Access - Denied !!

just another way to fake your mail

2010-07-24T23:24:00.000-07:00

What do I mean by faking an e-mail?
>> Its like sending an e-mail from your friends gmail account to another friends account without their permission and without having their password .

How can one do that?
>>There are many sites which provides such services
i.e funmaza (this is the one i can think of now) you can even attach files.
It is simple(No fancy here) ,totally free and you can send as many as you want.

Faking emails is common over internet.Its no big deal when you receive an e-mail which says you won a cash prize of XXXXXX amount.But no you didn't, unless you are winnla fan. :)

A super simple way of fooling people you must have seen in some blogs or orkut communities which looks like this.
---------------------------------
To : xyz.abc@gmail.com
sub: I can't access my gmail account

##users id: youremailaddress@**.com
## password: your password

#$Victims id: blahblah@yahoo.com
----------------------------------
They end this with a note saying this is a password Assistance id (xyz.abc@gmail.com) and start explaining in some kind of technical language which even they don't understand.

Its Obvious that this is FAKE.

Getting started with the other way
Probably every one is aware of the news in july 2009 "Gmail bids farewell to Gmail Beta".Gmail dislike us if we register with their name i.e gmail ,google
The reason is quite simple as i mentioned in the above example.But gmail has a flaw, only after you register to gmail, navigate to >> settings >> accounts >> edit info >> and click on radio tab type in "google team/support" according to you.
Next time you e-mail any one it won't "abc123@gmail.com" rather it would be "google-team abc123@gmail.com".This is super simple.

Distributed SSH Brute Force Attempts on the rise again

2010-07-24T23:20:00.001-07:00

SSH brute force attempts seem to be on the rise again, at the SANS Internet Storm Center we have received a number of reports that a number of networks are seeing them. The source IP addresses vary with each new attempted username in the wordlist, which would indicate that the attempts are distributed through botnet(s). It only takes a single user with a weak password for a breach to occur, then with that foothold escalation and further attacks are likely next. This is certainly not a new phenomenon, however I think it is a good time to raise awareness about it once again.

Reader xemaps wrote in with this log snippet:

"Whole day my server has been targeted by a botnet, attacker also changed ip each new dictionary user."

Jun 17 23:02:03 pro sshd[17444]: Invalid user mailer from 217.37.x.x
Jun 17 23:03:24 pro sshd[17460]: Invalid user mailer from 87.66.x.x
Jun 17 23:05:27 pro sshd[17617]: Invalid user mailman from 89.97.x.x
Jun 17 23:09:30 pro sshd[17639]: Invalid user mailtest from 62.2.x.x
Jun 17 23:15:44 pro sshd[17894]: Invalid user maker from 83.236.x.x
Jun 17 23:16:47 pro sshd[17925]: Invalid user mama from 84.73.x.x

Reader Ingvar wrote in with a similar pattern:

"On my home system I have seen these login attempts that start with user "aaa" and goes on alphabetically from over 1000 different hosts around the world (judging from the DenyHosts reports). Normally I only see single-digit attempts per day."

Jun 17 02:14:56 MyHost sshd[808]: error: PAM: authentication error for illegal user aaa from 151.100.x.x
Jun 17 02:23:11 MyHost sshd[870]: error: PAM: authentication error for illegal user aabakken from 150.254.x.x
Jun 17 02:24:57 MyHost sshd[875]: error: PAM: authentication error for illegal user aapo from 173.33.x.x
Jun 17 02:35:23 MyHost sshd[885]: error: PAM: authentication error for illegal user abakus from 121.160.x.x
Jun 17 02:37:32 MyHost sshd[895]: error: PAM: authentication error for illegal user abas from 190.200.x.x
Jun 17 02:38:18 MyHost sshd[900]: error: PAM: authentication error for illegal user abc from 193.251.x.x

