Samstag, 29. November 2014

Linux Security

1) Firewalls are your guardian angels.

First of all, keep a software firewall active on your system, and restrict access to ports that allow remote access into your system, a good idea is to allow only a few select hosts access to ports used by services such as ssh (port 22) or telnet (port 23). Keeping a firewall in place ensures that you alone dictate who gets to access remote services on your computer and who doesn’t. To set up a firewall in linux, you can use the iptables program which comes standard with most linux distributions. However, iptables is quite difficult and complicated to set up correctly, and you will need to spend some time fiddling with the command line, but it is very flexible and powerful once configured correctly.

If messing about with iptables dosen’t appeal to you, there are frontends to iptables that you can use to set up effective firewalls. One such frontend is ufw (uncomplicated firewall) this program comes standard on ubuntu and is quite simple to set up, to use it you first have to enable it by typing in ’sudo enable ufw’ in the terminal, once the ufw service is active, adding rules is as simple as ’sudo allow 22/tcp’ > this statement allows all tcp traffic on port 22, swap allow for deny and you have the ssh service blocked, Its that simple, much easier than mucking about with iptables.

Of course, there are many people who do not like the idea of using command-line programs and like all their apps to be graphical. If you prefer a GUI configured firewall, then firestarter is the choice for you. Firestarter is a breeze to use, and has good documentation available on the firestarter website.
2) Passwords are for your protection, choose them well

Choose good user passwords, especially for root. One way to choose a secure password is to take a sentence, reduce it to an acronym and then replace some letters of the acronym with symbols and add some numbers to it. this mixing of alphabets, numbers and symbols, along with its long length will be a strong password.

Never use actual words that have meaning as passwords. These types of passwords are weak and can be cracked using dictionary attacks. Also along those lines: Never use words that hold personal significance with you.. i.e don’t use passwords that people who know you will be inclined to think that you would use, like a favorite pet’s name.. etc.

And for god’s sake, don’t use the word ‘password’ as a password…. ( don’t laugh… thats one of the most common passwords .. )
3) Use antivirus

Yeaps you read right.. antivirus. Antivirus on linux you say? Yes, linux has antivirus suites as well , but this is more for cleaning off your thumbdrives that you may have used in an infected windows machine than for killing linux viruses, as the system of user permissions for executing files makes linux a very inhospitable place for computer viruses to live. clamAV is a good antivirus choice, with a GUI version available for most major distros.
4) Be careful what scripts you get off the net

Getting bash scripts off the net is convenient, but be careful what scripts you run on your system, and make sure you check them out first. If you suspect that a script you got has some nasty intentions behind it, but you do not have the expertise in bash scripting to be sure, post the script in text form on linux support forums and the community will help you out. Unfortunatly, there are idiots out there who write destructive shell scripts and release them into the wilds of the internet, in this case intuition is your best defence.
5) Encrypt sensitive data that you may have.

The concept behind encryption is relatively simple, make the data to be encrypted unreadable to anybody besides authorised users.
My favourite program for encrypting data on linux AND windows would have to be truecrypt. Truecrypt works by creating a virtual volume which you can then set a passphrase or security key to. When you mount the virtual volume, you can then add files to it, which will be totally encrypted and unviewable once unmounted. The only way to mount the drive is to supply the passphrase or key.
6)Keep your BIOS set to boot from your harddrive and then add a password to your bios.

This is to keep people from booting off from live CDs and cracking your password from them. Although it is relatively easy to reset the BIOS password, this should be at least a minor detterance to those who may try this cracking method.

Well, there you go.. hopefully you wil use these tips and make your system a safer box to work on.

Input Validation Attacks

  Input Validation Attacks :-

Input Validation Attacks are where an attacker intentionally sends unusual input in the hopes of confusing the application.
The most common input validation attacks are as follows-

1) Buffer Overflow :- Buffer overflow attacks are enabled due to sloppy programming or mismanagement of memory by the application developers. Buffer overflow may be classified into stack overflows, format string overflows, heap overflows and integer overflows. It may possible that an overflow may exist in language’s (php, java, etc.) built-in functions.
To execute a buffer overflow attack, you merely dump as much data as possible into an input field. The attack is said to be successful when it returns an application error. Perl is well suited for conducting this type of attack.
Here’s the buffer test, calling on Perl from the command line:
$ echo –e “GET /login.php?user=\
> `perl –e ‘print “a” x 500’`\nHTTP/1.0\n\n” | \
nc –vv website 80
This sends a string of 500 “a” characters for the user value to the login.php file.
Buffer overflow can be tested by sending repeated requests to the application and recording the server's response.

