HELIX : ADEPTO USAGE@SCREEN CORD

DOUBLE CLICK ON THE VIDEO TO VIEW BETTER

INCIDENT RESPONSE,ELECTRONIC DISCOVERY,COMPUTER FORENSICS LIVE CD : HELIX

HELIX INCIDENT RECOVERY AND FORENSIC LIVE CD

A small pptx introducing to the HELIX FORENSIC LIVE CD.

MATRIUX KRYPTON :INSTALLATION STEP by STEP

This screen cord gives a step by step installation in virtual box starting right from choosing the .ISO and configuring the machine.The default password for root is "toor" without quotes.

VIRTUAL BOX : SOLVED - FAILED TO OPEN HARD DISK ISSUE

1. I had been an avid follower of VMWARE until recently wherein I have shifted my loyalties to VIRTUAL BOX....simple,easy....and the best part is that it is OPENSOURCE.One problem that I often used to face was that when I copied a VDI file from one place to another...it used to give me a message as shown in the screen shot below that said something like " Failed to open the hardddisk F:\....\.....vdi.So I used to keep trying ways and means but that remained unsolved.But there is a single command line solution to this that goes like this...(also shown in the screen shot).Goto the command prompt first as administrator.

Goto the folder C:\Program Files\Oracle\VirtualBox by typing

c:\>cd C:\Program Files\Oracle\VirtualBox

and then type

C:\Program Files\Oracle\VirtualBox>VBoxManage.exe internalcommands sethduuid "h:\path to the vdi folder\yourvdifilename.vdi"

and this should give a message similar to this 

UUID changed to: 3cfa288c-9e91-42e2-acdc-9821ab9d4aab

(CLICK ON IMAGE TO ENLARGE)

thats it...now open...u should not get the message!!!

The Brain Virus : Some thing I missed.....

This is about BRAIN virus...a name heard in the late 80S and early 90S and recognized as the first computer virus for MS-DOS that infects the boot sector of storage media formatted with the DOS File Allocation Table (FAT) file system....This was written by two brothers, Basit Farooq Alvi and Amjad Farooq Alvi who were from Lahore, Pakistan......so what makes a mention here is that I was recently watching a TED Video wherein the speaker Mikko Hypponen shares his interesting piece of interaction with these two brothers...do watch it...worth it for inviting a smile...

BIGGEST SPYING CENTRE:NSA@USA

1.  At a time when we all realize the cyber traffic movement monitoring around us via hackers,spies and the government....this will come as a news...a big news....

2.  National Security Agency,where else but United States of America ,is engaged building and ramping up the largest Spy center in the history of the world.Special points that I read about this upcoming centre are enumerated below for ur info :

-  To be completed by September 2013.

-  This will make NSA the largest, most covert, and potentially most intrusive intelligence agency ever.

- Will be able to intercept your private emails, cell phone calls, internet connections and Google/Bing searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital litter 

-  To be located at Bluffdale.

-  Also known named Utah Data Center.

- Main purpose to tap, decipher, decrypt, analyze, and store Brobdingnagian Yotta bytes of the world’s communications as they take place across international,foreign and domestic networks.

-  Approx investment@$2 billion.

-  Realization of the “total information awareness” program initiated by Bush administration.

-  Also critical for breaking and decrypting codes to decipher encrypted financial information, stock transactions, business deals, foreign military and diplomatic secrets, legal document etc.

-  This will consist of 100,000-square-foot halls filled with servers, complete with raised floor space for cables and storage excluding more than 900,000 square feet for technical support and administration.

NIMDA VIRUS : COMMENT BY CISCO VP(Security)

The question was asked by me at a NCW(Network Centric Warfare) seminar held last year on 21 Apr 2011 at Manikshaw Centre,New Delhi.It is relates to what did CISCO do to cover up the damage of NIMDA Virus!!!

TAILS - Privacy for anyone anywhere

The video above(my first screen cord :-) ) shows the screen cord for installing TAILS on a virtual Box.For those of you who do not what TAILS is all about....Tails is a live CD or live USB that aims at preserving your privacy and anonymity.It helps you to :

Firstly,use the Internet anonymously almost anywhere you go and on any computer.

Secondly,all connections to the Internet are forced to go through the Tor network.

Thirdly,leaves no trace on the computer you're using unless you ask it explicitly.

Fourthly,uses state-of-the-art cryptographic tools to encrypt your files, email and instant messaging...Please visit https://tails.boum.org/ for more details

TOR : ITSELF VULNERABLE!!!

At my earlier post here about TOR...the one who makes you anonymous online is now vulnerable it self....:-)..all the features that I mentioned just few days back...are all vulnerable....latest from Gentoo Linux Security Advisory gives the following details :

- Prone to multiple vulnerabilities as on date.

- Most severe of which allows execution of a arbitrary code by a remote attacker.

- Can cause a Denial of Service.

- A remote relay that the user is directly connected to, may be able to disclose anonymous information about that user or enumerate bridges in the user's connection.

- When configured as client or bridge, Tor uses the same TLS certificate chain for all outgoing connections

SOLUTION : ALL TOR LOVERS TO UPGRADE TO THE LATEST TOR ASAP.

Blocking with a Hosts File : Another hardening step....

1.    How many of you know about the hosts file function in windows?It's a text file without a file extension that is intended to map IP addresses before accessing a domain name server to speed up the access. Now with the growing cyber concerns in the recent years,this mapping function is being additionally used to take a more preventative role in ad blocking and stopping spyware.This is located inside the >system32>drivers>etc folder.

2.   To explain it more simply When a address like http://www.bbc.co.uk/ is placed into your browser, the Hosts file is consulted to see if you have the IP address for this site. If you do, then you get directed to the site IP,but since most of the times it is not there,computer asks for the IP address from your ISP to find sites.

3.   It is here,that this function has recently been started to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. In many cases using a well designed HOSTS file can speed the loading of web pages by not having to wait for these ads, annoying banners, hit counters, etc. to load. This also helps to protect your Privacy and Security by blocking sites that may track your viewing habits, also known as  "click-thru tracking" or Data Miners. Simply using a HOSTS file is not a cure-all against all the dangers on the Internet, but it does provide another very effective "Layer of Protection".

4.   http://winhelp2002.mvps.org/ is one site that I found worth as the purpose of this site is to provide the user with a high quality HOSTS file.This includes a ready to download hosts file that can replace your existing hosts file likely to be empty.The hosts file is kept updated on a regular basis.As on date the last update was available for 28th Feb 2012.So this site has a list of known ad and malware site IP addresses that are redirected at 127.0.0.1.The site advertises saying " THERE IS NO PLACE LIKE 127.0.0.1.

5.   Do visit http://winhelp2002.mvps.org/ and http://winhelp2002.mvps.org/hosts.txt to download the subject file.