Social Icons

Wednesday, December 26, 2012

DREAM JOB : Cyber Special Agent@FBI

1.    Came across this dream job kind job for a guy like me :-)......i got this from twitter handle @CcureIT

2.   Now this job is meant for US Citizens only...and any Cyber Security guy enthu about being savvy about making a career in cyber security should at least go through what they demand and what they offer....it's worth value addition to self in at least knowing what the best organisations demand in terms of QR for getting a job like this.All the details available at https://www.usajobs.gov/GetJob/ViewDetails/332166500?utm_source=dlvr.it&utm_medium=twitter#TopofPage


India developing own Secure OS to strengthen Cyber Security


1.   India is developing own secure OS to strengthen cyber security.Got this news piece from here.The key points from the news are :

- India's own secure operating system to strengthen cyber security.

- 150 Engineers across the country have already been working on creating an Indian OS for over one year and a half. 

- According to Times of India ,it will be ready in next three years.

- There is no foreign involvement in this project. It is purely build by Indians.

2.   It is indeed heartening to know all this...but whats the point? Does the team of 150 engineers and the vision behind think they are creating a secure and 100% fool proof OS?...The moment it is released...there will be many vulnerabilities that will be gradually known...and then the same cat mouse race will being like with any other OS..so whats the point of starting from scratch?....will it not be wise to securify existing opensource available and invest in something like improving upon existing resources?.....Case in point,the DESI OS....will lag behind in terms of experiences gained by Windows and other OS Communities who have been in the game for years...........who have been improving daily for so many years!!!like Fedora...Ubuntu...they have been improving for last so many years to reach a level like as on date available to us....

3.  Although it is a veri good thought to have a desi OS....but I sincerely feel that we are slightly late in realizing the need of a desi OS...

Saturday, December 22, 2012

MALWARE via SUDOKU via EXCEL SHEET


1.  Sudoku is good for you brain....but it may compromise your PC if you have downloaded one of the excel files with embedded malicious script inside that offers you to play the subject game. Peter Szabo from SophosLabs has identified a piece of malware that resides behind a Microsoft Excel-based Sudoku generator. The Malware developed in Visual Basic requires macros, a scripting language that allows users to create equations based on values in different columns and rows. Microsoft – Malware behind Microsoft Excel-based Sudoku generator.

CLICK TO ENLARGE


2.   Although by default the macros are disabled in any Microsoft Office application....but any one who downloads the excel file would eventually enable the macros that run the script to play the game...so he can keep playing the game while the script in the background sets up the malware and establishes contact with its master bot.....so like always the updated Antivirus on the system will keep sitting without catching up anything.....so comes the importance of packet analyzers like Wireshark....ethreal etc...but then it becomes slight technical which in most cases would be out of purview for a common user.

Friday, December 21, 2012

MSE : Loosing Shine

1.   Since last few years any one who asked me on recommending a Antivirus for his/her PC...I would always say if you have a original Windows...then leave your worries to MSE...thats Microsoft Security Essentials ie MS's own antivirus or may be I would recommend Kaspersky PURE in few other cases who were not happy with MSE.

2.  I had been using MSE for my own system as well...and I found it worked pretty fine...light on use and had no major compatibility and configuring issues since it worked mostly in the background.But there has been some decline in recent time and efforts by Microsoft in keeping with the pace of the hackers and cyber criminals!!!

3. The AV-TEST Institute,the leading international and independent service provider in the fields of IT security and anti-virus research.It uses state-of-the-art methods and research work to carry out AV-TESTs to  directly detect the latest malware, to analyse it  and to inform web site visitors top-quality results obtained.So the latest results showed MSE being given 1.5 out of 5 maximum ratings.The screen shot from the link http://www.av-test.org/en/tests/home-user/windows-7/sepoct-2012/ is shown below :

Click on image to Enlarge

4.   And to me, that's a huge concern considering how Windows 8 itself draws on a lot of MSE for its own in-built security....:-)

How to find windows product key : Product Key Decryptor


1.   Have you ever found yourself in a position when a genuine Windows OS key is required!!!!This tool will be useful if you have ever lost your product CD Key or you have to reinstall the product again.The nae of the product is Product Key Decryptor that's a  FREE software to instantly recover License Keys of popular Windows products.The supported list of software's of which the keys can be extracted is shown below :


Microsoft Windows NT
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows 8
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office 2010
Visual Studio 2005
Visual Studio 2008
Visual Studio 2010
Visual Studio 2012
Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Internet Explorer 10
VMWare Workstation 6.x
VMWare Workstation 7.x
VMWare Workstation 8.x
VMWare Workstation 9.x

2.    It automatically detects and decrypts the license/CD key of all the supported products from your system. Currently it can recover License key of few popular products including Windows Operating System, Microsoft Office, Visual Studio, Internet Explorer, VMWare Worktation. The best thing about this is FREE...now though nothing is free in this world...it may be having its own repercussions in the background
 :-) Here are the main features & benefits: 

-  Instantly decrypt and recover license/CD keys of popular Products
-  Simple & elegant GUI interface makes it easy to use.
-  Right click context menu to quickly copy the Product License Key
-  Sort feature to arrange the displayed passwords
-  Backup the the recovered Product Keys to HTML/XML/TEXT file.
-  Integrated Installer for assisting you in local Installation & Uninstallation.