2) Canonicalization :- These attacks target pages that use template files or otherwise reference alternate files on the web server. The basic form of this attack is to move outside of the web document root in order to access system files, i.e., “../../../../../../../../../boot.ini”. This type of functionality is evident from the URL and is not limited to any one programming language or web server. If the application does not limit the types of files that it is supposed to view, then files outside of the web document root are targeted, something like following-
/menu.asp?dimlDisplayer=menu.asp
/webacc?User.asp=login.htt
/SWEditServlet?station_path=Z&publication_id=2043&template=login.tem
/Getfile.asp?/scripts/Client/login.js
/includes/printable.asp?Link=customers/overview.htm

3) Cross-site Scripting (XSS) :- Cross-site scripting attacks place malicious code, usually JavaScript, in locations where other users see it. Target fields in forms can be addresses, bulletin board comments, etc.
We have found that error pages are often subject to XSS attacks. For example, the URL for a normal application error looks like this:
http://website/inc/errors.asp?Error=Invalid%20password
This displays a custom access denied page that says, “Invalid password”. Seeing a string
on the URL reflected in the page contents is a great indicator of an XSS vulnerability. The attack would be created as:
http://website/inc/errors.asp?Error=<script%20src=...
That is, place the script tags on the URL.

4) SQL Injection :- This kind of attack occurs when an attacker uses specially crafted SQL queries as an input, which can open up a database. Online forms such as login prompts, search enquiries, guest books, feedback forms, etc. are specially targeted.
The easiest test for the presence of a SQL injection attack is to append “or+1=1” to the URL and inspect the data returned by the server.
example:- http://www.domain.com/index.asp?querystring=sports' or 1=1--

Shutdown Command Via Command Prompt

Shutdown Command Via Command Prompt :-

The 'Shutdown' Command Becomes More Flexible and Automated when used from the Command Prompt.

To Run the 'Shutdown' command from the command prompt, go to 'Start > Run', type 'cmd', and press 'Enter'.
In the black box (the command prompt) type 'Shutdown' and the Switches you want to use with the 'Shutdown' command.
You have to use at least one switch for the shutdown command to work.

The Switches :-
The 'Shutdown' command has a few options called Switches. You can always see them by typing 'shutdown -?' in the command prompt if you forget any of them.

-i: Display GUI interface, must be the first option
-l: Log off (cannot be used with -m option)
-s: Shutdown the computer
-r: Shutdown and restart the computer
-a: Abort a system shutdown
-m \\computername: Remote computer to shutdown/restart/abort
-t xx: Set timeout for shutdown to xx seconds
-c “comment”: Shutdown comment (maximum of 127 characters)
-f: Forces running applications to close without warning
-d [u][p]:xx:yy: The reason code for the shutdown u is the user code p is a planned shutdown code xx is the major reason code (positive integer less than 256) yy is the minor reason code (positive integer less than 65536)

Note :- I’ve noticed using a switch with a '-' sign doesn’t work sometimes.
If you are having trouble try using a '/' in place of '-' in your switches.

Examples :-
shutdown –m \\computername –r –f
This command will restart the computer named computername and force any programs that might still be running to stop.

shutdown –m \\computername –r –f –c “I’m restarting your computer. Please save your work now.” –t 120
This command will restart the computer named computername, force any programs that might still be running to stop, give to user on that computer a message, and countdown 120 seconds before it restarts.

shutdown –m \\computername –a
This command will abort a previous shutdown command that is in progress.

Using A Batch File :-
You can create a file that performs the shutdown command on many computers at one time.

In this example I’m going to create a batch file that will use the shutdown command to shut down 3 computers on my home network before I go to bed.

