星期六, 10月 23, 2010

部份球衣店舖資料

352 大本營
地址:旺角西洋菜南街 38-40 號萬高商業大廈 9 樓 B 室
營業時間:
電話:27707352

C. K. SPORTS
地址:九龍城太子道西 426 號地下
營業時間:
電話:27165840

Ensport
地址:太子荔枝角道 107 號德仁大廈 1 樓
營業時間:
電話:21947628

Futbal Trend
地址:旺角朗豪坊 7 樓 L7-01 號舖
營業時間:11:30 a.m. - 10:00 p.m.
電話:23171686

No.7 Soccer Co.
地址:旺角西洋菜南街 74-84 號旺角城市中心 9 樓 02 室
營業時間:1:00 p.m. - 10:00 p.m.
電話:26979777

SFALO
地址:旺角通菜街 8 號地鋪
營業時間:
電話:23900004

大球場
地址:旺角西洋菜南街 1A 號百寶利商業大廈 21 樓 09 室
營業時間:3:30pm - 8:00pm
電話:21539169

足球特區
地址:旺角亞皆老街 109 號皆旺商場三樓
營業時間:
電話:

自由球
地址:旺角西洋菜南街 2A 號銀城廣場 9 樓 03 室
營業時間:1:00 p.m. - 10:00 p.m.
電話:21714228

球迷世界
地址:旺角彌敦道 582-592 號信和中心 3 樓 05 室
營業時間:
電話:23697822

新波衫足球用品專門店
地址:荔枝角永康街 23-27 號安泰工業大廈 B 座 5 樓 505 室
營業時間:
電話:35250554

興發 (1)
地址:旺角花園街 71-73 號地鋪
營業時間:
電話:23001155

興發 (2)
地址:旺角奶路臣街 12-14 號地鋪
營業時間:
電話:23001155

[b]港島 HONG KONG ISLAND[/b]

Futbal Trend
地址:銅鑼灣時代廣場 7 樓 731-2 號舖
營業時間:11:30 a.m. - 10:00 p.m.
電話:25069188

S.E.E.
地址:銅鑼灣啟超道 16 號 3 樓
營業時間:
電話:25757660

Soccer Hero
地址:銅鑼灣富明街 2-6 號二樓
營業時間:12:00 p.m. - 9:30 p.m.
電話:26680008

球迷天地
地址:柴灣新翠商場 3 樓 305A 鋪
營業時間:
電話:28979211

[b]新界 NEW TERRITORIES[/b]

Futbal Trend
地址:荃灣登發街 10 號登發大廈 7 號舖 (力生廣場後面)
營業時間:11:30 a.m. - 09:30 p.m.
電話:24928384

Kitroom Sports
地址:元朗教育路 15-19 號嘉城廣場 1 樓 1057 鋪
營業時間:
電話:24430434


[b]Factory Outlet[/b]

Adidas Outlet (觀塘)
地址:九龍觀塘開源道業發工業大廈二期 11 樓 H 室
營業時間:
電話:27932791

Adidas Outlet (荔枝角)
地址:九龍荔枝角長沙灣道香港工業中心 B 座 7 樓
營業時間:星期一至六 10:30am - 8:00pm,星期日及公眾假期 11:30am - 6:30pm
電話:29590357

Adidas Outlet (東涌)
地點:東涌東薈城 G06 舖
營業時間:
電話:21093010

Nike Factory Outlet (觀塘)
地址:九龍觀塘開源道業發工業大廈二期 8 樓
營業時間:
電話:21727938

Nike Factory Outlet (東涌)
地址:東涌東薈城 G02-03 舖
營業時間:
電話:27079159




Adidas Outlet (荔枝角)

開放時間:

星期二, 10月 12, 2010

Test 9 Topic 10

COMPUTER CONTROL AUDITING AND SECURITY
Question 1
Which of the following aim to prevent buffer overflow attacks? (11.1)
A. writing code that is not vulnerable
B. protection of executable address space
C. detection of stack modifications
D. using the C programming language
E. All of the above
F. Only A, B and C above

Correct answer is F

Refer to your text, page 351, Computer Security Principles and Practice, Stalling & Brown, 2008.


Question 2
Which if the following programing languages are considered NOT safe from buffer overflow attacks?
A. Java
B. Python
C. C
D. ADA

Correct answer is C

The programming languages vulnerable to buffer overflows are those without a very strong notion of the type of variables, and what constitutes permissible operations on them. They include assembly language, and C and similar languages. Strongly typed languages such as Java, ADA, Python, and many others are not vulnerable to these attacks.