3.  The product can be downloaded at http://securityxploded.com/product-key-decryptor.php


How to Format a USB drive with FAT32 file system: FEDORA 17/LINUX

1.   The ease of formatting that the regular windows user is used involves a simple right click on the drive and clicking format.But for a linux user the scene is a little different involving a set of commands.Shown here with screen shots.The commands used are :

- df -h
- fdisk -l
- umount /run/media/duqu/?????***(ur mount name)
- mkdosfs -F 32 -I /dev/sdc1

(CLICK ON THE IMAGE TO ENLARGE)

(CLICK ON THE IMAGE TO ENLARGE)

(CLICK ON THE IMAGE TO ENLARGE)

Need of Encryption : Your files - Your Data


1.   In today's times when every spying eye,every hacker on the web is eyeing your info.... apart from hardening your OS and configuring your system securely what else can you do to secure your info after some one gate crashes into your system?.....I mean after someone gets your root privileges via remote access...what are the options to save your self from sharing your critical data with him?The answer is ENCRYPTION...

2.   Encryption is the process of encoding your information) in such a way that hackers cannot read it, but that authorized parties can.So without getting into the nitty gritties of what is Encryption and how it works..i am focusing here of what all opensource and free applications are available for encryption...

3.   First I would mention about TrueCrypt,this is the one I have been using for years...the reliability of this application can be gauged from the fact that in 2008, the FBI attempted to break encryption on hard drives using a program called TrueCrypt, but the equipment was finally returned after a year of failed tries.(Source : http://www.webcitation.org/query?url=g1.globo.com/English/noticia/2010/06/not-even-fbi-can-de-crypt-files-daniel-dantas.html)

4.   The other strong opensource software's available for encryption are :

    - E4M ie ENCRYPTION for MASSES)
    - Free OTFE
    - Scramdisk

5.   TrueCrypt remains the best bet for all present users.The popularity can be gauged from another fact that this is being used by cyber criminals to!!

Thursday, December 20, 2012

TrueCaller : Is it Stealing your Info?

1.    TrueCaller is one famous application doing the rounds on Twitter Google+ Facebook Android Phones.The claim by the application goes like you login from either of the applications and you would be able to know the name of the mobile phone number owner by name.The claim actually stands right in over 90 % of the cases that I tried.This made me wonder how?...i thought like all those free forms that we keep regularly filling on the internet or some grocery shop for some free bundles or if TrueCaller has tied up with the mobile phone service providers?But then something happened that made me a little suspicious about this app.It so happened that I tried my mom's number on the application and so came the answer like "TIWARI MAM"....this made me think of how would the application know that my mom is a teacher...

2.   So I wondered if the application after installation on your mobile device actually makes all the contacts phone number available on the site with the name that I have typed against that number!!!So I tried mine which was not available, by the name "anupam CCCSP"



3.  Though it did not show promptly but after a day after I typed my phone number it came to be seen as "anupam CCCSP".So this actually means that the application is actually stealing and making my contacts info on my phone public!!!!...but then I also realized that it was me only who agreed to the terms and conditions while installing the app on my phone which most of us including me never read.

4.   So it comes actually to the naiveness of the common user who invariably without reading any of the terms and conditions agrees to install.....:-) 

Thursday, December 13, 2012

FACEBOOK : The New Playground @ Dangerous

1.    It does not date back long in the past time corridors when I as a kid used to go to play grounds in the evening to play with my friends...meet them....fight with them...abuse them...get abused and then get back home for studies and prepare for next days school work and the cycle repeated every day...week and months.But what happens today with a typical metro kid....a school child in the bracket age of 10+ goes to Facebook to play with friends...he meets them.....abuses them at times...gets abused on the wall or vide posts.So more or less....things stand at the same place ,only the grounds have changed.First it was the actual play grounds and now it is all getting virtual.....blame it on lack of infrastructure with concrete eating much of space in metro's or lack of parental monitoring owing to their ultra busy lives.....for the new era generation...social networking sites like Facebook is the new PLAYGROUND.....the virtual one for a change!!!!


2.    So the rules remain the same....ie we have our social circle like we used to have in past...we meet vide post and comments...we like each other for something and dislike each other for some thing...here we cannot shake hands and hug each other but yess we can take grudges out of each other via so many means like hacking....cyber bullying...post hatred... cyber stalk...mobbing...sexting,internet trolling etc...the list is actually endless and the related terminology is on a phenomenal increase.So a typical new gen kid for whom Facebook kind social networking sites are the new playground to play....the proneness to the bad elements in the society remains actually higher then in past....for here it is just a matter of few compromised screenshots...hacked passwords and the kid is on way to become a victim...

3.   The recent case of Amanda Todd is indeed beginning of such sad but many in line expected incidents waiting to happen....today we may allow our kids to have a Facebook account or some social networking website account but without effectively monitoring the kid remains as prone as Amanda Todd.For this to happen the parent have to have basic IT IQ quotient to monitor to avoid any such incident.Like past when a child could be left at home assuming safe..it does not remain the same today....he has access to smartphones....he has access to tablets...internet via so many means.Even basic forensic knowledge possessed by the parents is bound to fail if the same is happening in Cloud rather then on the machine at home...

4.   Its time for the parents to equip themselves with the tools and knowledge required to monitor and watch the kids...also realizing that today's kids are more smarter in terms of grabbing the technology then ever....if you have reached reading till here...u must read the complete story here

TRUE CRYPT IN FEDORA 17: INSTALLATION

1.   The earlier version of Fedora had some token issues to deal with while installing True Crypt but not with this Fedora 17 Beefy Miracle.

