Gentoo-based Sabayon Linux 8 available for download.

The Sabayon development team announced the availability of version 8 this week, acknowledging the challenge to allow “the bleeding edge and reliability to coexist.” Gentoo-based Sabayon touts its variety of packages and installations to choose from, and even though their FAQ mentions its appropriateness for new Linux users, it’s aimed at more experienced users who want to customize to their hearts’ content.

Here is what’s available:

• Sabayon GNOME
• KDE
• Xfce
• SpinBase (bare-metal flavour for building your own ISO images)
• ServerBase (same but with server-optimized kernel)
• CoreCDX, for those liking Fluxbox 

Some of the new features included are:

• The first Extreme-Rolling Release distribution, with automated repository package version bumping, thanks to Entropy Matter ebuild tracker
• Always up-to-date Linux Kernel 3.2 (and experimental “Fusion” Kernels available in repositories)
• Providing extra Server-oriented Linux kernels (OpenVZ, Vserver, Generic Server)
• GNOME 3.2.2 Visual Environment
• KDE 4.7.4 Desktop Environment (4.8.0 available in a few days)
• Improved Xfce 4.8 out-of-the-box experience (for those missing GNOME2)
• Improved LibreOffice integration, updated to 3.4.4
• Cinnamon and Razor Qt available in repositories

To download, check out the Mirror List here.

How To Increase Your You Tube Streaming.

Do you feel that your youtube streaming is very slow even the connection speed is good? This might be the problem due to cache. Don’t worry we can increase that speed. Just follow the below steps that it, you are done.

Step 1
Open any of your favorite video on youtube and right click on the video. Click on the Setting Tab as shown in the below screenshot.




Click on Settings  

Step 2
After clicking on the video you will get small tiny box which specifies as Adobe Flash Player Settings. Here you need to click on the Local Storage link and drag the slider to the end as shown in the below screenshot.




Youtube f=Flash Player Settings

That’s it…!!! Now your videos will stream very fast.

Note: This is only a small tip to improve the performance. There are other various factors that can influence speed.

Microsoft Share Point Service.

Windows SharePoint Services is a versatile technology that organizations and business units of all sizes can use to increase the efficiency of business processes and improve team productivity. With tools for collaboration that help people stay connected across organizational and geographic boundaries, Windows SharePoint Services gives people access to information they need.


Built on Microsoft Windows Server 2003, Windows SharePoint Services also provides a foundation platform for building Web-based business applications that can flex and scale easily to meet the changing and growing needs of your business. Robust administrative controls for managing storage and Web infrastructure give IT departments a cost-effective way to implement and manage a high-performance collaboration environment. With a familiar, Web-based interface and close integration with everyday tools including the 2007 Microsoft Office system, Windows SharePoint Server is easy to use and can be deployed rapidly.
                                 
Installation over Windows Small Business Server: If you intend to install Windows SharePoint Services 3.0 on a server that is running Windows Small Business Server 2003, please read “Installing Windows SharePoint Services 3.0 on a Server Running Windows Small Business Server 2003”. This white paper contains important installation steps and procedures that you must perform to ensure a successful deployment. Caution: If you do not follow the instructions in this white paper, your configuration of Windows Small Business Server 2003 and Windows SharePoint Services 3.0 may not function properly or might not be supported.

Search Server 2008 Express: If you’re using Windows SharePoint Services, you can easily add search capabilities to your collaboration environment across SharePoint sites, file shares, web sites, Exchange Public Folders, and third party repositories using Microsoft Search Server 2008 Express. Click here to download.

System requirements

Supported Operating Systems: Windows Server 2003 Service Pack 1
Minimum hardware requirements:

Server with a processor speed of at least 2.5 GHz
1 GB RAM
The following is also required:

Microsoft .NET Framework 3.0
For further deployment and information and requirements, consult the Deployment for Windows SharePoint Services 3.0 technology site.


