Cross OS Trojan : @ If...Then...else :-)

1.    Got this at THN.We often feel stronger when we use some kind of a open source linux OS instead of the regular pirated or even genuine Windows OS incl XP/WIN7 etc.But what i got here was a simple trojan dropper code that is based on the found out OS...IF LINUX then this trojan...or if windows then the other one....the snap shot from the original THN site is here @ http://thehackernews.com/2012/07/cross-platform-trojan-mac-windows-linux.html

2.    F-Secure has found this web exploit that detects the OS of the computer and drops the relevant trojan to match.The attack was first seen on a Columbian transport website which had been hacked by a third party. This malware is known as GetShell.A and requires users to approve a Java applet installation.It detects if you're running Windows, Mac OS X, or Linux, and then downloads the corresponding malware for your platform. The malicious files developed for each type of OS connect to the same Command & Control server that F-Secure has localized at IP address 186.87.69.249.

3.  Thanks http://thehackernews.com

The Amazing Spider Man BINGS!!! does not Google

1.    Watched yesterday...the new spider man movie that's THE AMAZING SPIDER MAN...and noticed one special thing which few of you might not have...the search conducted by our hero was on the search engine Bing....and I could see the Microsoft guys smiling.....but it snapped quiet a funny number of tweets of which my fav one is this one by one Sarahtb0

The Amazing Spider-Man was pretty realistic until Peter Parker used Bing as his search engine.

2.   Now was this some kind of a tie up between Microsoft and Spider Man to lure audience further damage the Google proprietary in the search engine web....or was it scripted like normal..it could have been google also!!!!

9TH JULY 2012 : R u a Victim?

1. All the fuss about 9th July that says about the risk of "DNSChanger" malware, which will result in your computer getting disconnected from the Web on July 9 if you don't clean it up. You won't be able to go online, and you'll need to contact your service service provider for help getting the malware deleted before you can reconnect to the Internet....strange it may sound...but it is true...even the FBI has given a warning sort at its link here at https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS

2.  Just to check if u r a likely victim,McAfee has created a link at www.mcafee.com/dnscheck for you to find out if u r a likely victim or not ? I checked out the same on my PC....it showed the following screen shot.....

3.   Do check out urs....and rectify if need be....

Cloud Computing : A dummies over view!!!! - 1

1.   Cloud computing is ALREADY the next stage in evolution of the Internet. The cloud in cloud computing provides the means through which everything from computing power to computing infrastructure,applications, business processes to personal collaboration — can be delivered to you as a service wherever and whenever you need.Cloud computing is offered in different forms:

- Public clouds

- Private clouds

- Hybrid clouds, which combine both public and private

2.   In general the cloud is similar to fluid that can easily expand and contract. This elasticity means that users can request additional resources on demand and just as easily deprovision (or release) those resources when they’re no longer needed. This elasticity is one of the main reasons individual, business, and IT users are steadily moving to the cloud.In the traditional data center it has always been possible to add and release resources but we all know how much effort generally goes in. 

3.   This doesn’t mean that all applications, services, and processes will necessarily be moved to the cloud. Many businesses are much more cautious and are taking a hard look at their most strategic business processes and intellectual property to determine which computing assets need to remain under internal company control and which computing assets could be moved to the cloud.

4.   The cloud itself is a set of hardware, networks, storage, services, and interfaces that enable the delivery of computing as a service. Cloud services include the following :

- IaaS(Infrastructure as a service) : Infrastructure as a Service is a provision model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components. The service provider owns the equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis.

- PaaS(Platform as a Service) : Platform as a Service (PaaS) is a way to rent hardware, operating systems, storage and network capacity over the Internet. The service delivery model allows the customer to rent virtualized servers and associated services for running existing applications or developing and testing new ones.

- SaaS ( Software as a Service) : Software as a Service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.

5.    Besides these services,new delivery models such as Crimeware as a Service are also building up in the parallel...for that just google else from the name u can make out it is crime ware as a service as I mentioned in one of the posts in my blog about two years back here.....

6.   Now that goes as the most simple intoruction for a cloud computing over view...the main part starts now...how about the security aspects for each of these...that will be in slightly more detail in subsequent posts...

7.    Thanks http://searchcloudcomputing.techtarget.com

The Hackers Conference: Delhi@29 July 2012

1.   This is a wonderful opportunity for those who wish to see the latest in the world of Hacking...if not the latest...u might hear few golden words from renowned speakers.This is about the HACKERS CONFERENCE @ Delhi on 29 July 2012.

2.   The Hackers Conference is a unique event, where the elite of the hacker world, leaders in the information security industry and the Internet community meet face to face to join their efforts to cooperate in addressing the most topical issues of the IT world.

3.   Conference will be held in New Delhi and aims to get together Industry, Government, Academia and Underground hackers to share knowledge and leading-edge ideas about information security and everything related to it.

4.   This will see a galaxy of renowned speakers presenting 0-Day Vulnerabilities, Exploits and Android/Blackberry/iPhone Hacks. Apart from Speakers presenting on WI-FI and Web Application Security the Special invitees from government Intelligence agencies will also speak on National Security Issues emerging from Scada Hacking. 

5.   More details at http://www.thehackersconference.com/

Mantralaya fire@Mumbai and Cloud

1.   The recent Mumbai Mantralaya Fire wherein few sad and undesired casualties took place and more then 2000 computers were destroyed is one example which shows the sad state of affairs in terms of fire fighting preparations and state of taking critical backup in important institutions like mantralaya's and ministries....Offcourse,the loss of human lives has no substitute and my sincere condolences to the berieved families...

