Laws That May Apply to DDoS Attacks


On the criminal side, the primary federal law that applies to most DDoS-related attacks is the Computer Fraud and Abuse Act, or 18 U.S.C. §1030.[2]
[2] United States Code, abbreviated as U.S.C., is the complete body of constantly revised laws defined at the federal level in the United States. It is divided into titles, then subdivided further into sections/subsections. 10 U.S.C means Title 10 of the United States Code. The symbol § stands for section/subsection. Titles and sections/subsections also have common names that identify them based on the legislation that created or amended them. So the complete reference to the Computer Fraud and Abuse Act, which is Title 10, Section 1030, would be 10 U.S.C. §1030. Subsections are further identified by subordinate letters and numbers in parentheses, so subsection a and sub-subsection 3 would be identified as 10 U.S.C. §1030(a)(3). For more information on United States Code, see http://www.law.cornell.edu/uscode/.
An example of this law being applied to DoS attacks is the case of United States v. Dennis in the District of Alaska in 2001 [ws]. In 2001, a former computer systems administrator in Alaska pled guilty to one misdemeanor count for launching three e-mail based DoS attacks against a server at the U.S. District Court in New York. He was charged under 18 U.S.C. §1030(a)(5) with "interfering with a government-owned communications system."
Other DDoS-related attacks mentioned elsewhere in this book, such as the extortion attempts against online gambling sites and online business, may fall under 18 U.S.C. §1030(a)(7), which covers extortionate threats. Analysis of a Congressional Research Service report [fra] suggests such attacks may also violate
  • 18 U.S.C. §1951 (extortion that affects commerce)
  • 18 U.S.C. §875 (threats transmitted in interstate commerce)
  • 18 U.S.C. §876 (mailing threatening communications)
  • 18 U.S.C. §877 (mailing threatening communication from a
     foreign country)
  • 18 U.S.C. §880 (receipt of the proceeds of extortion)
The act of breaking into hundreds or thousands of computers to install DDoS handlers and agents may violate 18 U.S.C. §1030(a)(3) (trespassing in a government computer). If a sniffer is used to obtain passwords as part of this activity, the attacker may have violated 18 U.S.C. §1030(a)(6) (trafficking in passwords for a government owned computer) or 18 U.S.C. §2510 (wiretap statute).
Even an attempt to violate any of the sections of 18 U.S.C. §1030 listed above is itself a violation of 18 U.S.C. §1030(b).
On the civil side, 18 U.S.C. §1030(g) creates a civil cause of action for violation of subsection (a)(5)(B), which includes any of the following:
  1. Loss to one or more persons during any one-year period (and, for purposes of an investigation, prosecution, or other proceeding brought by the United States only, loss resulting from a related course of conduct affecting one or more other protected computers) aggregating at least $5,000 in value.
  2. The modification or impairment, or potential modification or impairment, of the medical examination, diagnosis, treatment, or care of one or more individuals.
  3. Physical injury to any person.
  4. A threat to public health or safety.
  5. Damage affecting a computer system used by or for a government entity in furtherance of the administration of justice, national defense, or national security.
Damages include only economic damages, and the civil action must be brought within two years of the act or when the damage was discovered.
Another civil action surrounding a DDoS attack against a business, which prevents customers from engaging in business with the victim and thus damages its business, would be "Tortious Interference with Business Relationship or Expectancy." To prove this, the plaintiff (the DDoS victim) would have to show several things, including such elements as knowledge of the business relationship between the victim and its customers, knowledge that the action (the DDoS attack) would disrupt this relationship, knowledge that the result would cause damage to the victim, proof that the defendant caused such disruption and damage, and proof that the victim has suffered a loss. (Here is where careful evidence collection and realistic incident cost estimation become very important.)
The Department of Justice Cybercrime Web site [fra] also lists these laws as applying to computer intrusion cases:
  • 18 U.S.C. §1029 (fraud and related activity in connection with access devices)
  • 18 U.S.C. §1362 (communication lines, stations, or systems)
  • 18 U.S.C. §2510 et seq. (wire and electronic communications interception and interception of oral communications)
  • 18 U.S.C. §2701 et seq. (stored wire and electronic communications and transactional records access)
  • 18 U.S.C. §3121 et seq. (recording of dialing, routing, addressing, and signaling information)
This is a representative, yet not exhaustive, list of laws that may apply. Readers are urged to consult with an attorney and local/federal law enforcement agencies in their jurisdiction in order to learn more about what legal options exist in the event of a DDoS attack, and how to prepare to exercise these options when and if a DDoS attack occurs. It is also important to understand your responsibilities and potential liabilities in the event that your own systems are taken over and used to attack someone else, in which case you may be the defendant, not the plaintiff, in a civil suit.

