Still's FAQ Page

Registry and Windows help files

Jan 5/2000
I have added here two different faq files to download about a detailed description of the Windows Registry. (346Kb) and (205Kb)
  • The first one: Unzip the exe file in a temp folder. This file will install in c:\windows\program files\learn folder. Simply click on "winreg.chm" so your browser opens the help file. You also have a readme.htm.
  • The second one is simply a help file, unzip it into any folder you like. You may open it clicking on "reghelp.hlp"

There is another help file about Tricks, Tips and secrets of Windows available. (137Kb)
  • Just unzip this file in the folder you want and click on the "tts70.hlp" file.

All rights reserved. No part of this document may be reproduced by any means without the written permission of StillListener.
back to Top

Problems joining movies split using MasterSplitter or SplitIt 95

Dec 3/99 (upd. Feb 29/2000)

Both MasterSplitter and SplitIt are useful tools for dividing large files in small fragments that could be easily transmitted and re-joined later using the same program. The problem appears when it lacks any part:

In those circumstances, MasterSplitter won't properly work to rebuild the split file, i.e. if you have 99 parts out of 100 and part *.011 is missing, only the first ten parts will be joined. (feature added in 3.x)

SplitIt will just give an error message and won't do anything.

Due the only part that it's actually indispensable for recovering a movie is the first one (*.001 -MasterSplitter- or *.1 -SplitIt-, it contains the headers of the file), the programs could be replaced by a simple DOS script that will ignore the parts possibly missing and will join the existent ones maintaining the correct order. (1)

Both scripts could join up to 600 parts, they will need (besides the part *.001/*.1), if there is more than 150 parts, part *.151 AND if there is more than 300 parts, part *.301 AND if there is more than 450 parts, part *.451 also.

This is the procedure: Just do a copy of MSjoiner.bat or SIjoiner.bat in the folder where the parts have been stored and execute the BAT double-clicking it. Once processed, you'll find in the same folder a new file called file_joined. Rename it to the name of the movie and all done. Enjoy.
(Files available to download in zip-format to avoid errors downloading text files in binary mode)


  Download  ( 1.6 Kb ) - MasterSplitter
  Download    ( 1.7 Kb ) - SplitIt 95



(1) If there are missing parts in the split movie, maybe you couldn't have success using this method and have to use another one or even totally renounce to get the movie. Next it's a table describing what might happen depending on the original format of the movie:

MPEG > It's possible it freezes when reach the point where it should be some non existent fragment. You could try to advance a few frames using the seek bar in your movie viewer while playing.

AVI > MASTERSPLITTER: This BAT procedure WON'T work, you should make a copy of the precedent or next part (never last part) giving it the name of missing part. Probably you'll notice a several distortion when reach the point where there are tricky fragments. SPLITIT: Nothing will work, say bye to the movie. 

RM > MASTERSPLITTER: Movie will freeze when reach the point where it should be some non existent fragment. Better use the program or delete useless parts (from next to first missing part up to final one) to save space on disk. SPLITIT: Nothing will work.

MOV > Same as AVI.

In conclusion, if you are a poster and use to send split movies to sites where parts of the upload might be missing or corrupted, better avoid to use SplitIt.

All rights reserved. No part of this document may be reproduced by any means without the written permission of StillListener.
back to Top 


Feb 2/2000
The Windows Registry, stored into files system.dat and user.dat, is a basic part of the Windows OS. There are saved most of data needed for correct working of the whole system. Unluckily, if you use to upgrade programs very often, many old (and maybe inconvenient) references remain in that files although they aren't editable anymore through the program Regedit, the standard method for manipulating the Registry. Those files grow more and more even coming to slow down the system activities, so it's convenient to perform this procedure to get rid of the cumulated junk.

