Monday, October 20, 2008

Prevent PenDrive Virus

Nowadays Most Common medium for Virus are PenDrive . Following steps help to prevent PenDrive Virus .



1) Disable autorun/autoplay function of your pen drive.

2) Now plugin your pen drive and open any folder of your computer.
(Do not open any folder from ur pen drive.)

3) Now goto tools then select Folder Option .
In that box mark the Show Hidden Files & Folders option.
Also Uncheck Hide Extension for known file types & Hide Protected OS files.

Now click apply and ok buttons and close that folder.

4) Nome come to Desktop.
On the Desktop, click on windows Start button and select Search for files & folders.

When the search dialog box appears on the screen, in that click on All Files & Folders, now click on More Advanced Options then select search Hidden files & folders.

Now go above & in Look In option, select your pendrive letter .
(For example E: Or G:) and hit Enter.

5) Now if you see any unknown .Exefiles, simply delete them all.

I hope this Tip give you some relax.
read more...

Wednesday, October 15, 2008

Crazy Typewriters

Imagination have no boundaries and people ready to experiment can take their creativity to another level.Recently while surfing the net I came across this post on some site,what drew my attention was the work of Mr.Jeremy Mayer who collects antique typewriters, not to display them but to break them into small components and then combine them into some amazing sci-fi-inspired bugs, skeletons and human figures.
Mayer, who describes his work as a cross between Leonardo da Vinci's mechanical drawings and the gritty futures imagined by sci-fi maestros William Gibson and Philip K. Dick, assembles his artwork without welding, soldering or gluing.












Amazing Isn't it!!
read more...

Monday, October 13, 2008

The Great Zero Challenge

In order to permanently delete data the only way is to destroy the hard drive ?Can we save the Hard Drive for future use destroying permanently the data?Can we recover data from a hard drive that has been overwritten with zeros once?
This is what The Great Zero Challenge is all about.It starts with the line::

It is noble and just to dispel myths, falsehoods and untruths

The challenge is organized by a firm in US named 16 systems and any established, professional data recovery company within USA can participate.Data recovery companies were contacted and the response of one of them was
According to our Unix team, there is less than a zero percent chance of data
recovery after that dd command. The drive itself has been overwritten in a very fundamental manner. However, if for legal reasons you need to demonstrate that an effort is being made to recover some or all of the data, go ahead and send it in and we'll certainly make an effort, but again, from what you've told us, our engineers are certain that we cannot recover data from the drive. We'll email you a quote
.

And the website quotes-As of September 6th, 2008 the challenge stands unaccepted.Check out the details of the challenge.
The organization (16Systems) have used a new Western Digital (WD800JB) 80GB hard drive with a default initialization and NTFS format from within Windows XP.They have used a Unix dd command using /dev/zero as input to overwrite the drive.You don't actually have to recover any more data to win the challenge, just tell them the name of one of the two files or the name of the one folder that existed in this screen shot before the dd command was executed.
The prize money is mere $500.00 USD (if the challenge is won) but the challenge should be accepted as they say "to dispel myths" because many people believe that in order to permanently delete data from a modern hard drive that multiple overwrites with random data, mechanical grinding, degaussing and incinerating must be used thus lots of good, usable hard drives are ruined in the process.
for more information check out this link ....
read more...

Monday, October 6, 2008

Trojan Horses::The Virus!!

Trojan Horse in History




The term comes from the a Greek story of the Trojan War, in which the Greeks give a giant wooden horse to their foes, the Trojans, ostensibly as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse's hollow belly and open the city gates, allowing their compatriots to pour in and capture Troy..

Trojan Horses





Back to the "modern" Trojan Horses. They're pretty much the same: invisible to the naked eye; appear within harmless programs; require some form of user/operating system intervention to activate; and they do something unexpected by surprise. This article is just to convey a basic principle about the design of Trojan horse programs.

Trojans are designed to access permissions and exploit resources. The goal of password snatchers is to securely leak the login/password pairs to the Trojan author, and the goal in kleptographic attacks is to securely leak private keys to the attacker.