2.   Few commands to be run from root after downloading the requisite version from the True Crypt site go as follows :

tar xvf truecrypt-7.1a-linux-x86.tar.gz 

yum install nss-pkcs11-devel fuse-devel wxGTK wxGTK-devel

yum load-transaction /tmp/yum_save_tx.2012-12-13.14-20.laXbNn.yumtx

yum install gnome-keyring-devel gcc-c++

export PKCS11_INC=/usr/include/gp11

./truecrypt-7.1a-setup-x86 

3.   Well if there are some token issues like shown below : 

../Common/SecurityToken.cpp:660: error: ‘CKR_NEW_PIN_MODE’ was not declared in this scope
../Common/SecurityToken.cpp:661: error: ‘CKR_NEXT_OTP’ was not declared in this scope

then you need to Open Common/SecurityToken.cpp in any editor and Scroll to line 660 and simply Comment out line 660 and 661. It should look like this after you edit:

//TC_TOKEN_ERR (CKR_NEW_PIN_MODE)
//TC_TOKEN_ERR (CKR_NEXT_OTP)

Wednesday, December 12, 2012

SMART TVs : OUTSMARTED & HACKED



1.   In the land of Hacking,no one can be spared.We all keep hearing about how websites have been hacked,how smartphones are getting out smarted by various exploits in recent times.Now comes something new ,that makes smart TV owners prone .Yess!!all the proud owners of Smart TVs(SAMSUNG LEDs specifically)...can start checking if they are the lucky ones to get bitten here..this one is all about SMART TVs getting HACKED...So now on all the data that is available in their respective HDDs connected vide the USB is vulnerable to be accessed by undesired third party.So now it is not just that you watch the TV....its time for the TV to watch you.Few valuable briefs given out here :

- The Vulnerability exposed in all Samsung's Smart LED TV Software.

- This Vulnerability allows remote attackers to swipe data.

- ReVuln,a Malta-based security firm claims to have discovered this vulnerability.

- Remains a zero-day vulnerability as on date.

- A demo video by ReVuln shows how a "vulnerability for such devices can be used to retrieve sensitive information, monitor and root the device.Click on the video below to have a glimpse of how the vulnerability is exploitable.


2.   I am sure whatever efforts are made by the typical user as on date,he remains vulnerable round the clock in all the fields.How can a normal user who is not so tech savvy be aware of securing his PC,his Laptop,his smartphone,his TV,his external HDD with his personal data without encryption,his pendrives and the list is actually endless.He simply remains one of the choices by any hacker..if he is chosen he is gone...or he can remain lucky ..but how long can anyone remain lucky? The hackers community is growing at a pace which is pretty fast owing to the lure of what else but DOLLARs and more DOLLARs.With "Crimeware as a Service" readily available as a service at the click, NO ONE IS SECURE.It will actually take years to stabilize the current security environment from perspective of a typical user as he understands that giving an equal importance to his IT assets security is more important then locking his house as he leaves for work.

Tuesday, December 11, 2012

Ubuntu 12.10 @ SPYING

1.   What happens when someone you trust eyes closed,some you promote amongst ur friends is labeled a SPYWARE...or a Spying agent... that's what was felt by millions of UBUNTU followers and fans.I read about this two days back at ZDNET. The news doing the rounds goes like this :


Richard M. Stallman,creator of the Gnu General Public License (GPL) and the Free Software Foundation has announced that as far as he's concerned, Ubuntu contains spyware and that Linux supporters should shun Ubuntu for spying.

Specifically, Richard M. Stallman hates that Ubuntu 12.10 incorporated Amazon search into its default search function. So, if you searched for say "CISSP." you'd get results from both your PC and Amazon. When it was introduced, Mark Shuttleworth, founder of Ubuntu, defended this change by saying Ubuntu wasn't going to incorporate ads into the operating system, which Microsoft has done with Windows 8, and that no personalized data would be sent to Amazon.

2.   You need to re-read this yellow highlighted text above to exactly understand what goes on behind the scenes when you actually search for some string in your PC operating on UBUNTU connected to Internet.After the millions of immediate disapproves by the user community,it was announced by UBUNTU that now on Users of the upcoming Ubuntu 12.10 will be able to turn off a controversial 'shopping lens' feature that displays Amazon-stocked products when the user performs a unified local and online search....so the spying becomes optional....:-)

3.   What can be the need of a responsible OS community like UBUNTU to get into all this....if its my view it is not intentional for the purpose of spying.....but it could have been designed in the name of giving the user better results and experience!!!!!Jono Bacon, Canonical's community manager flatly states, "This is FUD" ie "Fear, Uncertainty and Doubt (FUD)...now yess!!so it seems to be....

4.   All said and done..UBUNTU is doing a wonderful job and provisioning one of the best OS free editions for users like us who wish not to pay to WINDOWS and believe in FREE SOFTWAREs :-)



Thursday, December 06, 2012

CYBER SECURITY COURSES IN INDIA


1. Most of the guys interested in cyber security keep looking and searching for Cyber Security Courses on the web and that included me too till some time back.So though I started like any body would do ie google and Bing around the web....so I found out so many courses being offered by so many unknown unheard institutions....but the best of what are accredited to some university and of some good valuable repute here in India are discussed in brief down along with the links.You can click on the course and u will be taken to the respective site for full details :


CDAC : Offers the following courses vide elearn :

C-DAC's Course On Cyber Security [CCCS] at http://elearn.cdac.in/eSikshak/help/English/eSikshak/cccs.htm

C-DAC Certified Cyber Security Professional ( CCCSP ) at http://elearn.cdac.in/eSikshak/help/English/eSikshak/CCCSP.html

Being from CDAC,these courses are valid in all govt organisations and public sectors.

