Thursday, December 30, 2010

How to Stay Secure Online

There really isn't any assurance your technology won't get stolen someday. As previously mentioned, it happened to me in less than a minute. Fortunately there are a number of tools to keep your laptops and mobile phones secure from tampering, or at least initiate a remote data wipe in the event of a breach.

If you shop online, your credit card number has been entered into at least one web site. While this is unavoidable, and just about as safe as using your credit card out in the real world, the fact still remains that your number could be intercepted and used to make unauthorized purchases. One easy way around that problem isusing temporary credit card numbers. While not every bank offers this service, if yours does you might want to take advantage of it. If you're making a purchase online—especially at a site you don't trust—you just generate a unique credit card number that will expire after its first use. This is also extremely helpful if you sign up for a trial and want to prevent automatic re-billing.

Doing this gives you all the characteristics of a good, strong password: lowercase and capital letters, at least one number, special characters, and a combination of those things that basically makes no sense when you look at it and turns out to be longer than eight total characters.

When it comes to our own, individual online security we put a lot of trust in our password managers. Password managers keep track of your passwords on multiple sites so you never need to remember your password when it's time to log in. This way you can memorize your one master password and never have to worry about remembering any of the others. This is enormously convenient, but what's more important is the added security benefits. A good password manager can help generate incomprehensible passwords, store them in its database, and decode them locally, only one your machine, when it needs to enter them into the web site. You can use a password manager to generate a unique, complex password for every site you visit. Each site will have a different password, you'll have no idea what any of them are, and all you'll have to do is remember the one master password you set for it.

During the Summer of my freshman year in high school, I worked at a grocery store as a bag boy and saved up for a laptop. At the end of the Summer I was finally able to buy one. Nowadays laptops are commonplace, but this was back when they were pretty rare. I loved it, and I put my life into that computer. A year later I set it up to print in the computer lab and ran into the other room for 30 seconds. When I returned, the laptop was gone. I was amongst people I trusted and gone for under a minute but, still, it didn't matter: the laptop was gone. I thought I'd somehow get it back, but it didn't take long to realize that wasn't going to happen. But, ultimately, it wasn't the laptop I wanted back. I quickly realized all my personal information—all my secrets—were in the hands of someone I'll never find. Someone gained the potential to know the darkest parts of my life and I'll never know who they are. This experience taught me two things:

In light of recent events, security has been a serious priority for all of us. Although there is no 100% full-proof plan, there are ways to greatly improve your online security and plan for the worst. Here are our recommendations.

The Bad News: Nobody's Safe

No matter how safe you think you might be, something bad can always happen.
The only way to ensure your private information always remains private and in your control is if it never leaves your own head.

The internet and reality aren't much different, in that sense. There is plenty of, if not more, risk in the real world than there is on the web, but we're just more accustomed to dealing with it. The online world is still very young and so we're learning to protect ourselves as we go along. Nonetheless, like with anything, there is no surefire protection. The web is imperfect. We are imperfect. Ultimately, no site is un-hackable. A person or group with enough knowledge and determination can bring nearly any site down. That said, we can certainly try our best to protect ourselves and be prepared for worst-case scenarios.

Create Strong, Resilient Passwords

There are several ways to keep remarkably strong passwords, but every strategy has a point of weakness and a level of inconvenience that you're going to have to accept. We're going to go over a method that we feel is all-around the best way to go, but include a few variations along the way so you can decide what suits you best.

Create Strong, Secure Passwords that Even You Don't Know

While there are a number of good password managers out there, like KeePass and 1Password, our favorite isLastPass. LastPass offers incredibly wide support for several operating systems, web browsers, and mobile phones. It's also completely free, remarkably secure, and comes with many features to help you stay as protected as possible. Since you're likely not without a few passwords at this point in your life online, LastPass can help you audit and update your passwords to make them more secure.

But what about creating a secure master password?

