Hackers typically approach an attack using five common phases. Reconnaissance, Scanning, Gaining Access, Maintaining Access and Clearing Tracks. After erasing tracks the hacker terminates the connection. This information is useful for network administrators, and essential for network security consultants.
Reconnaissance(rattling the door knobs" to see if someone is watching and responce)
This is the Preparatory Phase. Attacker seeks to gather as much information about the target before launching the attack. They perform routine and detailed reconnaissance.
There are two types of reconnaissance; Passive reconnaissance are Active reconnaissance
Passive reconnaissance: Acquiring information without directly interacting with the target
Example: Google Searching, Searching Public Records
Active reconnaissance: Acquiring information interacting with the target directly.
Example: Telephone call to the help desk or technical department (Social Engineering), Dumpster Diving
Scanning
This is the Pre-attack Phase. Hackers want to learn more about network mapping, phone system structure, and internal informational architecture of the target. Using gathered information during reconnaissance, the hacker scans the network for more specific information.
In this phase they use some tools for scan vulnerabilities of the system.
Gaining Access
This is the Penetration Phase. This phase of attack is the most important and the most dangerous. The hacker exploits the vulnerabilities in the system. Open ports can lead to a hacker gaining direct access to services and possibly to internal network connections.
Maintaining Access
Hackers may choose to continue attacking and exploiting the target system, or to explore deeper into the target network and look for more systems and services. In this phase the hacker tries to retain his ownership of the system. The hacker has compromised the system. Hacker may harden the system from other hackers as well by securing their exclusive access with Backdoors, Rootkits, or Trojans.
Clearing Tracks
In this phase the hacker clears his footprints and tracks. He undertakes to remove evidence for hide his misdeeds.
The more the hacker learns about your internal operations means the more likely he will be intrude and exploit. So be Secure.
I hope this post will help you and please leave a comment.
Wednesday, December 28, 2011
Sunday, December 25, 2011
Ever wanted to know who your friend's crushes are?
Ever wondered who your friend secretly likes/ loves? Is your girlfriend or boyfriend really true to you?
With this Love Calculator, you can finally find it out. Only thing you should do is send an email or chat message to your friend, including customized Love Calculator link (This link will generate from CrushBit.com for your e-mail address) saying that you tried this Love Calculator which worked very well for you and would like him/her to try it out too. Your job is over. The exciting part will goes to CrushBit.com. Your friend will be told, to enter the names of his/her crushes so that we can make some predictions. As soon as your friend fills in his/her crush list, the names would automatically be mailed to your inbox! BANG!!!!!!!!!!!
Click here to get started
With this Love Calculator, you can finally find it out. Only thing you should do is send an email or chat message to your friend, including customized Love Calculator link (This link will generate from CrushBit.com for your e-mail address) saying that you tried this Love Calculator which worked very well for you and would like him/her to try it out too. Your job is over. The exciting part will goes to CrushBit.com. Your friend will be told, to enter the names of his/her crushes so that we can make some predictions. As soon as your friend fills in his/her crush list, the names would automatically be mailed to your inbox! BANG!!!!!!!!!!!
Click here to get started
TrueCrypt
TrueCript is a free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux. It is a ultimate freeware encryption program, TrueCrypt is loaded with powerful features that users concerned with protecting data from prying eyes will find robust and comprehensive. It has 11 algorithms for encrypting your private files in a password-protected volume. You can store your encrypted data in files (containers) or partitions (devices).
Encryption is automatic, real-time (on-the-fly) and transparent. Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted. Newer features include hardware acceleration for some Intel chips, auto-mounting, and convenience improvements for when you "favorite" an encrypted volume have improved both performance and usability. Users can even create a hidden operating system.
Download TrueCrypt
Encryption is automatic, real-time (on-the-fly) and transparent. Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted. Newer features include hardware acceleration for some Intel chips, auto-mounting, and convenience improvements for when you "favorite" an encrypted volume have improved both performance and usability. Users can even create a hidden operating system.