GUJRAT FORENSIC SCIENCES UNIVERSITY AT http://www.gfsu.edu.in/institute_of_forensic_science.php offers following courses online :

GFSU CERTIFIED CYBER CRIME INVESTIGATOR
GFSU CERTIFIED CELLPHONE FORENSIC PROFESSIONAL
GFSU CERTIFIED COMPUTER FORENSIC EXPERT
GFSU CERTIFIED CYBER SECURITY EXPERT
PG CERTIFICATE DIPLOMA IN CYBER LAW
PG CERTIFICATE DIPLOMA IN IPR

Details about the courses offered at http://www.gfsu.edu.in/pdf/online_certificate_course.pdf

ASCL(ASIAN SCHOOL OF CYBER LAWS) : The Website is at http://www.asianlaws.org/ .The following courses are offered in cyber domain including security :

Advanced Executive Program in Cyber Security AT http://www.asianlaws.org/cyber_security.php#.UMC5Zn_SFI0

Advanced Executive Program in Cyber Security, Audit & Compliance AT http://www.asianlaws.org/csac.php#.UMC5mX_SFI0

DIPLOMA IN CYBER LAW AT http://www.asianlaws.org/glc.php#.UMC353_SFI0

DIPLOMA IN CYBER LAW(INTERNATIONAL) AT http://www.asianlaws.org/dcl.php#.UMC4Cn_SFI0

PG IN CYBER LAW AT http://www.asianlaws.org/pgpcl.php#.UMC4LX_SFI0

CYBER LAW FOR POLICE OFFICERS AT http://www.asianlaws.org/police.php#.UMC4TX_SFI0

PG Program in Cyber Crime Prosecution & Defence AT http://www.asianlaws.org/ccpd.php#.UMC4fH_SFI0

Advanced Program in International Cyber Laws AT http://www.asianlaws.org/icl.php#.UMC4p3_SFI0

ASCL Certified Cyber Crime Investigator AT http://www.asianlaws.org/cci.php#.UMC4xn_SFI0

ASCL Certified Digital Evidence Analyst AT http://www.asianlaws.org/dea.php#.UMC46n_SFI0

ASCL Certified Digital Forensic Investigator AT http://www.asianlaws.org/dfi.php#.UMC5JH_SFI2

Advanced Executive Program in IT Act Audit & Compliance AT http://www.asianlaws.org/audit.php#.UMC5RH_SFI0

DATA64 website at http://www.data64.in/index.php#.UMC54X_SFI0 offers a range of courses similar to ASCL as mentioned above.

IMT,GHAZIABAD.Details at http://www.imtcdl.ac.in/. The following courses are offered in cyber domain including security :

ONE YEAR PG DIPLOMA IN CYBER SECURITY at http://www.imtcdl.ac.in/opgdcs_about.htm

TWO YEAR MS IN CYBER LAW & SECURITY at http://www.imtcdl.ac.in/mscs_about.htm

IGNOU OFFERS Post Graduate Diploma in Information Security (PGDIS) at http://www.ignou.ac.in/ignou/aboutignou/school/sovet/programmes/detail/428/2

ANKIT FADIA Certified Ethical Hacker (AFCEH) AT http://www.ankitfadia.in/afceh.html

1 Gigabit Per Second : The dream comes to Kochi,INDIA

1.    Are you happy surfing Internet speeds at 2 Mbps and around....and have you read about speeds of 1Gbps in future.....if yesss....its time to realize that this future that we keep reading and dreaming about has reached us...ie our desktops!!!....

2.  Astonishing as any one may find that when I read about the 1 Gigabit per second connectivity made available to the people of Kansas City in the US of A, I never imagined that the same day around it will be some where offered in India too...and where else but KOCHI..........


3.  Startup Village at Kochi joined the 1 Gig speed club by becoming the second place in the world to experience lightning fast 1Gbps internet connection. Chief Minister Shri Oommen Chandy formally introduced the facility on November 17.Guys in the state of Kerala can now make the most of upload speeds that are 1000 times that of Broadband and download speeds 100 times as fast.This is a wow moment for the Kochi residents....upload and download tons in minutes and seconds :-)

4.    Congrats Kochi guys!!!!!

Wednesday, December 05, 2012

How to find if Python is installed in Linux ?

I was recently playing with Matriux Krypton tool chaosmap....but was unable to use this tool for some error that kept popping up...so I though if at all the PYTHON is installed or not?......the way to check this is to go to the terminal and write :

python -V

and u should see like  : Python 2.6.6


                                         (click on the image to enlarge)






The power of ALGORITHMS : Writing Articles/Reports/News!!!

1.  We all are pretty aware that whatever works on the net ,cyberspace web,applications is all backed by many codes and algos running in the background..,,it is these algorithms and codes that actually decide how things happen at the front end ie the user interface.Designed by coders and programmers these algorithms perform herculean tasks in all our routine IT activities...now for all those of us who work in offices and corporate ....we generally keep coming across compiling and analysing reports on various aspects ,be it the views...the summary...the monthly/quarterly feedback... the main article for some journal....or some regular feed etc.So now making these reports and feedbacks etc actually requires manual intervention...and the quality of these reports are proportional to the amount of quality work man hours that have gone into making it....but what if these manual intervention is replaced by intelligent algorithms...ie the reports being compiled are made out of algorithms???