While all the passwords LastPass (or your other password manager) will generate will be about as strong as they can be, you want to have a strong master password as well. While your password manager can generate one for you, often times it's going to be too hard to remember and too inconvenient to type (especially on a mobile phone). If you don't mind the extra work for the extra security, your best bet is to have the most secure password you can have. If you want something you're sure you won't forget, Mozilla offers an easy way to create a strong password you'll be able to remember:

If you're not in the mood for a cute strong password public service announcement, the concept goes something like this:

Pick a phrase you can remember with a number in it, like "A bird in the hand is worth two in the bush."
Change that number (in this case, "two") to its numerical equivalent: A bird in the hand is worth 2 in the bush
Condense the phrase by only using the first letter of each word: Abithiw2itb
Add some special characters you can remember: #Abithiw2itb!

While we recommend generating complex passwords with your password manager, you can use this same technique to create unique passwords for individual sites. You can take the password and add a suffix specific to each web site. Sticking with out example, let's say you wanted to use this password for Lifehacker. Just add :L1feh@cker, :Lh, or whatever you'll be able to remember to the end of the password: #Abithiw2itb!:Lh. This way you can type your complex password as you normally would and just append your abbreviation for the site you're logging into. This method is a little easier, but it's not impossible for someone to figure out. Ideally you'll want to let your password manager handle your password generation for you, but if that's just not for you then this method is a reasonable alternative.

If at any point you're not sure about your password's security, head on over to How Secure Is My Password? to get an approximation of how long it would take to crack using an average desktop computer. Our example (#Abithiw2itb!) would take about seven billion years, which seems pretty good. If you're satisfied with the password you've derived, you've got your new master password. If you're not, keep trying and checking.

Keep Your Other Information Protected

Your passwords are not the only kind of important information you don't want floating around the internet, and chances are you have a few gadgets you wouldn't want to fall into the wrong hands. Fortunately there are quite a few ways you can

Protecting Your Credit Cards

Keeping Your Mobile Technology Secure

One of our favorite tools is Prey, which is a free tool (for up to three devices) that can help you track and (potentially) recover your stolen laptop or Android smartphone. If you're looking for a solution for your iOS device, Apple now offers find my iPhone for free. If you're not using an iPhone 4, it is still possible to enable the free Find My iPhone, but it'll take a little bit of extra work. Once you get it up and running, you'll be able to remotely locate your iPhone, send it a message, and wipe your personal data. To get started, you can download Find My iPhone in the iTunes App Store. Despite the name, it'll work with any iOS device (but GPS and 3G service certainly help).

That just about wraps it up for guide to online security. With so many options out there, it's hard to cover the entire spectrum. If you feel we've missed something or have some good tips, please share them in the comments. Thanks for reading, and stay safe!

Thursday, December 23, 2010

How to Block a WebsiteHow to Block a Website

There are many reason why you need to know how to block a website. Some of the most common reasons are you have been targeted by spammers who use adware and popups to attack your PC. Other reasons may be to prevent your children from having access to certain site content such as porn and gambling.

Depending on the level of security you wish, learning how to block a website may require a adjustments of your web browser, the use of internet filtering software or editing of your host file. At any rate you can try all methods to see which works best for you.

How to block a Website using Internet Explorer
Internet Explorer version 5 and later offer the ability for heighten security and privacy. You can block a site by following the directions below:
1. Load your Internet explorer
2. Click Tools
3. Click Internet Options
4. Click the Privacy tab
5. Under the Privacy window, Click Sites
6. Type in the site address that you want to Block and Click OK. Remember this technique only blocks on one site at a time. Parental control software will allow you to block multiple sites and categories.

Here are alternate instructions to block a website using Internet Explorer.
Tools ->Internet Options->Security->Restricted sites->Sites->Type in the site address and Click ADD then click OK

How to Restrict a Website using Firefox
Firefox requires an add-on to restrict sites. You can find many good ones at Mozilla.org.