Download TrueCrypt
Location:
Colombo, Sri Lanka
Cryptography
Cryptography is a method of transmitting or storing secret messages where only intended recipient can read and process them. It is the science of writing in secret code and is an ancient art. It can be used to ensure Confidentiality, Integrity and Authenticity. The readable data(Clear Text/ Plain Text) converts into unreadable format(Cipher Text) using Encryption/Enciphering Algorithm. Encryption/Enciphering Algorithm is a set of rules dictating how enciphering and deciphering takes place. There are many types of algorithms. Blowfish, Des, Enigma, Gost, Loki97, ReipleDes, Xtea, etc.. There is a random variable called Crypto Variable/Key(a sequence of bits) which gives secrecy to the whole process. Only sender and the intended receiver should have the key. The intended recipient can Decrypt/Decipher using that Crypto Variable/Key.
Example:
Plane Text: The Technical Avenue
Algorithm: BlowFish
Key: 3
Cipher Text: 5T3jLYKbWglAp1S2cYGuVdTR1iMREeWt
The first documented use of cryptography in writing dates back to circa 1900 B.C. Julius Caesar developed a method of sending secret messages by substituting each letter in the message by a letter which is three positions ahead in the alphabet. (Rotation-3 or ROT-3 cipher)
Example:
Cipher Text: wkh whfkqlfdo dyhqxh
Key: 3
Plane Text: The Technical Avenue
There are many more types of Cryptosystems available.
Vigenere Cipher, Vernam Cipher(One-Time Pad), Running Key Cipher, etc..
Encrypted messages can sometimes be broken by cryptanalysis, also called codebreaking, although modern cryptography techniques are virtually unbreakable.
Example:
Plane Text: The Technical Avenue
Algorithm: BlowFish
Key: 3
Cipher Text: 5T3jLYKbWglAp1S2cYGuVdTR1iMREeWt
The first documented use of cryptography in writing dates back to circa 1900 B.C. Julius Caesar developed a method of sending secret messages by substituting each letter in the message by a letter which is three positions ahead in the alphabet. (Rotation-3 or ROT-3 cipher)
Example:
Cipher Text: wkh whfkqlfdo dyhqxh
Key: 3
Plane Text: The Technical Avenue
There are many more types of Cryptosystems available.
Vigenere Cipher, Vernam Cipher(One-Time Pad), Running Key Cipher, etc..
Encrypted messages can sometimes be broken by cryptanalysis, also called codebreaking, although modern cryptography techniques are virtually unbreakable.
Location:
Colombo, Sri Lanka
The First Virus
Elk Cloner is the first virus on microcomputers were on the Apple II, circa 1982.It is a "boot sector" virus. Rich Skrenta, who was ninth-grade student wrote this virus.
Elk Cloner was stored on floppy diskettes. When a computer booted from a floppy disk infected with Elk Cloner, the virus would start, and would subsequently copy itself to any uninfected floppy disk that was accessed. Because computers of that time had dual floppy disk drives, and because diskettes were often passed around among friends. And the other major part is on every 50th booting, the virus would display a short "poem".
"It will get on all your disks
It will infiltrate your chips
Yes, it's Cloner!
It will stick to you like glue
It will modify RAM too
Send in the Cloner!"
Elk Cloner was stored on floppy diskettes. When a computer booted from a floppy disk infected with Elk Cloner, the virus would start, and would subsequently copy itself to any uninfected floppy disk that was accessed. Because computers of that time had dual floppy disk drives, and because diskettes were often passed around among friends. And the other major part is on every 50th booting, the virus would display a short "poem".
"It will get on all your disks
It will infiltrate your chips
Yes, it's Cloner!
It will stick to you like glue
It will modify RAM too
Send in the Cloner!"
Saturday, December 24, 2011
How to Remove Facebook Virus
Millions of Facebook accounts are being affected by a virus
subjecting viewers to hardcore porn and violent images. They are appearing as updates in Facebook’s News Feed. It gets posted in your name to all your friends if you click on it.