You should ensure your Registry will remain as clean as possible in the future, this procedure will demand a lot of work and time, so probably you wouldn't want to have to repeat often. A good tool for having controlled what programs use to store in the Registry is Window Washer, reinforced with the set of plugins for cleaning the history of the most used programs, all available at . "Wash" your system before to do this job. (1)

Now we will start with the procedure itself. Open the C:/Windows folder and run Regedit.exe. You'll need to export just two of the "folders" inside. Click once on HKEY_LOCAL_MACHINE and choose in the Registry menu "Export Registry-file"... Verify "Selected subkey" is checked, "Everything" should NOT be selected. Save into C:\Windows folder as system.reg (type all, including extension to avoid confusion with existent System folder). Now the basis of new user.dat: Click once on HKEY_USERS, repeat the above procedure but save as user.reg . (2)

Let's stop just a moment. Are you sure your current Registry is totally clean? Now we have two files in plain text format (original user.dat and system.dat are in binary format) so it's easy to take a look using some editor such Wordpad. Open system.reg and do a search for the keywords you want to get rid of. Nothing? Excellent, just repeat this with user.reg . On the contrary, your washing configuration is faulty and maybe you have to do some more work before continue. Using this .reg format you can easily relate an undesirable reference with the program originating it, so look for a Window Washer plugin if available or do a request in the proper sites, perhaps might exist a solution.

Now you'll need an auto-bootable diskette (formatted with the "Copy system files" option).

This next will be your life insurance in case something goes wrong, (3) it would recover the old Registry. Open Notepad and copy this text:

    attrib -s -h -r system.dat
    attrib -s -h -r user.dat

    copy system.bck system.dat
    copy user.bck user.dat

Save to diskette as Panic.bat

And now, this is the BAT that really will do the job. Open Notepad and copy this text:


    del system.bck
    del user.bck

    attrib -s -h -r system.dat
    attrib -s -h -r user.dat

    copy system.dat system.bck
    copy user.dat user.bck

    del system.dat
    del user.dat

    regedit /l:system.dat /r:user.dat /c user.reg

    regedit /l:system.dat /r:user.dat system.reg

Save to diskette as Regcomp.bat

Well, all is ready. Notice this procedure could take 3 or 4 hours. Insert diskette and re-boot the system. When it appears the A:\> prompt, type Regcomp.bat and push Enter. If all goes well, at the finish you'll see again the DOS prompt, in case of any error re-boot and use Panic.bat to restore old Registry.

It's a good measure to have stored a copy of this new clean Registry. I'm using the tool Sregbkup, available at . It permits easy backup and restore from Windows. When executed, the program will close Windows, going to DOS. When the job is done, Windows will be restarted again.


(1) There is an alternative program, Evidence Eliminator. I don't know his functioning so I can't do advice about, if you are running it, just adapt this information.

(2) Notice if you are on a multi user system, this procedure isn't for you, maybe proper adaptation could come in the future.

(3) Sometimes certain Registry-keys can be too large for the regedit program to handle.


All rights reserved. No part of this document may be reproduced by any means without the written permission of StillListener.
back to Top 


July 19/99
1st. Part

I've made a summary of the explanations i'll give normally in chat.

Take a little time to read this faq, and you will see how easy all this is.


  • The program is easily to install, only execute the setup program and reboot the pc.
  • If you want to install the upgrade, which is available free for registered users, you have 2 possibilities to do it:

  • If you have the earlier version installed, download Atguard 3.22 and install over, but the new features will work ok only if no rules have been created before.

    • So you may delete the created rules by the earlier version, and install it over, or, uninstall it, reboot, and install 3.22 after it, so it installs as a clean new one. (recommended) The registration stays, no prob.

FAST SETTINGS SETUP - Easy to understand

  • After installed, disable Atguard at the systray (leftclick on barrier - Settings / Enable Atguard (not checked mode))

  • Click on barrier / Settings (opens Settings window)

    There are 3 main tabs : WEB / FIREWALL / OPTIONS


    • check "enable filters box"

    • below is a blank table ( only with default written in it) where all the java learned url rules will be listed. Any time you can delete or remove any site.

    • click on FILTERS button

    • All 5 boxes should be checked: Add Blocking, Privacy, Active content, Cookie Assistant, Java/ActiveX Assistant.

    • Click on "OK" , brings you back to WEB.