Take Tour of Windows Share Point:http://office.microsoft.com/en-us/windows-sharepoint-services-help/demo-tour-a-windows-sharepoint-services-3-0-site-HA010205563.aspx
 

Download:http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=14117

Finally Microsoft unveil Windows 8 on Feb 29.

BANGALORE, INDIA: It seems Microsoft was waiting for a perfect date to launch its upcoming operating system code named Windows 8.
So, a consumer preview of the Windows 8 operating system has been scheduled on February 29 in Barcelona, Spain, at a mobile industry show.

Also read: How to develop metro apps for Windows 8

Inviting journalists for the big event, Redmond-based company Microsoft plans to give an update about the latest operating system during the two-hour session.
Windows 8 operating system comes with a new user interface (UI), which Microsoft calls as "Metro" and the new UI is compatible for three screens- smartphones, tablet PCs, and laptops/desktop PCs.

Also read: A review on Windows 8 developer preview

However, the company has declined to say when Windows 8 will be officially released.
It may be noted that last year in October Micorost had given an opportunity for the developer community to preview the latest operating system to download and develop application based on it.
Some of the features of Windows 8 include:
* 360 degrees change in the Start
* Control panel in Metro interface
* Includes Internet Explorer 10
* Metro style apps which are tablet specific, like PaintPlay and Ink Pad.

Satellite phones vulnerable to eavesdropping.

Security researchers in Germany cracked two encryption standards used for protecting satellite phone signals, giving the ability to eavesdrop on calls over an entire continent.

Researchers at Ruhr University Bochum in Germany cracked the encryption algorithms , known as GMR-1 and GMR-2, are standards used across satellite phone operators, including Thuraya, a leading providers. Their technology is widely used in the Middle East and Africa, including in some military applications.

"We were able to completely reverse engineer the encryption algorithms employed," The Daily Telegraph quoted Benedikt Driessen and Ralf Hund of the university as saying, "Don't Trust Satellite Phones".

According to the Telegraph report, the equipment and software needed to intercept and decrypt satellite phone calls from hundreds of thousands of users would cost as little as $2,000.

The demo takes up to half-an-hour to decipher a call, but a more powerful computer would allow eavesdropping in real time, Mr Driessen said.

The Ministry of Defence has said the crack of the A5-GMR-1 and A5-GMR-2 encryption algorithms will not affect military operations.

"All military users of mobile satellite communication systems are aware of the potential threats to such systems and are briefed explicitly that they are only authorised to pass unclassified information (both voice and data) over these systems," an MoD spokeswoman said in an email statement. "Protected information is never sent over an unclassified system, unless it is being employed in conjunction with an accredited secure device."

Man In The Middle (MITM) Attack.

Man in the middle attack is a type of attack in which the attacker intercept into the existing connection and breaks it in two different connections, one between the client and the attacker and the other between the attacker and the server. Now all the data would go through the attacker and he would be able to read, modify and insert data in the communication. Man in the middle attacks are sometimes known as fire brigade attacks.
This attack is very effective on http protocol because data is seny on plain text form. It is possible to capture session cookies by header and also possible to change.


                               MITM Attack tools:
There are several tools to perform a MITM attack.

1. PacketCreator
2. Ettercap
3. Dsniff
4. AirJack
5. Cain e Abel

University of Washington Vulnerable and Database Leaked by Hacker.

University of Washington Vulnerable and Database Leaked by Hacker

A few days back, a Team INTRA member hacked into the University of Washington database and released much data. Today, N0B0DY and N0LIFE hacked into it again, releasing the most recent passwords on Pastebin.

The root MySQL password was also released, as well as many other MySQL users. The information_schema database was accessed, and they released the COLUMNS table completely, having 6363 records. Hackers also expose the vulnerable links in Pastebin note.

How to hack IIS ( internet information server ) FTP password by useing Brute Force Attack.

FTP is an application or service or protocol which can be used to transfer files from one place to another place ,it really comes very handy during transfer of files from a local box to a remote one .Suppose someone get access to your FTP then he/she can cause nightmare for you by uploading unappropriate images or files etc.Here we will discuss how we can crack the password of IIS installed FTP service in Windows.

