Social Icons

Monday, October 31, 2011

RED PHONE : ENCRYPTED VOICE FOR ANDROID!!!

Here is something every android user would lov to use....AIM IS TO LISTEN AND SPEAK ON YOUR ANDROID HANDSET WITH INBUILT ENCRYPTION OF RED PHONE APPLICATION.......isn't it gr888888!!!

" RedPhone provides end-to-end encryption for your calls, securing your conversations so that nobody can listen in. It's easy to use, and functions just like the normal dialer you're accustomed to. RedPhone uses your normal mobile number for addressing, so there's no need to have yet another identifier or account name; if you know someone's mobile number you know how to call them using RedPhone. And when you receive a RedPhone call your phone will ring just like normal, even if it is asleep. "

SOME MORE ON DUQU

Some more good info and FAQs on DUQU.....AT
http://www.secureworks.com/research/threats/duqu/

Sunday, October 30, 2011

BACKTRACK 5 : How to use ?

Recently uploaded a step by step with screen shot on how to use and benefit from BACKTRACK 5 on a virtual lab platform.....

Backtrack 5

DUQU : FROM THE GEN STUXNET????


1.  Do u remember the gr8 STUXNET...who hit the cyber theatres about a year back?....i call it gr8 since that was the first piece of trojan which the experts called with words like marvelous,the world's first 'open source weapon'.....the code which shocked the experts...though it was meant to target Siemens industrial software and equipment running Microsoft Windows....but the percentage affected was enough to do the early damage and show the trailor of what  can come ahead....now comes another in the offering which Researchers from Symantec say is likely written by the same authors and based on the same code.This is known as DUQU.....also coming to be known as “Son of Stuxnet” and a “precursor to a future Stuxnet-like attack.”

2. But another analyses by security researchers from Dell suggest Duqu and Stuxnet may not be closely related after all. That’s not to say Duqu isn’t serious, as attacks have been reported in Sudan and Iran. But Duqu may be an entirely new breed, with an ultimate objective that is still unknown.“Both Duqu and Stuxnet are highly complex programs with multiple components,” Dell says. “All of the similarities from a software point of view are in the ‘injection’ component implemented by the kernel driver. The ultimate payloads of Duqu and Stuxnet are significantly different and unrelated. 

3. The security vendor Bitdefender has also cast doubt on the supposed Duqu/Stuxnet link in its Malwarecity blog. “We believe that the team behind the Duqu incident are not related to the ones that released Stuxnet in 2010, for a number of reasons,” BitDefender’s Bogdan Botezatu writes. While a rootkit driver used in Duqu is similar to one identified in Stuxnet, that doesn’t mean it’s based on the Stuxnet source code.

4. Now till date,DUQU was reportedly seen infecting machines in and around IRAN......but now the Symantec version reported is that a server machine in aamchi Mumbai is effected by this new VIRUS!!!!!!!Indian authorities seized computer equipment from a data center in Mumbai as part of an investigation into the Duqu malicious software that some security experts warned could be the next big cyber threat. Two workers at a web-hosting company called Web Werks told Reuters that officials from India's Department of Information Technology last week took several hard drives and other components from a server that security firm Symantec Corp told them was communicating with computers infected with Duqu. 

5. So DUQU is here in INDIA.......and I m sure with the high percentage of pirated software users in India....we r the most vulnerable to such kinds of threat.....be updated...buy genuine....keep taking updates to avoid being EXPLOITED by EXPLOITS..................

Saturday, October 22, 2011

WIRESHARK Troubleshoot

1. The most common trouble that comes up first time users of Wireshark is that CAPTURE INTERFACE drop down shows the NPF not running and thus the interface list shows NIL.....

2. The small work to be done is that you need to install and then run WinPcap.So after you have installed Wireshark  and u have a shortcut of the application on the desktop...just right click the Wireshark  and run as the administrator.....should solve....

Tuesday, October 11, 2011

HIBERNATION MODE : HOW SAFE FOR YOU?

1. How often while using your PC u use the hibernation mode?I am sure that after reading the text below u r hardly going to use it owing to the serious compromise of your info of what you do and when you do ?

2. Ok…what do we mean by hibernation mode?......it simply means that via using this mode we are basically creating a snapshot of the contents of the computers RAM which is then saved to the root of the hard drive as “hiberfil.sys”!!!!This would now mean that the then current running applications and other data in RAM will be written to the hard disk.