    On the right side of the WEB tab, you have 3 sub-tabs:

    • a) Add Blocking ( leave it as it is)
    • b) Privacy ( leave it as it is)
    • c) Active Content (uncheck Miscellaneous - Make animated images non repeating))

    ALL 5 boxes should be unckecked here. Because there are filtered in FILTERS before. If you check the boxes here you will be not able to create permit rules if needed. Else you could not see any animated gifs: ex. you cannot see my little kitty on the corner site. And that would be a pity ! ;-))

    Doing anything else you click on the second MAIN tab:

    • check both boxes on top: Enable Firewall, Enable Rule assistant

      Below you will see a table with already permitted and blocked options

      There are 10 default options in 3.1 and 12 in 3.2.

      Any rule the proggie "learns", will be added in this list. Any time you may remove, add or modify manually any rule about Action, Direction, and Protocol.

      We leave this as it is, and we go to:

    3) OPTIONS

    • The first two boxes should be checked: Show taskbar icon, and dashboard icon.

    • Security box not checked, for common uses.
    • Enable Atguard not checked.....( we check that later on the systray)
    • Startup options.

      Well here you may check what you want:

    • Run it manually
    • Run at system startup = enables when you start windows,
    • Run at Network startup = enables when connected to the net

      Differences: Normally I have it on Network startup, because you surely would say : for what have it on in windows without connected to the net?

      You are right. But, there is a reason to have it some times on windows startup.

      I will explain: The startup of atguard takes a little time to go from disable state to enable state. If you connect to the net, your connection to the net is made before atguard is enabled, because, as i said , it takes a time to load. If, in the meantime that atguard is loading, ( less than 30 sec) some proggie tries to make contact to an url or someone tries to contact you, firewall will not alert you, because it is still not loaded.

      But, as i said before....try one, try the other, use which suits you better ;-)

    • After done this, click on the "Apply" or "Accept" or "OK" ( depends of the windows languages) on the main settings window at the bottom to enable all the settings you have made.

    • You dont need to reboot the pc for the new settings.

    What will you see now? The dashboard on top.

    • On the dashboard check all the boxes, LESS the first one on the left ( the barrier): Ads, Cookies, and Firewall.

      There it shows you also the blocked "Refers". Everytime you click on an active link which sends you to another url, the ORIGIN site URL goes with it. The target ALWAYS will know, from where you are coming, if the refers are not blocked. Atguard does it.
      The only way that the target does not know from where you come, (if you not use Atguard), is copying the link-url and pasting it in the browsers bar. you are ready to enable Aguard:

  • On the systray and click on the barrier / Enable Atguard.

  • But before this, you have to learn how to "learn" the proggie the rules.

    Very easy indeed !! Listen:

    Everytime you access an url, you will be asked to permit or block the access to: url-network connection, cookies, Java, etc,

      I will explain that now in more detail:

    There are 4 main rules:

    • Block always
    • Permit always

    • Block once
    • Permit once

    The first two create rules, the second two not.

    The first two are used for common use if you go many times to a specific url, like a chat or bbs, or any particular site you like. You permit always the network connection, else you cannot visit the url, and you may decide if permit or block always cookies or java.
    Could be mixed with the permit once or block once too.
    This rules will be added on the WEB list window and Firewall window, as we have seen it before.

    Remember, once you have created a rule, you may delete or modify it any time you want.

    The second two let you permit or block any thing for "this time only", like when you visit a url only once, you may permit the network connection so you can go there, but block or permit the cookies and any java script, but only 'this time". This options do not create a rule.

    Now that we had defined the meanings of the options, we will see what happens once Atguard is enabled.

    • These four options will be seen as a pop-up window every time. There are sub-options too on creating rules, and you must remember following:

    • The rules that you create, have to be the less common possible. More restricted, better.

    I will explain:

    This following example will apply to every block-always or permit-always network communication rule creation:

    If you have a proxy installed, the first pop-up window will ask you about the proxys connection: create the rule.

      For example: your proxy: let say: IP: 123.456.789.12 port: 8080

    • It will popup the Atguard rule-create window, and:

    • You may "Permit always" the proxy else you have to allow it every time.