What is Brute-Force?

Brute-force is a type of attack in which every possible combination of letters, digits and special characters are tried until the right password is matched with the username. The main limitation of this attack is its time factor. The time it takes to find the proper match mainly depends on the length and complexity of the password.Here I will be using this attack to crack the password.So,lets start….
Requirements:

1. The tool we will be using ” BrutusA2”(Download: http://www.hoobie.net/brutus/)
2. You need to know the target suppose “ftp://123.123.xx.xxx”

Procedure:

Step 1.Here I have shown an authentication page of an FTP service in the image below and in the following steps we will crack its password using brutus.

Step 2.Now open up “Brutus” and type your desire target ,select wordlist and select “FTP” from the drop down menu and click start. If you are confused then follow the image below.


Step 3.The time it takes as I mentioned above depends on the complexity and length of the password.So after clicking the start button wait for the time as mentioned in the tool.The password will be displayed as shown above.
Recommendation: I would recommend the readers to try it in a virtual environment as I did and enjoy the trick.It is not advisable to try it on some unknown user without prior permission.

Raising your kids to have cyber security awareness.

Raising your kids to have cyber security awareness

In our Last Month Magazine Issue, Lee Ives from London, England and Admin of Security-FAQs - talk about internet security for your children and what to watch out for and how to protect them and yourself. You can Download Here Special Magazine January 2012 Edition.

Have a look the interesting Article shared by Lee :

The one thing that is great about the internet is that just like many of the other major mediums it has content for all different types of age groups. If you have older people that you need to entertain then you will be able to find something for them to be entertained by on the web. If you have younger kids that you have to entertain then you will find something for them as well. But unlike the other major mediums such as TV, you have a more diverse stock from which to pick from. With the internet you are getting content from all around the world and no matter which age group you need to entertain, you will be able to find something for them to watch until their heart is content.

Key Logger for LINUX UBUNTU.

I am searching for a keylogger for Ubuntu Linux. Finally I found it in sourceforge.net. Here are the simple steps for keylogger in ubuntu

What is Keylogger?

Keystroke logger is the practice of noting (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. There are numerous keylogging methods, ranging from hardware- and software-based to electromagnetic and acoustic analysis.


keylogger in Linux
We have an opensource software available for Linux called lkl (Linux Key Logger).
LKL is a userspace keylogger that runs under linux–x86/arch. LKL sniffs and logs everything passes trought the hardware keyboard port (0×60).
Download key logger here

How to Install?

Step 1
Unzip or untar the file you have downloaded
Step 2
Change in to directory by typing cd lkl
Step 3
Give the below command ./confiure
This will check all the required resurces it needs
Step 4
Type `make‘ to compile the package.
Step 5
Optionally, type `make check’ to run any self-tests that come with the package.
Step 6
Type `sudo make install‘ to install the programs
Now you are done with the installation
How to use?
You can send argument with the command lkl
-h help
-l start to log the 0×60 port (keyboard)
-b debug mode
-k <km_file> set a keymap file
-o <o_file> set an output file
-m <email> send logs to <email>
-t <host> hostname for sendmail. Default is localhost
Example: lkl -l -k us_km -o log.file // use USA kb and put logs in ‘log.file’

Please comment on the same if it doesn’t works for you

Next Genration File System For Opensource.

  Next Generation File System For Open Source

Hii..Guys i got some great stuff thats want to share with you hope you will like..

 

Open Source treats everything as either a file or a directory. Even hardware is considered a file and is kept in a directory. Therefore, a file system is an organization of data and metadata on a storage device and is expected to provide quick transfer and storage of data without corrupting it. Linux file system interface is implemented as a layered architecture, separating the user interface layer from the file system implementation from the drivers that control the storage devices. To begin with Linux file systems are expected to perform your day to day tasks with some of the latest file systems. 