The virus we’re talking about :
Obviously it spreads once you click on it, so avoid clicking on it at the first place.
How to remove Facebook virus:
This virus posting on your friends profiles being done through a malfunctioned extension installed on your browser. You can simply remove that extension from your web browser. Extension name is "Youtube Extension"(or similar kind of name).
This is the extension(In Firefox):
The extension name can be different. But you can easily find this malfunctioned extension.
How to Remove:
In Google Chrome: Go to Tools > Extensions and remove the extension "Youtube extension".
In Firefox: Go to "Firefox" menu and click on Add-ons. Remove the extension "Youtube extension" from there.
If you have any problems with removing this malfunctioned extension, let me know. I hope this will help you and please leave a comment.
The virus we’re talking about :
Obviously it spreads once you click on it, so avoid clicking on it at the first place.
How to remove Facebook virus:
This virus posting on your friends profiles being done through a malfunctioned extension installed on your browser. You can simply remove that extension from your web browser. Extension name is "Youtube Extension"(or similar kind of name).
This is the extension(In Firefox):
The extension name can be different. But you can easily find this malfunctioned extension.
How to Remove:
In Google Chrome: Go to Tools > Extensions and remove the extension "Youtube extension".
In Firefox: Go to "Firefox" menu and click on Add-ons. Remove the extension "Youtube extension" from there.
If you have any problems with removing this malfunctioned extension, let me know. I hope this will help you and please leave a comment.
Hackers
Several definitions..,
1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities.
2. Someone who likes to tinker with electronics or computer systems.
3. [deprecated] A malicious meddler who tries to discover sensitive information by poking around. The correct term for this sense is "cracker."
Any way hackers like to explore and learn how computer systems work, finding ways to make them do what they do better, or do things they weren’t intended to do. There are two major types of hackers. Black Hats and White Hats.
Black Hats: These are considered as the villains or the bad guys. Black hat hackers usually use their skills maliciously for personal gain. They are the people that hack banks, steal credit cards, and deface websites.
White Hats: These are considered the good guys. White hat hackers don’t use their skills for illegal purposes. They perform hacking for legitimate reasons. They usually become Computer Security experts and help protect people from the Black Hats.
e.g. IT Security technicians testing their systems and researchers testing the limits of systems.
(These two terms came from the old western movies where the good guys wore white hats and the bad guys wore black hats.)
And also there is a hierarchy,
Script kiddies:
These are the wannabe hackers. They are looked down upon in the hacker community because they are the people that make hackers look bad. Script kiddies usually have no hacking skills and use the tools developed by other hackers without any knowledge of what’s happening behind the scenes.
Intermediate hackers:
These people usually know about computers, networks, and have enough programming knowledge to understand relatively what a script might do, but like the script kiddies they use pre-developed well-known exploits (- a piece of code that takes advantage of a bug or vulnerability in a piece of software that allows you to take control of a computer system) to carry out attacks
Elite Hackers:
These are the skilled hackers. They are the ones that write the many hacker tools and exploits out there. They can break into systems and hide their tracks or make it look like someone else did it. You should strive to eventually reach this level.
(50me DeF1n1710n2 kaP7urEd PhR0M 73h h4x0R3R5 und3r9r0UNd)
1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities.
2. Someone who likes to tinker with electronics or computer systems.
3. [deprecated] A malicious meddler who tries to discover sensitive information by poking around. The correct term for this sense is "cracker."
Any way hackers like to explore and learn how computer systems work, finding ways to make them do what they do better, or do things they weren’t intended to do. There are two major types of hackers. Black Hats and White Hats.
Black Hats: These are considered as the villains or the bad guys. Black hat hackers usually use their skills maliciously for personal gain. They are the people that hack banks, steal credit cards, and deface websites.
White Hats: These are considered the good guys. White hat hackers don’t use their skills for illegal purposes. They perform hacking for legitimate reasons. They usually become Computer Security experts and help protect people from the Black Hats.
e.g. IT Security technicians testing their systems and researchers testing the limits of systems.
