established connection.

As you noticed it's 1500, so let's test now if it's actually that amount or a bit lower....
ping google.com -f -l 1472
-why i use a 1472 value? It's because 28 bytes are the ip/icmp overhead of the packet.

example of fragmented packets

Now, if your ping was successful - that means you saw a reply - then you're good to go!

But what if you notice the Packet needs to be fragmented but DF set ?
Your packets are getting fragmented - you have to reduce the MTU till you reach a successful ping.

I am getting replies with a lower MTU, now what?
Let's say i get replies when my MTU is down to 1423..., memorize this number & add 28.
Then:
netsh interface ipv4 set subinterface "Your connection name here" mtu=1451 store=persistent
 Your connection name here should be Local Area Connection

That was it , now you are set to go with 0% packet loss after restarting your computer.

Read more →

Saturday, March 16, 2013

Kali linux is here, deep penetration mode.

,

The most advanced penetration testing distribution, ever.


From the creators of BackTrack comes Kali Linux, the most advanced and versatile penetration testing distribution ever created. BackTrack has grown far beyond its humble roots as a live CD and has now become a full-fledged operating system. With all this buzz, you might be asking yourself:

What's new ?


Grab it !
Read more →

USB flaw could allow bypassing security controls

,
MS13-027 is rated as "important" because the attack requires physical access to the vulnerable machine.

This flaw allows anyone with a USB thumb drive loaded with the payload to bypass security controls and access a vulnerable system even if AutoRun is disabled, and the screen is locked. Flaw exposes your Windows PCs to major risk. If you remember Stuxnet, worm was injected to Iran's nuclear program system using USB thumb drive.
Windows typically discovers USB devices when they are inserted or when they change power sources (if they switch from plugged-in power to being powered off of the USB connection itself).

To exploit the vulnerability an attacker could add a maliciously formatted USB device to the system. When the Windows USB device drivers enumerate the device, parsing a specially crafted descriptor, the attacker could cause the system to execute malicious code in the context of the Windows kernel.

Because the vulnerability is triggered during device enumeration, no user intervention is required. In fact, the vulnerability can be triggered when the workstation is locked or when no user is logged in, making this an un-authenticated elevation of privilege for an attacker with casual physical access to the machine.

Microsoft admits the flaw could "open additional avenues of exploitation that do not require direct physical access to the system," once the USB-based exploit is successful.

The vulnerabilities addressed by Microsoft do not include those exploited by security researchers at the recent Pwn2Own hacking competition at the CanSecWest Conference in Vancouver.
Read more →