Some of the key next gen file systems for open source are discussed below:-

 

BTRFS:

BTRFS is also known as B-tree file system and is a popular next gen file system for Linux, available with a GPL license. It is developed by Oracle in association with contributors from the Linux community. BTRFS provides a number of features that make it a very attractive file system solution for local storage. It is designed for

large files and file system and helps in easy administration, integrated raid and volume engagement. It also detects and fixes data and files system corruption, improves backup operations, easy searching for files and allows quick rollback of software and OS upgrades, improves storage capacity.

BTRFS is intended to address the lack of pooling, snapshots, checksums and integral multi-device spanning in Linux file systems as the use of Linux scales upward into larger storage configurations common in the enterprise. It is structured as several layers of trees, all using the same B-tree implementation to store their various data types as generic items sorted on a 136-bit key. The first 64 bits of the key are a unique object ID. The middle 8 bits is an item type field; its use is hardwired into code as an item filter in tree lookups. Objects can have multiple items of multiple types. The remaining right-hand 64 bits are used in type-specific ways.

 

ZFS:

ZFS is the feature rich file system developed by Sun for its UNIX version, Solaris. ZFS allows quick and easy snapshots of data, data check summing, and integration of several tools to manage disks and file systems. It is based upon a copy-on-write design that writes a new copy of the data every time it changes. Once the new version of the data is written the old version is marked as deleted and the space can be reclaimed. To implement a snapshot system you need to instruct the OS to not mark the old data as deleted and changes are preserved.

All data that is written to a ZFS file system is check summed to ensure its validity. Hard drive corrupting data has always been an issue but due exponential growth in storage requirements data corruption has become a common phenomenon. To help mitigate the risk of silent data corruption ZFS stores a checksum of all the data it stores and validates the data again before relaying it onto the operating system. If one copy of the data has been corrupted it is identified on read and seamlessly copied from another source.

                               

 NILFS-2:

NILFS-2 is a reprisal of a log-structured file system developed by Nippon Telegraph and Telephone. The first version of NILFS appeared in 2005 but lacked any form of trash collection. In mid-2007, version 2 was first released, which included a trash collector and the ability to create and maintain multiple snapshots. The NILFS-2 file system entered the mainline kernel and can be enabled simply by installing its loadable module.

An interesting aspect of NILFS-2 is its technique of continuous snap-shooting. As NILFS is log structured, new data is written to the head of the log while old data still exists. Because the old data is there, you can step back in time to inspect epochs of the file system. These epochs are called checkpoints in NILFS-2 and are an integral part of the file system. NILFS-2 creates these checkpoints as changes are made. It is one of the many file systems that incorporate snapshot behaviour. Other file systems that include snapshots are ZFS, LFS etc.

CEPH:

CEPH is a distributed network storage and file system created to provide excellent performance, reliability, and scalability. CEPH is based on a reliable and scalable distributed object store, with a distributed metadata management cluster layered on top to provide a distributed file system with POSIX semantics. CEPH is released under the terms of the LGPL, which means it is free. CEPH will provide a variety of key features that are generally lacking from existing open-source file systems, including the ability to simply add disks to expand volumes, intelligent load balancing, and efficient, easy to use snapshot functionality.

CEPH is designed to seamlessly and gracefully scale from gigabytes to petabytes and beyond. Scalability is considered in terms of workload as well as total storage. CEPH is designed to handle workloads in which tens thousands of clients or more simultaneously access the same file, or write to the same directory.

                          

EXOFS:

EXOFS (Extended Object File System) is a traditional Linux file system built over an object storage system. EXOFS was initially developed by IBM and at that time was called the OSD file system, or OSDFS. Panasas, an object storage systems company, has since taken over the project and renamed it EXOFS based on its ext2 file system ancestry.

EXOFS is a file system that uses an OSD and exports the API of a normal Linux file system. Users can access EXOFS like any other local file system, and EXOFS will in turn issue commands to the local OSD initiator. OSD is a new T10 command set that views storage devices not as a flat array of sectors but as a container of objects, each having a length, quota and time attributes. Each object is addressed by a 64bit ID, and is contained in a 64bit ID partition.