Question 3
Which of the following best describes a "return to system call" buffer overflow attack? (11.14, 11.15, 11.16)
A. the return address is changed to jump to existing code on the system, typically in standard libraries
B. the targeted buffer is located on the heap rather than stack
C. the targeted buffer is located in the global data area
D. flush firewall rules (such as IPTables and IPChains) that currently block other attacks

Correct answer is A

In a “return to system call” attack, typically a stack overflow is used, but the return address is changed to jump to existing code on the system, typically in standard libraries. This avoids triggering run-time defenses that block executable code on the stack or heap. They can be prevented using stack protection mechanisms.

In a “heap buffer overflow” attack, the targeted buffer is located on the heap rather than stack. These generally target either function pointers located adjacent to such buffers, or heap management pointers. These attacks avoid defenses that focus on stack based attacks. Defenses include making the heap non-executable, or randomizing addresses of structures on the heap.

In a “global data area overflow” attack, the targeted buffer is located in the global data area. The attack is similar to heap overflows, as are the defenses.


Question 4
___________ typically involves using client-side scripts written in JavaScript that are designed to extract information from the victim and then pass the information to the attacker. (12.6)
A. Sneaker Scripts
B. SQL injection
C. Cross site scripting (XSS)
D. SQL scripting

Correct answer is C

A cross-site scripting attack occurs when input provided to a program by one user, is subsequently output to another user. They are most commonly seen in scripted web applications, where the vulnerability involves the inclusion of script code in the HTML content of a web page displayed by a user’s browser.

Question 5
The principle of __________ in access control means that each user should be given only the minimal amount of privileges necessary to perform his or her job function (12.11)
A. Assumed Attacker (AA)
B. implicit deny
C. separation of duties
D. least privilege

Correct answer is D

The principle of least privilege states that programs should execute with the least amount of privileges needed to complete their function.


Question 6
____________ testing is a straightforward testing technique that looks for vulnerabilities in a program or protocol by feeding random input to the program or a network running the protocol. (12.9)
A. White
B. Fuzz
C. Spike
D. Black

Correct answer is B

“Input fuzzing” is a software testing technique that uses very large amounts of randomly generated data as inputs to a program, to determine whether the program or function correctly handles all such abnormal inputs, or whether it crashes or otherwise fails to respond appropriately. The major advantage of fuzzing is its simplicity, low cost, and its freedom from assumptions about the “expected” input to any program, service or function. It ought to be deployed as a component of any reasonably comprehensive testing strategy, especially in relation to commonly deployed software.

星期一, 10月 11, 2010

如何關閉硬盤的寫入保護

  1. 某些硬盤有 jumper 用作 write protect,可查看一下 jumper 設定。
  2. 某些 BIOS 版本有 write protect 功能,可查看一下 BIOS 設定。
  3. 可能是某些軟件,如:Windows SteadyState 限制了寫入權限。
  4. 可能是磁碟配額問題 ,如有的話可嘗試停用。

  5. 如果是 usb 設備,有可能與 firmware 有關,可試一試重裝或更新驅動程式。
  6. 某些 usb 設備有保護功能,當不是穏定的水平攞放,有可能會啟動保護功能。
  7. 開啟「登錄編輯程式」,並更改:
    My Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies 中的 WriteProtect 為 0
    [請同時改
    ControlSet001 及 ControlSet002 中的 WriteProtect 為 0]
    {如果
    登錄檔中没有 StorageDevicePolicies,可自行建立}
  8. 可以嘗試刪除以下有可能已被病毒修改的檔案 (可能已被穩藏):
    boot.ini
    Autorun.inf
  9. 可能是硬盤老化問題,可考慮更換。

星期日, 10月 10, 2010

一般 ms word 問題集

Q:無法啟動WORD或找不到WORD路徑
解決方法:
確定WORD安裝正常。


Q:啟動WORD後,變成保護文件狀態
解決方法:
開啟WORD,選擇〔工具〕→〔解除文件保護〕即可。

Q:儲存屬於WORD開啟的檔案,無法儲存,出現存成複本畫面
解決方法:
方法一:開啟WORD,選〔工具〕→〔選項〕→〔儲存〕→“建立備份(B)”清為空白。
方法二:檢查系統是否重複開啟多個WORD程式,關閉所有WORD程式,再重新進入系統即可。

