My Blog

It's all about Information, tricks and knowledge..

250000 computers may lose internet

1 comment

About a quarter-million computers around the world risk losing internet access on Monday due to a malicious software that is part of a hacking scam shut down by US authorities.

 BOSTON: About a quarter-million computer users around the world are at risk of losing internet access on Monday because of malicious software at the heart of a hacking scam that US authorities shut down last November.
Some blogs and news reports hyped the risk of an outage, warning of a potential 'blackout' and describing the Alureon malware as the 'Internet Doomsday' virus.
Yet experts said only a tiny fraction of computer users were at risk, and internet providers would be on call to quickly restore service. They said they considered the threat to be small compared with more-prevalent viruses such as Zeus and SpyEye, which infect millions of PCs and are used to commit financial fraud.
As of this week, about 245,000 computers worldwide were still infected by Alureon and its brethren, according to security firm Deteque. That included 45,355 computers in the United States.
The viruses were designed to redirect internet traffic through rogue DNS servers controlled by criminals, according to the FBI. DNS servers are computer switchboards that direct web traffic.
When authorities took down the rogue servers, a federal judge in New York ordered that temporary servers be kept in place while the victims' machines were repaired. The temporary servers will shut down at 12:01 am EDT (0401 GMT) on Monday, which means the infected PCs that have not been fixed will no longer be able to connect to the internet.
Some US internet providers, including AT&T and Time Warner Cable, have made temporary arrangements so that their customers will be able to access the internet using the address of the rogue DNS servers.
"It's a very easy one to fix," said Gunter Ollmann, vice president of research for security company Damballa. "There are plenty of tools available."
Many of the machines that remain infected are probably not in active use since most victims were notified of the problem, said security expert Johannes Ullrich, who runs the Internet Storm Center, which monitors web threats.
The United States has charged seven people for orchestrating the worldwide internet fraud. Six were arrested in Estonia, while the seventh, who was living in Russia, is still at large. Tallinn has so far extradited two of the men to New York where they appeared in Manhattan federal court.
The case is USA v. Tsastsin et al, US District Court for the Southern District of New York, No. 11-cr-878.



1 comment :

Post a Comment

Higgs boson

1 comment



One possible signature of a Higgs boson from a simulated proton–proton collision. It decays almost immediately into two jets of hadrons and two electrons, visible as lines.

The Higgs boson or Higgs particle is a proposed elementary particle in the Standard Model of particle physics. The Higgs boson is named afterPeter Higgs, who along with others, proposed the theoretical model that predicted such a particle in 1964.The name "boson" is derived from the surname of the Indian physicist, Satyendra Nath Bose, a contemporary of the German physicist Albert Einstein. Bosons stands for one of the two fundamental classes of subatomic particles, characterized by Bose–Einstein statistics and all have integer spins. The existence of the Higgs boson and the associated Higgs field explain why the other elementary particles in the standard model have mass. In this theory, the Higgs field has a non-zero field everywhere, even in its lowest energy state. Other elementary particles obtain an effective mass through the continuous interaction with this field. The Higgs field interaction is the simplest mechanism which explains why elementary particles have mass. The Higgs boson—the smallest possible excitation of the Higgs field—has been the target of a long search in particle physics. One of the primary design goals of the Large Hadron Collider at CERN in Geneva, Switzerland—one of the most complicated scientific instruments ever built— was to test the existence of the Higgs boson and measure its properties.
Because of its role in a fundamental property of elementary particles, the Higgs boson has been referred to as the God particle in popular culture, although many scientists regard this as a hyperbole. According to the Standard Model, the Higgs boson is a boson, a type of particle that allows multiple particles to exist in the same state. Furthermore, the model posits that the particle has no intrinsic spin, no electric charge, and no colour charge. It is also very unstable, decaying almost immediately after its creation.
On July 4, 2012, the CMS and the ATLAS experimental collaborations at the Large Hadron Collider at CERN announced that they observed a new particle that is consistent with the Higgs boson, noting that further data and analysis were needed before the particle could be positively identified.