Open 'Notepad' and type the shutdown command to shut down a computer for each computer on the network.
Make sure each shutdown command is on its own line.
An example of what should be typed in notepad is given below-

shutdown –m \\computer1 –s
shutdown –m \\computer2 –s
shutdown –m \\computer3 -s

Now I’ll save it as a batch file by going to file, save as, change save as type to all files, give the file a name ending with '.bat'. I named mine 'shutdown.bat'.
Pick the location to save the batch file in and save it.

When you run the batch file it’ll shutdown computer 1, 2, and 3 for you.

You can use any combination of shutdown commands in a batch file.

Reveal *****(Asterisk) Passwords Using Javascript


-: Reveal *****(Asterisk) Passwords Using Javascript :-

Want to Reveal the Passwords Hidden Behind Asterisk (****) ?

Follow the steps given below-

1) Open the Login Page of any website. (eg. http://mail.yahoo.com)

2) Type your 'Username' and 'Password'.

3) Copy and paste the JavaScript code given below into your browser's address bar and press 'Enter'.

javascript: alert(document.getElementById('Passwd').value);


4) As soon as you press 'Enter', A window pops up showing Password typed by you..!


Note :- This trick may not be working with firefox.

Reveal Passwords Using Javascript

Calculations On Command Prompt


the command processor CMD.EXE comes with a mini-calculator that can perform simple arithmetic on 32-bit signed integers:

C:\>set /a 2+2
4
C:\>set /a 2*(9/2)
8
C:\>set /a (2*9)/2
9
C:\>set /a "31>>2"
7

Note that we had to quote the shift operator since it would otherwise be misinterpreted as a "redirect stdout and append" operator.

For more information, type set /? at the command prompt.

Hide Entire Drives Partition Without Registry

Here is a cool technique which hides entire hard disk drives by a simple procedure.
This is the best security tip to be employ against unauthorised users.

1) Go to Start > Run > type "diskpart".
A DOS window will appear with following description.

DISKPART>

2) Then type "list volume"
The result will look something like one as shown below-
http://www.insecure.in/images/hide_drive.gif

3) Suppose you want to hide drive E then type "select volume 3"
Then a message will appear in same window { Volume 3 is the selected volume}

4) Now type "remove letter E"
Now a message will come { Diskpart Removed the Drive letter }

sometime it requires to reboot the computer.
Diskpart will remove the letter.

Windows XP is not having capabilty to identify the unknown volume.
Your Data is now safe from unauthorised users.

To access the content of hidden Drive repeat the process mentioned above. But in 4th step replace " remove" by "assign".
It means type "assign letter E". 

The ZIP of Death


This is a exploit of the compression algorithms to make a small zip that will extract into extream amounts their are more ways and better ones than this one but i will only show how to make a simple 1k = 1m ratio.

1) Make a.txt file

2) Open and type the null character (alt + 255)

3) Press ctrl + a then ctrl + v a couple times to make some null bytes

4) If u have a hexeditor make the hex 00 for about 50 kilobytes.

5) Now make several copies of a.txt and name accordinly

6) Open cmd.exe

7) Type copy /b *.txt b.txt

8) Now every copy is made into a super copy and repeat

9) Once you have a nice empty big text file like 1gb. Put it in a zip archive.
Because of the simple construction of the file, 1gb of null bytes.....!

The zip is only 1 mb in size and can really annoy freinds.
For added fun hex edit the zip and you will see a bunch of hex 5555

Just add some more and the file will expand amazingly

Make sure to not open this after

You can always create your zip of death from the command line in linux
dd if=/dev/zero bs=1000 count=1000000 | gzip > test.gz

Freitag, 14. November 2014

c code for extraction of attributes of BMP file

/*BMP Attributes.C*/

#include<stdio.h>
#include<conio.h>
#include<string.h>
#include<graphics.h>


typedef struct bmp_header {
                                                unsigned char ft[2];
                                                unsigned long fsz;
                                                unsigned int res1, res2;
                                                unsigned long ofb, sz, wd, ht;
                                                unsigned int npi, bpp;
                                                unsigned long cps, isz, xres, yres;
                                                unsigned long clru, clrimp;
                                      }TH;
TH *ihdr;

typedef struct RGBtag {
                                    unsigned char blue, red, green, resv;
                              }RGB;