Nature of Trojan Horses

There is no "real" definition of a Trojan horse. It all depends on the perspective of the user that runs into it. From the perspective of a hacker (generally black-hat hackers), a reboot monitoring Trojan (useful in making sure no one used your machine) is not a Trojan to him/her since the hacker knows what it's about. From a law enforcement agent or people like that, it is a Trojan since the agent doesn't know it's there.

There are two examples of Trojans. One is a Trojan that is nothing more than a bug. Don't think that's a good thing. This bug could be bad enough that when planted properly, a Trojan author can break into the computer system. The second Trojan is a mathematical one. The statistical distribution of the output of a random number generator is affected so that it makes the generator very sensitive to the input entropy (I will not go into detail in this, please Google if you do not understand this [:)].

Trojan Horses in a text editor

An example of a text editor being used as a target for a Trojan horse:

If there was an installed text editor on a multiuser operating system which cannot be deleted or modified by the users themselves, then this program has certain unique privileges. For instance, It can access all the text files that users create or open. This would be the perfect target for a Trojan horse. When the Trojan is installed on this program, it will store data from users and makes the data accessible for the Trojan horse author.

Salami Slicing

There was once an article describing a Trojan horse attack that was intended to achieve money. This was carried out by an employee of a bank. He managed to get 70 000$ by taking a few cents from every account, and transferred it into his own account. It got the name of salami slicing because small amounts of money were taken from a lot of accounts. It's pretty useful to prevent anyone from noticing any drastic changes. The bank Trojan had access to money therefore the Trojan steals the money. Therefore, a text editor has access to documents so the Trojan steals the documents (pretty simple isn't it?).

Password Snatching

Every hacker would love to steal login/password pairs (referring to black-hat hackers). Password-snatching programs are installed when a system is infiltrated. These programs are also called rootkits. They were probably written in DOS terminate and stay resident programs (TSR). They record all keystrokes entered via the keyboard and patch the operating system hardware interrupt for key presses and log them to a file.

It is best if a password-snatching Trojan is hosted in a program that could access the passwords of users, like the UNIX "passwd" program. It verifies the identity of UNIX users by checking the login/password pairs. One could copy the Trojan to the end of the passwd program, or one could modify the source code for the password program, recompile it, and then install the compromised version (only if the root access is possible).

However, if the source code for the passwd program is updated and the administrator compiles a new version of it, then the attack would fail. So it would make sense to install a Trojan horse into the compiler which will increase the percentage of success of the attack. But if the compiler is recompiled, then the code that secretly inserts the Trojan into the passwd program would be gone.
______________________________________________________________________

There's not much left for me to explain. But one more thing for you to see :

Ken Thompson described an involved Trojan horse attack.

CODE :
compiler(char*s)
{
...
}


This is a figure of a normal compiler (ANSI C notation) (I did not create this)

The parameter s is a pointer to a string that contains the source code. The idea is to insert a source level Trojan horse into the source code of the compiler that checks for two patterns in the string s.

The first pattern is source code corresponding to the password verification program. When it is found, the password-snatching source code is added to the program before it is compiled. But the Trojan is not saved to the source file of the password program.

The second pattern is source code corresponding to the compiler. When it is found, the entire compiler Trojan is included in the compiler source code. It will contain all of the source code for the Trojan which is marked by the "if" statements in this following figure.

CODE :
compile(char*s)
{
if (match)s,pattern1) ==true)
{
compile(trojan1);
return;
}
if (match)s,pattern2) ==true)
{
compile(trojan2);
return;
}
...
}


Figure of a compiler with Trojan (ANSI C notation)(I did not create this either)

Whenever the compiler is compiled, the Trojan copies itself into the source file for the compiler. It can be added to the source for the compiler then the compiler could be recompiled, and the old compiler could be replaced. This would remove all traces of the source code for the Trojan attack. It would remain in binary form, integrated with the compiled instructions.