1 comment :

Post a Comment

KERALA, THE GOD'S OWN COUNTRY

No comments

#KERALA is a state in India. It is located on the south-western region of the country. It was created on 1 November 1956, with the passing of the States Reorganisation Act bringing together the areas where Malayalam was the dominant language. Kerala is today one of the most sought after tourist destinations in the world. Today Kerala Tourism is a global super brand and is recognized as a pioneer and trend setter in the country.
Its unique culture and traditions, coupled with its varied demography has made Kerala one of the most popular tourist destinations in the world. Apart from being a tourist destination, Kerala is also India's most advanced society, cleanest and most peaceful state. 'Responsible Tourism' is adopted as the cornerstone for the tourism development in the state. Kerala offers a host of exciting holiday options. Spread out across the year is specially designed packages that highlight the State's attractions, and prove beyond doubt that the season never ends in this beautiful land. The state has an area of 38,863 km2 and is bordered by Karnataka to the north, Tamil Nadu to the south and the east and the Lakshadweep Sea[note] towards the west. Thiruvananthapuram is the capital and largest city of Kerala. Kochi and Kozhikode are the other major cities. Kerala is also known for its many small towns that are scattered across the state.

From as early as 3000 BC, Kerala had established itself as the major spice trade center of the world. A 3rd-century-BC rock inscription by emperor Asoka the Great attests to a Keralaputra. Around 1 BC the region was ruled by the Chera Dynasty, which traded with the Greeks, Romans and Arabs. The Tamil Chera dynasty, Ays and the Pandyan Empire were the traditional rulers of Kerala whose patriarchal dynasties ruled until the 14th century. The Cheras collapsed after repeated attacks from the neighboring Chola and Rashtrakuta kingdoms. Feudal Namboothiri Brahmin and Nair city-states subsequently gained control of the region. Contact with Europeans after the arrival of Vasco Da Gama in 1498 gave way to struggles between colonial and native interests. By early 16th century, the Portuguese established their domination. They were defeated by the Dutch in 1663, who in turn were forced out of the land by the British East India Company in 1795, bringing the area under British dominion. After independence, the state of Kerala was created in 1956 from the former state of Travancore-Cochin, the Malabar district of Madras State, and the Kasaragod taluk of Dakshina Kannada.
Kerala is a popular tourist destination famous for its backwaters, Ayurvedic treatments  and tropical greenery. Kerala has a higher Human Development Index than all other states in India. The state has a literacy rate of 94.59 percent, the highest in India. A survey conducted in 2005 by Transparency International ranked Kerala as the least corrupt state in the country. Kerala has witnessed significant migration of its people, especially to the Persian Gulf countries during the Kerala Gulf boom, and is heavily dependent on remittances from its large Malayali expatriate community.

No comments :

Post a Comment

Sunil Chhetri

No comments
                       In a path-breaking development in Indian football, striker Sunil Chhetri is set to join Portuguese football giants Sporting Lisbon. A deal between the player and the Portuguese club is expected to be finalised in New Delhi on Thursday. No Indian footballer has ever played in a top league in Europe. In 2002, Baichung Bhutia had played for Bury FC, which was playing in England's second division championship at that time.



Sunil Chhetri (born 3 August 1984 in New Delhi) is an Indian footballer who is currently playing for Sporting Clube de Portugal B in the Liga de Honra.
Chhetri started his football career playing for school teams and then for his local club, City Club. Since then, he has represented I-League clubs Mohun Bagan, East Bengal Club and JCT FC. At Mohun Bagan, he scored eight goals over three seasons where the club finished in the bottom half of the league table every time. The next three seasons were spent at JCT where he scored a total of twenty goals including twelve goals in a single season where JCT finished second in the league. This earned him the league's "Player of the Year" award. Afterwards he played for East Bengal and scored seven goals in a season where they finished sixth. For the 2009–10 season, he signed with Dempo SC on a two-year contract. Sunil had signed a three-year contract with Queen's Park Rangers in August 2009. But a work permit was rejected by the UK government.
At international level, Chhetri has represented India in the Nehru Cup, the South Asian Football Federation (SAFF) Championship and the Asian Football Confederation (AFC) Challenge Cup. He received much media attention after scoring a hat-trick in the final of the 2008 AFC Challenge Cup, which led to an unsuccessful trial at English club Coventry City and speculation linking him with many European and North American clubs. In addition, Chhetri has received awards such as the 2007 All India Football Federation (AIFF) Player of the Year.