RGB clrs[256], pal[256];

char buff[18];

void main()
{
            int d= DETECT, m= VGAHI, xsize, ysize, pix, n, m1;
            long int i, j;
            FILE *imgf;
            imgf= fopen("2.bmp", "rb");
            if(imgf == NULL)
            {
                        printf("\n\a ERROR");
                        exit(0);
            }
            clrscr();
            fread(ihdr, sizeof(TH), 1, imgf);
            printf("\n\t BMP FILE HEADER\n");
            printf("\n1File Type: %c%c",ihdr->ft[0],ihdr->ft[1]);
            printf("\n2 FILE SIZE = %ld bytes", ihdr -> fsz);
            printf("\n3 RESERVED1 = %d ",ihdr -> res1);
            printf("\n4 RESERVED2= %d ", ihdr-> res2);
            printf("\n5 OFFSET TO START OF IMAGE= %ld bytes", ihdr->ofb);
            printf("\n6 SIZE OF BITMAP INFO HEADER = %ld", ihdr->sz);
            printf("\n7 IMAGE WIDTH = %ld pixels", ihdr->wd);
            printf("\n8 IMAGE HEIGHT = %ld pixels ", ihdr->ht);
            printf("\n9 no. of PLANES IN IMAGE = %d ", ihdr->npi);
            printf("\n10 no of bits/ pixels= %d ", ihdr->bpp);
            printf("\n11 TYPE OF COMPRESSION =%d", ihdr->cps);
            printf("\n12 IMAGE SIZE= %ld bytes",ihdr->isz );
            printf("\n13 HORIZONTAL RESOLUTION =%ld pixels/mtr", ihdr->xres);
            printf("\n14 VERTICAL RESOLUTION = %ld pixel/mtr", ihdr->yres);
            printf("\n15 NO of colours in image= %d", ihdr->clru);
            printf("\n16 NO fo important colors %d ", ihdr->clrimp);
            printf("\n RGB Values of a perticular pixel : \n\n");
            printf("Row ?= ");
            scanf("%d",&n);
            printf("Column ?= ");
            scanf("%d", &m1);
            printf("\n ROW %d \n ",n);
            printf("\n col. %d ", m1);
            fseek(imgf, (n*sizeof(clrs))+(m1*sizeof(clrs)), SEEK_SET);
            printf("\n R G B Resv. \n");
            fread(&clrs, sizeof(clrs), 1, imgf);
            printf("\n %d %d %d", clrs->blue, clrs-> green , clrs->resv);
            getch();
}                         



OUTPUT:
BMP FILE HEADER
1File Type: BM
2 FILE SIZE = 25870 bytes
3 RESERVED1 = 0
4 RESERVED2= 0
5 OFFSET TO START OF IMAGE= 118 bytes
6 SIZE OF BITMAP INFO HEADER = 40
7 IMAGE WIDTH = 228 pixels
8 IMAGE HEIGHT = 222 pixels
9 no. of PLANES IN IMAGE = 1
10 no of bits/ pixels= 4
11 TYPE OF COMPRESSION =0
12 IMAGE SIZE= 25752 bytes
13 HORIZONTAL RESOLUTION =0 pixels/mtr
14 VERTICAL RESOLUTION = 0 pixel/mtr
15 NO of colours in image= 0
16 NO fo important colors 0
 RGB Values of a perticular pixel :
Row ?= 2
Column ?=3
 ROW 2
 col. 3
 R G B Resv.
 136 135 119





     Original Image (C:\TC\2.BMP)

MATLAB program to study the various morphological operation on binary image

\\ MATLAB program to study the various morphological operation on binary image.\\

clc;
clear all;
close all:
I=imread(C:\aish.bmp);
figure

imshow(I)
title('original image');
I=im2bw(I);
figure
imshow(I);
title('binary image');
a=bwmorph(I,'dilate');
figure
imshow(a)
title('dilation');
b=bwmorph(I,'erode');
figure
imshow(b)
title('erosion');
c=bwmorph(I,'open');
figure
imshow(c)
title('binary opening');

d=bwmorph(I,'close');

Measurements using Digital Storage Oscilloscope, different modes of DSO, capturing transients and analysis of waveforms.

