Social Icons

Saturday, March 31, 2012

BIGGEST SPYING CENTRE:NSA@USA

1.  At a time when we all realize the cyber traffic movement monitoring around us via hackers,spies and the government....this will come as a news...a big news....

2.  National Security Agency,where else but United States of America ,is engaged building and ramping up the largest Spy center in the history of the world.Special points that I read about this upcoming centre are enumerated below for ur info :

-  To be completed by September 2013.

-  This will make NSA the largest, most covert, and potentially most intrusive intelligence agency ever.

- Will be able to intercept your private emails, cell phone calls, internet connections and Google/Bing searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital litter 

-  To be located at Bluffdale.

-  Also known named Utah Data Center.

- Main purpose to tap, decipher, decrypt, analyze, and store Brobdingnagian Yotta bytes of the world’s communications as they take place across international,foreign and domestic networks.

-  Approx investment@$2 billion.

-  Realization of the “total information awareness” program initiated by Bush administration.

-  Also critical for breaking and decrypting codes to decipher encrypted financial information, stock transactions, business deals, foreign military and diplomatic secrets, legal document etc.

-  This will consist of 100,000-square-foot halls filled with servers, complete with raised floor space for cables and storage excluding more than 900,000 square feet for technical support and administration.

Friday, March 30, 2012

NIMDA VIRUS : COMMENT BY CISCO VP(Security)



The question was asked by me at a NCW(Network Centric Warfare) seminar held last year on 21 Apr 2011 at Manikshaw Centre,New Delhi.It is relates to what did CISCO do to cover up the damage of NIMDA Virus!!!

Wednesday, March 28, 2012

TAILS - Privacy for anyone anywhere


The video above(my first screen cord :-) ) shows the screen cord for installing TAILS on a virtual Box.For those of you who do not what TAILS is all about....Tails is a live CD or live USB that aims at preserving your privacy and anonymity.It helps you to :

Firstly,use the Internet anonymously almost anywhere you go and on any computer.

Secondly,all connections to the Internet are forced to go through the Tor network.

Thirdly,leaves no trace on the computer you're using unless you ask it explicitly.

Fourthly,uses state-of-the-art cryptographic tools to encrypt your files, email and instant messaging...Please visit https://tails.boum.org/ for more details

Monday, March 26, 2012

TOR : ITSELF VULNERABLE!!!

At my earlier post here about TOR...the one who makes you anonymous online is now vulnerable it self....:-)..all the features that I mentioned just few days back...are all vulnerable....latest from Gentoo Linux Security Advisory gives the following details :

- Prone to multiple vulnerabilities as on date.

- Most severe of which allows execution of a arbitrary code by a remote attacker.

- Can cause a Denial of Service.

- A remote relay that the user is directly connected to, may be able to disclose anonymous information about that user or enumerate bridges in the user's connection.

- When configured as client or bridge, Tor uses the same TLS certificate chain for all outgoing connections

SOLUTION : ALL TOR LOVERS TO UPGRADE TO THE LATEST TOR ASAP.

Saturday, March 24, 2012

Blocking with a Hosts File : Another hardening step....

1.    How many of you know about the hosts file function in windows?It's a text file without a file extension that is intended to map IP addresses before accessing a domain name server to speed up the access. Now with the growing cyber concerns in the recent years,this mapping function is being additionally used to take a more preventative role in ad blocking and stopping spyware.This is located inside the >system32>drivers>etc folder.

2.   To explain it more simply When a address like http://www.bbc.co.uk/ is placed into your browser, the Hosts file is consulted to see if you have the IP address for this site. If you do, then you get directed to the site IP,but since most of the times it is not there,computer asks for the IP address from your ISP to find sites.

3.   It is here,that this function has recently been started to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. In many cases using a well designed HOSTS file can speed the loading of web pages by not having to wait for these ads, annoying banners, hit counters, etc. to load. This also helps to protect your Privacy and Security by blocking sites that may track your viewing habits, also known as  "click-thru tracking" or Data Miners. Simply using a HOSTS file is not a cure-all against all the dangers on the Internet, but it does provide another very effective "Layer of Protection".

4.   http://winhelp2002.mvps.org/ is one site that I found worth as the purpose of this site is to provide the user with a high quality HOSTS file.This includes a ready to download hosts file that can replace your existing hosts file likely to be empty.The hosts file is kept updated on a regular basis.As on date the last update was available for 28th Feb 2012.So this site has a list of known ad and malware site IP addresses that are redirected at 127.0.0.1.The site advertises saying " THERE IS NO PLACE LIKE 127.0.0.1.

5.   Do visit http://winhelp2002.mvps.org/ and http://winhelp2002.mvps.org/hosts.txt to download the subject file.

Sunday, March 11, 2012

HACKERS & TERRORISTs ARE NOT IDIOTS


1.    You have to go through all the classes from 1st to 12th standard to be eligible to be admitted into a college.But does the Govt think so? sorry for a bad connotation...I will come to the point...

2.     Recently,in the name of cyber security preparedness,the Government,in a first of its kind, conducted a live competition between two spy systems developed by reputed tech arms of India's national security apparatus. Expectantly...(though not from the Govt point of view)...both failed to capture 100% internet data traffic, one system even crashing a number of times during the test.

3.   Point wise summary comes as follows :

- Competition held near the Air Force Station, Arjangarh.

- Conducted between a system developed by Centre for Artificial Intelligence and Robotics (CAIR)@'Netra' and NTRO's @'Vishwarupal'@developed in collaboration with a Paladion Networks.

