Blogger Widgets

Monday, 11 November 2013

How To Make Your PC{Personal Computer} Secure? #Whitehat #Infosec #Security




Nowadays a lot of people try to access your computer. There are many worms, Trojans, spywares which allow remote users to get access to your computer. There are
some methods which you can implement to make your PC secure.

I. Update your OS.
Update your operating system regularly, automatic update is recommended. This helps to remove bugs and prevents viruses and bad guys from exploiting them. Every user must install updates, especially security updates.
If you dont install latest updates then you are leaving your computer at risk.


II. Always use genuine software.
Not only using pirated software is illegal but all websites which provide these pirated software downloads are full of malwares and viruses.
More than 90 percent of pirated softwares contain worms in their crack file.
If you are really serious about security of your accounts and information then genuine softwares are recommended.

III. Update your softwares.
Similar to OS updates you must update your browsers, any any other software which connects to internet for whatever reason it may be.
Update other softwares like Microsoft Office, Adobe Reader, Adobe Flash, Adobe Shockwave, and Oracle Java. Adobe Flash player and java are the main target of the bad
guys.
Cracked or pirated softwares contains viruses and worms, better use genuine.


IV. NO trial Antivirus.
Antivirus helps protect from viruses, worms, Trojans etc. But you should
update it regularly to be safe from latest threats. Never use trial, free or pirated antivirus programs, most of them are gateway for viruses and worms.
Havent you noticed your system hangs or reboots whenever you antivirus is about to expire.
Dont buy security software in response to unexpected pop-up messages or emails, especially messages that claim to have scanned your computer and found malware.
Scammers send messages like these to try to get you to buy worthless software, or worse, to break and enter your computer.

V. Install a Firewall.
Firewall blocks the security holes in your OS or any other software. Some antivirus programs provide firewall with them. Better use total protection antivirus.

VI. Enable file extensions.
Sometimes viruses are hidden in images or document file.
File name displayed will be abc.doc, but the actual name of the file may be abc.doc.exe. However, this is not a problem for win7 or win8 users.

VII. Be careful while using P2P software.
P2P softwares like torrent, bit torrent, etc. Files downloaded through this type of softwares may contain worms, Trojans and viruses.

VIII. Use secure passwords.
Secure password helps unauthorized access.
Avoid common words like names, birthdays, etc Use different passwords for all your accounts and connections, if you can’t remember all of them then use a password manager.
A secure password consists of at least eight characters and contains a number, an uppercase letter and a special character. Read more about secure password here.

IX. Use a Router when you are online.
It prevents direct attack on your system. Nowadays ISP provides modem cum router.
Change router password from default to any other password, because everyone knows default password is "admin" for most routers.
Update firmware of router, this helps in closing security holes in the router.

X. Keep Administrator account different.
If you use an administrator account on your PC, malware may also execute as admin. Vista, win7 and win8 provide User Account Control (UAC), still better is not to use an admin account.
Create a new user with required permission and then use it.


Phlashing: #PDOS #DOS #Infosec




A permanent Denial Of Service (PDOS), also known as "Phlashing".
It's an attack that damages a system so badly that it requires replacement or reinstallation of hardware. Phlashing used for hardware attack. Unlike the distributed denial-of-service attack, a PDoS attack exploits security flaws which allow remote administration on the management interfaces of the victim's hardware, such as routers, printers, or other networking hardware. The attacker uses these vulnerabilities to replace a device's firmware with a modified, corrupt, or defective firmware image a process which when done legitimately is known as flashing.
This therefore "bricks" the device, rendering it unusable for its original purpose until it can be repaired or replaced.
The PDOS is a pure hardware targeted attack which can be much faster and requires fewer resources than using a botnet in a DDoS attack. Because of these features, and the potential and high probability of security exploits on Network Enabled Embedded Devices (NEEDs), this technique has come to the attention of numerous hacker communities. PhlashDance is a tool created by Rich Smith (an employee of Hewlett-Packard's Systems Security Lab) used to detect and demonstrate PDoS vulnerabilities at the 2008 EUSecWest Applied Security Conference in London. Smith said remotely abusing firmware update mechanisms with a Phlashing attack, for instance, is basically a one-shot attack.
Phlashing attacks can achieve the goal of disrupting service without ongoing expense to the attacker; once the firmware has been corrupted, no further action is required for the DOS condition to continue,”An attacker could use remote firmware update paths in network hardware, which are often left unprotected, to deliver corrupted firmware and flash this to the device. As a result, the device would become unusable.