AIM:  Measurements using Digital Storage Oscilloscope, different modes of DSO,
            capturing transients and analysis of waveforms.

I) To study different modes of DSO such as Roll, Average, Peak Detection.
II)  FFT analysis using DSO.
III) Capture transients
IV) Various math operations.


EQUIPMENT:

1) DSO (GWINSTEK GDS-1102, 100MHz 250M Sa/s oscilloscope)
2)Function generator (Aplab 1MHz, Model no:FG1MD)

THEORY:
The main purpose of an oscilloscope is to give an accurate visual representation of electrical signals. An oscilloscope is a measurement and testing instrument used to display a certain variable as a function of another.
                                                              
Ø  Types of oscilloscopes

Analog oscilloscopes The first oscilloscopes were analog oscilloscopes, which use cathode-ray tubes to display a waveform. The downside of an analog oscilloscope is that it cannot “freeze” the display and keep the waveform for an extended period of time. Once the phosphorus substance deluminates, that part of the signal is lost. Also, you cannot perform measurements on the waveform automatically. Instead you have to make measurements by hand using the grid on the display. Analog oscilloscopes are also very limited in the types of signals they can display because there is an upper limit to how fast the horizontal and vertical sweeping of the electron beam can occur. While analog oscilloscopes are still used by many people today, they are not sold very often. Instead, digital oscilloscopes are the modern tool of choice.  
                                                                                                   
Digital storage oscilloscopes (DSOs)
Digital storage oscilloscopes (often referred to as DSOs) were invented to remedy many of the negative aspects of analog oscilloscopes. DSOs input a signal and then digitize it through the use of an analog-to-digital converter. Figure 1 shows an example of one DSO architecture used by Agilent digital oscilloscopes. The attenuator scales the waveform. The vertical amplifier provides additional scaling while passing the waveform to the analog-to-digital converter (ADC). The ADC samples and digitizes the incoming signal. It then stores this data in memory. The trigger looks for trigger events while the time base adjusts the time display for the oscilloscope. The microprocessor system performs any additional post processing you have specified before the signal is finally displayed on the oscilloscope. Having the data in digital form enables the oscilloscope to perform a variety of measurements on the waveform.
Signals can also be stored indefinitely in memory. The data can be printed or transferred to a computer via a flash drive, LAN, or DVD-RW. In fact, software now allows you to control and monitor your oscilloscope from a computer using a virtual front panel.

Ø  Trigger controls

As we mentioned earlier, triggering on your signal helps to provide a stable, usable display and allows you to see the part of the waveform you are interested in. The trigger controls let you pick your vertical trigger level (for example, the voltage at which you want your oscilloscope to trigger) and choose between various triggering capabilities. Examples of common triggering types include:

Edge triggering – Edge triggering is the most popular triggering mode. The trigger occurs when the voltage surpasses some set threshold value. You can choose between triggering on a rising or a falling edge. Figure 18 shows a graphical representation of triggering on a rising edge.

Glitch triggering – Glitch triggering mode enables you to trigger on an event or pulse whose width is greater than or less than some specified length of time. This capability is very useful for finding random glitches or errors. If these glitches do not occur very often, it may be very difficult to see them. However, glitch triggering allows you to catch many of these errors..

Pulse-width triggering – Pulse width triggering is similar to glitch triggering when you are looking for specific pulse widths. However, it is more general in that you can trigger on pulses of any specified width and you can choose the polarity (negative or positive) of the pulses you want to trigger on. You can also set the horizontal position of the trigger. This allows you to see what occurred pre-trigger or post-trigger. For instance, you can execute a glitch trigger, find the error, and then look at the signal pre-trigger to see what
caused the glitch. If you have the horizontal delay set to zero, your trigger event will be placed in the middle of the screen horizontally. Events that occur right before the trigger will be to the left of the screen and events that occur directly after the trigger will be to the right of the screen. You also can set the coupling of the trigger and set the input source you want to trigger on. You do not always have to trigger on your signal, but can instead trigger on a related signal. Figure 20 shows the trigger control section of an oscilloscope’s front panel.