2.   This is what has happened at Narrative Science,a company that trains computers to write news stories...yes you heard it write!!! "Trains computers to write News Stories".The first story that I read about this is available here.The brief points from this story goes like these :

     -  Every 30 seconds or so, the algorithmic bull pen of Narrative Science, a 30-person company occupying a large room on the fringes of the Chicago Loop, extrudes a story whose very byline is a question of philosophical inquiry.

  - Kristian Hammond is the CTO and co-founder of Narrative Science.According to Hammond, these stories are only the first step toward what will eventually become a news universe dominated by computer-generated stories....(amazing amazing future!!!!:-)

   - If one wishes to know the percentage of news that would be written by computers in 15 years.......according to Hammond is going to be more then 90%

3.   So guys the above example is for the news world...where else we can think? Can it compile Intelligence reports for the FBI and our CID based on inputs from so many sources....Off course this is being handled manually as on date....but imagining a intel report compiled by a algorithm is a serious contender for making a permanent place in such agencies.Well...this is one imagination...how about demographic repots...election reports...infact the list is endless.....

4.    Thanks http://www.wired.com

Wednesday, November 28, 2012

ESSPEE : eth0 issue in Installation

1.   First thing first ...what's ESSPEE.So friends who are aware of whats Backtrack R3....ESSPEE is a derivative of BackTrack 5, based on Ubuntu 12.04. Designed for users who wish to use only free software. It is packed with featured security tools with stable configurations....and now for those of you who wish to know the expanded form of ESSPEE ...its EXTREME SECURITY SCANNING PENETRATION TESTING & EXPLOITATION ENVIRONMENT.....:-)

2.   So after downloading this from  here...and after installing I came across a small issue of eth0 NIC not being detected unlike regularly where it gets detected automatically vide a DHCP config.So the answer is a small tweak that is required while selecting the Mac address of the eth0 as shown in the screen shot below :

(Click on the image to ENLARGE)

3.    That's it....and now ur internet will be on with network adapter configured to NAT....


Saturday, November 24, 2012

Detecting a MALICIOUS PDF:PDFid @ BACKTRACK 5 R3


1.    Adobe, who gave us the the ever comfortable PDF..thats the "Portable Document Format" in the early 1990's never thought like how this can become a security threat by the simple action of opening it only....yess!!!this post will give a small insight of how things really work behind the scene in execution of a malicious PDF....

2.  So first of all...how a PDF becomes a malicious document?The answer to this question is simple embedding of a JAVA SCRIPT, that is not seen but only executed once a PDF is opened....no antivirus will be able to identify of what malicious thing lies behind a normal PDF that u and me use daily...so if u scan a malicious PDF with your Antivirus,it is veri unlikely to be caught....how do we know then whether a PDF is malicious or not?...thats what this post shows here....I came across a tool known as PDFid in the BACKTRACK R3 that I was running in Virtual Box.

3.   Few lines about the tool....this was developed by Didier Stevens who blogs at http://blog.didierstevens.com/.So this helps us to differentiate between PDF Documents that could be malicious and those that are unlikely to be....The tool is based on the fact that that a  typical PDF File comprises of header, objects, cross-reference table (to locate objects), and trailer.So , if there is a tool that can find out if any one of them is available in this PDF...things can become easier...so like for example...if a PDF that has no purpose of embedding or holding a JS inside it,then a eye brow raise is certain as to why should it be there....so PDFid tool comes to rescue us out of this question...First the typical structure of a PDF with its one line explanation is given below :

“/OpenAction” and “/AA” (Additional Action) specifies the script or action to run automatically.

 “/Names”, “/AcroForm”, “/Action” can also specify and launch scripts or actions.

“/JavaScript” specifies JavaScript to run.

 “/GoTo*” changes the view to a specified destination within the PDF or in another PDF file.

 “/Launch” launches a program or opens a document.

“/URI” accesses a resource by its URL.

“/SubmitForm” and “/GoToR” can send data to URL.

“/RichMedia” can be used to embed Flash in PDF.

“/ObjStm” can hide objects inside an Object Stream.

4. So now I have set up a VB machine running BTR3 that would run this tool and find out if the PDF that I have analyzed is malicious or not? These are the screen shots showing a step by step scene of how u do it....


(Click on the Image to ENLARGE)

(Click on the Image to ENLARGE)

(Click on the Image to ENLARGE)

(Click on the Image to ENLARGE)

5.   So the last screen shows the final result...for those of you who find this little complicated I will upload a video cast of this soon....

Monday, November 19, 2012

Thursday, November 15, 2012

McAfee : Runs on Windows/Linux and from Police

1.    Strange is the heading and so is the story....according to the news doing the rounds in cyber space.Anti-virus software pioneer John McAfee says he is moving every four hours to avoid Belizean police who wants to question him about the murder of his neighbor, a fellow American....how true or untrue is this ...m no one to comment....but being an ardent McAfee user for long on my various VMs....I would like to wish him the best.....more on the story that I read from is available here.....

