Denial of Service attack

Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation attack or bandwidth consumption attack. Attackers make Denial-of-Service attacks by sending a large number of protocol packets to a network. A DoS attack can cause the following to occur:

• Saturate network resources.
• Disrupt connections between two computers, thereby preventing communications between services.
• Disrupt services to a specific computer.

Some of the common attack are as follows:

SYN Attack

In the smurf DoS attack, an attacker sends a large amount of ICMP echo requests traffic to the IP broadcast addresses. These ICMP requests have a spoofed source address of the intended victim. If the routing device delivering traffic to those broadcast addresses delivers the IP broadcast to all hosts, most of the IP addresses send ECHO reply message. On a multi-access broadcast network, hundreds of computers might reply to each packet. Now the target network is overwhelmed by all the messages sent simultaneously, so the network becomes unable to provide services to all the messages and gets crashed.

Ping of Death

In the ping of death attack, the attacker sends ICMP packet larger than 65,536 bytes. Since the operating system does not know how to handle the packet size larger than 65,536 bytes, either the operating system freezes or crashes at the time of reassembling of the packet. But, nowadays the operating systems discard such packets, so ping of death attack is not applicable at the present time.

Jolt DoS attack

In the jolt DoS attack, an attacker fragments the ICMP packet in such a manner that the target computer cannot reassemble it. In this situation, the CPU utilization of the target system becomes 100 percent and the system gets crashed.

Fraggle DoS Attack

In the fraggle DoS attack, the attacker sends a large number of UDP echo requests traffic to IP broadcast addresses. These UDP requests have a spoofed source address of the intended victim. If the routing device delivering traffic to those broadcast addresses delivers the IP broadcast to all hosts, most of the IP addresses send ECHO reply message; on a multi-access broadcast network, hundreds of machines might reply to each packet. Now the target network is overwhelmed by all the messages sent simultaneously, so it becomes unable to provide service to all the messages and gets crashed.

Generation ahead..Encrypted Hard-Disk

Self-encrypting hard drives are becoming a reality. One standard, led by the Trusted Computing Group, has been adopted by a number of vendors.The cost of encryption is virtually zero because the encryption itself takes place in hardware on the drive. This means that everything is encrypted by default, without compromising performance. We may remember to encrypt our most sensitive files, but at the same time forget to encrypt our email archive, previous versions of the sensitive file, and of course the swap and hibernate files which can contain everything. Encrypting everything by default protects us from these omissions.

How secure are these drives? Well, the encryption keys are generated and stored internally on the drive. Thus, the security of the system depends on the security of the key inside the drive. This means that the main question to ask encrypted-drive manufacturers is how is the key stored inside, and how secure is it? If a secure smartcard chip is used, and the key is password protected, then this is great. If the key is obfuscated and somehow hidden (of course, and still password protected), then someone stealing the drive can probably get to it given enough effort. However, you have still made their life difficult and they have to take the drive away with them (it’s unlikely that they’ll be able to do this without taking the drive apart). So, in any case, you have gained a lot. (I am ignoring the possibility of really bad implementations, although experience tells us that this can also happen not too infrequently…) It is worth noting that highly sensitive files should probably still be encrypted on a higher level (using an encryption key that is stored in a separate smartcard that you take with you). Keeping the encryption key in a completely separate place is always the best practice and prevents even the most concerted efforts to decrypt.

On a usability note, since the encryption keys are internal to the drive there is no key management issue. This is good because key management is often the biggest hurdle to adoption. Regarding data loss, it is important to realize that if the encryption key is somehow lost due to a fault in the drive, then this would be the same as if your hard drive was completely destroyed. So it’s important to also ask manufacturers what sort of fault tolerance has been built into the system regarding the encryption key.

7 steps to flawless ONLINE shopping....

Today in the Internet era, the range of online retail options makes us really lucky to shop comfortably at the click of a mouse. While the perks of online shopping are obvious – no traffic jams, irritating crowds, billing queues or parking problems – taking some simple precautions will ensure safe shopping. Here are some basic safety tips for a secure online shopping experience.

1. Look for visual cues

When you shop online, always look for simple visual cues indicating that the site has been authenticated as legitimate and that the information you enter is protected. Visual cues such as the VeriSign logo or a green browser address bar indicate that the Web site’s ownership has been verified and that the site is safe for online shopping and other transactions. A Web address beginning with “https means that that there is an encrypted connection between your browser and the Web site’s server, indicating that your communication is secure and cannot be intercepted.

2. Validate the vendor

Always buy from a reputed shopping site – ones that you have heard of through friends and trusted acquaintances. You should check online ratings and reviews from other customers and take red flags seriously. You can then make an appropriate decision about the site and decide whether or not it is wise to shop there. Make sure that the Web site has an authentic and valid phone number and mailing address.