Ø  Input controls
There are typically two or four analogue channels on an oscilloscope. They will be numbered and they will also usually have a button associated with each particular channel that enables you to turn them on or off. There may also be a selection that allows you to specify AC or DC coupling. If DC coupling is selected, the entire signal will be input. On the other hand, AC coupling blocks the DC component and centers the waveform about 0 volts (ground). In addition, you can specify the probe impedance for each channel through a selection button. The input controls also let you choose the type of sampling. There are two basic ways to sample the signal:

Real-time sampling – Real-time sampling samples the waveform often enough that it captures a complete image of the waveform with each sweep. This is useful if you are sampling low-frequency signals, as the oscilloscope has the required time to sample the waveform often enough in one sweep.

Equivalent-time sampling – Equivalent time sampling builds up the waveform over several sweeps. It samples part of the signal on the first sweep, then another part on the second sweep, and so on. It then laces all this information together to recreate the waveform. Equivalent time sampling is useful for high-frequency signals that are too fast for real-time sampling.



 

Fig.1 Block Diagram of DSO


DSO features:

a)      Pre- trigger function: (observation of waveforms before triggering)
The DSO is capable of recording the waveforms preceding the triggering point. It continuously stores data until a trigger occurs storing is stopped at the predefined no. Of sampling after the trigger &then the stored data is displayed with the trigger point as reference.

b)      Observation of single shot events: A DSO can capture single _shot events such as power supply, start up characteristics, power resets, power failure detection counter measures against noise & instantaneous waveforms for areas that include mechanical equipments such as motors. The DSO can be used for failure monitoring purposes such as storing waveforms.

c)      Large memory capacity: DSO stores the observed data in memory. Memory capacity is unlimited. With a large memory capacity, phenomenon can be recorder over a long period.

d)     Computations: Since the collected waveform data is expressed as digital values, sophisticated computation processing can be performed on the waveform data &the results are displayed on the screen in real time. This enables various functions such as auto set up function.

e)                  Data output: Digitization of waveforms data allows various forms of output. For eg. By incorporating a printer in the digital oscilloscope, the display on the screen can be immediately printed out and time consuming.

Ø  Application
                             
If a company is testing or using electronic signals, it is highly likely they have an oscilloscope. For this reason, oscilloscopes are prevalent in a wide variety of fields:
• Automotive technicians use oscilloscopes to diagnose electrical problems in cars.
• University labs use oscilloscopes to teach students about electronics.
• Research groups all over the world have oscilloscopes at their disposal.
• Cell phone manufacturers use oscilloscopes to test the integrity of their signals.
• The military and aviation industries use oscilloscopes to test radar communication systems.
• R&D engineers use oscilloscopes to test and design new technologies.
• Oscilloscopes are also used for compliance testing. Examples include USB and HDMI where the output must meet certain standards.
This is just a small subset of the possible uses of an oscilloscope. It truly is a versatile and powerful instrument.
                                                
Ø  Important Oscilloscope Performance Properties

Bandwidth and channels
it dictates the range of signals (in terms of frequency) that you are able to accurately display and test. Bandwidth is measured in Hertz. Without sufficient bandwidth, your oscilloscope will not display an accurate representation of the actual signal. A channel refers to an independent input to the oscilloscope. The number of oscilloscope channels varies between two and twenty. Most commonly, they have two or four channels.

Sample Rate
The sample rate of an oscilloscope is the number of samples the oscilloscope can acquire per second. It is recommended that your oscilloscope have a sample rate that is at a least 2.5 times greater than its bandwidth. However, ideally the sample rate should be 3 times the bandwidth or greater. You need to be careful when you evaluate an oscilloscope’s sample rate banner specifications. Manufactures typically specify the maximum sample rate an oscilloscope can attain, and often this maximum rate is possible only when one channel is being used. If more channels are used simultaneously, the sample rate may decrease.
                     