Wednesday, November 14, 2012

Otome 3D : World’s first 3D-Printing Photo Booth

1.    At one of my earlier posts about 3D Printers about 4 months back,I had discussed about the phenomenal world of 3D Printers....the vast applications envisaged and what not...it is left to imagination of how do we use this technology....but then I could not find any commercially available products available to comman men.....but here we are....a company Harajaku in Japan will house the world’s first 3D-printing photo Booth by Otome 3D. This can ensure that you have your very own Madam Tussad-esque replica, up to 20cm, of yourself. The process involves scanning of entire bodies of subjects for about 15 minutes, after which, you are reproduced in material, to much awe and astonishment. More details about this at here

Sunday, November 11, 2012

FEDORA 17 & VIRTUAL BOX : Virtualbox Installs but won't load

1.   This particular problem kept me busy the whole day....and in fact I reached a point of frustration that I should switch back to Ubuntu that I was earlier using.......so the problem goes like when I install virtual box via the rps and yum commands ...I used to invariably get some odd message that mostly included the following :


Kernel driver not installed (rc=-1908)

The VirtualBox Linux kernel driver (vboxdrv) is either not loaded or there is a permission problem with /dev/vboxdrv. Please reinstall the kernel module by executing

'/etc/init.d/vboxdrv setup'

2.    I would not actually lie about it...but i checked about so many forums that gave relatively the same solutions that you would have mostly found out by now...but to no avail...so the two command simple solution that would make you VB run like a horse without any issues goes like this :


yum install dkms binutils gcc make patch libgomp glibc-headers glibc-devel kernel-headers kernel-PAE-devel

/etc/init.d/vboxdrv setup

offcourse you have to run this as a su -

3.   Do let me know if u r stuck on this again...the sets of commands that I run since morning as root are produced below for info only.BUt I am sure the commands above would solve your problem.

   21  wget http://download.virtualbox.org/virtualbox/rpm/fedora/virtualbox.repo
   22  yum update
   23  rpm -qa kernel |sort |tail -n 1
   24  uname -r
   25  reboot
   26  rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
   27  pwd
   28  cd /etc/init.d/
   29  ls
   30  cd vboxdrv
   31  /etc/init.d/vboxdrv setup
   32  cd /var/log/
   33  more vbox-install.log 
   34  cd /etc/yum.repos.d/
   35  wget http://download.virtualbox.org/virtualbox/rpm/fedora/virtualbox.repo
   36  yum update
   37  yum install binutils qt gcc make patch libgomp glibc-headers glibc-devel kernel-headers kernel-devel      
   dkms   
   38  yum install VirtualBox-4.2                                                                                  
   39  virtualbox                                                                                                  
   40  KERN_DIR=/usr/src/kernels/2.6.18-194.11.1.el5-x86_64                                                        
   41  export KERN_DIR                                                                                             
   42  yum update virtualbox-4.2                                                                                   
   43  aptitude update                                                                                             
   44  yum install dkms gcc                                                                                        
   45  yum install kernel-headers kernel-devel                                                                     
   46  /etc/init.d/vboxdrv setup                                                                                   
   47  more /var/log/vbox-install.log                                                                                                                                                                    
   49  wget http://download.virtualbox.org/virtualbox/rpm/fedora/virtualbox.repo                                   
   50  uname -r                                                                                                                                                                             
   53  rpm -qa kernel |sort |tail -n 1                                                                             
   54  uname -r
   55  service vboxdrv setup
   56  uname -r
   57  KERN_DIR=/usr/src/kernels/3.6.6-1.fc17.i686.PAE
   58  export KERN_DIR
   59  virtualbox
   60  usermod -a -G vboxusers duqu
   61  virtualbox
   62  apt-get install dkms
   63  wget install dkms
   64  uname -r
   65  rpm -q kernel-devel
   66  uname -r
   67  virtualbox
   68  /etc/init.d/vboxdrv setup
   69  more /var/log/vbox-install.log
   70  KERN_DIR=/usr/src/kernels/3.6.6-1.fc17.i686.PAE
   71  export KERN_DIR
   72  virtualbox
   73  /etc/init.d/vboxdrv setup
   74  uname -r
   75  yum install kernel-headers-3.6.6-1.fc17.i686.PAE
   76  exit
   77  yum install kernel-headers gcc
   78  /etc/init.d/vboxdrv setup
   79  exit
   81  yum install dkms binutils gcc make patch libgomp glibc-headers glibc-devel kernel-headers kernel-   
   PAE-devel
   82  /etc/init.d/vboxdrv setup


Saturday, October 27, 2012

Do all ANTIVIRUS companies research independently ?


1.   Ever wondered how a Antivirus signature is made? Not so difficult actually....the answer goes like you detect a virus and then make a anti dote for that and subsequently release it as a signature.But as you think at a slightly larger level...i mean signatures being released by various antivirus companies for the same virus.Does each antivirus company re invent the wheel for each virus every time a new virus is detected..... Do they actually work differently to first find and then create a signature separately....Are all the viruses/malware's created by various hackers and agencies detected independently by all these antivirus companies?I doubt...!!!!But if my doubt is incorrect, then it is a SAD issue.....Because with the speed of population explosion of these various malware's and viruses....there can not be so many separate fighters and if there is one way to fight this gigantic threat...these all antivirus companies have to fight together...We should indeed realize that the threat is not individually existing to you and me but it exists to US...ie not United States...but you and me together ie ALL OF US....:-)

2.  But fighting together will not be so easy as the Economics of this War will defy competition ...so is there a need of funding at national level or at cross country level?Will it one day become a UN issue....ha ha ha!...like poverty..food scarcity and other issues being undertaken by UN,will there be a day when UN funds these antivirus companies because global dependency on IT is increasing and so are all vulnerable to so many threats.....:-)

3.   The earlier this is made a common issue...the more safer will the world become in future...because this threat is common to world...so should be the solution...

