Tuesday 7 May 2013

What is a FireWall?

Hi Folks,

There will a question which hits your mind most of the time. 

What is a Firewall? 

A firewall is a tool that monitors communication to and from your computer. It sits between your computer and the rest of the network, and according to some criteria, it decides which communication to allow, and which communication to block. 
It may also use some other criteria to decide about which communication or communication request to report to you (either by adding the information to a log file that you may browse whenever you wish, or in an alert message on the screen), and what not to report.What Is It Good For? Identifying and blocking remote access Trojans. 
Perhaps the most common way to break into a home computer and gain control, is by using a remote access Trojan (RAT). (sometimes it is called " backdoor Trojan" or "backdoor program". 
Many people simply call it a "Trojan horse" although the term "Trojan horse" is much more generic). 
A Trojan horse, is a program that claims to do something really innocent, but in fact does something much less innocent. 
This goes to the days where the Greek soldiers succeeded to enter through the gates of Troy by building a big wooden horse, and giving it as a present to the king of Troy. 
The soldiers allowed the sculpture to enter through their gates, and then at night, when the soldiers were busy guarding against an outside attack, many Greek soldiers who were hiding inside the horse went out and attacked Troy from the inside. 
This story, which may or may not be true, is an example of something which looks like something innocent and is used for some less innocent purpose. 
The same thing happens in computers. 
You may sometimes get some program, via ICQ, or via Usenet, or via IRC, and believe this program to be something good, while in fact running it will do something less nice to your computer. 
Such programs are called Trojan horses. It is accepted to say that the difference between a Trojan horse and a virus, is that a virus has the ability to self- replicate and to distribute itself, while a Trojan horse lacks this ability. 
A special type of Trojan horses, is RATs (Remote Access Trojans, some say "remote admin Trojans"). These Trojans once executed in the victim's computer, start to listen to incoming communication from a remote matching program that the attacker uses. When they get instructions from the remote program, they act accordingly, and thus let the user of the remote program to execute commands on the victim's computer. 
To name a few famous RATs, the most common are Netbus, Back- Orifice, and SubSeven (which is also known as Backdoor-G). In order for the attacker to use this method, your computer must first be infected by a RAT. 
Prevention of infections by RATs is no different than prevention of infection by viruses. 
Antivirus programs can identify and remove most of the more common RATs. Personal firewalls can identify and block remote communication efforts to the more common RATs and by thus blocking the attacker, and identifying the RAT.

Thursday 28 March 2013

Turning Your Mobile Phones Camera into Web-Cam

Hi Folks,

If you guys don’t have a Web Camera and still want to chat with your friends on Yahoo and Skype, then have a look at what I have got for you.

If you have a Cell Phone with Camera you can use it like your Web-cam.

The SmartCAM is a Open-Source application, connect the PC to your mobile and it will Synchronize your Mobile with your PC through,
Bluetooth. So you can use your Cell Phone Camera as a Web Camera and have a Video Conferencing.

The Mobile OS versions supported are,

  • S60 (Symbian)
  • WinMo6.x (Windows Mobile)
  • Android
  • Samsung Bada
  • J2ME (Java Supported Mobile)
1. SmartCAM is basically developed for the Phones with Bluetooth connectivity using which the integration of your phone cam with your PC is made easy.
2. What you need to get started is, just install SmartCAM in your PC and in your phone also. You need to have the application installed in both the ends.
3. Connect the phone to PC via Bluetooth using the SmartCAM Application Interface.
4. Once you have connected to the PC what you need to do is to synchronize the phone with your PC so that you can easily make it function as your PC Web Camera.
5. SmartCAM works very well with Skype and Yahoo Messenger where you can video chat with your friends using your Phone’s Camera.

Click to download SmartCAM

Wednesday 27 March 2013

Fork Bombing ( Virus Code ) for Windows & Linux

Hi Folks,

Let's write a virus program to generate a fork bomb...

Let's first know what is a fork bomb..

In computing, a fork bomb is a denial-of-service attack whereby a process continually replicates itself to deplete available system resources.






Fork bombs operate both by consuming CPU time in the process of forking, and by saturating the operating system's process table. A basic implementation of a fork bomb takes the following form:
        set running to true
        while running is true
            create copy of running process
        end // you wont reach here at all
 
For more details,click here

Let's write the code for it.


The following is windows implementation of fork bomb:

1. Open Notepad,

2. Type the following code in it,
            @echo off
        :loop
        start
        Call forkbomb.bat
        Goto loop


3. Save it as forkbomb.bat

That's it.

The, concept behind this fork bombing was recursion.


If you run this batch program,

It'll create command prompt again & again until system crashes.

Just like follows..



I'd advice you not to run this on your machine.

For test purpose,
You can run it on a VM Ware machine.

Note: All these code were for educational purposes only.


The following is linux implementation of fork bomb:

Following is a simple way to crash your Linux system as a non-root user with a bash function called recursively.

$ :(){ :|:& };: 
 
:() is a function which gets called recursively from its body and cannot be killed since it is running on the background with &. : is actually the name of the function. 

Here is the same function call in human readable format:


forkbomb(){ forkbomb | forkbomb & }; forkbomb
 
As you can see the function is calling its self twice in the body. This will start consume all resources of your system and eventually force your Linux system to crash. To get more understanding type simple function on your command line. The following function is harmless:

$ fork_bomb(){ echo "FORK BOMB"; };
$ fork_bomb
FORK BOMB
 
You can take same measures to ensure that your Linux users would not exploit fork bomb. Fork bomb is not a bug nor weakness of Linux system. The responsibility is in hands of systems administrators to limit number of processes available for a user by editing /etc/security/limits.conf file. To limit username fork bomb to only 50 processes add following line:

forkbomb             hard    nproc           50
 
If you want to limit entire group called fork bomb to only 100 processes add a line below:

@forkbomb              hard    nproc           100 
 
To make limit of 100 processes as a default value for all users add a following line:
 
@forkbomb              hard    nproc           100

Friday 22 March 2013

Three Passwords for your facebook account:

Hi Folks,

Do you guys know that you can login to your Facebook account with three passwords.

Yeah, lets say theSecretKey is your default password.

You can login with,

1. Your original Default password.
    You can login with your default password theSecretKey.



You can also login with,
2. Your original password with the case reversed(Toggle case):
    You can also login with THEsECRETkEY.
    The reason for this is to not irritate you people when you haven't noticed that capslock is toggled.
3. Your original password with the first letter capitalized:
    You can also login with TheSecretKey.
    The reason for this is, most of the mobile devices automatically capitalizes the first letter.
    Especially, Android :-D
   
And, I hope you are familiar with the three names used fro your Facebook account.
    1. your Facebook name
    2. your email address(which you registered with Facebook)
    3. your mobile number.
   
And, remember this.

The above is not a security flaw.
It's just a feature provided by facebook.

I'll be back with my next post when I get time.

Bye!!!

Thursday 28 February 2013

How to Remove or Add Credentials in windows.

Hi Folks,

Today let's have a look at how to add or remove credentials in windows.


Step 1:    In windows Run box (pressing super-L(the button with windows logo) along with R),
    Step 1.1: Type "Control keymgr.dll" to open your windows vault(where credentials for your network drives, etc will be stored).
    Step 1.2: Or type "Control Userpasswords2" then click "Advanced" tab and then click "Manage Passwords".
   
Step 2: In the credentials manager you can add or remove username/passwords.

For the credentials of users,

    In windows Run box type "Control Userpasswords" the hit return(enter).
   
    There you can change the passwords.


Enjoy.