Memory depth
As we mentioned earlier, a digital oscilloscope uses an A/D (analog-to-digital) converter to digitize the input waveform. The digitized data is then stored in the oscilloscope’s high-speed memory. Memory depth refers to exactly how many records and, therefore, what length of time can be stored. Memory depth plays an important role in the sampling rate of an oscilloscope. In an ideal world, the sampling rate would remain constant no matter what the settings were on an oscilloscope. However, this kind of an oscilloscope would require a huge amount of memory at small time/division settings and would have a price that would severely limit the number of customers that could afford it. Instead, the sampling rate decreases as you increase the range of time. Memory depth is important because the more memory depth an oscilloscope has, the more time you can spend capturing waveforms at full sampling speed. Mathematically, this can be seen by:
Memory depth =(sample rate).(time across display)
So, if you are interested in looking at long periods of time with high resolution between points, you will need deep memory. It is also important to

PART I

PROCEDURE:


a)Modes of DSO:
1) Apply a low frequency signal from function generator as input to DSO.
2) Observe it using different modes.
To select normal mode.
1)      Press Acquire.
2)      In the Acquire menu, press Acquisition until “Normal” is selected.
To select the Average acquisition mode:
1)      Press Acquire
2)      In the Acquire menu, press Acquisition until “Average” is selected.
To select the peak detection mode.
1)      Press Acquire.
2)      In acquire menu, press Acquisition until “Peak Detect” is selected.
b) Capturing transients:
1) Construct series RLC circuit on breadboard.
2) Apply 1KHz square wave as input from function generator.
3) Observe the voltage across the capacitor on DSO.
4) Take readings for rise time, fall time, overshoot, undershoot using ‘automatic measurement’.
To display an automatic measurement
1)      Press Measure.
2)      In Measure menu, select source to select input channel or math waveform on which to make automatic measurement.
3)      Select voltage(for voltage measurement) or time(for time measurement).
4)      Then push the menu button for the measurement to add the button of the display.
To clear automatic measurement from the display
1)      Press Measure.
2)      In the Measure menu, select Clear to clear all the automatic measurements from the display.
c) FFT Analysis
1) Apply 1KHz square wave as input from function generator to channel 1 of DSO.
2) Switch DSO to math(FFT) mode
3) Using horizontal and vertical cursors measure amplitude and frequency components.
To display a waveform’s FFT:
1)      Press Math.
2)      In the math menu, press operate until “FFT” is selected.
3)      In the FFT menu, press source until the desired input channel is selected.
4)      Press window until desired window is selected:
There are 4 FFT windows. Each window has trade-off’s between frequency resolution and amplitude accuracy.
5)      Select display to toggle between “Split” screen display and a “Full Screen” display.
To use manually adjustable cursors:
For horizontal cursors
1)      Press cursor.
2)      Press X<->Y to select the horizontal cursor.
3)      Press Source repeatedly to select the source channel.
4)      To move left cursor, press X1 and then use variable knob.
5)      To move right cursor, press X2 and then use variable knob.
6)      To move both cursors at once, press X1X2 and then use variable knob.
For vertical cursors
1)      Press cursor.
2)      Press X<->Y to select the vertical cursor.
3)      Press source repeatedly to select the source channel.
4)      To move upper cursor, press Y1 and then use variable knob.
5)      To move lower cursor, press Y2 and then use variable knob.
6)      To move both cursors at once, press Y1Y2 and then use variable knob.
d) Math Operations:
1) Apply two different signals from function generator to two channels of DSO.
2) Perform all possible MATH operations.
To add, subtract waveform
1)      1+2
2)      1-2














Observation Table:
  1. Transients in series RLC circuit.
Sr. No.
Parameter

1
Rise time

2
Fall time

3
Overshoot

4
Undershoot

5
Pulsewidth(+ve)

6
Pulsewidth(-ve)



Measurement of Total Harmonic Distortion contained by output of amplifier, inverter

AIM: Measurement of Total Harmonic Distortion contained by output of amplifier, inverter.
EQUIPMENTS:
1) Spectrum Analyzer (Agilent,9KHz-3GHz)
2) BJT amplifier circuit
3) connecting probes
4) power supply (Radial industries,SVP030002D,0-32V,DC-2A)
5) Function Generator (Aplab, FG1MD, 1MHz)