2.   In the given case,no one would actually cry over the damage of 2000 computers...all would be worried about all the files and data that were stored on them(..infact few would have been happy to bid good bye to the 486 and celerons with 256 mb that they used to fight day in/out :-).....now had some one realised the importance of CLOUD here at some point of time earlier,the damage of data could have been averted.How ?

3.   It is indeed surprising for me that in the blog's five year existence,there has been very limited text on CLOUD COMPUTING....so let me start a Part series (in subsequent new posts)starting from Introduction to the advantages and the more important security threats that emanate on adopting the cloud.....

Internet Explorer : Vulnerable as always!!!

1.   Microsoft IE vulnerability CVE-2012-1889 is the latest to generate interest amongst avid cyber security readers. The special thing about this vulnerability is that it focusses on users using Gmail, MS Office and Internet Explorer. And the sad thing is that this is still a ZERO day exploit...... Rapid 7,Security software company,explains the vulnerability as follows:

“This is an uninitialized memory bug found in MSXML. According to Microsoft, such a component can be loaded from either Internet Explorer and Microsoft Office. This vulnerability is rumored to be “state-sponsored”, and what makes it really critical is it’s still an 0-day hijacking Gmail accounts. That’s right, that means if you’re using Gmail as well as Internet Explorer or Microsoft Office, you’re at risk. We expect this vulnerability to grow even more dangerous since there’s no patch, and it’s rather easy to trigger.”

2.    Whatever may say...majority of the users still by default keep using IE across the globe....when I see my own blog stats,about 60 % of the visitors use IE...and as we all keep seeing the exponential growth in the users of internet across the globe....but sadly the awareness level of how vulnerable they all are is unknown and is growing at a similar rate!!!

3.    Got the reference from here.Thanks https://community.rapid7.com.

FLAME on way to commit SUICIDE ?

1.    Further to my post on FLAME earlier which made a point wise summary based on my various reads across the web,here is something more interesting.....

2.    The creators of Flame have sent a 'suicide' command that removes it from infected computers ie  it has gotten orders to vanish, leaving no trace.As was mentioned in the post earlier that Flame may delete itself from systems that have been fully exploited without leaving any trace has come true soon......

3.   More on the subject at the link ahead and Thanks THN

 http://thehackernews.com/2012/06/flame-spy-virus-going-to-suicide.html

Zoomit : Incredibly Useful Tool from Microsoft

1.     In any of the presentations or on screen visuals on projections system to a live audience we invariably require sometimes to let the audience get focused on something we would like them to see only on the screen......I mean zooming on a portion of screen without getting into the practise of coming out of ppt or ur application and running magnifier or some similar third party application.....here's what zoomit does free for you without any major installation worries!!!

2.   ZoomIt is screen zoom and annotation tool for technical presentations that include application demonstrations. ZoomIt runs unobtrusively in the tray and activates with customizable hotkeys to zoom in on an area of the screen, move around while zoomed, and draw on the zoomed image. I wrote ZoomIt to fit my specific needs and use it in all my presentations.ZoomIt works on all versions of Windows and you can use pen input for ZoomIt drawing on tablet PCs.

3.  Download and start using it .....from http://technet.microsoft.com/en-us/sysinternals/bb897434.aspx

The Lightest Browser : BROWZAR

1.  In the world of browsers when we have chrome...mozilla...safari...opera..and many others.fight it out at ACID3 benchmarking levels...we have a small browser here....thats only in KBs....by the name of BROWZAR.Few good things and features are mentioned below :

-  Takes seconds to download

-  No installation

-  No registration

-  One of the smallest, fastest browsers in the world

-   Just download and go

-   Doesn't save Cookies, History, Temp files, Passwords, Cache

-   Secure delete

-   Great for Banking and Cloud applications

-   Carry it with you on a USB stick

-   Great for shared computers

-   Use it on a friend's PC, Internet Cafe, Work PC, on Holiday

-   Automatically cleans up when you've finished

-   Only 222Kb...u read that right!!!only 222Kb

2.   Test and Download at http://www.browzar.com/.

YOUTUBE to your TV

1.    With the penetration of LCDs and LEDs in our homes....the desire of DIL MAANGE MORE gets into the business...so u have a internet broadband connection at home and you have a USB enabled LCD/LED....but how to play your youtube videos on your LCD/LED.....there is an easy free way to do it.I will introduce you to two veri nice softwares that I have been using for last 3-4 years now...withouyt any problems....no cracks...no pirated downloads required....

2.   So the first one is Free Studio's DVDVideo Soft at http://www.dvdvideosoft.com/ .Free Studio consists of 47 programs, grouped into eight sections: YouTube, MP3 & Audio, CD-DVD-BD, DVD & Video, Photo & Images, Mobiles, Apple Devices, 3D. The largest group, the Mobiles section contains 12 different applications. DVD & Video section is the second largest group with 10 programs. However, the YouTube section, particularly YouTube downloading programs, has gained more popularity among users.DVDVideoSoft assures that each free program offered is free of spyware and adware. The programs have been tested and endorsed by such reputable sites as Chip Online, Tucows, SnapFiles, Brothersoft and Softonic and have won awards from these sites.[Source Wiki]

3.   So after you have downloaded the video via this DVDSoft software,now u need is a suitable convertor.Although DVDSoft itself offers the conversion...u can also check another free bee at http://www.pazera-software.com/download.php?id=0015&f=Pazera_Free_MOV_to_AVI_Converter.exe

4.   So now u can get ready to watch your you tube videos on ur LED/LCD....

Linkedin Confirms being HACKED

1.    Most of us who surf web regularly do have our identities associated with popular social networking sites...like gmail...orkut...facebook and linkedin etc.So the latest news is that if u have a profile on LInkedin....please change ur password.....the news in brief goes like this....