    You will see now the:


    • The first window that will popup, (after you have clicked on block always or permit always), is the aplication to create the rule. (in this case the proxy)

      • click NEXT

    • The second one is the program that asks for it:

      • a) Explorer (you use it with the explorer......check this one)
      • b) Any (of course not any because you would allow all aplications)

      • click NEXT

    • The third one is the needed service:

      • a) only this service: port 8080 (example) (of course only this port: check)
        b) Any (of course not any because you would allow all ports)

      • click NEXT

    • The fourth one is the DNS:

      • a)IP (Check this will use this proxy IP)
      • b) Any (of course not any because you would allow all IP's to access)

      • click NEXT

    • The fifth one is: If you want to keep a log:

      • In this proxy rule I would suggest that no log is necessary, else you would have a log bigger than your hd :-)))

      In any other case of specific urls you have the option to check it to keep log.

    You need to do this only once because the proxy mantains the IP as a constant.
    Such applies also to any website you visit, because they have also the IP as a constant.

    SPECIAL case: ICQ.(under construction)

    Here the checkings are a bit different, it is an exception af the above rules.

    Why? Because the IP's used by ICQ are dynamic, not constant.

    To be continued...

    The Dashboard: A mistery?

    Aug 19/99

    Surely you are asking now: What all that stuff mean there?
    Well, this is one of the most important pasrt, because thru the dashboard you can control all the activities. I will describe each one now in detail.
    • Atguard enable/disable (barrier)
    • Network Activities: (click on the #) Described in detail below.
    • Web Network Activities: (click on the #) Described in detail below.
    • Ads Blocked: Number of blocked banners and images.
    • Privacy Protection: Number of outbound blocked cookies.
    • Firewall Activity: The sum of all permitted and blocked inbound and outbound TCP and UDP activities.
    Now more in detail:

    • Web Network Activities: (WNA) Here you will see all the open http activities. (browser connections). The gauge to the left of this number shows open web http activities from those connections. Not necessarily 3 windows open mean 3 http connections, because some time after loading the page the connection finished. Others not. Others could have different connections to links to other sites, so 1 window can have more then 1 http connection too.
      But these WNA are part of the NA detailed below. That means: if WNA increases, NA increases in the same amount.

    • Network Activities: (NA) This the most important statistic on the firewall. Here you can see all the network activities in a given moment. The gauge to the left of this number shows network activity from those connections. If you click on the number you will find:

      • Protocol: TCP or UDP
      • Executable: The application that is using the network connection
      • State: The application is typically Listening or Connected/Out. Other states of very short duration may be displayed.
      • Remote: The address or host name of the remote site and the service or port number. This information is available for TCP connections only.
      • Local: The local address or machine name and the service or port number being used by the application.
      • Sent: Number of bytes sent since the connection started.
      • Received: Number of bytes received since the connection started.
      • Time: The amount of time that the connection has been active.

    What connections shall I see here when I connect to the net? What is normal and what is not?
      In most cases, Normal are connections: These are: 3 UDP, 1 TCP (the exes can be different, because of browsers, AOL, etc..) For IE4:

    • UDP RNAAPP.exe      Local: your-IP, nbname :port
    • UDP RNAAPP.exe      Local: your-IP, nbdatagram :port
    • UDP Explorer.exe      Remote: *Here-is-your-proxy* :port
    • TCP RNAAPP.exe      Local: your-IP, nbsession :port
    if you use ICQ, add:
    • UDP ICQ.exe
    • TCP ICQ.exe

    All in listening state.

    Lets have an example of a hacker or netbus or backorifice connection. You can see it here!!! How?
    Under executable you will find the netbus type executable name, then NETBUS behind. If it is in listening state, nothing happens. It is awaiting the hacker call. If it is NOT in listening state, means that the hacker is on line with you in that moment and you will have the IP shown there. !!!! (Remote)
    Wonderful, isn't it? You have him!! You only need Netinfo or Who is and you can trace or lookup his IP.

    What's the Difference Between TCP Connection Attempts and UDP Packets?