How to block a Website using Google Chrome
1. Open your Chrome Web Browser
2. Click the wrench symbol in he upper right corner.
3. Choose Tools
4. Click Under the Hood tab.
5. Choose Change Proxy Settings.
6. Click Security, click Restricted Sites
7. Double click Sites and add the site you want block

How to Block A Website in All Web Browsers

This action will require you to edit your Host file. Your host file is a computer file used to store information on where to find a node on a computer network. For more a more detailed description. Check out this link Host File Description Link
In Windows XP
1. Click Start->All Programs->Accessories->Command Prompt.
2. Click Command Prompt This will open a DOS command window.
3. Type: notepad C:/Windows/System32/drivers/etc/hosts
4. Locate the line 127.0.0.1 localhost
5. To block the website google.com for example, just add this text under 127.0.0.1 localhost:

127.0.0.1 google.com
127.0.0.1 www.google.com
You can add as many sites any site, However you will need to prefix it with "127.0.0.1".

6. Save the file
Google will now be blocked in all web browser. This is an advanced but easy method on how to blow a website.

How Parents Can Block Certain Websites from Children at Home

WebTitan - Web Filter www.webtitan.com
Complete internet monitoring Download free trial now!

[For non-techie parents who have a computer at home and are worried about their kids safety online.]

A mother recently wrote saying she is very concerned that her young children are spending too much time on websites like Orkut, MySpace and Facebook.
Her worries are not just about children wasting time on the Internet – it’s more about the activities that children are doing on these sites. She is concerned that children could be interacting with complete strangers (or online predators) and even sharing personal information.
And with some news reports saying that criminal activities could have been planned on Orkut, the mother has finally made up her mind to restrict access to Orkut and some other websites on the home computer.
The only problem is that she has absolutely no clue about how to block websites – parental control software like Net Nanny or Norton Internet Security are pretty good but they cost money.
Now before you take this extreme step of blocking website (that is very likely to be opposed by children), try a few things:

Educate your children about the dangers of sharing information online with strangers. Family members should talk in detail about privacy and the web.
Place the computer in the living area of your home from where you can easily see the screen so you’ll have some idea about activities that children are doing on the computer including the websites they are visiting frequently.
Orkut is an open social network – that means you can easily see who’s in the friends’ list of your children and what kind of text notes (or scraps) are they exchanging with each.

Finally, to block websites on your home computer without investing in expensive software, here’s the trick (for Windows PCs):

Step 1: Click the Start button and select Run. Now type the following text in that Run box:
notepad c:\WINDOWS\system32\drivers\etc\hosts

Step 2: You will see a new notepad window on your screen containing some cryptic information. Don’t panic. Just goto the last line of the file, hit the enter key and type the following:
127.0.0.1 orkut.com
127.0.0.1 facebook.com
127.0.0.1 myspace.com

Save the file and exit. That’s it. None of the above sites will now open on your computer.
You can block as many websites as you like with the above technique. If you want to remove the ban later, open the same file as mentioned in Step 1 and delete the above lines.
Pretty simple but remember, our children are also very smart. And there are some popular ways to unblock websites.

Monday, December 13, 2010

Useful commands in linux...

I. Basic Commands

B. Change Directory (cd)

cd /path/to/directory/

C. Listing Files/SubFolders (ls)

ls -alh

(files and subfolders listed with perms in human-readable sizes)

D. Checking Processes

ps -a top -c

(process viewer - Ctrl+C to exit)

ps -auxf

(process list)

E. Start/Stop Services

/etc/init.d/ start|stop|restart|status

("/etc/init.d/httpd stop" stops apache)

F. Check Bean Counters (hard and soft limits, failcounts, etc.)

cat /proc/user_beancounters

II. File System Commands (df & du are (dv)-only commands)

A. Check Total Disk Usage

df

(gives physical disk usage report with % used)

B. List Files/Folders +Sizes (du)

du

(lists all filesizes. This will take some time.)