2.     LinkedIn has confirmed on 6th Jun 12 that at least some passwords have been compromised in a major security breach correspond to LinkedIn accounts. First reported by Norweigan IT website Dagens IT the breach that about 6.5 million encrypted passwords were posted on a Russian hacker site.Thus those most of the users with compromised passwords noticed that their LinkedIn account password are no longer valid.The file uploaded only contains passwords hashed using the SHA-1 algorithm and does not include user names or any other data. However, the breach is so serious that security professionals advise people to change their LinkedIn passwords immediately. An SHA-1 hash is an algorithm that converts your password into a unique set of numbers and letters. If your password is “test_123,” for example, the SHA-1 hex output should always be “ab7a614854d2ef5ee9d9cc30e6f2bdcd19fe49ea.” As we can see that is problematic since if we know the password is hashed with SHA-1, we can quickly uncover some of the more basic passwords that people commonly use.

3.     The most common password used was “123456,” followed by “12345″ and “123456789.” All in all, more than half a million people chose passwords composed of only consecutive numbers. So, if a hacker tried to log in to all RockYou accounts with just one password attempt–123456–every hundred or so attempts would yield a compromised account. Dozens of attempts can be scripted every second, so Imperva estimates that using this technique would only take around 15 minutes to hack 1,000 accounts.

4.    Another site offers you to know if ur linkedin username was actually amongs the hacked lot or not.Not sure about how genuine it is...it is available at

http://venturebeat.com/2012/06/07/was-your-linkedin-password-hacked-heres-how-to-find-out/

5.    Thanks http://thehackernews.com/2012/06/linkedin-confirms-millions-of-account.html

Accessing Blocked Sites

1.    So many times we come across  internet terminals who deny us access to certain pages because of certain customized blocking by the local administrator or at times even the ISP.....so what do u do then...just abuse the ISP or the local admin!!!!no ...till u know few tricks of trade....so for example as a first case we assume that a site like timesofindia or some similar news site is blocked for accessing....so to access this simply go to the following website :

http://archive.org/index.php

2.    After u click this u will come across a webpage similar to the shown below :

(click image to enlarge)

3.   Now go to the bar and type ur site name.....this will give a option to even take you to the cached version of the site at an earlier date.For example I typed http://www.thehindu.com/ and i get the following screen.

(click image to enlarge)

4.     Now click on the date that u desire to see the site on......and u see the cached site like this when i clicked 14tg Feb 2003

(click image to enlarge)

5.    So we see that not only the blocked site is accessed but also we are able to access the site as it was on some past date .......though to access blocked sites there are so many proxies available on the web...thi one has this additional Cache feature..... 

FLAME : The new'EST Threat bigger then STUXNET

1.         Off late there has been the much talked FLAME Virus in the IT Sec community.Few clean shots about FLAME in a point wise crisp format :

 -          Flame was first detected back in 2010 by Kaspersky Labs completely by accident.

-           Flame is terribly complex for a piece of malware. 20 times bigger than Stuxnet.

-           Its about 20MB package and is still being analyzed.

-           The Stuxnet  attack that damaged Iranian nuclear facilities last year is barebones by 

comparison.

-           Kaspersky assumes it was built by government scientists, but no one knows which government.

-           Flame gathers a huge amount of data from infected systems, but it has been hard to sort out where it is all going.

-           Dozens of control servers have been located, but the domains associated with them are registered with fake identities.

-           Flame steals hard drive contents, screenshots, and keystrokes.

-           Can also use the system microphone and Bluetooth radio to suck in more data.

-           To save on bandwidth, Flame may delete itself from systems that have been fully exploited. This is part of what made the infection hard to detect.

-          

-           Has incredible abilities to monitor in-boxes, take screen grabs, even record audio of conversations happening near the computer.

-           The entire virus had been pieced together like a LEGO creation, one part building on another. Things could actually be added onto the spyware after it was already on an infected computer, giving the developer enormous freedom to tinker at will.

-           One specific example is with a Bluetooth module, which allowed the spyware to be spread to other devices.

-           The two most popular ways are to send you an e-mail with an attachment, and a Web-based or drive by download that gets you to a malware website.

-           Another favourite way to get you is through social media websites. Attackers are so savvy that they now troll your "friends" list and generate an e-mail that looks like it's coming from you, so what friend wouldn't click on it, right?

-           Microsoft has revealed that the virus gained a foothold by spoofing one of its own security certificates.

-           The computer virus is on the loose in Iran and other parts of the Middle East, infecting PCs and stealing sensitive data.

-           Flame is basically a backdoor and a Trojan with worm-like features.

-           Consider this: It took several months to analyze the 500K code of Stuxnet. It will probably take year to fully understand the 20MB of code of Flame.

2.Thanks http://news.cnet.com

I AM SOMEWHERE!!!! :-)

A Screen shot from  http://theroxor.com/www.anupriti.blogspot.com#visitors  about my blog!!!

A screen shot from http://www.seoprofiler.com/analyze/anupriti.blogspot.com

A screen shot from http://www.seoprofiler.com/analyze/anupriti.blogspot.com

Windows 7 Hacked @ BACKTRACK

(DOUBLE CLICK TO VIEW BETTER)

Nothing new for the active Cyber Sec community...but since I had recently recorded a screen cord I thought like uploading the same for everi one.....This is my second "hands on" a windows machine after I attempted on XP last year at  http://anupriti.blogspot.in/2011/10/backtrack-5-how-to-use.html

HELIX : ADEPTO USAGE@SCREEN CORD

DOUBLE CLICK ON THE VIDEO TO VIEW BETTER

INCIDENT RESPONSE,ELECTRONIC DISCOVERY,COMPUTER FORENSICS LIVE CD : HELIX

HELIX INCIDENT RECOVERY AND FORENSIC LIVE CD

A small pptx introducing to the HELIX FORENSIC LIVE CD.

