Social Icons

Sunday, November 09, 2014

A Healthy Child Makes a Happy Home

This post is written as part of a campaign by Chyawanprash vide DABUR INDIA link at https://www.liveveda.com/daburchyawanprash/

1.    For any set of parents and couple across globe ,there is no greater gift than a child.The Parent’s soul lives in a child. The smile of a child is proportional to the happiness index of any family. A smiling child is the smiling quotient of every family. If a child is sick ,the entire house is effected... the routine gets effected...the focus and the energy of any family are bound to get diverted in a undesired direction leading to a reduced over all happiness.The reason behind a sick child may be attributed to metro life style,working parents,unhygienic living conditions,basic hygiene in life and so many related aspects in similar dimension.Today's metro life style needs a regular reminder to all parents about specific attention towards their children but most of us need that reminder, sometimes the stress of everyday life can cause us to forget temporarily about the importance of the time and attention our children need. Those early first years of nurturing and teaching are so critical to the rest of their lives and we can never turn back the hands of time.We have been given no greater gift or responsibility than our children.Children are more likely to be affected by hazards in the home because their bodies are still growing. Children play and crawl on the floor and often put things in their mouths.When compared to adults, relative to their body weight, children eat more food, drink more water, and breathe more air. For this reason, children often have greater contact with sources that may be harmful to their health.Here below is pic of my mom and daughter....with the sentry of our lives...that’s Chyawanprash.

2.   Help your child develop healthy habits early in life that will bring lifelong benefits. As you gain practical tips on helping your kids eat nutritious meals and enjoy a physically active lifestyle, be sure to apply these same behaviors to your own life. The best way to lead your child to a healthy lifestyle is to set a positive example yourself. Adding two spoons of  Dabur  Chyawanprash to your families diet can improve the immunity of your family and especially your child’s immunity . It has anti-oxidant properties (contains amla) and helps strengthen your body’s internal defence mechanism – the immune system – thereby protecting you from day to day infections such as cough, cold etc. The natural product it contains help improving natural defence system of our body.Now question rises why Dabur Chyawanprash is one of the prime reasons behind,i m putting them up here below :

- Dabur is the first branded Chyawanprash in the India.

- It is the highest selling Chyawanprash .

- Scientifically proven to provide 3 times immunity* that helps fight virus, flu and infections.

- Dabur Chyawanprash has been consistently voted as the power brand of the country and is a trusted remedy for cough and cold for a majority of Indian household

- Available in 2 new exciting flavours mango and mixed fruit flavor

- Contains natural Ayurvedic ingredients, which are being consumed safely for ages.

- Dabur using its 125 years of Ayurveda expertise, has now also developed Dabur Chyawan Junior- a unique drink for growing children. It has 35 herbs like  Amla, Ashwagandha and Guduchi (most of them used for decades in Dabur Chyawanprash to help build immunity). It also has Calcium, Iron, and Milk Protein as in other popular health drinks to give nutrition and promote body growth. And its truly delicious with a great chocolaty taste.

- Children are our most valuable resource.The soul is healed by being with children.

3.    THANKS Dabur Chyawanprash

Thursday, November 06, 2014

Testing UBUNTU for SHELLSHOCK vulnerability

Shellshock,the now famous vulnerability in GNU's bash shell that gives attackers access to run remote commands on a vulnerable system. If your system has not updated bash in since Tue Sep 30 2014: 1:32PM EST , you're most definitely vulnerable and have been since first boot. This security vulnerability affects versions 1.14 (released in 1994) to the most recent version 4.3.Its always good to at least close known bugs and holes since zero vulnerabilities always exist....here i bring out few ready made cut/paste terminal commands to test your UBUNTU...This simply involves running of a script shellshock_test.sh.Source code at https://github.com/wreiske/shellshocker/blob/master/shellshock_test.sh

Screen shot shown below as run from my system :  

Terminal cmd : curl https://shellshocker.net/shellshock_test.sh | bash

(Click to ENLARGE)

Sunday, November 02, 2014

My blog hits : 2,00,000 plus :-)

Exactly about a year back my blog got the 1,00,000th hit and today it is 2,00,000 plus. So a decent traffic by a technical standard since technical blogs do not have the glam and mass factor associated....I got into blogging without knowing any thing about traffic and readers and then maintaining a blog when you are working also is at times difficult.This actually means the time you could have spent with your family is being spent on blogging.But then as we say "Purpose is the reason you journey and Passion is the fire that lights your way."...and so has been applicable to me.Simply the passion to study and share IT and experiment with tools and researches has been the force for my energies being put in here.I bring out the stats here of the 2 Lakh hits from Google Analytics.

Blog Page showing visitor count 
Rise over years
 Country wise state of visitors
 Browser state of users
 Operating Systems of users

Lingaa : Rajini Fans await with bated Breath

The only time myself ,a self obsessed IT security enthusiast, go off the track from my blog is when some thing is on way about Rajinikanth...and this time as the teaser for his next movie LINGAA got released I had to go off again...a treat for all Rajini Fans...he is back with grand bang then ever since Shivaji happened.The 35 second long teaser has already wowed the viewers with its gripping background score, amazing action sequences and of course, the presence of superstar Rajinikanth. "Lingaa" releases on his birthday 12 December.....huh!!!!with full seetiyaan and tamasha I await the release with bated breath....here is the teaser....