 

Next3:

Next3 was developed by CTERA Networks, which has started shipping it on its C200 network storage device. It is not just an addition to ext3, but works by creating a special, magic file to represent a snapshot of the file system. The files have the same apparent size as the storage volume as a whole, but they are thin files, so they take almost no space at the beginning.

When a change is made to a block on disk, the file system must first check to see whether that block has been saved in the most recent snapshot already. If not, the affected block is moved over to the snapshot file, and a new block is allocated to replace it. Thus, over time, disk blocks migrate to the snapshot file as they are rewritten with new contents. Deleting a snapshot requires moving changed blocks into the previous snapshot, if it exists, because the deleted snapshot holds blocks which are logically part of the earlier snapshots.

                              

REISER 4:

REISER 4 uses B-trees in conjunction with the dancing tree balancing approach, in which under populated nodes will not be merged until a flush to disk except under memory pressure or when a transaction completes. Such a system also allows REISER 4 to create files and directories without having to waste time and space through fixed blocks. As of 2004, synthetic benchmarks performed by Namesys show that REISER 4 is 10 to 15 times faster than its most serious competitor ext3 working on files smaller than 1 KB. The benchmarks suggest that it is twice the performance of ext3 for general-purpose file system usage patterns.

As of 2012, REISER 4 hasnâ??t been merged into the core Linux kernel and is still not supported on many Linux distributions; however, its predecessor REISER FS v3 has been widely adopted. REISER 4 is also available from Andrew Morton's mm kernel sources, and from Zen patch set.

Thats all guys.. love to get your comment on dis..

What Is Spyware?

                                          
A spyware is a piece of malicious code or program installed in system to monitor activities of a person. A spyware is capable of logging key strokes, it can take screen shots and if there is active Internet connection then it can even mail logs to specified email-address or transfer logs to ftp server.
Beyond just monitoring it can record your computing habits including which site you browse more, at what time you prefer to be on system or amount of time you spend on computer.
                                    
A spyware can be used to track all information about your social-networking habits and IRC(Internet Relay Chat) Clients including all major and minor chat clients example: Google Talk, Rediff Messenger, Yahoo Messenger, Microsoft Live Chat, absolutely every thing related to IRC client is exposed to spyware. On the basis of its commercial use and monitoring capabilities spywares are classified as follows,

On Basis Of Commercial Use: Domestic Spywares and Commercial Spywares
On Basis Of Monitoring: Key Loggers, E-mail Loggers/Chat Recorders, Screen Recorders.

Domestic Spywares: This kind of spywares are purchased and used by common people to monitor their system. Most of the times parents install this type of spyware to monitor their children or network admin or a company to monitor computing activities of their employees. The most widely and most powerful use of these spywares are done for hacking purposes only.
Example: SniperSpy, Winspy, Sentry PC, Spy Agent

Commercial Spywares: Commercial Spywares incude the services included in your Operating System and softwares to monitor event logs and crash reports. The information about software crash is anonymously sent to software vendors, also the reports about user experience, crash, memory dump etc are sent to Operating System Vendor. The only fact is that this type of spying is legal to improve product and provide better and secure service.
Example:Windows and Linux Crash Logs, Virus info in Anti-Virus program, Event Collectors etc.

Key Loggers: Key loggers are spywares specially made to record keystrokes from keyboard. Key Logging can retrieve information about bank account password, online transactions, login passwords etc.

E-mail Loggers/Chat Recorders:These spywares are used to track e-mails and chat report from your IRC. If you use e-mail client like Windows Mail or Mozilla Thunderbird etc. Then these spywares are capable of modifying internal settings to forward mails to attacker's inbox without keeping a track in your Outbox.