Q:開啟WORD時,螢幕出現"WORD無法開啟已存在"或"WORD無法開此文件範本"訊息
解決方法:
方法一:a. 刪除normal.dot檔案;
b. 利用〔檔案總管〕→開啟此檔案→〔另存新檔〕→檔案類型設為WORD文件。
方法二:檢查系統是否重複開啟多個WORD程式,關閉所有WORD程式,再重新進入系統即可。

星期五, 10月 08, 2010

Fuji 4MM Cleaning Tape For DDS Drives





BarCode: 0 74101 78406 0

For use with 4mm Data Drives (50 Cleanings)

星期四, 10月 07, 2010

Essay Writing Hints

The following are some basic essay writing hints. They are presented as a guide only. Other approaches and/or structures can be equally as effective, or even better!

Structure

Introduction = Paragraph 1

Define the question (as you interpret it).
Define any important terms needed to understand the question.
Specify your position/stance.
List the broad ideas that you will use to give support to you position.

Do not be very long.

Body = Paragraph 2, 3, 4, ….n

Each paragraph (or sequence of paragraphs) picks up one of the main ideas listed in the introduction.
Define and/or describe the important features of the idea.
Provide an example of how that idea operates in practice.

Perhaps a Para break

Perhaps provide an example of how computer technology is associated with use of that idea.

Para break

Identify any limitations and/or weaknesses in the idea.
Provide an example of when use of the idea breaks down.

Para break

Argue for the overall benefits of the idea…provided that it is used appropriately.

Para break

Next idea from introduction, then do as above.
……
……
……continue until all ideas of argument are exhausted.

Conclusion = Last paragraph

Restate your position.
Specify again the main points that support your position.
Indicate how justified your position is.

Do not be very long.

NOTES:
1. In sequencing the ideas in the essay, seek a structure that enables you to build a logical argument.
2. Other structures are also valid and viable. The above is just an example.


Final Hint

If you read through your essay only looking at the first and last sentence of each paragraph, then the entire essay should still make sense and flow.
Style

Be succinct - Avoid padding!
Keep to the point - Avoid side tracks!

Do your best to make it readable!
Check for excessively long sentences. - break them into two.
Check for excessively long paragraphs - break them into two.
Check for poor linking of idea – insert a clear link.
Check for material that does not say what you mean – rewrite it so that it does.
Check for repeated material and ideas – rewrite so that each is addressed once, but thoroughly.

Make sure to omit technical jargon unless it has first been defined.
Make sure to omit offensive or sexist language.
Make sure to omit slang or loose language.

Rules

NEVER plagiarise (present someone else's words or ideas to be your own). This is simple to fix – just specify who wrote them and where they came from (this is referencing, see section below).

Read your essay again when you think that you are finished - make sure that it reads well.

You are allowed to use headings, subheadings and graphics, but if you do, do so sparingly and with a purpose!

Referencing

Referencing within body of essay

If you are presenting an idea that can be credited to someone then after the idea provide the following information…(surname, year)

e.g., working memory can be equated to consciousness (Sweller, 1999)

If you are providing a direct quote, then place the quote inside quotations, and after the quote provide the following information…(surname, year, page)

e.g., "rehearsal and repetition, so crucial for STM, seem much less critical for LTM" (Bruning, Schraw & Ronning, 1995, p53)

NOTE - in the above example there are three authors of the book, so all three names are provided. If, after providing all three names you again reference the same book, you may choose to reference as follows…(Brunning et al, 1995, p53)

Reference List (Bibliography)

At the end of your essay, on a separate page, list all materials that you referred to in alphabetical sequence, based on the surname of the first author. You need to provide details of:
- author(s)
- year
- title (italics)
- publisher
- location

e.g.,
Bruning, R. H., Schraw, G. J., & Ronning, R. R. (1995). Cognitive Psychology and Instruction. Prentice Hall, Englewood Cliffs, New Jersey.

If you are referencing a web site, then do what you can to indicate clearly where (and when) you sighted the information.

e.g.,
Chandler, P., Cooper, G., Pollock, E. & Tindall-Ford, S. (1998). Applying Cognitive Psychology Principles to Education and Training. (accessed 28th July 2010) http://www.aare.edu.au/98pap/cha98030.htm

Please refer to a text book (see the back of it) for examples on how to present a Bibliography.