3. For example, if we went into the hibernation mode with our browser still open…..then textual strings such as the last Google search performed or text from an open web page will be written to hard drive as the computer “hibernates”.

4. The Windows hiberfil.sys also become an issue while using encryption software such as TrueCrypt. If a Windows system is placed into hibernation mode without unmounting encrypted containers or volumes then the encryption keys used to access these containers will likely be left in RAM in plain-text. RAM will then be saved to the hard drive in the hiberfil.sys. This means that we will be leaving the keys (passwords) to all of your private containers and volumes free for the finding.

5. Ok…..if at all we get hold of the hiberfil.sys…is it going to be that easy to read all that hex dec info?...no certainly not…here come sandmen project for assistance….now whats SANDMEN PROJECT….pls google….in short it is a library which assists in parsing data from the hiberfil.sys.

Disable Hibernation mode on Windows XP:
• Right-click empty area on desktop
• Choose “Properties”
• Select the “Screen Saver” tab
• Click “Power…”
• Select the “Hibernate” tab
• Uncheck “Enable hibernation”

Disable Hibernation mode on Windows 7:

• Open “Control Panel”
• Click “Power Options”
• Click “Change plan settings” for you current power plan
• Click “Change advanced power settings”
• Expand “Sleep”
• Expand “Hibernate after”
• Enter “0″ for “Setting:” to set hibernate to “Never”

Monday, October 10, 2011

nVidia GeForce GPU cracks six character password in four seconds

1.  An nVidia GeForce GT220 graphics card, which costs about £30, is capable of cracking strong passwords in a matter of hours. Security experts were able to crack a  6 character password in 4 seconds, a 7 character password in less than 5 minutes, and 8 character password in four hours.So guys ...have mentioned it so many times earlier...even a password upto 14 character in length has been shown easy to crack when i discussed at a post here about one year back....so better take care of ur passwords...small case with few caps and special characters with numbers upto a length of 10-15 should do it for the time being....things r getting nasty in the hacking world.....take care....

2.  more about this at...here...here...here....here...

Sunday, September 25, 2011

Common Malware Symptoms


If you are malware hit....u r likely to see one or few or all of these symptoms:

 Your programs and files are suddenly missing.
 Homepage of your web browser has changed.
 Search results are being redirected.
 You start ending up at websites you didn't intend to go to.
 New icons & programs appear on the desktop that you did not put there.
 Your desktop background has changed without your knowledge.
 Your programs won’t start.
 Your security protection have been disabled for no apparent reason.
 You cannot connect to the internet or it runs very slowly.
 Strange or unexpected toolbars appear in your web browser.
 Takes longer to start and runs more slowly than usual.
 Computer shows strange error messages or popups.
 Freezes or crashes randomly.
 Computer is performing actions on its own.
 You cannot access security related websites.

Tuesday, September 20, 2011

DEEP FREEZE : II

In continuation with the earlier post here....would like readers to read this for info and value addition

http://forums.techguy.org/all-other-software/708554-other-progams-like-deep-freeze.html

DEEP FREEZE : A way to protect ur system!!!


1. Deep Freeze, by Faronics, is an application available for the Microsoft Windows, Mac OS X, and SUSE Linux operating systems which allows system administrators to protect the core operating system and configuration files on a workstation or server by restoring a computer back to its original configuration each time the computer restarts.The other interesting salient features are mentioned below :

-  Deep Freeze is a kernel-level driver that protects hard drive integrity by redirecting information being written to the hard drive or partition.

-  Leaves the original data intact. 

-  The directed information is no longer referenced once the computer is restarted, thus restoring the system to its original state at the disk sector level. 

-  Allows users to make 'virtual' changes to the system, giving them the appearance that they can modify core files or even delete them, and even make the system unusable to themselves, but upon reboot the originally configured 'frozen' state of the operating system is restored.

-  To make changes, a system administrator must 'thaw' the protected partition by disabling Deep Freeze, make any needed changes, and then 'freeze' it again by re-enabling Deep Freeze. These changes become part of the protected partition and will be maintained after restarts. 

2. Deep Freeze can also protect a computer from harmful malware, since it automatically deletes (or rather, no longer "sees") downloaded files when the computer is restarted. The advantage of using an application such as Deep Freeze antivirus / antimalware is that it uses almost no system resources, and does not slow your computer significantly. The disadvantage is that it does not provide real-time protection, therefore an infected computer would have to be restarted in order to remove malware. 

3. More at http://www.faronics.com/.Thanks WIKI......

Powered By Blogger