Screen Recorders: Screen recorders are capable of capturing screen and send recording using minimum bandwidth. Such monitoring is done by parents on their children to protect them from online pornography.
Example:Spy Agent, Winspy, Sniper Spy

Ok being honest I want to clear that today actually nobody bothers about classification of spyware and reason is quite obvious that spyware manufactures pack their spywares with nearly 90% of features of all types of spywares. So if you don't want to remember classification of spyware then its ok, no problem at all but you must know what is spyware. Sorry forgot you already know that.

How does the Internet work?

                                 
Even though the Internet is still a young technology, it's hard to imagine life without it now. Every year, engineers create more devices to integrate with the Internet. This network of networks crisscrosses the globe and even extends into space. But what makes it work?

To understand the Internet, it helps to look at it as a system with two main components. The first of those components is hardware. That includes everything from the cables that carry terabits of information every second to the computer sitting in front of you.

Other types of hardware that support the Internet include routers, servers, cell phone towers, satellites, radios, smartphones and other devices. All these devices together create the network of networks. The Internet is a malleable system -- it changes in little ways as elements join and leave networks around the world. Some of those elements may stay fairly static and make up the backbone of the Internet. Others are more peripheral.

These elements are connections. Some are end points -- the computer, smartphone or other device you're using to read this may count as one. We call those end points clients. Machines that store the information we seek on the Internet are servers. Other elements are nodes which serve as a connecting point along a route of traffic. And then there are the transmission lines which can be physical, as in the case of cables and fiber optics, or they can be useless signals from satellites, cell phone or 4G towers, or radios.

All of this hardware wouldn't create a network without the second component of the Internet: the protocols. Protocols are sets of rules that machines follow to complete tasks. Without a common set of protocols that all machines connected to the Internet must follow, communication between devices couldn't happen. The various machines would be unable to understand one another or even send information in a meaningful way. The protocols provide both the method and a common language for machines to use to transmit data.

We'll take a closer look at protocols and how information travels across the Internet on the next page.

BOT AND BOTNETS

 
The term bot, derived from “ro-bot” in its generic form. It is a script or set of scripts or a computer program which is designed to perform predefined functions repeatedly and automatically after being triggered intentionally or through a system infection. Bot runs automated tasks over internet. According to the type of working we can say that there are two of Bots.


Benevolent bots: Bots that are used to carry out legitimate activities in an automated manner are called benevolent bots. These are used in search engines to spider online website content and by online games to provide virtual opponent.
Malicious bots: Bots that are meant for malicious intent are known as malicious bots. bots used for DDos attack and spam bots are example of Malicious bots.


The first bot program Eggdrop created by Jeff Fisher in 1993 originated as a useful feature on Internet Relay Chat (IRC) for text based conferencing on many machines in a distributed fashion.

An IRC malicious bot program runs on an IRC host or client each time it boots in a hidden manner and controlled by commands given by other IRC bot(s). It is typically an executable file with a size of less than 15 KB in its compressed form. An IRC host computer running an IRC bot malware program becomes a Zombie or a drone (Choo – 2007). 

The first malicious IRC bot, Pretty Park Worm that appeared in 1999 contained a limited set of functionality and features, such as the ability to connect to a remote IRC server, retrieve basic system information e.g. operating system version, login names, email addresses, etc.

A collection of such type of bot affected systems are know as BOTNET (Bot Networks). A collection of compromised hosts or bot-infected machines running malware such as worms, Trojan horses, or backdoors under command & control (C&C) infrastructure.

Types of Botnets:  There are a variety of botnets in existence today. The three most commonly seen on home and office client computers are HTTP botnets that exploit vulnerabilities in web browsers, IRC botnets that allow operators to control the computers of unsuspecting users through an internet relay chat (IRC) channel, and Peer to Peer (P2P) botnets that infect files shared on P2P services like Gnutella or Limewire.

HTTP Botnets:HTTP typically is used for creation and control of botnets. Bots will sign in to an http server and wait for commands from a bot herder, or they will simply visit pre-designated sites to get commands that are coded into the site’s files.  Many HTTP bots have their own servers for downloading malware, phishing, etc. 