Fast Transactions With A Point Of Sale System

     

Nowadays, the internet has taken the business world by storm. Gone were the days where door-to-door selling seemed like the most effective way to promote a business or a product. At present, more and more business companies are turning to the World Wide Web to promote the products and services that they could provide. With the increasing transactions done online, an online Point of Sale Systems has also become a trend in most business companies, large or small.

The Infinity Cloud, a popular point of sale system in the world, provides the distinction of providing various benefits that no other systems have.
For starters, this point of sale system brags fast and easy installation. Compared to POS software products, online POS systems don’t require countless of hours on customer support or reading a thick instruction manual. It can be installed and be ready for online bookings and transactions in no time at all. Because the Infinity Cloud is an online based point of sale system, it has little hardware requirements. Hence, you no longer need to spend additional money for computer hardware. In fact, the company can run even in the most inexpensive computers, no matter what the operating system is. With the Infinity Cloud, you no longer have to worry about complementing the POS with your operating system because it is sure to work.
Online transactions are made easy with Infinity Cloud because you no longer have to deal with IT tasks. In a web-enabled point of sale system, the site’s host will do all the IT tasks for you, giving you Pextra time and freeing you from countless worries. point of sale system can also provide you with a better income compared to offline point of sale software. You see, while software needs to be paid cash for the whole package upfront, the Infinity Cloud cost depends solely on the monthly or annual subscription fee, saving you time and energy during payment.
The software also boasts a better inventory control panel and a more interactive user interface, allowing easy organization of files, orders and payments in as little time possible. This online point of sale also provides your customers an opportunity to send their feedback on your products and services easily.
With the Infinity Cloud online point of sale, your business will dramatically improve in sales, it will obtain a more efficient organization of inventory and a faster delivery of service in the least amount of time.

Customize Multiboot Startup Options


Edit or create a startup menu that lets you choose which operating system to boot into in multiboot systems, or create a menu that lets you choose different startup options for your single operating system if you have only XP installed.

If you've installed another operating system (in addition to XP) on your system, your PC starts up with a multiboot menu, which allows you to choose which operating system you want to run. The menu stays live for 30 seconds, and a screen countdown tells you how long you have to make a choice from the menu. After the 30 seconds elapse, it boots into your default operating system, which is generally the last operating system you installed.
You can customize that multiboot menu and how your PC starts by editing the boot.ini file, a hidden system file, to control a variety of startup options, including how long to display the menu, which operating system should be the default, whether to use the XP splash screen when XP starts, and similar features. And as you'll see later in this hack, you can also use the file to create a startup menu that will allow you to choose from different versions of your operating system
—for example, one that you'll use for tracking down startup problems, and another for starting in Safe Mode.
The boot.ini file is a plain text file found in your root C:\ folder. You might not be able to see it, because it's a system file, and if you can see it, you might not be able to edit it, because it's a read-only file. To make it visible, launch Windows Explorer, choose View Tools Folder Options View and select the radio button "Show Hidden Files and Folders." To make it a file you can edit, right-click on it in Windows Explorer, choose Properties, uncheck the Read-Only box, and click OK

Editing Files :