MATRIUX KRYPTON :INSTALLATION STEP by STEP

This screen cord gives a step by step installation in virtual box starting right from choosing the .ISO and configuring the machine.The default password for root is "toor" without quotes.

VIRTUAL BOX : SOLVED - FAILED TO OPEN HARD DISK ISSUE

1. I had been an avid follower of VMWARE until recently wherein I have shifted my loyalties to VIRTUAL BOX....simple,easy....and the best part is that it is OPENSOURCE.One problem that I often used to face was that when I copied a VDI file from one place to another...it used to give me a message as shown in the screen shot below that said something like " Failed to open the hardddisk F:\....\.....vdi.So I used to keep trying ways and means but that remained unsolved.But there is a single command line solution to this that goes like this...(also shown in the screen shot).Goto the command prompt first as administrator.

Goto the folder C:\Program Files\Oracle\VirtualBox by typing

c:\>cd C:\Program Files\Oracle\VirtualBox

and then type

C:\Program Files\Oracle\VirtualBox>VBoxManage.exe internalcommands sethduuid "h:\path to the vdi folder\yourvdifilename.vdi"

and this should give a message similar to this 

UUID changed to: 3cfa288c-9e91-42e2-acdc-9821ab9d4aab

(CLICK ON IMAGE TO ENLARGE)

thats it...now open...u should not get the message!!!

The Brain Virus : Some thing I missed.....

This is about BRAIN virus...a name heard in the late 80S and early 90S and recognized as the first computer virus for MS-DOS that infects the boot sector of storage media formatted with the DOS File Allocation Table (FAT) file system....This was written by two brothers, Basit Farooq Alvi and Amjad Farooq Alvi who were from Lahore, Pakistan......so what makes a mention here is that I was recently watching a TED Video wherein the speaker Mikko Hypponen shares his interesting piece of interaction with these two brothers...do watch it...worth it for inviting a smile...

BIGGEST SPYING CENTRE:NSA@USA

1.  At a time when we all realize the cyber traffic movement monitoring around us via hackers,spies and the government....this will come as a news...a big news....

2.  National Security Agency,where else but United States of America ,is engaged building and ramping up the largest Spy center in the history of the world.Special points that I read about this upcoming centre are enumerated below for ur info :

-  To be completed by September 2013.

-  This will make NSA the largest, most covert, and potentially most intrusive intelligence agency ever.

- Will be able to intercept your private emails, cell phone calls, internet connections and Google/Bing searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital litter 

-  To be located at Bluffdale.

-  Also known named Utah Data Center.

- Main purpose to tap, decipher, decrypt, analyze, and store Brobdingnagian Yotta bytes of the world’s communications as they take place across international,foreign and domestic networks.

-  Approx investment@$2 billion.

-  Realization of the “total information awareness” program initiated by Bush administration.

-  Also critical for breaking and decrypting codes to decipher encrypted financial information, stock transactions, business deals, foreign military and diplomatic secrets, legal document etc.

-  This will consist of 100,000-square-foot halls filled with servers, complete with raised floor space for cables and storage excluding more than 900,000 square feet for technical support and administration.

NIMDA VIRUS : COMMENT BY CISCO VP(Security)

The question was asked by me at a NCW(Network Centric Warfare) seminar held last year on 21 Apr 2011 at Manikshaw Centre,New Delhi.It is relates to what did CISCO do to cover up the damage of NIMDA Virus!!!

TAILS - Privacy for anyone anywhere

The video above(my first screen cord :-) ) shows the screen cord for installing TAILS on a virtual Box.For those of you who do not what TAILS is all about....Tails is a live CD or live USB that aims at preserving your privacy and anonymity.It helps you to :

Firstly,use the Internet anonymously almost anywhere you go and on any computer.

Secondly,all connections to the Internet are forced to go through the Tor network.

Thirdly,leaves no trace on the computer you're using unless you ask it explicitly.

Fourthly,uses state-of-the-art cryptographic tools to encrypt your files, email and instant messaging...Please visit https://tails.boum.org/ for more details

TOR : ITSELF VULNERABLE!!!

At my earlier post here about TOR...the one who makes you anonymous online is now vulnerable it self....:-)..all the features that I mentioned just few days back...are all vulnerable....latest from Gentoo Linux Security Advisory gives the following details :

- Prone to multiple vulnerabilities as on date.

- Most severe of which allows execution of a arbitrary code by a remote attacker.

- Can cause a Denial of Service.

- A remote relay that the user is directly connected to, may be able to disclose anonymous information about that user or enumerate bridges in the user's connection.

- When configured as client or bridge, Tor uses the same TLS certificate chain for all outgoing connections

SOLUTION : ALL TOR LOVERS TO UPGRADE TO THE LATEST TOR ASAP.

Blocking with a Hosts File : Another hardening step....

1.    How many of you know about the hosts file function in windows?It's a text file without a file extension that is intended to map IP addresses before accessing a domain name server to speed up the access. Now with the growing cyber concerns in the recent years,this mapping function is being additionally used to take a more preventative role in ad blocking and stopping spyware.This is located inside the >system32>drivers>etc folder.