P2P Botnets:Many P2P applications are utilized by bot herders to share files that have bots and malware attached. In most cases, these bots are pre-programmed to perform specific functions when a file is opened, or when a container application like a game or desktop application is installed.

IRC Botnets: The most abundant use of botnets is accomplished using IRC applications. This is because the IRC protocol has been around the longest, and that is where earlier botnets operated before HTTP came along. IRC is used by a wide variety of applications to allow users to have simple text based chatting environments. Infected IRC clients log into a specific IRC server and wait for specially formatted text messages that contain commands. Commands can also be encoded into the title or name of the chat channel, so that every bot entering can be given commands. More sophisticated versions of this will group bots into sub-nets based on the tasks to be performed, or some other distinction. IRC Botnets are generally the most complex and the hardest to detect.

                                          

this is the diagram which shows how an attacker spread his bots on victims computer and control those bot program. Mostly these Affected systems are use for illegal activities by attacker without the knowledge of system owner. 

Look at the figure which shows how botnets are used in DDos attacks.

How to Avoid Botnets: 

• Install an antivirus program from a trusted provider.
• Make sure the operating system’s firewall is turned on, as well as the firewall of any connected router(s).
• Keep your operating system, web browser, firewall and antivirus applications up to date.
• Keep all media players up to date.
• Pay close attention to the options available when installing downloaded software. Installing toolbars or other gadgets that come from sources other than the site they were created on may have bots attached to the install. Also be skeptical of installation options that ask for permission to change your browser’s home page.
• Learn to be very critical of emails containing links of any kind or ask you to go to a specific site that you’re unfamiliar with.

if you have any query regarding this post please comment.

Dedicated Search Engine for Exploit.

 Exploitsearch.net - Exploit & Vulnerability Search Engine

This is a online search for Exploits currently utilizing data from NVD, OSVDB, SecurityFocus, Exploit-DB, Metasploit, Nessus, OpenVAS, and PacketStorm.Well search engine does the work but this is a specific search engine for better results. There not much to write about just visit the site and all your queries will be answered.
VISIT : http://www.exploitsearch.net/

Microsoft Windows 8 with Resilient File System (ReFS)

Microsoft Windows 8 with Resilient File System (ReFS)

Microsoft is switching to the Resilient File System for Windows 8, but only the server edition will support the new and more robust file system. While Windows 8 client machines will continue to use the NTFS filesystem. ReFS is meant to maintain compatibility with the most frequently-used features of NTFS, including Bitlocker encryption compatibility, Access Control Lists (ACLs) to control permissions, change notifications, symbolic links, and others, while shedding legacy features and picking up new ones to make it more useful and versatile on today's drives.

Also, in its current state ReFS cannot be used for removable media, or for any partition used to boot Windows – it is purely a file system solution for data storage right now. Windows 8 clients will be able to access and read ReFS partitions from launch though.

According to a blog post from the Windows engineering team, the key goals of ReFS are:

• ‘a high degree’ of compatibility with NTFS
• the ability to verify and autocorrect data
• scalable structures for everything
• keeping the file system online even when problems occur
• providing resilience when used with Storage Spaces.

However, this file system is not compatible with removable media and cannot be used for the booting of an operating system. It is just made for storage, for the time being.

How Windows Product Activation (WPA) Works?

                                              
Windows Product Activation or WPA is a license validation procedure introduced by Microsoft Corporation in all versions of it’s Windows operating system. WPA was first introduced in Windows XP and continues to exist in Windows Server 2003, Windows Vista, Windows Server 2008 and Windows 7 as well. WPA enforces each end user to activate their copy of Windows so as to prevent unauthorized usage beyond the specific period of time until it is verified as genuine by Microsoft. How WPA really works was a closely guarded secret until GmbH analyzed WPA using a copy of Windows XP RC1 and published a paper on their findings.



In this post you will find answers to some of the most frequently asked questions about Windows Product Activation.
Why activation?