    A connection attempt is just a TCP packet that is asking to establish a connection to or from your computer. The connection may last anywhere from milliseconds to hours. A UDP packet, on the other hand, is a single packet used to transmit information without the promise of any additional information being transmitted. Your computer can send or receive a single UDP packet to exchange information without any connection being established.

    Both kinds of packets are being used when you use a web browser to download a web page. If you go to, for example, your computer first sends a UDP packet out into the world to try to find out what the 4-byte Internet Protocol address is for the computer called "". The protocol used to do that is called DNS, or Domain Name Service, and the queries and replies take place without any persistent TCP connections being made. Having a rule to permit this is important or your computer wouldn't be able to talk to other machines at all. UDP, or connectionless communication, works well for DNS because the queries and replies are very small and can be completed in single packets. Once the web client gets the 4-byte IP address for, however, it needs to establish a persistent connection with the site in order to fetch the web page and images because there's more data to be moved than will fit in a single packet. That's where TCP connections come into play; a TCP "SYN" (synchronize a connection) packet is sent to the web server, the server replies with a TCP "ACK" (acknowledgment). This creates a connection between the two computers, and the data starts to flow.

    By default, when the AtGuard firewall is enabled, inbound and outbound UDP packets are permitted. This can always be changed by editing one of the AtGuard firewall rules.

    To be continued...

    November 11/00

  • You may go also to more detailed FAQ here, or to the Atguard's homepage FAQ page:

    For more info or any questions, mail me, or leave a message in my corner's guestbook. Thanx.


    All rights reserved. No part of this document may be reproduced by any means without the written permission of StillListener.
  • back to Top

    Ref.: Atguard: The Ping problem

    Nov 3/99
    A Ping (Echo request) is an ICMP packet that is sent to some address for testing if it's online. It can be a useful tool if you want to use it on purpose, but the problem is that every request for a given URL is preceded by an automatic Ping to the server that hosts that URL. What's wrong wit this? Well, if you are using an anonymous proxy, the Ping isn't done via proxy, instead is a direct connection between you and the server and it ever includes your real IP. In some circumstances rather common it would be so easy to stablish the relation between the direct Ping and the URL request via proxy, making useless the proxy.

    Due this automatic Ping isn't indispensable at all, it should be impeded blocking it everytime it happens. So, it must be fixed some rules in Atguard's settings. These are the rules, they must be set in this order:

    • a) Rule permitting either inbound/outbound from/to main address of the own ISP ( * ). Name: ICMP ISP main. Action: Permit. Direction: Either. Protocol: ICMP. Type: Any Type. Address: Host address (main ISP address)

    • b) Rule permitting either inbound/outbound from/to secondary address of the own ISP ( * ). Name: ICMP ISP secondary. Action: Permit. Direction: Either. Protocol: ICMP. Type: Any Type. Address: Host address (secondary ISP address)

    • c) At last, rule blocking all ICMP packets. Name: Rest ICMP. Action: Block. Direction: Either. Protocol: ICMP. Type: Any Type. Address: Any address in both.

          ( * ) Adresses of your ISP could be known going to Start Button > Run > put winipcfg and OK. In the pop-up window click More Info, the IP  in the box DNS Servers is the main of your ISP. If you click the button ... could find a secondary one -might not exist, so you wouldn't have to set the rule b).

    All rights reserved. No part of this document may be reproduced by any means without the written permission of StillListener.
    back to Top

    Wha' tha Hell is...? (dictionary)

    Oct 12/99
    Many times you may see a lot of shortcut names like UDP, IP, DNS, HTML, etc... and you surely are asking for yourself: WHA'THA HELL IS...this shortcut for?? :-))

    Well, before you throw your equipment out of your window and commit suicide because of not understanding this standard "words" in the net-life, I made a little summary of the most important and most used ones, so you can get familiar with it.

    Wha'tha hell is...?

    • Access: Term used in the WWW for a request that your browser makes for a file located in a web server. If you enter a page which have 3 images, there are 4 requests made, 1 for the html, and 3 for the images.