3. Check for `two-factor’ authentication

A growing number of sites are now beginning to accept a second form of user authentication that comes from physical devices such as a token, credit-card form factor, a USB drive, or even your cell phone. Two-factor authentication pairs something you know, such as a username and password, with something you have, a one-time password generated by this device in your possession. The unique second password gives you the confidence to shop online without the risk of a hacker or thief gaining access to your accounts via stolen personal information. Although this is still relatively new in India, it will only be a matter of time before most Web sites offer it.

4. Pay attention to the order form

When you place your order, the site should not ask for more than your name, shipping address, billing address, credit card type and number or expiration date. Do not disclose your bank account details.

5. Compare the check-out experience

Whenever you commit to transactions over the Internet, it is important to make sure you can save and print a receipt or other confirmation of the transaction. This should have the date of the purchase along with the amount included on it. Beware of simple forms that offer no confirmation that you entered or ordered anything.

6. Safeguard your password

Don’t ever select the `remember my password’ option and avoid saving your password on your PC; it is the first thing a hacker will target. Malware can be used to search your PC for stored passwords. Avoid using the same password on multiple sites or writing it down on a Post-It note or scrap of paper that can be easily intercepted. Finally, change all your passwords every two to three months.

7. Provide minimal personal information

Always check the Web site’s privacy policy to make sure that your personal information will be safe. Try to limit the amount of personal information you give out while filling out online forms. With these simple precautions, you can have a delightful shopping experience!

Cryptographic Attack...out open

Cryptographic attacks are methods of evading the security of a cryptographic system by finding weaknesses in such areas as the code, cipher, cryptographic protocol or key management scheme in the cryptographic algorithm. The following are the cryptographic attacks usually performed by an attacker: Known plaintext attack: In a known plaintext attack, an attacker should have both the plaintext and…copy of it with the encrypted data. This is used to find patterns in the cryptographic output that might uncover a vulnerability or reveal a cryptographic key.Chosen ciphertext attack: In this type of attack, an attacker can choose the ciphertext to be decrypted and can then analyze the plaintext output of the event. The early versions of RSA used in SSL were actually vulnerable to this attack.

Computer Hacking Forensic Investigator....... Is this What you are waiting for?

EC-Council's Computer Hacking Forensic Investigator (CHFI) is one of the important field of IT sector which is blooming with leap and bounds. Every IT company hiring CHFI these days for the proper investigation and prosecution of Cyber crimes such as data froggery, identity theft, hacking, credit card fraud etc. You may call it a "Hot cake" of the security arena. If you are already a certified ethical hacker then now it's time to upgrade your self with new field of opportunities, and if you are not then don't worry this certification exam will tend to manage everything. One Problem which occur while preparing for these certification exams is non-availability of good preparation contents and material. I reviewed new pre-release of CHFI 312-49 prepkit from ucertify.com last week. I found it very helpful and abundant with good study materials and contents. You can also go through this on ucertify.com pre-release section. I am still waiting for this to release, then I will go for CHFI certification exam.

The Security Prophecies of Leo Howell

By 2020 passwords will cease to exist in the corporate world. By 2030 passwords will be dead and burried!

The time has come, passwords have served their time, they have served us well, but with the increasing security risk due to weak passwords and poor management, a new strategy is needed - passwords must die! Here is why...

* Too many darn passwords! Stop for just a second... count...can you remember all the passwords you have? That's right, too many to remember... see the problem?
* Too many password changes. So let's take a modest number, say you have 10 passwords between work and your personal life (5 at work, 1 Gmail, 1 MySpace, 2 banks, 2 ATM PINS, 1 home alarm code...oh wait, we are over 10!). Anyway, say we have 10 passwords, if you must change 'em on average every 30 to 90 days, that's 40 to 120 password changes a year।
* Passwords are too hard to remember. O.k., don't use dictionary words, don't use birth dates and stuff that's easy to guess...by the way use something that is easy for you to remember but difficult for others to guess.....what the hell kind a rambling is this? And don't write 'em down? That will work!! Yeah, really!
* The same passwords are used for work and play. I would like to meet the security genius that will be able to enforce this rule. LOL! Can you say lame brain?
* Free password cracking tools make it so easy to crack your passwords। So after you have gone through all the trouble of picking the strongest password you can think of and feel real safe, here comes the multitude of free password cracking tools at Google - I mean, online!
* The rainbow tables is the last straw. The rainbow tables makes brute force attacks against hashed passwords much faster and more feasible।
* Lack of user loyalty. I hate to say this, but the tougher your little password policies get, the more your little disloyal, underpaid users try to find creative ways to get around them in search of "ease of access" and convenience.

Make Your Computer fast and yourself faster...

1.Let your PC boot up completely before opening any applications.

2.Refresh the desktop after closing any application. This will remove any unused files from the RAM.

3.Do not set very large file size images as your wallpaper. Do not keep a wallpaper at all if your PC is low on RAM (less than 64 MB).

4.Do not clutter your Desktop with a lot of shortcuts. Each shortcut on the desktop uses up to 500 bytes of RAM

5.Empty the recycle bin regularly. The files are not really deleted from your hard drive until you empty the recycle bin.

6.Delete the temporary internet files regularly.