Friday, October 17, 2014

Make your wired normal speaker WIRELESS

I am writing this post for all guys who are bugged with the fact that they need to attach a cable with their mobile to speakers or laptop to speakers for playing music and audio files...and few users who dread investing an amount exclusively for getting blue-tooth wireless speakers...so here I am sharing a small device that can make wired speakers at your home/office to wireless in the most simple manner.The device is LOGITECH BLUETOOTH ADAPTER.The figure below is enough to explain the  circuit and set-up required....pretty simple to install and very comfortable to listen without any disturbance....cost Rs 1700/-...available at online sites for even less....so get set ready to connect your laptops...androids...and play wirelessly...





Sunday, October 05, 2014

Officially Keylogged : Welcome to Microsoft Windows 10 Preview

1.   Though an avid loyalist of Linux for last about a decade,I always keep a tag of what’s happening in the world of Windows......and recently when Windows 10 preview was launched I started reading various reviews pan web....and I came across this startling and surprisingly criminal revelation regarding inbuilt key logging in the OS available for download.See the screen shot below straight from the Microsoft and you read it for your self highlighted...  

(Click to Enlarge)

2.     This is actually too much in the name of Data Collection wave by various companies as a genuine and legal move putting across mostly naive users at complete risk since anyone is hardly interested in reading the Terms & Conditions of any application.A google search on this gives surprising concerns as bought out by various reviewers across as seen below :

(Click to Enlarge)
3.   Few interesting statements below from Terms and Conditions :

"Microsoft collects information about you, your devices, applications and networks, and your use of those devices, applications and networks. Examples of data we collect include your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage."


"We may collect information about your device and applications and use it for purposes such as determining or improving compatibility" and "use voice input features like speech-to-text, we may collect voice information and use it for purposes such as improving speech processing."
The killer statement says, "If you open a file, we may collect information about the file, the application used to open the file, and how long it takes any use [of] it for purposes such as improving performance, or [if you] enter text, we may collect typed characters, we may collect typed characters and use them for purposes such as improving autocomplete and spellcheck features."

4.     Thanks Microsoft :-)

Friday, October 03, 2014

Invalid settings detected Virtualbox Host only Adapter solved

1.   This post will help guys stuck with adding a Host only Adapter in Virtual Box.The screen shots are self explanatory in a step wise manner.First screen shot shows the problem as  seen on the screen....rest on how to resolve.

(Invalid settings detected)

(Go to preferences as shown above)




(No more errors)

 

Thursday, September 11, 2014

VEGA SCANNER : Powerful Open Source Web Application Vulnerability Scanner

1.   Vega is one free and open source scanner and testing platform to test the security of web applications by Subgraph, an open source security software company. Vega can help find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. The Vega scanner finds XSS (cross-site scripting), SQL injection, and other vulnerabilities. 

Main Features:

    Automated Crawler and Vulnerability Scanner
    Consistent UI
    Website Crawler
    Intercepting Proxy
    SSL MITM
    Content Analysis
    Customizable alerts
    Database and Shared Data Model

2.   So to launch Vega in Kali Linux...go to Web Applications then to Web Vulnerability Scanners and select Vega

 Vega will flash an introduction banner and display a GUI

Vega has Scanner and Proxy tabs as u play with the interface as seen below. To use Vega as a Scanner,click on the Scanner tab , click on Scan on the top-left corner and select to start new scan
 You will see an input field asking for the target. The screen shot tested below is targeting www.thesecurityblogger.com. Choose target and click on Next:











3.   It takes time to scan but gives pretty exhaustive results and presents a summary too.

Wednesday, August 27, 2014

Skipfish : Web Application Security Reconnaissance@Kali Linux

1.   Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active security checks. Skipfish is fast and easy to implement and can perform a robust scan of any website providing a lot of security tests, like php injection, XSS, format string vulnerabilities, overflow vulnerabilities, file inclusions and lot more categorized into high risk, medium risk and low risk issues. Skipfish also provides summary overviews of document types and issue types found; and an interactive sitemap, with nodes discovered through brute-force denoted in a distinctive way.

2.    The first thing that you should do is download the latest version of Skipfish here: http://code.google.com/p/skipfish/downloads/list

3.     The following screenshots show a stepped way to run and use this tool...





4.    As u download the file,you move to the terminal and cd to the place you have downloaded the file.Type the following command  to unzip the ,tgz file.
5.    There are pleothra command options available in Skipfish against a target website using a custom wordlist, enter skipfish, select your wordlist using the -W option followed by the location of the wordlist, select your output directory using -o followed by the location, and finally the target website.

Skipfish –o (output location) –S (location of wordlist) (target site)

The following example shows a scan using a wordlist called medium.wl on securityblogger.com. Skipfish will create a folder called Skipfishkaoutput on the desktop. This is run using the keyword skipfish, –o /root/Desktop/Skipfishkaoutput to specify the location to which send the output, -W /root/Desktop/medium.wl to specify the location of the dictionary and http://www.thesecuirtyblogger.com as the target to scan against.

So in the example that I take here,you need to type the following at the terminal :




It is also seen that the default Skipfish dictionaries will not run when using the –W command. You can copy a default wordlist and remove the read-only in the first line of the list (#ro) to run as a custom wordlist. This is shown in the following screen-shot:
Once the scan is complete or if you end it early, Skipfish will generate thousands of output files in the location specified when using the –o option to designate an output folder.To see the results, click on the index.html file, which will bring up an browser. You can click through the drop-down boxes to see your results.


The tool is pretty powerful indeed...can be gauged from the following screen shot of a news site that says that professional criminals used this tool to hack a financial site... :-)


Powered By Blogger