Copy files and/or directory trees to another folder. XCOPY is similar to the COPY command except that it has additional switches to specify both the source and destination in detail.
XCOPY is particularly useful when copying files from CDROM to a hard drive, as it will automatically remove the read-only attribute.
XCOPY source [destination] [options]
source : Pathname for the file(s) to be copied.
destination : Pathname for the new file(s).
[options] can be any combination of the following:
/A Copy files with the archive attribute set (default=Y)
/M Copy files with the archive attribute set and turn off the archive attribute, use this option when making regular Backups (default=Y) /H Copy hidden and system files and folders (default=N)
/D:mm-dd-yyyy Copy files that have changed since mm-dd-yyyy. If no date is given, the default is to copy files with a modification date before today. (at least 1 day before)
/U Copy only files that already exist in destination.
/S Copy folders and subfolders
/E Copy folders and subfolders, including Empty folders. May be used to modify /T.
(Windows 2000 only) The files can each contain one or more full or partial pathnames to be excluded.
When any of these match any part of the absolute path of a SOURCE file, then that file will be excluded.
For example, specifying a string like obj or .obj will exclude all files underneath the directory obj or all files with the .obj extension respectively.
/W Prompt you to press a key before starting to copy.
/P Prompt before creating each file.
/Y (Windows 2000 only) Suppress prompt to confirm overwriting a file. may be preset in the COPYCMD env variable.
/-Y (Windows 2000 only) Prompt to confirm overwriting a file. /V Verify that the new files were written correctly.
/C Continue copying even if an error occurs.
/I If in doubt always assume the destination is a folder e.g. when the destination does not exist. /Z Copy files in restartable mode. If the copy is interrupted part way through, it will restart if possible. (use on slow networks)
/Q Do not display file names while copying.
/F Display full source and destination file names while copying.
/L List only – Display files that would be copied.
/R Overwrite read-only files.
/T Create folder structure, but do not copy files. Do not include empty folders or subfolders. /T /E will include empty folders and subfolders.
/K Copy attributes. XCOPY will otherwise reset read-only attributes. /N If at all possible, use only a short filename (8.3) when creating a destination file. This may be nececcary when copying between disks that are formatted differently e.g NTFS and VFAT, or when archiving data to an ISO9660 CDROM.
/O (Windows 2000 only) copy file Ownership and ACL information.
/X Copy file audit settings (implies /O).XCOPY will accept UNC pathnames
To copy a file:
XCOPY C:utilsMyFile D:BackupCopyFile
To copy a folder:
XCOPY C:utils D:Backuputils /i
To copy a folder including all subfolders.
XCOPY C:utils* D:Backuputils /s /i
The /i defines the destination as a folder.
In many cases the functionality of XCOPY is superseded by ROBOCOPY.
To force the overwriting of destination files under both NT4 and Windows2000 use the COPYCMD environment variable:
This will turn off the prompt in Win2000 and will be ignored by NT4 (which overwrites by default).
When comparing Dates/Times the granularity (the finest increment of the timestamp) is 2 seconds for a FAT volume and 0.1 microsecond for an NTFS volume.
The WinXP version of XCOPY will accept wildcards for the source e.g. *.txt
It is also more forgiving with trailing backslashes
Display or modify Access Control Lists (ACLs) for files and folders.
XCACLS filename [options] XCACLS filename
If no options are specified XCACLS will display the ACLs for the file(s)
options can be any combination of:
/T Traverse all subfolders and change all matching files found.
/E Edit ACL instead of replacing it.
/x Edit ACL instead of replacing it; affect only ACEs that this user already owns*
/R user Revoke all access rights from the given user.
/D user Deny specified user access, this will over-ride all other permissions the user has. /C Continue on access denied errors.
/Y Replace user’s rights without verify
/P user:permision[;FolderSpec] Replace user’s rights. see /G option below
/G user:permision[;FolderSpec] Grant specified user access rights, permision can be:
c Change (write)
f Full control
p Change Permissions (Special access)
o Take Ownership (Special access)
x EXecute (Special access)
e REad (Special access)
w Write (Special access)
d Delete (Special access)
t Used only by FolderSpec. see below
* Option only valid in Windows 2003FolderSpec is a permission applied to a folder. If FolderSpec is not specified then permission will apply to both files and folders.