No comments :

Post a Comment

Transform Windows 7 To New Apple Mac OS X Lion Theme

No comments
        Recently We have covered an extraordinarily stylish Apple iOS 5 Skin pack, which transforms your Windows 7 to Apple iOS Theme .iOS 5 Skin pack has the some cool icons and awesome User-Interface.Following this Apple iOS skin pack,today we bring you the Mac OS X Lion Skin V 12 Theme Apple theme For Windows 7 OS.Using this theme pack you can transform your Windows 7 to Apple Mac OS X Lion.This skin pack is very handy for you,if you want to change your user interface to Apple MAC system.


Note: You will find the download link on right sidebar of the page linked above. Standard warnings apply. It is always recommended to create a system restore point first before making changes to your system.
This skin Supports:Windows 7 , Windows 7 SP1 – [X86 (32Bit)] – [All Language] ,Windows 7 , Windows 7 SP1 – [X64 (64Bit)] – [All Language    ]


Download Mac OS X Lion Theme 32 bit


May be it need .Net Frame work for that download .Net Framework

No comments :

Post a Comment

Test the strength of your anti-virus

9 comments

EICAR is a short 68-byte COM file that is detected by anti-virus programs as a virus, but is actually NOT "VIRAL" at all. When executed it just displays a message and returns control to the host program.
Why is this harmless file detected as a virus? The file was created in order to demonstrate to users the messages and procedures that anti-virus programs display when a real virus is detected.
Some time ago researchers from several anti-virus companies were asked by users to develop a way to demonstrate what would happen in case of a real virus attack; a sort of simulation of which messages anti-virus programs will display and what actions will be recommended to perform, e.t.c.
After some time and thought toward how to best satisfy the request, the anti-virus researchers decided to release some virus-simulators that would be some harmless file that does nothing but display a message(s) and then exits to DOS (host OS). It was decided that this file could contain only ASCII characters so that users could type it or copy it from a User Guide. As a result the COM file looks as follows:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Despite having only ASCII characters, this COM file is nonetheless a legitime computer program that does work under DOS or in a DOS window under Windows, OS/2 or any other OS that is able to run DOS programs. When run or executed this COM-file simply displays a text message and exits to DOS. The displayed message looks as follows:
 EICAR-STANDARD-ANTIVIRUS-TEST-FILE!
It is as simple as that, though a lot of anti-virus programs detect it as a virus named EICAR-Test-File or something close to this

9 comments :

Post a Comment

Most Common Passwords

No comments

  1. 123456, 123, 123123, 01234, 2468, 987654, etc
  2. 123abc, abc123, 246abc
  3. First Name
  4. Favorite Band
  5. Favorite Song
  6. first letter of given name then surname
  7. qwerty, asdf, and other keyboard rolls
  8. Favorite cartoon or movie character
  9. Favorite sport, or sports star
  10. Country of origin
  11. City of origin
  12. All numbers
  13. Some word in the dictionary
  14. Combining 2 dictionary words
  15. any of the above spelled backwards
  16. aaa, eee, llll, 999999, and other repeat combinations

Common Extensions

Some sites force you to have passwords with both numbers and letters. For example bob's password is football, and the site asks him to add some numbers to it to make it valid. Here's what people usually add.
  1. Their year of birth / marriage / graduation (or expected grad) from HS or college
  2. 007
  3. 0 - 9
  4. 69
  5. 000, 111, 4444 or other long combinations
  6. 123456, 123, 123123, 01234 and other retarded combinations
Years are usually added in different ways: football85, football1985, football04 instead of football4. There's also the possibility of sub-connections like football_04 and football-84. Many sites require both numbers and letters so these are a more likely occurance since people tend to want to have the same pass for everything.