Last year ISC Handler Rick wrote up a diary for Cyber Security Awareness Month - Day 17 - Port 22/SSH about SSH brute force attempts and some safeguards that can be implemented. Here is a brief summary:Deploy the SSH server on a port other than 22/TCP Deploy one of the SSH brute force prevention tools Disallow remote root logins Set PasswordAuthentication to "no" and use keys If you must use passwords, ensure that they are all complex Use AllowGroups to limit access to a specific group of users Use as a chroot jail for SSH if possible Limit the IP ranges that can connect to SSH

source:-http://isc.sans.edu/diary.html?storyid=9031&rss

Configuration of a Firewall

2010-07-24T23:19:00.000-07:00

Not many people are aware of configuring a Firewall.We can add or remove filters according to our requirement.
IP Address: Each machine on the Internet is assigned with a unique IP address. IP addresses are 32-bit numbers, normally expressed as four "octets" in a dotted decimal number.A typical IP address looks like this: 216.25.63.137.A Firewall can block to or from packets from a particular IP address.

Domain Names: As we all are not computers and it is not that easy to memorize IP Addresses, so here we go, we got Domain Names to make it easy to remember.IP addresses sometimes need to change, all servers on the Internet also have human-readable names, called domain names. For example, it is easier for most of us to remember www.hacktoria.com than to remember 216.25.63.137. We can block certain Domain Names in our network or our personal computer.

Protocol - The protocol is the pre-defined way that someone who wants to use a service talks with that service. It could be a person, computer program like a Web browser etc. Protocols are often text, and simply describe how the client and server will have their conversation.Some common protocols that you can set firewall filters for include: IP (Internet Protocol) - the main delivery system for information over the Internet. TCP (Transmission Control Protocol) - used to break apart and rebuild information that travels over the Internet.
HTTP (Hyper Text Transfer Protocol) - used for Web pages. FTP (File Transfer Protocol) - used to download and upload files. UDP (User Datagram Protocol) - used for information that requires no response, such as streaming audio and video. ICMP (Internet Control Message Protocol) - used by a rout to exchange the information with other routers. SMTP (Simple Mail Transport Protocol) - used to send text-based information (e-mail). SNMP (Simple Network Management Protocol) - used to collect system information from a remote computer. Telnet - used to perform commands on a remote computer. Ports: Any server machine makes its services available to the Internet using numbered ports, one for each service that is available on the server.For example, if a server machine is running a Web (HTTP) server and an FTP server,there are assigned ports to every application such a Web server would be using port 80, and the FTP server would be using port 21.We need to keep a track on which ports are open and not in use.We need to close such ports which are the doors of our computer.

Funny history of programming languages

2010-07-24T21:30:00.000-07:00

James Iry's "A Brief, Incomplete, and Mostly Wrong History of Programming Languages" had me snorting liquid out of my nose with delight at the contrafactual, geeky, in-jokey whimsy.
1958 - John McCarthy and Paul Graham invent LISP. Due to high costs caused by a post-war depletion of the strategic parentheses reserve LISP never becomes popular[1]. In spite of its lack of popularity, LISP (now "Lisp" or sometimes "Arc") remains an influential language in "key algorithmic techniques such as recursion and condescension".
1959 - After losing a bet with L. Ron Hubbard, Grace Hopper and several other sadists invent the Capitalization Of Boilerplate Oriented Language (COBOL) . Years later, in a misguided and sexist retaliation against Adm. Hopper's COBOL work, Ruby conferences frequently feature misogynistic material.
1964 - John Kemeny and Thomas Kurtz create BASIC, an unstructured programming language for non-computer scientists.
1965 - Kemeny and Kurtz go to 1964.

Source :- http://www.boingboing.net/2010/05/10/funny-history-of-pro.html

How to Hide data . .

2009-12-06T07:08:00.000-08:00

How to hide data using command prompt.
Method # 1
copy /b image.jpg + rar_file.rar new_file.jpg
Note :- File in which you are hiding and File which you want to hide should be in same folder.
Explanation : -
copy /b = copy binary
image.jpg + rar_file.rar = these are actual files present in your hard disk.
new_file.jpg

Method # 2
Tool required is Steghide
http://steghide.sourceforge.net/download.php

Sql Injection [Basic Method]

2009-12-03T23:26:00.000-08:00

sql Injection - way to hack n00b websites
Video demonstrated on http://www.youtube.com/watch?v=Goq_f5a65Ok

step 1:- go to google

step 2:- search for adminlogin.asp

step 3:- click on any link

step 4:- login username :- admin

please note :- not all websites can be '4ccessed'