2.   To explain it more simply When a address like http://www.bbc.co.uk/ is placed into your browser, the Hosts file is consulted to see if you have the IP address for this site. If you do, then you get directed to the site IP,but since most of the times it is not there,computer asks for the IP address from your ISP to find sites.

3.   It is here,that this function has recently been started to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. In many cases using a well designed HOSTS file can speed the loading of web pages by not having to wait for these ads, annoying banners, hit counters, etc. to load. This also helps to protect your Privacy and Security by blocking sites that may track your viewing habits, also known as  "click-thru tracking" or Data Miners. Simply using a HOSTS file is not a cure-all against all the dangers on the Internet, but it does provide another very effective "Layer of Protection".

4.   http://winhelp2002.mvps.org/ is one site that I found worth as the purpose of this site is to provide the user with a high quality HOSTS file.This includes a ready to download hosts file that can replace your existing hosts file likely to be empty.The hosts file is kept updated on a regular basis.As on date the last update was available for 28th Feb 2012.So this site has a list of known ad and malware site IP addresses that are redirected at 127.0.0.1.The site advertises saying " THERE IS NO PLACE LIKE 127.0.0.1.

5.   Do visit http://winhelp2002.mvps.org/ and http://winhelp2002.mvps.org/hosts.txt to download the subject file.

HACKERS & TERRORISTs ARE NOT IDIOTS

1.    You have to go through all the classes from 1st to 12th standard to be eligible to be admitted into a college.But does the Govt think so? sorry for a bad connotation...I will come to the point...

2.     Recently,in the name of cyber security preparedness,the Government,in a first of its kind, conducted a live competition between two spy systems developed by reputed tech arms of India's national security apparatus. Expectantly...(though not from the Govt point of view)...both failed to capture 100% internet data traffic, one system even crashing a number of times during the test.

3.   Point wise summary comes as follows :

- Competition held near the Air Force Station, Arjangarh.

- Conducted between a system developed by Centre for Artificial Intelligence and Robotics (CAIR)@'Netra' and NTRO's @'Vishwarupal'@developed in collaboration with a Paladion Networks.

-  A high-level committee(???) declared Defence Ministry's 'Netra' system a winner.

-  During conduct of the test , "Vishwarupal", crashed a number of times and had to be restarted. 

-  Both the systems did not capture entire internet traffic passing via its probes installed at Sify Technologies premises in Delhi. 

-  Both could return results only after repeated attempts and that too with a high latency@15 minutes.

-  Netra will now be made a robust system, to scan all tweets, status updates, messages, emails, internet calls, blogs and forums for keywords such as 'attack', 'bomb' and 'drill'

-  The committee also directed NTRO, to wrest the design and source code of its system, exclusively from Paladion, due to a risk on national security.

4.   Now if the criteria of search is still to look after key words like Bomb,drill,attack etc,I think its time to rethink again.No real world terrorist would actually use similar words since they think much ahead and are sadly making use of the technology more efficiently then the other side.Are we not aware of latest unbreakable cryptography,stegnaography and other such related field standards?.....the SRS for building such a system should be exhaustive,based on dynamic@changing and improving technology standards.

5.   We are a country who is unable to exploit the inhouse talent and strength.We still keep searching and associating ourselves with outside country companies....We are already late...and we will be more late!!!!

6.  Source of Info @ www.techgig.com

YUM INSTALLATION STEP BY STEP : RHEL 5

1.   Recently inserted one video screen recording of how the yum installation is conducted in RHEL 5.The step wise command summary goes like this :


  130  cd /media/RHEL_5.1\ i386\ DVD/
  131  cp -av /media/RHEL_5.1\ i386\ DVD/images/ /var/ftp/pub/
  132  cp -av /media/RHEL_5.1\ i386\ DVD/RPM-GPG-KEY* /var/ftp/pub/
  133  cd /var/ftp/pub/Server/
  134  rpm -ivh createrepo-0.4.4-2.fc6.noarch.rpm 
  135  createrepo -v /var/ftp/pub/
  136  createrepo -g /var/ftp/pub/Server/repodata/comps-rhel5-server-core.xml /var/ftp/pub/

2.  The start to end video is down here.Click to watch :

Installing Guest Additions in Virtual Box : RHEL 5

1.  In variably I have been using various window OS trials for experimenting in Virtual Box....and yes it is easy to use....but try it out with an RHEL 5.....it became a small fight for me at least.....how i solved it goes like this...

(a) First tried with this :

./VBoxLinuxAdditions-x86.run 

and i was given this error message :

bash: ./VBoxLinuxAdditions-x86.run: /bin/sh: bad interpreter: Permission denied

(b)....the answer is actually this :

sh VBoxLinuxAdditions-x86.run 
or 
bash VBoxLinuxAdditions-x86.run

and the output looks something like this

[root@localhost VBoxGuestAdditions_4.1.8_75467]# ./VBoxLinuxAdditions.run
Verifying archive integrity... All good.
Uncompressing VirtualBox 4.1.8 Guest Additions for Linux.........
VirtualBox Guest Additions installer
Removing installed version 4.1.6 of VirtualBox Guest Additions...
Removing existing VirtualBox DKMS kernel modules           [  OK  ]
Removing existing VirtualBox non-DKMS kernel modules       [  OK  ]
Building the VirtualBox Guest Additions kernel modules
Building the main Guest Additions module                   [  OK  ]
Building the shared folder support module                  [  OK  ]
Building the OpenGL support module                         [  OK  ]
Doing non-kernel setup of the Guest Additions              [  OK  ]
You may need to restart the hal service and the Window system
Installing the Window System drivers
Installing X.Org Server 1.11 modules                       [  OK  ]
Setting up the Window System to use the Guest Additions    [  OK  ]
You may need to restart the hal service and the Window System (or just restart
the guest system) to enable the Guest Additions.
Installing graphics libraries and desktop services componen[  OK  ]

...thats it!!!!!!!!!!!!!