My opinion on an Ideal password

Mixed numbers and letters over 8 characters long. Memorize it once, use it forever.

How long it takes to hack a password

If they have hacked and downloaded the entire database it's 10000 times faster than if they send requests guessing your passwords on certain websites. Most decent comps can check easily thousands possibilities per second. Most decent sites have captchas now which prevent brute force guesses.

Words in the Dictionary

If they steal a sites database you can get hacked fast, even if you use foreign words. The open office english spellcheck has around 70,000 words. Apps like passwordspro on my 2 Ghz cpu can check around 4,000,000 md5 possibilities a second, allowing to to breeze through several dictionaries, including possible variations like all uppercase/lowercase and backwards words. The latest nvidia cards with a coda gpu brute forcer can easily exceed 200 million md5s a second.

Numbers

If you have an all numbers password it's much faster to crack than if it were mixed. Instead of having a massive array of words in memory and selecting an index from it, or even worse reading from disk every few seconds in a buffer, having a number just requires the computer to do what computers do fastest, count. At 2 Ghz my comp can check every number up to 14 million in 2 minute for salted md5s, making it possible to have a weak 8 character password. Adding 0s to the front of the number can help, but not really. A second pass with any number of 0s can be done afterwards. Maybe if you made it your zipcode+your best friends number or something VERY long it would be strong enough.

All Random letters

Every possible combination of 3 letter words is only around 17000 while every possible 4 letter word combination is 456976. It grows exponentially every time you increase just one letter. Most sites recommend 8 characters or more for a strong password. Adding just 1 character to your password helps expontentially. No dictionary words!

Why hackers usually don't care about your Computer

Contrary to popular belief most malicious hackers do not give a damn about giving you trojans or making your stupid windows computer crash. Then why are there so many trojans in p2p networks? Because of retarted script kiddy teenagers and nigerians that fancy themselves hackers using prebuilt trojan software. Hackers target servers. Why?
  1. Massive bandwidth.
  2. Mail servers with proper mmx records that validate spam checks
  3. The possibility for phising.
  4. Most servers are unattended meaning it can be months before the person finds out there's a malicious script bombing emails or phising people.
  5. Exploitation of social networks.
They can get a lot of credit card numbers or bank account information email bombing thousands of emails on a hijacked server rather than waiting to find a credit card number amongst all the instant messages and random typing you / your kids type throughout the month.
Sure there's been a lot of home PCs infected, but usually this is the result of very efficient viruses that replicate and spread in-mass. Most people have decent antivirus software for hackers to want to waste their time flooding trojans. Some hackers use hijacked home PCs as DDoS zombies, but other than that you're more likely just to get spyware that floods you with ads.

How hackers usually obtain your password

Most malicious hackers just wait for security update news. Whenever some forum or cms software like drupal, vbulletin, phpbb or invision board releases a security update, they try and find what the discovered exploit was. They google search for forums that may have the affected system and use the exploit. Forums can give tons of emails / passwords.
The ones who are skilled enough and actively attempt to discover the exploits are more rare.
Even worse is when the skilled programmers make simple automated exploit programs for script kiddies to use without even understanding the code. This is where the majority of the attacks come from, losers that use programs made by hacker and call themselves hackers.
It's super rare that you would be targeted or your password has been hacked from large sites like google, hotmail or myspace. Most of the big sites have capchas and DDoS protection, which cripples speed, It's more likely they hacked some other site that you long forgot about and found you conveniently use the same password for all your accounts including your email. From there they find even more passwords.. Most people get hacked from phising attempts or other forms ofsocial engineering rather than real hackers, although they can use XSS vulnerabilities to help trick people. People also get trojans from opening email extensions and downloading pirate stuff off p2p without a decent antivirus. Hackers with skills enough to find open ports / exploit them and get shell access are much more rare than people claim.