Friday, October 19, 2012

New Ubuntu AD takes on WINDOWS 8 :-)

Nothing to EXPLAIN here...one popular ad doing the rounds ti promote opensource UBUNTU..although not at the original Ubuntu Home page!!!!This comes just a week before Windows 8 Release..........

New Generation Biometrics : YOUR EYE MOVEMENTS ARE UNIQUE


1.   New generation Biometric Techniques have always raised appreciating eyebrows across.Like when I discussed about EARS SPEAKING at http://anupriti.blogspot.in/2010/01/ when-ears-speak.html.Although there are so many unheard unique and being used biometric in the offering this is certainly that I read on simply on curiosity.The complete post is at http://www.techgig.com/tech-news/editors-pick/Soon-eye-movements-can-be-your-new-password-15633.


2.   Now in brief goes like this :

-   This biometric system identifies people by the way they flicker their eyes while looking at a computer screen. 

-   Discovered and innovated by Oleg Komogortsev, a computer scientist at Texas State University-San Marco, is making use of the fact that no two people look at the world in the same way . When looking at a picture, different people will move their eyes among points of interest in different sequences.

-   Even if two people trace the same paths, the exact way they move their eyes differs, the 'LiveScience' reported. 

-   Eye movements could become part of the next generation of a more established biometric iris scans.

Is your ANTIVIRUS spying you ?


1.    Now as the Cyber Crime grows exponentially,so has the world of antivirus companies....the list is pretty endless....now how do all these antivirus companies work.Do they all research separately and develop separate signatures for each virus/malware found or do they have such common platform or standard wherein they share each others views and technologies.As I see on Wiki about the list of antivirus companies,they originate in different countries.Details of the page showing a compare of all such antivirus companies can be seen here.Well....what I am going to discuss here is importance of the country origin.

2.  Lets say I have antivirus company by the name of ABC that has its origin and complete team of researchers and developers from India.Now there is a user in some XYZ Country that uses this antivirus.Now while installing the antivirus,while he accepts the terms and conditions(who reads it anyway?),who stops the ABC antivirus from issuing some malware/spyware for that user PC.In the scan it can not be detected since it is being scanned by the installed antivirus.Now with some vested interest, the ABC Company can actually play havoc with confidential info of the user without giving a cue to the user.Who knows what all signatures released by the company contain? Even while submitting a sample virus,it is done mostly in a encrypted or a bundled form!!!!

3. Although institutes like EICAR (European Institute for Computer Antivirus Research) are there,but they also do not have any control over such issues!!!!If any one  has some idea on the subject ...please let me know vide email or comment here.....

Thursday, October 18, 2012

Hacking a HEART : Lover's Dream vs Hacker's BEAT IT!!!


1.    I think this is yet to come even on screen...but has unfortunately happened in real life.So we have all heard of Pacemakers that keep connected to internet to provision live feed of diagnostic parameters to their doctors mobile phone!!!smart....veri smart.....so those of you who read this for the first time....the cardiac pacemaker's based on internet call essential parameters to assist in diagnosis and fine-tuning.The patient's data is sent automatically on a daily basis to their cardiologist. This greatly simplifies patient care and can improve quality of life significantly..but now read on whats the worry about.One top google search led me to this vendor St. Jude Medical.Details of such selling pacemakers at this site.


2.     So hacking a heart has been a lover's dream for ages....but in this age it can be hacked and controlled in all means.I read this article by Nick Barron at http://www.scmagazineuk.com and another one by GREGORY FERENSTEIN at http://techcrunch.com.

At a recent developer conference, a pacemaker was wirelessly hacked to send deadly 830 volt shocks. Even worse, it would be “100 percent possible” that virus could spread to other devices in a wave of “mass murder”.The demonstration showed how to rewrite the devices onboard software (firmware). 

3.   So now what?.....this means that all those light hearted guys who are surviving on such internet based pace makers for actually facilitating live feed to their respective doctors now also need to worry about eating Antivirus Tablets and wearing Firewall Clothes!!!!uuh!!!!Although the recipe bought out here 
makes a perfect movie story but is actually a pretty worrisome worry!!!

4.    The image shown above is for reference only for the readers to see how actually a internet based pacemaker looks like.Case in point hacking of the device has got no link to the company and any of its product.

Internet Freedom : ULTRASURF

1.     While I have earlier talked about TOR,Anonymous OS etc and maintaining privacy on Internet...likewise there is no dearth of such options on the net.Another hugely respected :-) and proven software is ULTRASURF.This software is available at http://ultrasurf.us/ offcourse as a free download. :-).
 
2.   This was originally created to help internet users in China find security and freedom online and has subsequently grown to become one of the world's most popular anti-censorship, pro-privacy software, with millions of people using it to bypass internet censorship and protect their online privacy.

3.    Among other features,few as I felt important are jotted below :

- Protect your privacy online with anonymous surfing and browsing.
 
-  Hides your IP address,clears browsing history, cookies,and more.

-  Using industry standard, strong end-to-end encryption to protect  data transfer from being seen by third parties.

-  Bypasses internet censorship to browse the internet freely.

- Only supports Windows OS.

- Works with IE like TOR with Mozilla.

-  One interesting thing is that the company keeps logs bare minimum information for anti blocking purposes. They  keep your logs for maximum of 30 days to comply by the exisiting law protocols of the hosting country.