Good References for Essay Writing

O'Shea, Robert Paul. (2000). Writing for psychology : an introductory guide for students. 3rd ed. Sydney : Harcourt Brace Jovanovich..

Detailed web site to assist students in general for all things reading and writing.
http://unilearning.uow.edu.au
(accessed 28th July 2010)

星期三, 10月 06, 2010

Example: Application letter for the Technique Support and Services(TSS)

Dear Principal,
Application for the Technique Support and Services(TSS)
I am writing to apply for the position of TSS. I believe that my education, experience and career interest well qualify me for the position.
I am a student in <course name> at <school name>. I obtained a Higher Diploma in <program name> at IVE in <year>. I also obtain the MCP, MCSE, MSCA, MCTS and SCP as well as many experiences on Maintains Server and User Support.
I have worked with various companies in my previous job experiences to support end users. I am strong in designing, developing and supporting live system. I believe that my strong technical experience and education give me great advantage in my application for this position. The key strengths that I possess for success in this position include:
Ø   I have different development experiences for using Programming Languages (ASP.NET, HTML, CSS, JavaScript…), Relational Database (MS SQL, MySQL, Oracle), Cisco Network (Router, Switch, AP…)
Ø   I strive for continued excellence
Ø   I have learned the System Maintenance skills from the past years that include the System Design and Testing.
I am very interested in the opportunity to work in your company. Please find the enclosed resume, certificates and some references.  If I can provide any additional information, please call me at <Tel> or email <email> to me.  I would be delighted for an interview to discuss my qualifications for this position.
Yours sincerely
<name>

星期二, 10月 05, 2010

Batch file: Backup Script

@echo off

cd c:\windows\system32

RD /s /q "C:\File Server Backup\"

XCOPY "C:\File Server\*.*" "C:\File Server Backup\" /e /i /h



fc "C:\File Server\*" "C:\File Server Backup\*" > nul
if errorlevel 2 goto fail1
if errorlevel 1 goto fail1
if errorlevel 0 goto okay1
goto next

:okay1
echo Backup to C: is completed on %date% %time% > "C:\backup report.txt"
goto next

:fail1
echo Backup to C: is not completed on %date% %time% > "C:\backup report.txt"
echo Therefore, backup to F: is cancelled! >> "C:\backup report.txt"
goto next

:end



RD /s /q "F:\File Server Backup\"
XCOPY "C:\File Server\*.*" "F:\File Server Backup\" /e /i /h

fc "C:\File Server\*" "F:\File Server Backup\*" > nul
if errorlevel 2 goto fail2
if errorlevel 1 goto fail2
if errorlevel 0 goto okay2
goto end

:okay2
echo Backup to F: is completed on %date% %time% >> "C:\backup report.txt"
goto end

:fail2
echo Backup to F: is not completed on %date% %time% >> "C:\backup report.txt"
goto end

:end



======================



@echo off

rem: 指向 system32,以執行 RD
cd c:\windows\system32

rem: 移除資料夾"C:\File Server Backup\"
RD /s /q "C:\File Server Backup\"

rem: 複制 "C:\File Server\" 內所有文件到 "C:\File Server Backup\"
XCOPY "C:\File Server\*.*" "C:\File Server Backup\" /e /i /h



fc "C:\File Server\*" "C:\File Server Backup\*" > nul
if errorlevel 2 goto fail1
if errorlevel 1 goto fail1
if errorlevel 0 goto okay1
goto next

:okay1
rem: 清除"C:\backup report.txt"內的資料並在第一行輸入 "echo" 和 ">" 之間的文字
echo Backup to C: is completed on %date% %time% > "C:\backup report.txt"
goto next

:fail1
echo Backup to C: is not completed on %date% %time% > "C:\backup report.txt"
rem: 在下一行輸入 "echo" 和 ">>" 之間的文字
echo Therefore, backup to F: is cancelled! >> "C:\backup report.txt"
goto next

:end



RD /s /q "F:\File Server Backup\"
XCOPY "C:\File Server\*.*" "F:\File Server Backup\" /e /i /h

fc "C:\File Server\*" "F:\File Server Backup\*" > nul
if errorlevel 2 goto fail2
if errorlevel 1 goto fail2
if errorlevel 0 goto okay2
goto end

:okay2
echo Backup to F: is completed on %date% %time% >> "C:\backup report.txt"
goto end

:fail2
echo Backup to F: is not completed on %date% %time% >> "C:\backup report.txt"
goto end