Common Types of Webhacks

SQL Injection
By far the most common serious error web programmers have is not validating user input well. Usually SQL injections are used to get username / passwords or other information in the database by adding a UNION statement to a select query. Despite it's name its more rare to get an exploit where you can actually inject or insert data into the database since most programmers aren't stupid enough to use GET requests for insert, most hackers are more lazy when it comes to spoofing post requests, and it's a lot more tricky or impossible to add insert, create or drop queries to injected strings.
Local File Inclusion
Many web apps load modules or plugins through get or post variables. Lets say I use ?loadplz=file.php if I wanted to load /home/jimmy/htdocs/file.php a malicious person could say ?loadplz=../../../../../../../../../etc/passwd to try his luck for some unshadowed password goodness. Many times the NULL byte exploit is used to trick input validation. It is often used to include any CMS or Forum configuration files to get MySQL access.
Remote File Inclusion
Yikes, a lot of web apps have forms where you can upload pictures, texts or files Some have admin control panels that only the admin of the site can access but then there's no input validation on the upload forms. Some just don't validate the type of file you upload, meaning you can upload malicious code that does anything within the limits of the JIT compiler privileges.
Logged in User Exploits
Many sites often don't validate the data you want to modify or delete is yours. They only check if you're logged in. Sites that use Ajax are especially prone to overlook possible input validation problems.

How are passwords stored in a website

Most are stored as md5 hashes. If your password is stored without encryption you are screwed if the site gets hacked. It doesn't matter how long your password is. Sites like thepiratebay and stage6 have gotten their passwords stolen, don't think it can't happen to big sites. You can tell if a site encrypts your password by using their password recovery form. If it gives you your password your password is not encrypted. If it asks you to enter a new one or it generates a password for you, it has your password encrypted. You should never purchase anything from sites that don't encrypt your password, they may keep your credit card information or other sensitive data without encryption following their php for dummies guide

Dangers of md5

Sites like milw0rm and plain-text have millions, maybe billions of precomputed hash values in what are called rainbow tables. People can enter hashes in limited quantities to put on queue for cracking. md5 is a one-way hash, meaning it can't be decrypted. Instead, they try every possible combination in a limited range. Encrypting many possibilities and comparing them to the original hash is extremely slow. Rainbow tables make it so that the possibilities are encrypted only once and the resulting hashes are saved into massive files called a Rainbow table. From there the real hashes are compared to all the possibility hashes in the rainbow table. This avoids recalculating the hashes for every possibility for every user but in exchange costs a lot of overhead loading the file into memory and comparing from memory. The time-memory trade off is worth it. Other sites are just searchable databases of hashes. You still should be ok if your pass is over 8 characters long. Some sites do double md5s or concatenate md5 encrypted passwords with an encrypted "salted" value, then encrypt the whole thing again. Because the salted value is different for each user, precalculating millions of hashes in rainbow tables would have to be done one user at a time, making it a worse option that brute forcing it. Brute force attacks use word lists separated by line breaks which are widely available around the net and can be easily created, they can also check all possible combinations for certain ranges and character sets.
Making your password case sensitive helps exponentially, specifically ^+26 lol, but it makes typing a pass a bit more inconvenient and not all sites support it. I'm sure my prog isn't the most efficient possible and there are way faster comps out there so be careful.

Web Exploiters vs Program Crackers

People who exploit website vulnerabilities are not always the same as those who crack and keygen commercial software and games. The two require a few different skill sets. Web hacking requires mastery knowledge of the http protocol, cookies, php, asp, SQL, and the methods user input is usually validated. The skill is gained from a lot of practice writing safe web-apps and observing the exploits found often in others. Program crackers on the other hand usually have very intimate knowledge of assembly and non-JIT compilers. They use a debuggers to find exactly where in the program a certain procedure is executed in order to modify it. They are also apt in modifying and exploiting unvalidated user input in the memory with buffer overflows. Browser plugins are often the target to buffer overflow exploits. I'm not saying some people don't have both skill sets.