Blue Tooth handshakes Wifi: Here Comes BLUE FI

1.    Here some thing when technology meets technology....so till date I used to identify Blue Tooth with  proprietary open wireless technology standard for exchanging data over short distances and WiFi with 802.11 IEEE standard...now when these two get mixed we get a BLUE FI.

2.  As per a paper "Blue-Fi: Enhancing Wi-Fi Performance using Bluetooth Signals by Ganesh Ananthanarayanan" Blue Fi is a system that predicts the availability of the Wi-Fi connectivity by using a combination of bluetooth contact-patterns and cell-tower information. This allows the device to intelligently switch the Wi-Fi interface on only when there is Wi-Fi connectivity available, thus avoiding the long periods in idle state and significantly reducing the the number of scans for discovery.Now the best part about this is that when I searched something on BLUE-FI,two prominent google searches included a Paper as mentioned above by an Indiuan and also the first implememntation in India at Bangalore City Railway Station that became the first in the railway network to offer BluFi.

3.   The passengers at Banglore railway station would be able to get Internet access, by sending their mobile numbers through the Wi-Fi registration portal. The passwords would be sent through SMS. A passenger could use Internet for 45 minutes; if he wished to continue, he had to start a fresh session....sounds a gr8 start....and promising

4.   Thanks http://www.thehindu.com/ and http://citeseerx.ist.psu.edu

BOY in the BROWSER attack

1.  Funny names keep propping up...and keep getting accepted too...first it was Man in the Middle attack....then Man in the Browser...and now comes Boy in the Browser attack....actually, is a trojan that reroutes its victim's web traffic information through an attacker’s proxy site.  ....a cool video here explains it in a simple language....

Resurgence of Boy-in-the-Browser Attacks

View more videos from Imperva

HUMANE COMPUTING

1.  The cyber space keeps coming up with such new terms and will continue doing so for years to come.So this is one term I heard of when I recently got an opportunity to attend a Two day symposium conducted by CSI ie COMPUTER SOCIETY OF INDIA,Indore Chapter.The Computer Society of India is the first and the largest body of computer professionals in India.

2.  So whats exactly HUMANE COMPUTING to which even google has limited answers....what i could gather from the forum which was presided by distinguised and expert speakers is produced below in as brief to understand possible words.

3.  The concept would be easier to understand with the help of few examples cited by the speaker :

-  Firstly imagine one typical branded washing machine getting faulty after few months of completion of warranty.Is it typical? or could it have been programmed to do so intentionally?

-  Secondly ,remember the movies I-Robot@Will Smith or Robot@my favorite Rajini Sir......both the movies revolve around the protagonist struggle to control his creation, the  robot whose software was upgraded to give it the ability to comprehend and generate human emotions.....so in both the cases laws of robotics failed and the plan back fired!So both the movies were based on imagination that may be possible in future...both were runaway hits...

-   Thirdly, the matrix series(triology)...that depicts a future in which reality as perceived by most humans is actually a simulated reality created by sentient machines to pacify and subdue the human population, while their bodies' heat and electrical activity are used as an energy source. So the lead computer programmer is drawn into a rebellion against the machines, involving other people who have been freed from the "dream world" and into reality.

-   Fourthly....any time a computer programme is made ...the code is written...so many aspects are considered at design level but any where is human thought process or kind of human psych is involved?.....no!!!m sure on that...windows or linux OS has got nothing to do with human emotions....person who is drunk and is in inebriated state would be able to conduct some kind of damage via the system that he might not have attempted if he was not drunk!!!!!

4.   So by giving these examples here I am trying to make you think the reverse way....@we all are getting IT/Computer savvy in our life but when we see it from the top...do we need to become COMPUTER SAVVY?...or it should have been the reverse way...the gadget/IT around us should have become HUMAN SAVVY....u might need to read this sentence twice since I might have just pinged ur thought process and not actaully conveyed the actual meaning.The field is actually just setting in and will take much time to evolve.....its neither black nor white...its just grey...and its upto the present genre of scientists and developers to actually start sorting out black and white!!

5.   "The term Humane Computing comes to encourage study of ethics, empowerment,empathy, equality, environmental sustainability with reference to the use of technology. Since it involves coming together and study of humans as well as computers, it involves technical as well as soft subjects and diverse disciplines

ranging from computing technology to soft disciplines like sociology, psychology, education, medicine, behavioral science and communication theory. The study of Humane Computing will be able to provide insights, which may make it possible to bridge the digital divide and which may help tilt the usage of computing in a direction, which makes it work for promoting ethical practices."

6.   So thats HUMANE COMPUTING in the most grey manner...the field as on date is not even an understood thing but yes...the field is enough to create a mind start thinking of ahead ie FUTURE....

THE TOR PROJECT

1.  Privacy is really becoming a big and serious issue and no one knows what all is all set to come ahead.For now I came across and even started using TOR.For the bigger details you need to visit the site at https://www.torproject.org/.I got aware of this at the ANKIT FADIA WORKSHOP@INDORE

2.  For the in brief , point wise detail that just scroll down to get a brief overview :

KEY FEATURES

- Tor is free software made under www.torproject.org/

- Helps defend against network surveillance that threaten personal freedom and privacy.

- Protects by bouncing your communications around a distributed network of relays run by volunteers all around the world.