So Thompson's Trojan horse attack exploits the capabilities of its host. For example, it exploits the fact that compilers are used to create programs such as the passwd program and the compiler itself.
Also, it exploits the fact that the passwd program has access to login/password pairs and that the compiler has access to them as well by transitivity.

Yeah... I believe that this is okay to be an overview of Trojan horses.
read more...

Ankit Fadia Certified Ethical Hacker

This post is dedicated to those who want to become ethical hacker , you can be trained and

certified by computer security guru Ankit Fadia himself. AFCEH or “Ankit Fadia Certified

Ethical Hacker” course is a certification program on computer security. It is a computer

security course that helps IT security professionals protect internet enabled computer

security systems against cyber security threats and hacking. It helps people become more aware

about cyber crime and IT security measures to counter it.


They say the first five batches of this course were sold out with 5000 participants from 91 cities

across India and now courses have been started in Malaysia, Vietnam, Singapore, Thailand and

China. This training and certification program is exclusively available at Reliance

WebWorld outlets in over 100+ cities across India. You can contact them for the next course details.


All training material for the course including live video lectures, video recordings, video

workshop demonstration, online study material, books and online exam will be prepared by

Ankit Fadia. Remember AFCEH certification is valid for two years only and you need to

retake the examination to renew your certification later. I checked the Registration Fees are

Rs.6499 and you will receive free copies of Ankit Fadia’s 6 internationally best selling security and hacking books.


Buy The Unofficial Guide to Ethical Hacking, Second Edition

read more...

Wednesday, October 1, 2008

Move your Mouse cursor without Mouse !!

Control your mouse pointer with keyboard keys in all windows versions. When your mouse stops working, you can enable this keyboard feature to complete your important work. This keyboard mouse can performs all tasks same like a normal mouse.

Follow the given steps to activate the keyboard mouse:

To edit this feature, first you should log onto your computer with administrative rights.
To activate this feature, press Alt+Shift+NumLock keys at once and you will receive a small MouseKey box.



To keep MouseKeys on, click on Ok button or click on cancel button to cancel MouseKeys box.
Click on Settings button, if you want to adjust the mouse cursor detail settings.



Here a new dialog box will appear with the title "Settings for MouseKeys", now you can manage all mouse settings for example mouse cursor speed, acceleration and some other features.

Now using Numeric keypad, you can move your mouse pointer. The controls are:

* 1,2,3,4,6,7,8 and 9 keys are used to move the mouse cursor into different
direction.
* Key 5 is used as mouse click button.
* Insert key used to hold down mouse button.
* + Sign used to double click on any object.
* Delete button used to release the mouse.
* Click on NumLock button to disable this keyboard mouse feature.

or apply above setting by following steps:-

* Start -> All program -> Accessories -> Accessibility -> Accessibility Wizard.
read more...

Eliminate the needless visual effects for better windows performance

Increase the performance of your computer by eliminating the needless visual effects. By default windows XP gives you many options in the graphics fields to enjoy maximum graphics. For example, you can add pictures on folders and drop shadow on icon to give you better look but it will effect on the performance of your computer, especially on an older computer. Window XP has many default graphics which is not so useful for a common user, if you re-adjust these graphics then there is less effect on the user activities but the performance of computer will be increase tremendously. Here I will tell you how to choose:
To edit these settings, first you should log onto your computer with administrative rights.

Click Start button and type sysdm.cpl in Run box then press Ok button for next.


Here a dialog box will appear with the title "System Properties", select "Advanced" tab.


Here click on Settings button under Performance area.


When you have done then "Performance Options" dialog box will appear with different options. Here select the Visual Effects tab and choose the settings you want to use for the appearance and performance of windows on this computer.

Turns off all the visual effects in the option of "Adjust for best performance" and when you select the option "Adjust for best appearance" it will gives you opposite effect ,Everything will turns on. Selecting "Let Windows choose what's best for my computer" triggers, as you might guess, different choices on different computers. And to pick and choose individual effects yourself, choose "custom" then decide which ones you want.


press OK.
read more...