This allows you to set different permissions that will apply (through inheritance) when new files are added to the folder.
FolderSpec = ;T@ where @ is one of the rights above, when this is specified new files will inherit FolderSpec instead of permission. At least one folder access right must follow the T For example ;TF will apply full control (but ;FT is not valid)
Wildcards can be used to specify more that one file in a command. You can specify more than one user in a command. You can combine access rights.
When running this command it is important to use the correct version (NTFS standards have changed with different versions of Windows and XCACLS has been updated to suit)
Early versions of xcacls may give unpredictable results against an NTFS v5 partition.
xcacls.vbs is described in Q825751 and can be downloaded here – xcacls.vbs is an unsupported utility that addresses a limitation with the original xcacls.exe, specifically the inability to append permissions to a folder whose child objects have the inheritance flag set. The .vbs version does not suppport unc paths.
:: Allow guests the right to read and execute in MyFolder
XCACLS MyFolder /E /G guests:rx
:: Allow guests the Full Control permission in MyFolder and all subfolders
XCACLS MyFolder /T /E /G guests:f
:: Grant guests only read access to all files in and below MyFolder,
:: new folders created will be Read Access only, new files will not inherit any rights.
XCACLS MyFolder /T /P guests:R;Tr
:: Grant guests only execute access to all files in and below MyFolder
XCACLS MyFolder /T /P guests:x
:: Take Ownership of "Application Data" folder and grant Administrators Full control (:OF)
:: Preserve existing permissions (/E) & apply to subfolders (/T)
XCACLS "Application Data" /E /g Administrators:OF /T
Windows NT diagnostics II
Reports: Memory use, Services, Devices, IRQ&qt;&qt;s Ports, Environment variables,
Network (rights, transport, stats), Hardware including Display adapter.
Key (only one option can be used)
/a : ALL prints everything
/e : environment
/d : drives
/i : interrupt resources
/m : memory
/n : network
/o : OS version
/p : port resources
/r : drivers
/s : services
/u : DMA resources
/w : hardware
/y : memory resources
The output is very similar to WINMSD if a little more detailed.
The output will appear in a text file called msdrpt.TXT
Microsoft Windows diagnostics
Reports: Memory use, Services, Devices, IRQ&qt;&qt;s Ports, Environment variables,
Network (rights, transport, stats), Hardware including Display adapter.
WINMSD [\computername] options
/a All details
/s Summary details only
/f Send output to a file in the current directory
/p Send output to a printer
WINMSD with no switches will open the GUI with details of the computer you are logged into.
When a remote computername is specified then less info will be reported
e.g. Diskspace and Memory won&qt;&qt;t be listedHot keys within the GUI:
SHIFT – F2 copies the current tab to the clipboard,
F2 copies a summary of the current tab to the clipboard
Winmsd in Windows 2000 will actually run Msinfo32 –
mmc.exe /s "C:Program FilesCommon FilesMicrosoft SharedMSInfoMSInfo32.msc"
It is advisable to have the SERVER service running, if not – winmsd will show a warning dialogue.
Spooling output to file – if you have the resource kit WINMSDP allows more control over this.
Compare the contents of two files or sets of files with a graphical interface.
windiff [path1] [path2]
path Individual files to compare
or a directory of files to compareIf either path is not specified it will default to the current directory (or a matching file in the current directory)
If nothing is specified, the GUI will appear – select files to compare with the menus.
White background = parts common to both files.
Red background = parts that belong to the file listed on the left .
Yellow background = parts that belong to the file listed on the right .
Registry files (exported with regedit) can also be compared. Also see the help file Windiff.hlp.
The three physical layers originally defined in 802.11 included two spread-spectrum radio techniques and a diffuse infrared specification.
The radio-based standards operate within the 2.4 GHz ISM band. These frequency bands are recognized by international regulatory agencies radio operations. As such, 802.11-based products do not require user licensing or special training.