- Prevents somebody watching your Internet connection from learning what sites you visit

- Prevents sites you visit from learning your physical location.

- Works with web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

- Individuals can use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers.

- A branch of the U.S. Navy uses Tor for open source intelligence gathering, and one of its teams used Tor while deployed in the Middle East recently.

HOW/WHAT IT DOES?

- Actually a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet.

- Based on "Onion routing" that simply refers to original data being encrypted and re-encrypted multiple times.

- It is then sent through successive Tor relays, each one of which decrypts a "layer" of encryption before passing the data on to the next relay and, ultimately, its destination.

- This reduces the possibility of the original data being unscrambled or understood in transit

- Enables to create new communication tools with built-in privacy features.

- Provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.

3.  Thanks https://www.torproject.org and Ankit Fadia

ANKIT FADIA @ INDORE 19 FEB 2012

1.   The Sunday that was@ Ethical Hacking Workshop by Ankit Fadia Indore....is all I have to say now after a great great lively interactive (with demonstration) workshop with Ankit Fadia at Indore here...right from 10 in the morning to 1810h in the evening.This was my second workshop with him and this guy is only improving from his own earlier version for much better.The best thing about him is that he keeps it very very simple to understand for those who wish to.....and tops it with simple demos which actually make the thing go in the mind.Last I attended him at Adobe.

2.  I would always recommend all the young techo enthusiasts across not to miss attending any of his workshops if he is in your town.He never wastes a moment....never takes any unnecessary breaks in between...no calls....all for you...the best part....he is so down to earth...no frillls......grt....for now I will start reading so many new things and terms that I got introduced owing to him......

3.  Thanks Ankit....and all the best!!!

HOW TO ACCESS THOSE SITES(BLOCKED BY UR OFFICE)?

1.    It is so common to see and hear that offices and corp-orates block ur most desired websites....so the smart ones try using proxy.....but what to do when even those proxies are so configured that u cannot access.....here goes step by step

- Suppose ur office has blocked yahoo.com.

- Goto Command prompt and type ping yahoo.com

- You get the yahoo ip ie 209.191.122.70(it may be different for you)

- Now convert these 4 octets into binaries with the help of a calculator in programmers mode.

- So u get 

209 @ 11010001

191@  10111111

122@  1111010

70 @   1000110

- Now place zeros in front of octet converted binaries who are not complete 8 in number count 

- So it becomes 11010001101111110111101001000110

- Now convert this to decimal again  and u get 3518986822

- Go to the browser and write http://3518986822

Thats it..kaam khatam....all the best....

UNDO A SENT EMAIL :YES,IT IS POSSIBLE!!

1.   Ever thought like u shouldn't have sent that mail....or u sent it too early....like all things u can do UNDO in your PC and various applications...can u do it in EMAIL?......the answer is YES.....

2.   The feature is currently available in Gmail and Blumail only.How?...it goes like this

- Log into your GMail account

- Go To mail settings tab.

- Click on Labs

- Scroll down u will find UNDO SEND

- Enable it.

3.  That's it.Actually the feature sends the mail about 5 seconds late so just in case u immediately realize that u send it too early or should have sent it later.....u still have control over it.So when u click send a small link appears that says "UNDO"...click on it and that action will not conclude...ur email remains safe with you.... 

POWERFUL THAN ADMINISTRATOR ACCOUNT : SYSTEM LOGIN

1.  So here is something unheard to those who thought that ADMINISTRATOR was the king of the respective PC account.So for those who think so...ever thought why r u unable to fiddle with system files when u r the owner... that's because there is a SYSTEM account over and above the administrator who can delete the administrator account!!!!yes u read it right....so how do u get to the system account.I am giving it a step by step attempt here with screen shots!!

2.  Firstly...get to your desktop and see ur user name...mine is windowsxp ie a user account with admin priveleges as shown below :

3.    Secondly,get to the command prompt and create a schedule to run cmd.exe as follows :

at 14:51 /interactive “cmd.exe”

*** The time mentioned here can be a minute or two ahead of whats the time u doing this action.

 4.   You can check schedule by typing “at“ and hitting enter after the above step.

5.    Now Wait for the time you set for the schedule and u see that cmd.exe would be launched at the specified time and a subsequent command prompt windows will open automatically.

6.    Now go to ur desktop without closing any window and reach the task manager and kill the explorer.exe file under the process tab.

7.    Close the first cmd window and not the second one.

8.    Reach the root directory by pressing cd\

9.    Type start explorer...thats it...now u logged in as the System.....as shown:

 10.   Point to note :

- This is only for educational and info pupose.
- Never attempt it on a live system.
- Always do it on a virtualbox or Virtual machine or virtual PC.

11.   Thanks http://alieneyes.wordpress.com

Single malicious document can expose your whole LAN via ur trusted MFD

1.   "Imagination is the key to Success" in the world of IT....specially applicable to the world of cyber crime....this one i read at one of my fav news feed destinations at http://thehackernews.com...now when we keep covering up the PCs with ideas like antivirus/anti-malware and all sorts of anti's and virus'cides....this thing has come up fresh.....attack the LAN after altering the firmware of the masoom MFD ie multifunction device.Sequence of the main article at http://thehackernews.com is produced below :

- At Chaos Communications Congress (28C3) 

- Ang Cui presents Print Me If You Dare

- He explained how he reverse-engineered the firmware-update process for HPs hundreds of millions of printers

- He showed how he could load arbitrary software into any printer by embedding it in a malicious document or by connecting to the printer online. 

- Performed two demonstrations 

- In the first, he sent a document to a printer that contained a malicious version of the OS that caused it to copy the documents it printed and post them to an IP address on the Internet.