7.Defragment your hard drive once every two months. This will free up a lot of space on your hard drive and rearrange the files so that your applications run faster.

8.Always make two partitions in your hard drive. Install all large Softwares (like PSP, Photoshop, 3DS Max etc) in the second partition. Windows uses all the available empty space in C drive as virtual memory when your Computer RAM is full. Keep the C Drive as empty as possible.

9.When installing new Softwares disable the option of having a tray icon. The tray icons use up available RAM, and also slow down the booting of your PC. Also disable the option of starting the application automatically when the PC boots. You can disable these options later on also from the Tools or preferences menu in your application.

10. Protect your PC from dust. Dust causes the CPU cooling fan to jam and slow down thereby gradually heating your CPU and affecting the processing speed. Use compressed air to blow out any dust from the CPU. Never use vacuum.

How to lock your computer..

Creating a desktop shortcut for locking your computer
If you use your computer in an area where others may have access to it, and there are things on your system you would rather have kept confidential, locking your desktop when you leave the computer is an essential task. Here's a recipe for a desktop shortcut that will lock your computer in two easy clicks:

Right click on an empty area of the desktop and choose 'new' then 'shortcut.' The create shortcut wizard will open; in the first text box, type '%windir%\System32\rundll32.exe user32.dll,LockWorkStation' and then give your shortcut an appropriate name on the next page, and hit 'finish.'

You will notice that the shortcut you created has a blank icon. To select a more appropriate one, right click on the shortcut and hit 'properties.' In the 'shortcut' tab, click the 'change icon' button.

In the 'look for icons in this file' box, type '%SystemRoot%\system32\SHELL32.dll' then click 'ok' to see a range of icons for your new shortcut. Choose an appropriate icon. Your desktop locking shortcut is now ready for use. Test it out.

Use Proxies in Windows...

Go to control panel
1)phone modem options
2)advanced
3)In Providers, click Microsoft H.323 Telephony Service Provider, and then click Configure.
4)In Configure H.323 Service Provider
5)To specify an H.323 proxy, select the Use H.323 proxy, and then type the server name or IP address for the proxy.

Try google for available proxy IP /servers...
Or
try www.proxy4free.com
this is a easy way of using private proxy with windows...

Booting process unleashed..

Booting process is the fundamental step of any computer system. Booting of a system technically refers to loading of certain system programs and files in a working memory of a computer system in a sequential build up to bring computer in a working state. After finishing the initial startup process the specific operating system will load. Systems that are able to run Microsoft or Linux operating system follows the same boot up process whereas Macintosh have different set of Booting process.

The Basic Input Output System (BIOS) is Boot firmware, designed to be the first code run by a PC when powered on. The initial function of the BIOS is to identify, test, and initialize system devices such as the video display card, hard disk, and floppy disk and other hardware. This is to prepare the machine into a known state, so that software stored on compatible media can be loaded, executed, and given control of the PC. This process is known as Booting.

Computer Hacking Forensic Investigator

Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information.
This is one of blooming field of IT industry. To get CHFI certified you have to clear exam from any vendor, preferably from ec-council. This test covers all important field. I am working on the Preparation kit of the same course, so i will keep posting new blogs about this course.

Who are HACKERS anyway.........

-The psychology behind hacking and the social networking of hackers will always be a mystery. The research behind this study comes from several websites and personal experience.

Looking in a hacker's mind, you have to be open to the social aspects behind the way they think. Often portrayed as loners, hackers can be socially involved and fit into what is considered 'normal' everyday lives.

There appears to be a commonality of 'power' for hackers. The solving of 'puzzles' and the 'see what I can do' attitude is most apparent. By talking to 'wantabees' and individuals who have hacked, the 'power' of finding exploits and 'showing' the 'bigger' entity how they are not secure is the most outstanding trait you will find in these people. There doesn't appear to be a criminological theory or 'true' understanding 'why' they hack. The motivation of hackers will always be a mystery.

Hackers usually use social engineering to gain most of their knowledge. Social Engineering is the act of getting someone to tell you about sensitive information through trust. This unadulterated trust becomes a weakness for most companies.

Brute Force, Exploit and dictionary attacks are usually started through the use of software on the hacker's computer. To avoid detection, the hacker's may use proxies or zombie machines so that their location cannot be determined. This is just a small list of the different attacks hackers can use.

Who are the Hackers?

Hackers can be a disgruntled employee, help desk technician, network technician, an individual, a group or organization.

The disgruntled employee may destroy files or read confidential documents. The help desk or network technician may use their power to read, modify or destroy information. An individual may be motivated by 'power'. A group or organization may see how far they can go They may modify websites or commit industrial espionage.

Enterprise security relies on everyone in any organization. Looking at trends, reading magazines, obtaining certifications is sometimes not enough. The security director and the security team in any organization should study the social details behind hacking and hackers.

With knowledge being power in the hacker culture, an Elite hacker is someone who has great technical skills. Hackers may and may not have ethics. This separates black hats, white hats, grey hats and script kiddies.