:end

星期六, 10月 02, 2010

The Enhanced E-R Model

Objectives
  • Define terms
  • Understand use of supertype/subtype relationships
  • Understand use of specialization and generalization techniques
  • Specify completeness and disjointness constraints
  • Develop supertype/subtype hierarchies for realistic business situations
  • Develop entity clusters
  • Explain universal (packaged) data model
  • Describe special features of data modeling project using packaged data model

 

 

 
Supertypes and Subtypes
  • Enhanced ER model: extends original ER model with new modeling constructs
  • Subtype: A subgrouping of the entities in an entity type that has attributes distinct from those in other subgroupings
  • Supertype: A generic entity type that has a relationship with one or more subtypes
  • Attribute Inheritance:
    • Subtype entities inherit values of all attributes of the supertype
    • An instance of a subtype is also an instance of the supertype

 

 

 
Relationships and Subtypes
  • Relationships at the supertype level indicate that all subtypes will participate in the relationship
  • The instances of a subtype may participate in a relationship unique to that subtype. In this situation, the relationship is shown at the subtype level

 

 

 
Generalization and Specialization
  • Generalization: The process of defining a more general entity type from a set of more specialized entity types. BOTTOM-UP
  • Specialization: The process of defining one or more subtypes of the supertype and forming supertype/subtype relationships. TOP-DOWN

 

 

 
Constraints in Supertype/ Completeness Constraint
  • Completeness Constraints: Whether an instance of a supertype must also be a member of at least one subtype
  • Total Specialization Rule: Yes (double line)
  • Partial Specialization Rule: No (single line)

 

 

 
Constraints in Supertype/ Disjointness constraint
  • Disjointness Constraints: Whether an instance of a supertype may simultaneously be a member of two (or more) subtypes
  • Disjoint Rule: An instance of the supertype can be only ONE of the subtypes
  • Overlap Rule: An instance of the supertype could be more than one of the subtypes

 

 

 
Constraints in Supertype/ Subtype Discriminators
  • Subtype Discriminator: An attribute of the supertype whose values determine the target subtype(s)
  • Disjoint – a simple attribute with alternative values to indicate the possible subtypes
  • Overlapping – a composite attribute whose subparts pertain to different subtypes. Each subpart contains a Boolean value to indicate whether or not the instance belongs to the associated subtype

 

 

 
Entity Clusters
  • EER diagrams are difficult to read when there are too many entities and relationships
  • Solution: Group entities and relationships into entity clusters
  • Entity cluster: Set of one or more entity types and associated relationships grouped into a single abstract entity type

 

 

 
Packaged Data Models
  • Predefined data models
  • Could be universal or industry-specific
  • Universal data model = a generic or template data model that can be reused as a starting point for a data modeling project (also called a “pattern”)

 

 

 
Advantages of Packaged Data Models
  • Use proven model components
  • Save time and cost
  • Less likelihood of data model errors
  • Easier to evolve and modify over time
  • Aid in requirements determination
  • Easier to read
  • Supertype/subtype hierarchies promote reuse
  • Many-to-many relationships enhance model flexibility
  • Vendor-supplied data model fosters integration with vendor’s applications
  • Universal models support inter-organizational systems

 

星期五, 10月 01, 2010

香港常用 pop3 資 料

Hotmail
Incoming Host: pop3.live.com
SSL: 995
User Name : 電郵賬戶

GMAIL
Incoming Host: pop.gmail.com
SSL: 995
User Name : 電郵賬戶

雅 虎 香 港 郵 件
Incoming Host: pop.mail.yahoo.com.hk
SSL: 995
User Name : 電郵賬戶

雅 虎 電 子 郵 件
Incoming Host: pop.mail.yahoo.com
SSL: 995
User Name : 電郵賬戶

香 港 寬 頻
Incoming Host: pop6.ctimail3.com or popo.hkbn.net

新 浪 網 香 港
Incoming Host: pop3.sina.com.hk

HK NET
Incoming Host: pop3.hknet.com

太 平 洋 寬 頻
Incoming Host: pop.pacific.net.hk

有 線 寬 頻
Incoming Host: mail.i-cable.com

網 上 行
Incoming Host: pop.netvigator.com

和 記 寬 頻
Incoming Host: pop.hgcbroadband.com



p.s. sina HK 的 pop3 由於是增值服務,故免費用戶不能在 outlook、iphone 4 等接收 email