-  A high-level committee(???) declared Defence Ministry's 'Netra' system a winner.

-  During conduct of the test , "Vishwarupal", crashed a number of times and had to be restarted. 

-  Both the systems did not capture entire internet traffic passing via its probes installed at Sify Technologies premises in Delhi. 

-  Both could return results only after repeated attempts and that too with a high latency@15 minutes.

-  Netra will now be made a robust system, to scan all tweets, status updates, messages, emails, internet calls, blogs and forums for keywords such as 'attack', 'bomb' and 'drill'

-  The committee also directed NTRO, to wrest the design and source code of its system, exclusively from Paladion, due to a risk on national security.

4.   Now if the criteria of search is still to look after key words like Bomb,drill,attack etc,I think its time to rethink again.No real world terrorist would actually use similar words since they think much ahead and are sadly making use of the technology more efficiently then the other side.Are we not aware of latest unbreakable cryptography,stegnaography and other such related field standards?.....the SRS for building such a system should be exhaustive,based on dynamic@changing and improving technology standards.

5.   We are a country who is unable to exploit the inhouse talent and strength.We still keep searching and associating ourselves with outside country companies....We are already late...and we will be more late!!!!

6.  Source of Info @ www.techgig.com

Wednesday, March 07, 2012

YUM INSTALLATION STEP BY STEP : RHEL 5

1.   Recently inserted one video screen recording of how the yum installation is conducted in RHEL 5.The step wise command summary goes like this :


  130  cd /media/RHEL_5.1\ i386\ DVD/
  131  cp -av /media/RHEL_5.1\ i386\ DVD/images/ /var/ftp/pub/
  132  cp -av /media/RHEL_5.1\ i386\ DVD/RPM-GPG-KEY* /var/ftp/pub/
  133  cd /var/ftp/pub/Server/
  134  rpm -ivh createrepo-0.4.4-2.fc6.noarch.rpm 
  135  createrepo -v /var/ftp/pub/
  136  createrepo -g /var/ftp/pub/Server/repodata/comps-rhel5-server-core.xml /var/ftp/pub/

2.  The start to end video is down here.Click to watch :

Tuesday, March 06, 2012

Installing Guest Additions in Virtual Box : RHEL 5

1.  In variably I have been using various window OS trials for experimenting in Virtual Box....and yes it is easy to use....but try it out with an RHEL 5.....it became a small fight for me at least.....how i solved it goes like this...

(a) First tried with this :

./VBoxLinuxAdditions-x86.run 

and i was given this error message :

bash: ./VBoxLinuxAdditions-x86.run: /bin/sh: bad interpreter: Permission denied

(b)....the answer is actually this :

sh VBoxLinuxAdditions-x86.run 
or 
bash VBoxLinuxAdditions-x86.run

and the output looks something like this

[root@localhost VBoxGuestAdditions_4.1.8_75467]# ./VBoxLinuxAdditions.run
Verifying archive integrity... All good.
Uncompressing VirtualBox 4.1.8 Guest Additions for Linux.........
VirtualBox Guest Additions installer
Removing installed version 4.1.6 of VirtualBox Guest Additions...
Removing existing VirtualBox DKMS kernel modules           [  OK  ]
Removing existing VirtualBox non-DKMS kernel modules       [  OK  ]
Building the VirtualBox Guest Additions kernel modules
Building the main Guest Additions module                   [  OK  ]
Building the shared folder support module                  [  OK  ]
Building the OpenGL support module                         [  OK  ]
Doing non-kernel setup of the Guest Additions              [  OK  ]
You may need to restart the hal service and the Window system
Installing the Window System drivers
Installing X.Org Server 1.11 modules                       [  OK  ]
Setting up the Window System to use the Guest Additions    [  OK  ]
You may need to restart the hal service and the Window System (or just restart
the guest system) to enable the Guest Additions.
Installing graphics libraries and desktop services componen[  OK  ]

...thats it!!!!!!!!!!!!!



Sunday, March 04, 2012

Blue Tooth handshakes Wifi: Here Comes BLUE FI


1.    Here some thing when technology meets technology....so till date I used to identify Blue Tooth with  proprietary open wireless technology standard for exchanging data over short distances and WiFi with 802.11 IEEE standard...now when these two get mixed we get a BLUE FI.

2.  As per a paper "Blue-Fi: Enhancing Wi-Fi Performance using Bluetooth Signals by Ganesh Ananthanarayanan" Blue Fi is a system that predicts the availability of the Wi-Fi connectivity by using a combination of bluetooth contact-patterns and cell-tower information. This allows the device to intelligently switch the Wi-Fi interface on only when there is Wi-Fi connectivity available, thus avoiding the long periods in idle state and significantly reducing the the number of scans for discovery.Now the best part about this is that when I searched something on BLUE-FI,two prominent google searches included a Paper as mentioned above by an Indiuan and also the first implememntation in India at Bangalore City Railway Station that became the first in the railway network to offer BluFi.

3.   The passengers at Banglore railway station would be able to get Internet access, by sending their mobile numbers through the Wi-Fi registration portal. The passwords would be sent through SMS. A passenger could use Internet for 45 minutes; if he wished to continue, he had to start a fresh session....sounds a gr8 start....and promising


Wednesday, February 29, 2012

BOY in the BROWSER attack

1.  Funny names keep propping up...and keep getting accepted too...first it was Man in the Middle attack....then Man in the Browser...and now comes Boy in the Browser attack....actually, is a trojan that reroutes its victim's web traffic information through an attacker’s proxy site.  ....a cool video here explains it in a simple language....

Powered By Blogger