Spread-spectrum techniques, in addition to satisfying regulatory requirements, increase reliability, boost throughput, and allow many unrelated products to share the spectrum without explicit cooperation and with minimal interference.
The original 802.11 wireless standard defines data rates of 1 Mbps and 2 Mbps via radio waves using frequency hopping spread spectrum (FHSS) or direct sequence spread spectrum (DSSS). It is important to note that FHSS and DSSS are fundamentally different signaling mechanisms and will not interoperate with one another.
Using the frequency hopping technique, the 2.4 GHz band is divided into 75 1-MHz subchannels. The sender and receiver agree on a hopping pattern, and data is sent over a sequence of the subchannels. Each conversation within the 802.11 network occurs over a different hopping pattern, and the patterns are designed to minimize the chance of two senders using the same subchannel simultaneously.
FHSS techniques allow for a relatively simple radio design, but are limited to speeds of no higher than 2 Mbps. This limitation is driven primarily by FCC (Federal Communications Commission USA) regulations that restrict subchannel bandwidth to 1 MHz. These regulations force FHSS systems to spread their usage across the entire 2.4 GHz band, meaning they must hop often, which leads to a high amount of hopping overhead.
In contrast, the direct sequence signaling technique divides the 2.4 GHz band into 14 22-MHz channels. Adjacent channels overlap one another partially, with three of the 14 being completely non-overlapping. Data is sent across one of these 22 MHz channels without hopping to other channels.
To compensate for noise on a given channel, a technique called “chipping” is used. Each bit of user data is converted into a series of redundant bit patterns called “chips.” The inherent redundancy of each chip combined with spreading the signal across the 22 MHz channel provides for a form of error checking and correction; even if part of the signal is damaged, it can still be recovered in many cases, minimizing the need for retransmissions.
The data link layer within 802.11 consists of two sublayers: Logical Link Control (LLC) and Media Access Control (MAC).
802.11 uses the same 802.2 LLC and 48-bit addressing as other 802 LANs, allowing for very simple bridging from wireless to IEEE wired networks, but the MAC is unique to WLANs.
The 802.11 MAC is very similar in concept to 802.3, in that it is designed to support multiple users on a shared medium by having the sender sense the medium before accessing it.
For 802.3 Ethernet LANs, the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) protocol regulates how Ethernet stations establish access to the wire and how they detect and handle collisions that occur when two or more devices try to simultaneously communicate over the LAN. In an 802.11 WLAN, collision detection is not possible due to what is known as the “near/far” problem: to detect a collision, a station must be able to transmit and listen at the same time, but in radio systems the transmission drowns out the ability of the station to “hear” a collision.
To account for this difference, 802.11 uses a slightly modified protocol known as Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) or the Distributed Coordination Function (DCF). CSMA/CA attempts to avoid collisions by using explicit packet acknowledgment (ACK), which means an ACK packet is sent by the receiving station to confirm that the data packet arrived intact.
CSMA/CA works as follows. A station wishing to transmit senses the air, and, if no activity is detected, the station waits an additional, randomly selected period of time and then transmits if the medium is still free. If the packet is received intact, the receiving station issues an ACK frame that, once successfully received by the sender, completes the process. If the ACK frame is not detected by the sending station, either because the original data packet was not received intact or the ACK was not received intact, a collision is assumed to have occurred and the data packet is transmitted again after waiting another random amount of time.
CSMA/CA thus provides a way of sharing access over the air. This explicit ACK mechanism also handles interference and other radio related problems very effectively. However, it does add some overhead to 802.11 that 802.3 does not have, so that an 802.11 LAN will always have slower performance than an equivalent Ethernet LAN.
Another MAC-layer problem specific to wireless is the “hidden node” issue, in which two stations on opposite sides of an access point can both “hear” activity from an access point, but not from each other, usually due to distance or an obstruction.
To solve this problem, 802.11 specifies an optional Request to Send/Clear to Send (RTS/CTS) protocol at the MAC layer. When this feature is in use, a sending station transmits an RTS and waits for the access point to reply with a CTS. Since all stations in the network can hear the access point, the CTS causes them to delay any intended transmissions, allowing the sending station to transmit and receive a packet acknowledgment without any chance of collision.