du -sh

(lists all the subfolders/sizes in a dir)

C. Remove/Delete Files (rm /path/to/filename.htm) -DANGER- always verify

rm -vf

(force-deletes file. Dont run unless you know EXACTLY what you're doing)

rm -vrf

(force deletes folder and all subfolders and files)

To Remove a Directory you can use the following command:

rmdir

D. Copy Files (cp)

cp filename.abc /new/path/filename.abc.123

E. Move Files (mv)

mv filename.abc /new/path/filename.abc.123

F. Create Empty File (touch)

touch filename.123

III. File Permissions and Ownership

A. Change Permissions of files (chmod)

chmod 000 filename.abc

(defaults are usually 755 for folders, 644 for files)
TIP:

1st digit=Owner; 2nd=Group; 3rd=Other
(-rwxrwxwrx = 777, -rwxr-xr-x = 755, -rw-r--r-- = 644, etc.)
7 = Read + Write + Execute
6 = Read + Write
5 = Read + Execute
4 = Read
3 = Write + Execute
2 = Write
1 = Execute
0 = All access denied

B. Change Ownership of files (chmown)

chown user:group filename.abc

(you can see user and group w/ ls -alh)
TIP:

Anytime a user creates a file, the Ownership of the file matches that user. In Plesk, every domain that has hosting has a different user. So if you are copying files from one domain to another, you must remember to change ownership.
IV. Checking Log Files (dv)

Log files can tell you a lot about whats going on on a (dv). You can use the command:
'tail -n 100' before the logfile name to list the last 100 entries of the logfile.

Here are some of the most common:
A. Main Error Log

/var/log/messages

B. Apache Error Log

/var/log/httpd/error_log

(main)

/home/httpd/vhosts/mt-example.com/statistics/logs/error_log

(per-domain) (May also be: /var/www/vhosts on newer dvs)

C. MySQL Logs

/var/log/MySQLd.log

D. Mail Logs

/usr/local/psa/var/log/maillog

NOTE:

Common issues to look out for in log files

* The main error log will not always give you all the information you want for a svc.
* You may see alot of failed SSH and FTP connections, that is generally normal.
* Keep an eye out for MaxClients errors in the Apache logs if a customer is complaining of Apache dying alot. You can check the KB for raising MaxClients settings.
* If a customer does not set up Log Rotation for a domain under Plesk, then Log Files will build up and may take up alot of unneeded space. You can usually delete old log files in Plesk, and change the Log Rotation to Daily instead of by size.
* MailLogs can show you if a customer is spamming, or if mail is coming in or out.
* MySQL Logs should be able to show you general MySQL errors such as bad connections, or corrupted tables. Check the Int. KB for the 'myisamchk -r' repair table command.

V. Advanced Commands

A. Find. You can do alot with find. for now lets find all files over 10MB.

cd /
find / -type f -size +10000k -exec ls -lh {} \; | awk '{ print $5 ": " $9 }' |sort -n

B. Grep. Another handy tool to get specific information

cat file | grep blah

(only lists the information where the word blah is found)

C. Less/More

less filename.abc

(displays the content of a file. arrows to scroll, 'q' to quit.)

more == same thing basically. You can use the '| more' command to scroll through something page or line at a time.

tail -n 1000 /var/log/httpd/error_log | more

VI. Vi is a basic text editor.

Careful what keys you hit while in vi.

vi /path/to/filename.abc

Sunday, December 12, 2010

How to Password Protect a Microsoft Word 2007 Document

Click on the File Button at the top of the page.
Click Save as.
On the Save as Pop-up window, click 'Tools' then scroll down to General options (on the bottom left) and choose a password.
Choose a password for opening a document.
Choose a password for modifying a document.

Wednesday, December 8, 2010

how to install spoonwep / wpa on BT4how to install spoonwep / wpa on BT4

This is a simple tut on how to install spoonwep / wpa on BT4 Final. The   reason I am posting this code is because I looked high and low trying  to  find this and found it in a wierd area by chance!  