Backtracking A Keylogger #Infosec #Hacker #Hacking #Wireshark #Blackhat #WhiteHat #Keylogger #Rat




Now all keyloggers and RATs are sending data to the hacker in regular intervals (usually every 5 to 10 minutes) by using one of the two methods below:

1. Using the Emails: where hacker configures his email ID and password while creating the server. Keylogger records the key strokes in a temp file and sends it to the hacker in form of emails. But this has a limit as most free email servers like Gmail or Yahoo or Hotmail has limit of 500 composed and received mails. So most hackers use the second method.

2. FTP server: While creating the keylogger server, hackers configure their FTP server, where they receive the logs of key strokes in the form of text file(usually labeled on the
basis of current system time stamp).
Hackers keylogger server uploads the files to FTP server after every few minutes interval.
If we monitor all data packages we can easily scan for one of these and then we’ll have the hackers email info or FTP info. What can we do with this, you might ask; highly skilled hackers obviously won’t allow this as they create a completely seperate email or FTP site which leaves no traces of them, but novice skilled hackers (there’s plenty of those) will just use their own email or leaving behind information about them. An example could be that you find the name of the person from the email you backtraced – this ain’t his primary email, so there’s nothing valuable. From there you can look up his name on Google, you’ll probably find his real email on some site; then simply try to login to it using the password from the fake email (most novice skilled hackers will have the same password).
Wireshark is a very famous network scanning hack tool which is used by hackers or network forensic experts to monitor the packet flow of their network cards like Ethernet or WLAN. It records each and every packet coming and going out of your system’s Network card.
Packets is just a bunch of data. Whenever you feel anything suspicious in your system like your system is compromised or you are infected follow the steps below prior to removing the keylogger or RAT from your system.


Steps To Reverse Engineering The Email Or FTP Servers Password:
1. First of all download and install Wireshark. You can easily get this simply by Googling it.
Note: While Wireshark is getting installed, ensure that it installs the Winpcap with it otherwise it won’t work properly.

2. Now go to the “Capture”-button in the top menu of the Wireshark and select the interface (means your network card which can be Ethernet or WLAN).

3. It will now start capturing the packets through that Network card.
What you have to do is just keep capturing the records for atleast 30 minutes for getting the best results.
After 30 minutes, stop capturing the packets.

4. Now you need to filter your results, for this go to the filter box and type FTP and SMTP one by one.
Note: if you get records for FTP then hacker has used FTP server and if you didn’t get FTP that means the hacker has used SMTP, so give SMTP in Filter box.

5. As you scroll down you will find the “FTP username” and “Password”
for victims ftp account in case FTP server is used. And if hacker has used SMTP then you will find “email address” and its “password” that hacker has used to create the server.

NOTE: This won’t work in all cases, but it’s certainly worth trying. You would definitely want to know who is snooping for information a round you:sometimes it's the last person you'll ever suspect
Happy Hunting *Smiling* 
 

Monday, 4 November 2013

Access Your Personal Computer(PC) From Anywhere #RemoteAccess #VPNs #Encrypt




If you are traveling and you need a file which resides in your Personal Computer then what will you do? By now you may be stuck in between your presentation because you’re missing one crucial file *Been There, Done That*
There’s a mechanism that can aid you in accessing your personal computer from anywhere, NO, not via cloud computing but through remote PC you can access your personal computer from anywhere in the world!!!

Tools You Can Use To Access Your PC Remotely:
One Can use the below tools to access his/her PC via mobile phone or another computer

Opera Unite, by using this tool one can easily turn his computer into a web server and can access documents on that computer from any other web browser. Opera Unite is a standard web server and it allows us to download files directly from the computer without uploading.

Copernic is popular desktop accessing software that is used to find emails, pictures and other files on Windows computer. Copernic also have a component called myCopernic on the Go for remotely searching the content stored on the home or office computer. One can preview the search results and then download them to your mobile phone or remote PC.


Another option is GBridge, it allows you to setup a virtual private network using your Google Account. Nowadays many companies are using VPNs to let employees access their data over an unsecure public network (Internet) with this tool. It also allows home users to build their own VPNs to access remote files more securely.

But in my personal opinion the best option is Windows Live Sync at sync.live.com for remotely accessing files over the Internet. You have to just install the Live Sync client on your computer and you can access the entire hard drive of that computer simply through the Windows Live Sync website. Live Sync is available for both Mac and Windows.

Last but not least this kind of remote access can be compromised or hacked one way or another *Keep an open mind Mr./Ms.* especially if you don’t update your system regularly, exploits, zero-day exploits are discovered and exploited every single day. Of course you’re also advised to encrypt files no matter how small-but this depends with the sensitivity of the files: there’s nothing called Privacy nowadays unless you classified it as one-Just do it, don’t be stubborn, keep your files far away from the preying eyes of the likes of National Intelligence Agency (NSA)-Remember if you’re a target they will find a way in, for example they might just show up on your door*Giggling* That just buys you some time and act as a deterrent.

Thanks for Visiting