Since RTS/CTS adds additional overhead to the network by temporarily reserving the medium, it is typically used only on the largest-sized packets, for which retransmission would be expensive from a bandwidth standpoint.
Finally, the 802.11 MAC layer provides for two other robustness features: CRC checksum and packet fragmentation. Each packet has a CRC checksum calculated and attached to ensure that the data was not corrupted in transit. This is different from Ethernet, where higher-level protocols such as TCP handle error checking. Packet fragmentation allows large packets to be broken into smaller units when sent over the air, which is useful in very congested environments or when interference is a factor, since larger packets have a better chance of being corrupted. This technique reduces the need for retransmission in many cases and thus improves overall wireless network performance. The MAC layer is responsible for reassembling fragments received, rendering the process transparent to higher level protocols.
Support for Time-Bounded Data
Time-bounded data such as voice and video is supported in the 802.11 MAC specification through the Point Coordination Function (PCF). As opposed to the DCF, where control is distributed to all stations, in PCF mode a single access point controls access to the media. If a BSS is set up with PCF enabled, time is spliced between the system being in PCF mode and in DCF (CSMA/CA) mode. During the periods when the system is in PCF mode, the access point will poll each station for data, and after a given time move on to the next station. No station is allowed to transmit unless it is polled, and stations receive data from the access point only when they are polled. Since PCF gives every station a turn to transmit in a predetermined fashion, a maximum latency is guaranteed. A downside to PCF is that it is not particularly scalable, in that a single point needs to have control of media access and must poll all stations, which can be ineffective in large networks.
802.11a, is much faster than 802.11b, with a 54Mbps maximum data rate operates in the 5GHz frequency range and allows eight simultaneous channels.
802.11a uses Orthogonal Frequency Division Multiplexing (OFDM), a new encoding scheme that offers benefits over spread spectrum in channel availability and data rate.
Channel availability is significant because the more independent channels that are available, the more scalable the wireless network becomes. 802.11a uses OFDM to define a total of 8 non-overlapping 20 MHz channels across the 2 lower bands. By comparison, 802.11b uses 3 non-overlapping channels.
All wireless LANs use unlicensed spectrum; therefore they&qt;&qt;re prone to interference and transmission errors. To reduce errors, both types of 802.11 automatically reduce the Physical layer data rate. IEEE 802.11b has three lower data rates (5.5, 2, and 1Mbit/sec), and 802.11a has seven (48, 36, 24, 18, 12, 9, and 6Mbits/sec). Higher (and more) data rates aren&qt;&qt;t 802.11a&qt;&qt;s only advantage. It also uses a higher frequency band, 5GHz, which is both wider and less crowded than the 2.4GHz band that 802.11b shares with cordless phones, microwave ovens, and Bluetooth devices.
The wider band means that more radio channels can coexist without interference. Each radio channel corresponds to a separate network, or a switched segment on the same network. One big disadvantage is that it is not directly compatible with 802.11b, and requires new bridging products that can support both types of networks. Other clear disadvantages are that 802.11a is only available in half the bandwidth in Japan (for a maximum of four channels), and it isn&qt;&qt;t approved for use in Europe, where HiperLAN2 is the standard.
With 802.11b WLANs, mobile users can get Ethernet levels of performance, throughput, and availability.
The basic architecture, features, and services of 802.11b are defined by the original 802.11 standard. The 802.11b specification affects only the physical layer, adding higher data rates and more robust connectivity.
The key contribution of the 802.11b addition to the wireless LAN standard was to standardize the physical layer support of two new speeds,5.5 Mbps and 11 Mbps.
To accomplish this, DSSS had to be selected as the sole physical layer technique for the standard since, as frequency hopping cannot support the higher speeds without violating current FCC regulations. The implication is that 802.11b systems will interoperate with 1 Mbps and 2 Mbps 802.11 DSSS systems, but will not work with 1 Mbps and 2 Mbps 802.11 FHSS systems.