- In the second, he took over a remote printer with a malicious document, caused that printer to scan the LAN for vulnerable PCs, compromise a PC, and turn it into a proxy that gave him access through the firewall.

- Actually found a method to exploit the firmware update capability of certain Xerox MFPs to upload his crafted PostScript code. 

- Was able to run code to dump memory from the printer. This could allow an attacker to grab passwords for the administration interface or access or print PIN-protected documents.

2.  So now start taking care of your firmware updates of your MFDs......

3.  More at http://thehackernews.com.

CHROME INSTALLATION ISSUES IN UBUNTU : SOLVED

1. Recently tried installing Chrome browser in Ubuntu 11.10....so I downloaded the .deb file and tried installing it from the terminal via this command

sudo dpkg -i './Downloads/google-chrome-stable_current_i386.deb'

...which showed some error in between installation and came out on the terminal prompt....

2. So googled and found this solution that involves prior installing of few library files as follows :

sudo apt-get install libnspr4-0d libnss3-1d libxss1 libcurl3

this command will install the missing lib files and then on it is the repeat of the earlier command ie

sudo dpkg -i './Downloads/google-chrome-stable_current_i386.deb'

3.   Should solve...let me know if u have any thing unsolved!!!

AVOID OPENING MULTITABS IN BROWSERs

1.  Has it ever happened that you get a mail in one your various Email IDs from Facebook or some other site that you never linked up with....?I am sure if you are a regular browser on social networking sites,this must have happened once...and it must have kept you thinking...HOW ??

2.   This happens when you have that email id open in some other tab and your Facebook account open in other...typically in a multitab session wherein you have opened many sites under one browser in various tabs..... that's when info gathering sites get your email id and things related to their interest.....TAKE CARE

BACTERIA in COMPUTERS

1.  I had heard for so long about Virus'es,worms,trojans................but never heard and read about BACTERIA till recently.....even googled...could not find much except at http://docstore.mik.ua/orelly/networking/

2. Few points about BACTERIA :

- Makes copies of themselves to overwhelm a computer system's resources.

- Also known as rabbits, are programs that do not explicitly damage any files.

- Sole purpose is to replicate themselves.

- May do nothing more than execute two copies of itself simultaneously both of which may copy themselves twice, and so on.

- Reproduce exponentially, eventually taking up all the processor capacity, memory, or disk space, denying the user access to those resources.

- One of the oldest forms of programmed threats.

Download/Upload torrents - Legality Issues in India

1.  Read the following daily life talks in the air now a days :

"Hey did u download Agneepath & TIN TIN....the torrent is available now?"...

"No...its the cam print"..."waiting for the better print...yeah but I have downloaded MI4....the new torrent is crystal clear"

"MS Office 2010 has come and I m already using it on my netbook...& its for free from torrentz..."

...etc...etc...

.......these are few exchange of talks that invariably happens more among the young metro crowd and also getting popular in the Viltro's (Village+Metro)........but did they ever realise the legal aspect of all these talks and downloads? Its time to check all this......RETHINK!!!

2.   Now any one of you reading this and finding himself at some point of time shooting these dialogues at home/office/college should be in  for a shock...because as per the IT act he is a criminal involved in piracy of softwares and movies.

EXTRACT FROM INFORMATION TECHNOLOGY ACT 2000

"Cyber crime is criminal activity done using computers and the Internet. This includes anything from downloading illegal music/movies/softwares files to stealing millions of dollars from online bank accounts. Cybercrime also includes non-monetary offenses, such as creating and distributing viruses on other computers or posting confidential business information on the Internet"

3.  So now that you have read this....the meat is here as follows given in point form for ease of understanding :

- When you download a movie/music/software from a torrent site,you are not only a leecher but at the same time you seed also.A Seed is used to refer to a peer who has 100% of the data.

-  When a leech obtains 100% of the data, that peer automatically becomes a Seed.Seeding refers to leaving a peer's connection available for other peers, i.e. leeches to download from.

- Normally, a peer should seed more data than leech. But, whether to seed or not, or how much to seed, is dependent on the availability of leeches and the choice of the peer at the seeding end.

- Did u understand this much...if not simply put it means that when u download....you upload also at the same time...so u are a illegal downloader and also a uploader of the pirated illegel content.So suppose you have downloaded MI4 or some porn...you are a pretty much proven criminal.If someone gets after you,you are in for real damage.

4. In context of India,though the relevant cyber laws and framework  are ready and already implemented but it will take time to be actually possible for the law to follow each one of them them up individually....thats the only positive side of all illegela downloaders...but there is catch to this...

5. What happens if some other country watches you?....you must be thinking y would some other country watch you downloading agneepath/TIN TIN!!!this is because your uploading may be happening in their country...so all they need is your IP.Thats the end of it.Few major casualties include the famous Lt Col Jagmohan Balbir Singh, who was arrested on May 6 on the charges of circulating child pornography on the internet.The Mumbai Cyber Crime Cell arrested this Lieutenant Colonel from his south Mumbai house for allegedly uploading obscene photographs and video clips involving children on the internet.The German police came across the obscene contents being uploaded on a child pornography site from Mumbai in 2009.So this is where the string of the torrent catches you till end.The german police gave the IP to interpol and he was caught...unawares of what did he actually do?...now it is just unawareness on such issues that such things happen..

6. This time it was a Lt col...next can be any one....u and me....it depends won who is the (un)lucky one...so guys if u r an ardent torrent downloader...think before you do some thing next.....the days are not far when all this will land you up in jail....it is just a matter of time in INDIA..!!