Run following code in in Terminal...

cd

mkdir spoon

cd spoon

wget http://www.fileden.com/files/2008/10/11/2138272/spoonwep-wpa-rc3.deb

wget http://download.aircrack-ng.org/archive/aircrack-ng/1.0rc3/aircrack-ng-1.0-rc3.tar.gz

tar xf aircrack-ng-1.0-rc3.tar.gz

cd aircrack-ng-1.0-rc3

make sqlite=true unstable=true

sudo make sqlite=true unstable=true install

cd ..

sudo dpkg -i spoonwep-wpa-rc3.deb

gksudo spoonwep &

 
//To run application. 
spoonwep

Sunday, December 5, 2010

5 In-Built Windows Tools To Speed Up Computer

We have seen lot of softwares for a Windows PC to make it faster with the help tools like CCleaner, etc. There are some corporate users who are not allowed to install anything on their machine due to security reasons. The IT departments do not take good care of their computers either, This post will be highly useful to those users who are in the state of not being able to make their computer faster without any additional software.

The tips covered in this post will be familiar for many, I am sure they are very effective when done regularly (i.e. once every fortnight).

Disk Cleanup

This is probably the oldest trick on the book. Disk clean up significantly reduces disk usage by cleaning up unwanted files. This cleaner took a whopping 4 minutes in my computer to estimate the files that can be cleaned. It isn’t very fast when compared to its counterparts such as CCleaner but it’s surely worth using when you’ve got no choice.

Disk Clean-up has one more tab called ‘More options’ which includes options to uninstall programs that are never used. It also allows you to delete old system restore points which you will no longer need.

Disk Defragmenter

Defragment 300x154 5 In Built Windows Tools To Speed Up Computer

This is another effective way of making your computer faster. Your computer scatters all your data in the Hard disk as you keep using them they become so chaotic that it takes a LONG time to process your request. Defragmenting helps you organize all the data on your Hard disk so that your computer can pick them up easily when required.

Error Checking

errorcheck 5 In Built Windows Tools To Speed Up Computer

Checking your Hard disk for errors makes it more reliable and stable; you can easily get rid of bad sectors and files that always leave behind a footprint.

You can check your disk for errors by going to Computer -> Right Clicking C: / or any drive -> Properties -> ‘Tools’ Tab -> Error checking -> Check now.

Remove Unwanted Programs from Start Up

msconfig 300x204 5 In Built Windows Tools To Speed Up Computer

When you boot your computer you can see a lot of icons on the system tray you haven’t even seen before, if you hover the pointer over them the name of the corresponding program’s name will be revealed. You can use the system configuration utility to remove some of the programs you don’t need, doing this on your computer will help you achieve a faster start-up time.

Instructions: Start -> Run -> type ’msconfig’ -> System Configuration utility will now show up -> ‘start up’ tab -> uncheck the ones you won’t need and hit apply

Use the Task Scheduler

Task Scheduler 300x215 5 In Built Windows Tools To Speed Up Computer

The Task Scheduler is an effective way to regularly schedule and perform all the above tasks.

If you regularly perform the above tasks at least once a month you can be sure that your windows computer performs to it’s full potential.

BackTrack 4 R2 Release VMware Image (2010)

BackTrack 4 R2 Release VMware Image (2010) | 2.4 GB

BackTrack - Offensive Security company released the second respin BackTrack 4, specialized distribution based on Ubuntu, designed primarily for conducting penetration tests.
Description:
Release of BackTrack 4 R2 Nemesis is characterized by the rapid response of the working environment on the user's actions, improved hardware support, enhanced support for wireless cards, a simplified work environment. BackTrack features 4 R2 are the core of Linux 2.6.35.8 with significantly improved stack mac80211; support USB 3.0; superimposed patches of holding the wireless injections, maximum support for wireless attacks, completely redesigned Metasploit; updated page BackTrack Wiki, improved documentation and support.