(These two terms came from the old western movies where the good guys wore white hats and the bad guys wore black hats.)
And also there is a hierarchy,
Script kiddies:
These are the wannabe hackers. They are looked down upon in the hacker community because they are the people that make hackers look bad. Script kiddies usually have no hacking skills and use the tools developed by other hackers without any knowledge of what’s happening behind the scenes.
Intermediate hackers:
These people usually know about computers, networks, and have enough programming knowledge to understand relatively what a script might do, but like the script kiddies they use pre-developed well-known exploits (- a piece of code that takes advantage of a bug or vulnerability in a piece of software that allows you to take control of a computer system) to carry out attacks
Elite Hackers:
These are the skilled hackers. They are the ones that write the many hacker tools and exploits out there. They can break into systems and hide their tracks or make it look like someone else did it. You should strive to eventually reach this level.
(50me DeF1n1710n2 kaP7urEd PhR0M 73h h4x0R3R5 und3r9r0UNd)
Hack the default title of the Internet Explorer
Did you ever knew that we can change the title of the Internet Explorer in to our own text. The default title is “Windows Internet Explorer”. This post will show you how to change that default title of your Internet Explorer in to your own one.
1. Press Win+r to open up the run dialog box and type “regedit” without quotes inside the run dialogue box and click OK or hit Enter. It will open the Registry Editor.
2. In Registry Editor navigate to,
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
3. Double click on Value - "Window Title" and enter the text you desired in to "Value Data" field.
If it not exists right click and create a new String Value and rename it as "Window Title"(without quotes). Then double click it and enter the text you desired in to "Value Data" field.
4. Exit registry and reboot the machine.
1. Press Win+r to open up the run dialog box and type “regedit” without quotes inside the run dialogue box and click OK or hit Enter. It will open the Registry Editor.
2. In Registry Editor navigate to,
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
3. Double click on Value - "Window Title" and enter the text you desired in to "Value Data" field.
If it not exists right click and create a new String Value and rename it as "Window Title"(without quotes). Then double click it and enter the text you desired in to "Value Data" field.
4. Exit registry and reboot the machine.
Labels:
Hacks,
TipsTricks
Location:
Colombo, Sri Lanka
Why Information Security?
Some years ago information security is not a hot topic. Because in that time organizations did not heavily depend on computer based system. Internet was not there and few people had the technical knowledge. But nowadays, the situation got changed. organizations, government and all other individuals depend heavily on computer based systems. Internet provides a large medium for malicious activities. Well organizes computer crimes have become common.
When information is not adequately secured, it may be compromised and this is known as a security breach. For businesses, a breach usually entails decrease in productivity, release of unauthorized sensitive data and loss of reputation, trust & business. For individuals, a breach can lead to identity theft and damage to financial history or credit rating. Recovering from information breaches can take years and the costs are huge.
So.., stay secure..!!
When information is not adequately secured, it may be compromised and this is known as a security breach. For businesses, a breach usually entails decrease in productivity, release of unauthorized sensitive data and loss of reputation, trust & business. For individuals, a breach can lead to identity theft and damage to financial history or credit rating. Recovering from information breaches can take years and the costs are huge.
So.., stay secure..!!
The Technical Avenue
Hi! I am Hasanka and this is my Blog. I just started this blog as a hobby and to share what I know.
Going through The Technical Avenue you will understand and explore the facts of computer related technologies. Here on this blog I hope to speak about Cyber Security, Ethical Hacking Technics, Computer Viruses, Tools & Technologies and Other Useful Tips & Tricks.
I invite to keep in touch with my blog. I hope you find here a little bit of whatever you are seeking. Please comment as often as you see fit.
Going through The Technical Avenue you will understand and explore the facts of computer related technologies. Here on this blog I hope to speak about Cyber Security, Ethical Hacking Technics, Computer Viruses, Tools & Technologies and Other Useful Tips & Tricks.
I invite to keep in touch with my blog. I hope you find here a little bit of whatever you are seeking. Please comment as often as you see fit.
Subscribe to:
Posts (Atom)