    • Applet: Is a program made in Java language which is set up in a html page. These applets differ from programs made specificly for Java, in the way, that they are not authorized to access certain local pc resources, like files and hardware, and they can also not communicate with other pc's connected to a network.

    • ASCII: (American Standard Code for Information Interchange)... easy, huh? :-) It is the standard code used in all pc's to represent each letters: numbers, letters, caps, punctuation, etc. They can be represented in binary form between 0000000 to 1111111.

    • Bandwidth: Represents the information quantity which can be sent thru an internet connection, usually measured in bits/sec. A fast modem can transmit more then 32000 bits/sec. One second of full screen video would need a 10 MB/sec connection, of course, it depends of compression rates.

    • Baud: it represents the modem transfer speed per second. In theory, a baud is the times per second the carrier signal changes its value. Ex.: A 1200 bps modem works at 300 bauds, but moves 4 bits per baudio (4 x 300 = 1200 bps)

    • BIOS: Basic In and Output System: Its the basic program installed in a chip of your pc, which lets you startup your computer. Together with the OS (operating system, which is the link between you and the BIOS) you can use hardware and execute software in your computer.

    • Bit: (Binary digIT)... yeah, I know, you knew that, right? :-).
      It is a base 2 digit, "0" or "1". Bit is the smallest information unit which a computer can work with. The bandwith is measured in bits per second. (bps)

    • BPS: (Bits Per Second)... yeah, its obvious... :-)))
      It measures the information transfer speed between two computers. A 56 Kbps modem can transfer 56000 bits per second.

    • Browser: Well, hope you know that..... :-)))
      Program you use to surf thru the WWW.

    • Byte: Its a group of bits which represents a character. It is usualy considered 1 byte = 8 bits.

    • CGI: (Common Gateway Interface). It is a group of rules which describe how a web server communicates with a program which is in the same machine: the "CGI program". Any progarm can be a CGI script, if it manage the in and outputs acording to that rules. Usually you see "cgi-bin" on the end of the URL, which not necessarilly must be that way.

    • Client: A "client" program, is a program wich is designed to obatin information over a "server" program. Each "client"program is designed to work with other specific "server" ones, and every "server" needs a specific "client" one to work with. Ex.: your browser is a "client" program.

    • Cyberspace: William Gibson's "Neuromancer" novel expression to describe all the info available in thru net.

    • DNS: Domain Name System. Unique name which identifies a site in internet. It is divided in different sections. From right to left: the most right is normally the country, then the dom name, organization, building, and at last the computer name. All DNS has a related IP. Better said, it is really a given IP "name", to make it easier to remember.

    • D.O.S.: Disk Operating System. (Operating system) Basic program used to interconnect the user with the computer. Window is also a operating system.

    • E-mail: Messages, usually text, sent from one person to another thru internet or another net. You may also send multiple destination messages.

    • FTP: File Transfer Protocol: This is the method used for multiple file transfers between to places in internet. You need a "FTP-client" program on one end and a "FTP-server" on the other. There are two kinds of access here: free or passworded.

    • Hardware: Hardware is the piece of devices like color cards, diskettes, hard-drives, modems, etc, which you can install into your computer.

    • HTML: Hyper Text Markup Language. (htm for DOS) That is the language used to create hypertext documents in WWW. These documents are simple text files with instructions (tags) which your browser understands.

    • HTTP: Hyper Text Transport Protocol. Protocol used for hypertext file transfer thru internet. A "http-client" program (browser) is needed on one end, and a "http-sever" on the other. WWW is the most important protocal used in the web.

    • Hypertext: Name given to any text which contain "links" to other documents in it. These "links" can be words or sentences, which, if clicked on it, sends you to another related document.

    • Internet: An interconnected group of nets, which use the TCP/IP protocol to communicate each other.

    • IP: Internet Protocol. A 32-bit four part number, separated by points, which is assigned to a specific computer in the net. Every net connected computer has an unique number of IP. If this number is not a constant, then this "IP" is not really in internet. It is a "borrowed" IP from your ISP every time you enter internet.

    • ISP: Internet service provider. Company or organisation which provides access to internet.