To edit the file, open it with a text editor such as Notepad. Following is a typical boot.ini file for a PC that has two operating systems installed on it—Windows XP Home Edition and Windows Me:
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home 
Edition" /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINNT="Windows 2000 Professional" /
fastdetect
As you can see, there are two sections in the file: [boot loader] and [operating systems]. To customize your menu and startup options, edit the entries in each section. Before editing boot.ini, make a copy of it and save it under a different name (such as boot.ini.old), so that you can revert to it if you cause problems when you edit the file. Following are details about how to edit the entries in each section:
[boot loader]
This section controls how the boot process works; it specifies the default operating system and how long a user has to make a selection from a boot menu, if a boot menu has been enabled. The timeout value specifies, in seconds, how long to display the menu and wait for a selection before loading the default operating system. If you want a delay of 15 seconds,
for example, enter 15for the value. Use a value of 0 if you want the default operating system to boot immediately. If you want the menu to be displayed indefinitely and stay onscreen until a selection is made, use a value of -1. The default value specifies which entry in the [operating system] section is the default operating system. (The default value is used even if there is only one operating system in the [operating system] section.) To change the default operating system, edit the setting, in our example,to default=multi(0)disk(0)rdisk(0)partition(2)\WINNT.
So, in our example, if you change the menu settings so that the screen appears for 10 seconds before loading the default operating system, and the default operating system is Windows 2000 Professional, the section reads:
[boot loader]
timeout=10
default=multi(0)disk(0)rdisk(0)partition(2)\WINNT
[operating system]
This section specifies which operating systems are present on the computer, and detailed options for each one. XP uses the Advanced RISC Computing (ARC) path to specify the location of the boot partition. In our example, the ARC path is:
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
The first parameter, which identifies the disk controller, should be 0. The second parameter, the disk parameter, should also be 0. The rdisk parameter specifies the disk number on the controller that has the boot partition. The numbers start at 0. So, if you have three hard disks installed and the second hard disk has the boot partition, the setting is rdisk(1). The partition parameter identifies the partition number of the boot partition. Partitions start with the number 1. The final section, which in our example is \WINDOWS, specifies the path to the folder where the operating system is installed. To the right of the ARC path in the example is ="Microsoft Windows XP Home Edition" /fastdetect. The words within quotes are what will appear on the boot menu next to the entry. To customize the text on the menu you can change these words to whatever you wish—for example, "My Favorite Operating System." The /fastdetect switch disables the detection of serial and parallel devices, which allows for faster booting. The detection of these devices isn't normally required in XP, because the functions are performed by plug-and-play drivers, so as a general rule it's a good idea to use the /fastdetect switch. The /fastdetect switch is only one of many switches that can be used in the boot.ini file to customize how the operating system loads.
When you've finished editing the boot.ini file, save it. The next time you start your computer, its settings will go into effect.        In our example, if we want the menu to appear for 45 seconds, the default operating system to be Windows 2000, and the XP splash screen to be turned off when we choose to load XP, the boot.ini file should look like this:
[boot loader]
timeout=45
default=multi(0)disk(0)rdisk(0)partition(2)\WINNT
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home 
Edition" /fastdetect /noguiboot
multi(0)disk(0)rdisk(0)partition(2)\WINNT="Windows 2000 Professional" /
fastdetect

Central processing unit

"CPU" redirects here. For other uses, see CPU (disambiguation).




The central processing unit (CPU, occasionally central processor unit [1]) is the hardware within a computer system which carries out the instructions of a computer program by performing the basic arithmetical, logical, and input/output operations of the system. The term has been in use in the computer industry at least since the early 1960s. [2] The form, design, and implementation of CPUs have changed over the course of their history, but their fundamental operation remains much the same.

On large machines, CPUs require one or more printed circuit boards. On personal computers and small workstations, the CPU is housed in a single silicon chip called a microprocessor. Since the 1970s the microprocessor class of CPUs has almost completely overtaken all other CPU implementations. Modern CPUs are large scale integrated circuits in packages typically less than four centimeters square, with hundreds of connecting pins.

Two typical components of a CPU are the arithmetic logic unit (ALU), which performs arithmetic and logical operations, and the control unit (CU), which extracts instructions from memory and decodes and executes them, calling on the ALU when necessary.

Not all computational systems rely on a central processing unit. An array processor or vector processor has multiple parallel computing elements, with no one unit considered the "center". In the distributed computing model, problems are solved by a distributed interconnected set of processors.