THEORY:
The total harmonic distortion, or THD, of a signalis a measurement of the harmonicdistortion present and is defined as the ratio of the sum of the powers of all harmonic components to the power of the fundamental frequency. Lesser THD allows the components in a loudspeaker, amplifier or microphone or other equipment to produce a more accurate reproduction by reducing harmonics added by electronics and audio media.
To understand a system with an input and an output, such as an audio amplifier, we start with an ideal system where the transfer function is linear and time-invariant. When a signal passes through a non-ideal, non-linear device, additional content is added at the harmonics of the original frequencies. THD is a measurement of the extent of that distortion.
When the input is a pure sine wave, the measurement is most commonly the ratio of the sum of the powers of all higher harmonic frequencies to the power at the first harmonic, or fundamental, frequency:
\mbox{THD} = \frac{P_2 + P_3 + P_4 + \cdots + P_\infty}{P_1} = \frac{\displaystyle\sum_{n=2}^\infty P_n}{P_1}
which can equivalently be written as
\mbox{THD} =  \frac{P_\mathrm{total} - P_1}{P_1}
if there is no source of power other than the signal and its harmonics.
Measurements based on amplitudes (e.g. voltage or current) must be converted to powers to make addition of harmonics distortion meaningful. For a voltage signal, for example, the ratio of the squares of the RMS voltages is equivalent to the power ratio:
\mbox{THD} =  \frac{V_2^2 + V_3^2 + V_4^2 + \cdots + V_\infty^2}{V_1^2}
where Vn is the RMS voltage of nth harmonic and n=1 is the fundamental frequency.
THD is also commonly defined as an amplitude ratio rather than a power ratio,[1]resulting in a definition of THD which is the square root of that given above:
\mbox{THD} = \frac{ \sqrt{V_2^2 + V_3^2 + V_4^2 + \cdots + V_n^2} }{V_1}
This latter definition is commonly used in audio distortion (percentage THD) specifications. It is unfortunate that these two conflicting definitions of THD (one as a power ratio and the other as an amplitude ratio) are both in common usage.
As a result, THD is a non-standardized specification and the results between manufacturers are not easily comparable. Since individual harmonic amplitudes are measured, it is required that the manufacturer disclose the test signal frequency range, level and gain conditions, and number of measurements taken. It is possible to measure the full 20–20 kHz range using a sweep. For all signal processing equipment, except microphone preamplifiers, the preferred gain setting is unity. For microphone preamplifiers, standard practice is to use maximum gain.
Measurements for calculating the THD are made at the output of a device under specified conditions. The THD is usually expressed in percentas distortion factor or in dBrelative to the fundamental as distortion attenuation.
THD+N
THD+N means total harmonic distortion plus noise. This measurement is much more common and more comparable between devices. It is usually measured by inputting a sine wave, notch filtering the output, and comparing the ratio between the output signal with and without the sine wave:
\mathrm{THD+N} = \frac{\displaystyle\sum_{n=2}^\infty{\text{harmonic powers}} + \text{noise power}}{\text{fundamental power}}
A meaningful measurement must include the bandwidth of measurement. This measurement includes effects from intermodulation distortion, and so on, in addition to harmonic distortion. In Europe, it is preferable to apply a ITU-R BS.468 weighed curve, which is intended to accentuate what is most audible to the human ear, contributing to a more accurate measurement. However, as the weight of the curve adds 12 dB of gain to the critical midband, making THD+N measurements bigger, manufacturers object to its use and have widely prevented its adoption in American and Asian markets.
For a given input frequency and amplitude, THD+N is equal to SINAD, provided that both measurements are made over the same bandwidth.
PROCEDURE:
1.      Connect the Vcc (12V) & ground of the BJT amplifier to the DC regulated power supply.
2.      Give input as 1KHz, 1Vp-p sinusoidal wave at the input side of BJT amplifier.
3.      Connect the output of the amplifier to spectrum analyzer.
4.      Set the spectrum analyzer in “spectrum analyzer” mode.
5.      Set the center frequency as 1KHz by pressing frequency button.
6.      Now set the span as 20KHz for observing the harmonics.

7.      Take the readings of different harmonics & calculate THD.