Download

http://hotfile.com/dl/86170712/882a3a4/BT4R2.part01.rar.html
http://hotfile.com/dl/86170709/65054dc/BT4R2.part02.rar.html
http://hotfile.com/dl/86171411/313e56d/BT4R2.part03.rar.html
http://hotfile.com/dl/86171416/9672601/BT4R2.part04.rar.html
http://hotfile.com/dl/86172034/6013d55/BT4R2.part05.rar.html
http://hotfile.com/dl/86172048/5134ce4/BT4R2.part06.rar.html
http://hotfile.com/dl/86172715/9ec59fc/BT4R2.part07.rar.html
http://hotfile.com/dl/86172716/2402f62/BT4R2.part08.rar.html
http://hotfile.com/dl/86173391/b1ce0e0/BT4R2.part09.rar.html
http://hotfile.com/dl/86173395/1d57e31/BT4R2.part10.rar.html
http://hotfile.com/dl/86174077/9eded69/BT4R2.part11.rar.html
http://hotfile.com/dl/86174086/8e1dd3c/BT4R2.part12.rar.html

http://www.fileserve.com/file/D6R7PDn
http://www.fileserve.com/file/cVpjHQu
http://www.fileserve.com/file/eKhBhfW
http://www.fileserve.com/file/dhR4Drv
http://www.fileserve.com/file/AV9gJRV
http://www.fileserve.com/file/nWsPZnX
http://www.fileserve.com/file/uW2jWnY
http://www.fileserve.com/file/twRHSTa
http://www.fileserve.com/file/nECXGYN
http://www.fileserve.com/file/9ECjYEz
http://www.fileserve.com/file/VNfYDFz
http://www.fileserve.com/file/JJUzKhp

Thursday, December 2, 2010

How start to learn Hacking ???

Ok.....I've got a number of requests from different people asking me where to start from in order to learn hacking. The first thing i always say is that, "You never learn hacking, you build onto it!". As you go on you will realize that it's all about looking at usual things in a new way. It's getting your hands dirty with a couple of programing and tools exploration.

First there is nothing like a hacker's language. All programing languages are good, it's only the portability and know-how level that could limit you. But ofcourse, there are a few things you may want to consider because they top my list.

1. Learn Assembly programing, atleast be able to interpret it.

2. C is a good and powerful language to start with. However, as time goes on you will need to get your hands used to either Python,Perl,PHP or Ruby. You will never regret knowing at least two of them

3. TCP/IP networking

4. Unix shell programing

5. Get your self a copy of BACKTRACK and familiarize yourself with it.

6. Join a hacking forum and be an active member (Just google for the forums. Remote exploit is a good start)

Note:

When you join a forum or IRC chat room please, save yourself not to ask people how to hack because no one will help you. Research first before asking for help. It makes you look like a script kiddie pinging all night! lol

7. Stay focused not to lose hope. Remember, Rome was not built in one day. Do your revisions and keep trying out new things. Falling asleep should be your only limit.

Places to start from:

1. Career Academy | Rootkits, Backdoors, Trojans, Tunnels
http://rapidshare.com/files/266444863/Rootkits__Backdoors__Trojans___Tunnels_-_Der_Jager.rar

2.Certified Ethical Hacker v.6 [4 CD Set]

http://rapidshare.com/files/266052956/RAT.part01.rar

3.Offensive Security 101 - Videos & PDFhttp://thepiratebay.org/torrent/4025361/Offensive_Security_101_-_Videos__amp__PDF

4.Bactrack4 tutorials (Videos)
http://www.offensive-security.com/backtrack-tutorials.php

5. Hacking all trends (videos)
http://www.securitytube.net/

6.Remote Exploit videos
http://forums.remote-exploit.org/backtrack-videos/

This list will be updated over time. So stay on the watch from more updates.