The original 802.11 DSSS standard specifies an 11-bit chipping?called a Barker sequence?to encode all data sent over the air. Each 11-chip sequence represents a single data bit (1 or 0), and is converted to a waveform, called a symbol, that can be sent over the air.
These symbols are transmitted at a 1 MSps (1 million symbols per second) symbol rate using technique called Binary Phase Shift Keying BPSK). In the case of 2 Mbps, a more sophisticated implementation called Quadrature Phase Shift Keying (QPSK) is used; it doubles the data rate available in BPSK, via improved efficiency in the use of the radio bandwidth. To increase the data rate in the 802.11b standard, advanced coding techniques are employed.
Rather than the two 11-bit Barker sequences, 802.11b specifies Complementary Code Keying (CCK), which consists of a set of 64 8-bit code words. As a set, these code words have unique mathematical properties that allow them to be correctly distinguished from one another by a receiver even in the presence of substantial noise and multipath interference (e.g., interference caused by receiving multiple radio reflections within a building).
The 5.5 Mbps rate uses CCK to encode 4 bits per carrier, while the 11 Mbps rate encodes 8 bits per carrier. Both speeds use QPSK as the modulation technique and signal at 1.375 MSps. This is how the higher data rates are obtained. To support very noisy environments as well as extended range, 802.11b WLANs use dynamic rate shifting, allowing data rates to be automatically adjusted to compensate for the changing nature of the radio channel. Ideally, users connect at the full 11 Mbps rate.
However when devices move beyond the optimal range for 11 Mbps operation, or if substantial interference is present, 802.11b devices will transmit at lower speeds, falling back to 5.5, 2, and 1 Mbps. Likewise, if the device moves back within the range of a higher-speed transmission, the connection will automatically speed up again. Rate shifting is a physical layer mechanism transparent to the user and the upper layers of the protocol stack.
One of the more significant disadvantages of 802.11b is that the frequency band is crowded, and subject to interference from other networking technologies, microwave ovens, 2.4GHz cordless phones (a huge market), and Bluetooth. There are drawbacks to 802.11b, including lack of interoperability with voice devices, and no QoS provisions for multimedia content. Interference and other limitations aside, 802.11b is the clear leader in business and institutional wireless networking and is gaining share for home applications as well.
- Enable Encryption on your Access Point. Using 128-bit encryption or higher makes your Wireless Network more secure. WEP and WPA are entirely different encryption schemes. WEP has been proven insecure. Using WPA is recommended, but actually no more secure than WEP. WPA is just a little friendlier to use.
- Set the &qt;&qt;Administrator&qt;&qt; password on the router. Anybody who gains access can use the &qt;&qt;default&qt;&qt; password to lock you out, or grant themselves more privileges (i.e. disable MAC address filtering or add one more MAC address to the MAC address filtering list so they don&qt;&qt;t always need to &qt;&qt;clone&qt;&qt; your MAC address to get in). If you forget it, most routers have a hardware reset that will restore all of the settings to factory defaults.
- Don&qt;&qt;t use easily guessed Keys, such as "ABC123", "Password", or a string of numbers in order. Use something hard to guess that contains both letters and numbers. Special characters such as !@#$&qt; are not supported by most routers. The longer the key, the better. Using the Passwords Page on GRC.com is recommended.
- Change your ESSID (Wireless Network Name)from the default to something unique. Don&qt;&qt;t use your phone number, address, or anything that may identify you. If you leave it &qt;&qt;linksys&qt;&qt; (or whatever default) your Windows notebook will automatically connect to every other network it encounters with the same name, and not every wireless network is a good and secure thing to connect to.
- Disable the &qt;&qt;ESSID Broadcast&qt;&qt; feature of your Access Point or Router. People will be less likely to pass by and notice your network. On the down-side, it becomes problematic to connect a guest&qt;&qt;s computer to it, as well as many &qt;&qt;devices&qt;&qt;, like printers with wireless networking built in.
- Use MAC Address filtering on your Access Point or router. This registers the hardware address (MAC Address) of your networked devices, and prevents unknown devices from joining or accessing the network (unless they clone one of your &qt;&qt;allowed&qt;&qt; MAC addresses after you go to bed).