- Run "Windows Update" regularly, or use the automatic "Critical Updates Notification".
- 2Install anti-spyware software (Ad-aware, Spybot S&D & Spyware Doctor are all good ones) and keep it updated. Spyware Blaster runs in the background and stops spyware installing itself.There are many rogue anti spyware applications out there make sure you select one with care. Read more about such scareware applications:Wikipedia Scareware
- 3Run the anti-spyware program regularly to keep your PC clean.
- 4Install & regularly update your anti-virus software.
- 5Run the anti-virus program on a regular basis.
- 6One option is to enable "Microsoft Firewall". However MS Firewall does not control outgoing connections (ie. a virus/worm trying to 'phone home'). Download and install ZoneAlarm - a free version is available.
- 7Make sure there's nothing in the Startup list. (Start Menu> All Programs> startup) Unless there are programs in the list that you need to run when the computer starts up, it should be empty.
- 8Uninstall unnecessary or rarely-used programs in "Add/Remove Programs".
- 9Clean the Desktop icons you don't use. Put them in a folder (preferably not on the desktop) if you are nervous about deleting them.
- 10Clear the Recent Documents & Programs list, on Taskbar & Start Menu properties.
- 11Internet Explorer users:
- In "Temporary Internet Files", delete cookies, and delete files.
- In the "Advanced" tab, uncheck all "Install On Demand" items and disable Javascript and VB Script listed under "Microsoft VM".
- In "Temporary Internet Files", delete cookies, and delete files.
- 12In your "Windows" folder, manually delete files in the "Temp" folder.
- 13Delete unused system tray programs.
- 14Remove startup programs with the MSConfig application (Start>Run> "msconfig", OK).
- 15Run Windows Disk Cleanup. Do this at least twice a month. Make sure 'Recycle bin' is checked to periodically empty it.
- 16Run MS Disk Defragmenter. Do this at least once a month (Start Menu> All Programs> Accessories> System Tools).
- 17Update your drivers for CPU, memory, video card and sound card, etc. Download the driver updates from the manufacturer's web site.
Thursday, July 25, 2013
How to Tune up Your Windows XP PC
Wednesday, July 17, 2013
How To Hack Into Any PC In LAN
There are several powerful tools for penetration into any Remote PC. The best solution for this is: Metasploit framework + Backtrack 5 OS. Do wait for my next post on this topic. In the mean while let me give you an efficient alternative for such penetration with the extremities of a Local
Area Network(LAN).
Generally for getting secret information such as passwords. we go by Phishing method. Here, we create a fake login page and redirect the password entered by the user to a pre-defined database.But, as per recent advances, receptions of complaints and public awareness; people have grown consensus regarding fake login pages. It can be clearly known by the address of the webpage which is not anyhow the same as www.facebook.com.
Lets learn a powerful penetration method : Man In The Middle attack.
I will discuss all the types of penetrations using this method and also their prevention steps.
Theme :
A basic network terminology HTTP(Hypertext Transfer Protocol) generally sends all the necessary information through plain text. In this scenario, if we make the victim use HTTP instead of HTTPS for getting connected to sites like Gmail, Facebook, Paypal etc., it will be much easier to successfully attack the victim computer by MITM attack( bucket-brigade attack),also called as Janus attack. To make the penetration operation to perfection, we will use a tool called SSL strip.
ii. Ettercap >>LINK>>
iii. Python programming language latest version >>LINK>>
iv. The python “twisted-web” module >>LINK>>
(3 and 4 are required for SSL strip) For more info on installation of SSL strip, VISIT HERE
Procedure:
1. Open SSL strip application and fill in all the required information for desired fields such as arpsoof, network ,ssl strip, change data .If you are not aware of these, simply click auto check . Do remember to switch from HTTPS to HTTP to get included in Change data.
2. Then, in the listed ip addresses, check the ip address of the victim.
3. After the completion of this step. open the Ettercap application and go to sniff>unsniffed sniffing and select your network interface.
4. Then select hosts-scan hosts from the menu .Once scanning is completed, it is all set to start the hacking.
Open host list from hosts tab . Then just select the IP address of the router as target 1 and the victims IP as target 2.
5. Then select the MITM -arp positioning without selecting any additional options.
6. Finally, go to start>start sniffing .Now when the victim logs into gmail or facebook or paypal etc., he will be using HTTP not HTTPS . Hence
it is now easier for us to get the User id ,passwords of the victim
what he is using to log into the desired accounts. Just check the
processing window out there and check log for the below combination.
example: Data(wwwfacebook.com):keyid=1021458674&bankCode=U&FirstnameLogin=No&userName=FunterTT&password=FunterTT
* Always use HTTPS instead of HTTP.
* Use two step verification login procedure for Gmail.
* Always check the addressbar before going into the webpage.
* Always check the SSL certificate before doing an online transaction.
* Keep your antivirus updated. I recommend the use of ESET Smart security for a better digital coverage.
Do post your comments if you like this article.
I will discuss all the types of penetrations using this method and also their prevention steps.
Theme :
A basic network terminology HTTP(Hypertext Transfer Protocol) generally sends all the necessary information through plain text. In this scenario, if we make the victim use HTTP instead of HTTPS for getting connected to sites like Gmail, Facebook, Paypal etc., it will be much easier to successfully attack the victim computer by MITM attack( bucket-brigade attack),also called as Janus attack. To make the penetration operation to perfection, we will use a tool called SSL strip.
Required Applications:
i. SSL Strip >>LINK>>ii. Ettercap >>LINK>>
iii. Python programming language latest version >>LINK>>
iv. The python “twisted-web” module >>LINK>>
(3 and 4 are required for SSL strip) For more info on installation of SSL strip, VISIT HERE
Procedure:
1. Open SSL strip application and fill in all the required information for desired fields such as arpsoof, network ,ssl strip, change data .If you are not aware of these, simply click auto check . Do remember to switch from HTTPS to HTTP to get included in Change data.
2. Then, in the listed ip addresses, check the ip address of the victim.
3. After the completion of this step. open the Ettercap application and go to sniff>unsniffed sniffing and select your network interface.
4. Then select hosts-scan hosts from the menu .Once scanning is completed, it is all set to start the hacking.
Open host list from hosts tab . Then just select the IP address of the router as target 1 and the victims IP as target 2.
5. Then select the MITM -arp positioning without selecting any additional options.
6. Finally, go to start>start sniffing .Now when the victim logs into gmail or facebook or paypal etc., he will be using HTTP not HTTPS . Hence
it is now easier for us to get the User id ,passwords of the victim
what he is using to log into the desired accounts. Just check the
processing window out there and check log for the below combination.example: Data(wwwfacebook.com):keyid=1021458674&bankCode=U&FirstnameLogin=No&userName=FunterTT&password=FunterTT
Solution:
To keep yourself away from such penetration attacks,do follow secure procedures.* Always use HTTPS instead of HTTP.
* Use two step verification login procedure for Gmail.
* Always check the addressbar before going into the webpage.
* Always check the SSL certificate before doing an online transaction.
* Keep your antivirus updated. I recommend the use of ESET Smart security for a better digital coverage.
Do post your comments if you like this article.
Subscribe to:
Posts (Atom)