4.  More at   http://ultrasurf.us/

Tuesday, October 16, 2012

Operation b70 : Microsoft Disrupts the Emerging Nitol Botnet Being Spread through an Unsecure Supply Chain

In continuation with the last post, here is more from Microsoft.Please go through this brave but honest confession from Microsoft.......ummmm!!!!I would not say confession but actually Microsoft's attempt to save millions of innocent users...must read for info at

http://blogs.technet.com/b/microsoft_blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx

Operation b70 : New OS from Mall comes preloaded with Malware


1.   For last few years since Cyber Crime has been making news,it has been always discussed that all free stuff on internet comes preloaded with some kind of malware or spyware or some kindda ware!!!Here's about a one month old news worth a share that defies this logic....it actually says that Malware comes inbuilt to the OS from the mall showroom from u where u made the purchase!!!!!!!!

"Microsoft’s Digital Crime Unit (DCU) has recently made this astonishing announcement.DCU conducted a study to get a sense of how much of the counterfeit software available is preloaded with malware.  Microsoft researchers purchased 20 new computers from PC malls.  These systems had counterfeit software preinstalled on them by the distributor. DCU examined the files on these PCs and found malware on four of the 20 computers that were purchased, a 20 percent infection rate.Several types of malware were pre-installed on the computers purchased from the PC mall.  This malware enabled the attackers to perform a range of actions including DDoS attacks, creating hidden access points onto the systems, keylogging and data theft.

The researchers also identified one type of malware found on these systems attempting to connect to the command and control servers of a known botnet.  The ensuing study uncovered that attackers were building this botnet by infecting digital products, like computers or software, that were then distributed through an unsecure supply channel.  The malware was also designed to spread via flash drive memory sticks. The subdomains that hosted the botnet’s command and control servers link to more than 500 different types of malware.  Some of this malware is capable of turning on cameras and microphones connected to infected systems."

4.   More on the story here. uuuuhh!!!!isn't it scary...a fresh piece of digital device that you buy comes with an inbuilt spy to spy on you and your data...... In fact it is a bold step and brave announcement by the Microsoft DCU...it could have been hidden but they found it ok to declare it open so that the user gets braver on its use...!!!

5.   DCU took legal action to disrupt the malware hosted in the subdomains, in Operation b70.  You can read more about Operation b70 and the DCU’s efforts here: http://blogs.technet.com/b/microsoft_blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx

6.   Thanks Microsoft and http://blogs.technet.com

HATS OFF : Felix Baumgartner

1.   Its a real HATS OFF...SALUTE to Felix Baumgartner the guy who travelled at MACH Speed.... phenomenal achievement by all standards...

2.   My blog is generally full of IT Stuff.....but such things actually makes me feel really nice....a great feat...a link video here for info




Sunday, September 16, 2012

Print to PDF in Ubuntu 12.04 LTS

1.     This is a simple single line of command that u write at the terminal to install a third party app that will install a pdf printer in ur Ubuntu System.
sudo apt-get install cups-pdf

2.     This will be generally handy when u need to print your documents that are ready to print but u don't have a printer installed....actually create a virtual PDF printer on your ubuntu PC that lets you convert all your documents/images/anything into PDFs that you can subsequently send to print as and when u have the facility to print.

3.    Thanks http://ubuntuportal.com

Friday, September 14, 2012

Testing ur Broad Band Speed : The ISP Promise

1.    As a customer you are promised so much from your ISP....and the most important thing an ISP promises a customer is fultu speed...they have various packages and plans to offer that revolve around offering various speeds.But how do u find out if the plan is actually provisioning the speed that u were promised.So there are ...in fact thousands of online tools to give and test your Internet broadband speed.One that I have been a regular follower is the speedtest.net available at http://www.speedtest.net/.

2.   A simple interface that takes less than a minute to get started and conclude with the result.I got the following result for my ISP...and that was as per the promise by ISP....so u can check urs too at the site : http://www.speedtest.net/



Wednesday, September 12, 2012

Being CCCSP: CDAC Certified Cyber Security Professional

1.     There is no doubt that I have keen interest in cyber security issues and subjects.I stop anywhere I find some thing to read or see articles / videos related to cyber security...always grab opportunities like workshops and seminars that hold related events. But just reading and going through these was not going to be enough to make a small mark in the field.Thus I decided to go for a certification exam.Came across CISSP,CCIE,Comp-TIA etc....which were slightly heavier on pocket :-)...so looked for a Indian version and equivalent that is not only recognized but also accepted in government organisations.So I enrolled for the exam in the month of Dec 2011 last year.....and got the results last week....and I passed....became a CDAC Certified Cyber Security Professional.The list of certified professionals is given at the link http://elearn.cdac.in/eSikshak/professional_certified.html


2.   So in this post I am going to tell you few key features of this informative and excellent course :

- Name : CCCSP ie CDAC Certified Cyber Security Professional

- Duration : 6 months

- Certification Fees : Rs 7500/-

- Conducted By : CDAC,Hyderabad


-  Written test conducted at identified CDAC centres across India.

-   Duration of the test is 2 hours.

-  Two sections, 80% of objective type and 20% of subjective in the examination paper .

- 60% score in each section must required

-  The minimum score to get professional certification on average is 70%.

3.    More details available about this course at http://elearn.cdachyd.in/eSikshak/help/English/eSikshak/CCCSP.html

4.    The certificate issued by C-DAC on CCCSP (C-DAC Certified Cyber Security Professional) is valid for 3 years from the date of issue. This is introduced, considering the importance of updating on-self on the latest security issues. 

5.   Thanks CDAC,Hyderabad.