    • Java: Object oriented progammer language. Designed by Sun Microsystems, specificly for writing programs you can download and execute in a local pc. The webpages may contain small java made programs called "applets", to produce visual effects, like animations, or other applications like a calculator or chat clients.

    • JavaScript: Programming language supported by the browsers. The code is written in the HTML page, and read by the browser to execute. This applets are different that the Java applets, since these ones are downloaded, compiled, and executed when required in the page.

    • Kb: Kilobyte. Exactly 1024 bytes.

    • LAN: Local Area Network. A small net is located on a same floor or building.

    • Login: Username used to have access to a given place. Can be to internet, to a program, to a site, etc. The difference between the "login" and the "password" , is that the first one is not secret.

    • MIME: Multipurpose Internet Mail Extensions. Standard for exchanging multimedia information thru the web. Normaly in 2-3 lettercode like mpg, jpg, ram, avi pic, wav, etc.

    • Mb: Megabyte. Exactly 1024 Kilobytes.

    • Modem: MOdulator, DEModulator. (yes, I know you knew that also. ;-))) A piece of hardware which allows you to connect with other computers thru the phone line. The modems are for the computers as the telephons for the people.

    • OS: Operating System. Piece of software which lets you communicate with the computers BIOS.

    • Net: It is called a net every time that two or more computers are connected each other to share their resourses. If you connect many nets together, you obtain the "internet".

    • News: USENET group (news) connections.

    • NNTP Server: Your ISP's newsserver.

    • Password: A secrede code word used to obtain access to a computer, net, site, etc, composed by numbers and letters without any logic, which you cannot find in a dictionary.

    • Plug-in: Litlle software, which adds new features to a bigger software. There are plug-ins for graphic-design, audio, video, etc...programs. Usually made by third-part companies to extend the original software capability.

    • POP: Post Office Protocol: That is the protocol used by the "mail client programs" to obtain messages from your ISP. Your ISP gives you normally a PPP account with a POP account to access their mail server, and read your messages.

    • POP Server: Mail storage server.

    • Proxy: Proxies are store-and-forward caches. When you configure your web browser to use a proxy, it never connects to the URL. Instead, it always connects to the proxy server, and asks it to get the URL for you. Proxies can be used as a sort of firewall, because it isolates you from connecting to the Internet.

    • PPP: Point to Point Protocol. That is the protocol which allows that your computer uses a modem and your phoneline to realize a TCP/IP connection to "simulate" that you are "rally"located in internet.

    • Provider: see ISP.

    • RAM: Random Access Memory. Memory in your computer which allows you to run different programs in it. Like windows or DOS programs. It dissapears when you shut down your computer.

    • ROM: Read Only Memory. A program "burned" in to a chip, which allows you to execute basic programs like the BIOS. In difference with RAM, this memory does not dissapear when you shut down your computer.

    • Router: A specific software which manages the connection between different nets. All the routers are searching all the time different paths to find the shortest way to send the info-packets to them.

    • Server: Program or computer which offers a specific "service" to a "client".

    • SMPT Server: Mail sender server.

    • Software: A program wich allows you to do specific tasks on your pc. It also allows understanding and interconnection of your hardware.

    • TCP/IP: Transmission Control Protocol/Internet Protocol. A group of protocols which defines internet. It was designed originally for UNIX, but nowadays found in any operating System.

    • TCP and UDP packets: A connection attempt is just a TCP packet that is asking to establish a connection to or from your computer. The connection may last anywhere from milliseconds to hours. A UDP packet, on the other hand, is a single packet used to transmit information without the promise of any additional information being transmitted. Your computer can send or receive a single UDP packet to exchange information without any connection being established.

    • Telnet: login into a remote computer

    • UNIX: Multi-user operating system, designed so that a computer can be used by many people at a time. It came originally with TCP/IP. This is the system practically used in all servers in the net.

    • URL: Uniform Resource Locator. Standard way to give an address to some WWW internet resource.It consists normally of three parts: Protocol://server/object.

    • Web: see WWW.

    • WWW: World Wide Web. Group of resources which you can access thru a browser with the HTTP protocol.