What is hacking

Contrary to popular belief and the Hollywood culture, hackers are just people that can manipulate things on a bits and bytes level. They're excellent programmers and the majority do not engage in illegal activity. Making something do what it wasn't intended to is exploiting, not hacking.





No comments :

Post a Comment

4 Things To Do Immediately When Your Facebook Account Is Hacked

No comments

For most people, having their Facebook account hacked is a nightmare. Imagine if someone had access to all your private messages, could contact your friends, abuse your Facebook page, and delete your personal information. To avoid this, you should regularly update your password and keep other security settings tight.
Once it’s too late, however, you must act fast. The most important thing is – don’t panic! You canregain access to your account.

How Do You Know Your Facebook Account Was Hacked?

First of all, how do you know your Facebook account was hacked if nothing obvious was changed…yet? If a hacker managed to get into your account, they will leave a trace. While their session is active, it will be listed under > Home (top right corner) > Account Settings >Security > Active Sessions (click edit). Here you can end the activity of suspicious sessions.
facebook hacked
It is recommended that you enable Login Approvals for logging in from unrecognized devices. For increased security, you should also set app passwords.

1a. Change Your Password

In case your password was not changed you got lucky! This is the time to update your password! Be sure to end any suspicious active sessions first (see above), then go to >Home > Account Settings > General and click > Password to confirm your current password and then enter a new password.
When you’re done, review our articles regarding Facebook security (see resources below) and see what other measures you can take to secure your account.
hacked facebook profiles
From here, proceed to step 3 if you think that your account was abused.

1b. Reset Your Password

If your password was changed, act quick! Try to regain access. There is a > Forgot your password? link underneath the Facebook login.
hacked facebook profiles
It will let you retrieve your password in several different ways. You can either enter the email address you registered to Facebook with or any other secondary email address you added, as well as your phone number and username.
hacked facebook profiles
If you’re not sure whether the person that hacked your account was smart enough to change your profile information, you should go with the last option and enter your name and that of a friend. This will give you an idea of which information is currently added to your account.
hacked from facebook
If you don’t have access to any of the email accounts or to the phone number associated with your account, click the > No longer have access to these? URL. This will take you to a page where you can enter a new email address, which Facebook will then use to assist you in recovering your account.
hacked from facebook
This is not all. If you believe that your account was abused by the person who has access to it, proceed to step 2.

2. Report Compromised Account

If your account wasn’t simply hacked, but is sending out ads and spam to your friends, you must report it as compromised.
hacked from facebook
From here, immediately proceed to step 2.

3. Do Damage Control

After doing everything you could to regain control over your hacked Facebook account, inform your friends about what is going on, just in case the hacker has abused or currently is abusing your account. If you presently can’t access your account, contact your Facebook friends through other social networks, by email, or have a mutual friend inform them via Facebook. Once you can log in again, proceed to step 3.

4. Remove Suspicious Applications

Oftentimes, it’s not an evil person that randomly hacked into your account. More likely than not you granted access to a malicious application which subsequently hijacked your account. To remove suspicious applications, go to > Home > Account Settings > Apps and go through the list. Click the > X next to any application you wish to remove or click > Edit to change what the app can do.
facebook hacked

Bonus: Improve Your Facebook Privacy and Security Settings

Once you’re back in control, review the following resources and close the security gaps in your Facebook account. Note that some of these articles are over a year old and hence the information may not be 100% accurate.

No comments :

Post a Comment

10 Beneficial Facebook Pages For Educators To Check Out

3 comments

A selection of Facebook Pages providing resources and dialogue focused on education and instructional technologies.

Like most Facebook users, many educators use Facebook to connect with friends new and old, but the Internet’s most popular site can also be a great learning (and teaching) tool. There are many Facebook pages that have been created as a resource to collect, share, and disseminate information about education and education technologies. Here’s 10 of our favorites.
To ready complete by click on Social Button

3 comments :

Post a Comment