    For more info or any questions, mail me, or leave a message in my corner's guestbook. Thanx.


    All rights reserved. No part of this document may be reproduced by any means without the written permission of StillListener.
    back to Top


    Dec 3/99


      Firstly, I want to say that I think anonimity READING News groups seems me much less important that anonimity surfing the Web. Anyone that doesn't be thinking of POST to News groups or be under very special circumstances that require additionals precautions, should think if it really worth the trouble the job of find the needed resources and the usual penalty in the download speed.

      The method described in this document has been successfully proved with these programs:

      • Outlook Express 4

      • Netscape Messenger (Communicator 4.6)

      • Free Agent 1.11/32

      • Forte Agent 1.6/32.525

      • SBNews 6.2

      • Xnews 2.09.25

      • NewsShark 1.0.393

      • Binary Boy 1.1

      • Autopost 1.01
      • (Curiously, NewsBin 3.1, the only Newsreader I have found that theoretically supports Socks, gave errors wether direct or socksified. If someone has success with this proggie, please contact.)


      Socks proxies can manage a wide range of common protocols used in the Net, but this text is intended as a quick guide oriented to NNTP protocol, if you want to go deeply on Socks, you should start in the Sockscap home.

      Firstly, you'll need a working Socks proxy, to find it you should do a search in the proper sites for those that use the port 1080.

      Due most of the Newsreaders programs won't have support for Socks, we need a dedicated program that launch ("socksify") this applications. The most accessible one is SocksCap, freely provided by NEC. Go to , look for SocksCap and download wether SocksCap32 V. 2 Beta 3 for Windows 95/98/NT or SocksCap16 for Windows 3.1 (also versions for Unix/Linux). Install the program and configure it following these guidelines:


      1) Go on File/Settings. There are three tabs:

      • SOCKS SETTINGS: On Server put the name or IP of the Socks proxy and the port 1080. On Protocol, check SOCKS Version 4 -sufficient for News. The SOCKS User ID = Nobody set by default seems fine, maybe better if you don't change it.

      • DIRECT CONNECTIONS: On Direct Applications and Libraries Add WSASRV

      • LOG: The makers themselves don't recommend the intensive use of logging facility, and I personally noticed troubles with this indeed, so better if you don't enable Log until you need to check some concrete problem.

      2) Adding applications to be socksified:

        a) On File/New browse to find the program.
        b) Drop an executable file (.EXE) or shortcut onto SocksCap?s window. Select New application profile from the popup menu.

        Now you can see the Icon of the added application in the main window.


      Better than go straight to the NewsReader program, I find more easy to use a browser to test if the proxy is working.

      1) Add your browser to the Sockscap list following the method provided above.

      2) Run socksified double-clicking in its icon into the Sockscap window.

      3) Once inside the browser prove it's configured to use DIRECT CONNECTION, this meant to uncheck any proxy options.

      4) Go to your usual anonymity testing page. If you get a pop up window giving error or don't have visible response in 10/15 seconds, probably the proxy won't permit free connection or it's too slow, so CLOSE the browser, put the next Socks proxy in your list on Sockscap's SOCKS Settings tab and repeat the process until find one working and hiding your real IP.

      Add your News Readers to the Sockscap list. Run socksified and do the usual operations. When connected to News server open a MS-DOS window and type: netstat -a . If you can see the name of your Newsreader followed of the IP/Name or your Socks proxy:1080 instead of the IP/Name of your News server:119 (or nntp) the connection is properly being made through Sockscap. (If you are running Atguard Firewall you wouldn't need to use DOS, just pick Network Connections in the Dashboard).

      As final test, find a News server that allows posting and do a post in some group for testing, like alt.test , alt.binaries.test or such. When the message be displayed, check his Headers/Properties and look if it shows your real IP or that of socks proxy. (If you are using a News server that anonymize the messages posted, maybe you don't see none).

    All rights reserved. No part of this document may be reproduced by any means without the written permission of StillListener.
    back to Top

    Still's FAQ Page

    All rights reserved. No part of this document may be reproduced by any means without
    the written permission of StillListener.

    back to my