Microsoft’s intention behind the activation is to limit the usage of it’s Windows operating system to only one machine for which the retail license is issued. Any other computer which runs on the same license must be disallowed from using the software. Thus WPA demands for activation of the product within 30 days of it’s installation so as to ensure that it is genuine.
What does “Genuine Windows” means?

The copy of Windows is said to be genuine only if the product key used during the installation is genuine. It means that a given product key (retail license) must be used to install Windows only on one computer for which the license was purchased. Thus if the same key is used for the installation on another computer, then it is said to be a pirated copy.
Exactly what information is transmitted during the activation?

When you activate your copy of Windows you are transmitting an Installation ID code to the Microsoft either by phone or Internet depending on the method you choose to activate. Based on this, the Microsoft’s licensing system can determine whether or not the installed OS is genuine. If it is said to be genuine, then the system will receive the Activation ID which completes the activation process. If the activation is done via telephone then the Activation ID needs to be entered manually to complete the activation process.
What information does the Installation ID contain?

This Installation ID is a 50-digit number which is derived from the following two data.

1. Product ID – It is actually derived from the 25-digit product key (the alphanumeric value that is printed on the sticker over the Windows CD/DVD case) that is entered during the installation of the operating system. The Product ID is used to uniquely identify your copy of Windows.

2. Hardware ID – This value is derived based on the hardware configuration of your computer.

The WPA system checks the following 10 categories of the computer hardware to derive the Hardware ID:
Display Adapter
SCSI Adapter
IDE Adapter (effectively the motherboard)
Network Adapter (NIC) and its MAC Address
RAM Amount Range (i.e., 0-64mb, 64-128mb, etc.)
Processor Type
Processor Serial Number
Hard Drive Device
Hard Drive Volume Serial Number (VSN)
CD-ROM / CD-RW / DVD-ROM

Thus the Installation ID which is a combination of Product ID and Hardware ID is finally derived and sent to Microsoft during the activation process.
How is the Installation ID validated?

The Installation ID needs to be validated to confirm the authenticity of the installed copy of Windows. So after the Installation ID is received by Microsoft, it is decoded back so as to obtain the actual product key and the hardware details of the computer involved in the activation process.

The Microsoft’s system will now look to see if this is the first time the product key is being used for the activation. This happens when the user is trying to activate his Windows for the first time after purchase. If this is the case then the Installation ID is validated and the corresponding Activation ID is issued which completes the activation process.

However Microsoft system will now associate this product key with the hardware ID of the computer and stores this information on their servers. In simple words, during the first use of the product key, it is paired together with the Hardware ID and this information is stored up on the Microsoft servers.
What if a computer running a pirated copy of Windows attempts to activate?

The activation fails whenever the copy of Windows installed is not said to be genuine. This usually happens when the product key used for the installation is said to have been used earlier on a different computer. This is determined during the activation process as follows:

During the validation of the Installation ID, the Microsoft’s system checks to see if the same product key was used in any of the previous activation processes. If yes then it looks to see the Hardware ID associated with it. The computer running a pirated copy of Windows will obviously have a different hardware configuration and hence the Hardware ID will mismatch. In this case the activation process will fail.

Thus for a successful activation, either of the following two cases must be satisfied:
The product key must have been used for the first time. ie: The product key should not have been used for earlier activations on any other computer.
If the product key is said to have been used earlier, then the Hardware ID should match. This happens only if the same computer for which the license was genuinely purchased is attempting for subsequent activation.
What about formatting the hard disk?

Each time the hard disk is reformatted and Windows is re-installed, it needs to be re-activated. However the activation process will be completed smoothly since the same computer is attempting for subsequent activation. In this case both the product key and the Hardware ID will match and hence the activation becomes successful.
What if I upgrade or make changes to my hardware?

In the above mentioned 10 categories of hardware, at least 7 should be the same. Thus you are allowed to make changes to not more than 3 categories of hardware. If you make too many changes then your activation will fail. In this case, it is necessary to contact the customer service representative via phone and explain about your problem. If he is convinced he may re-issue a new product key for your computer using which you can re-activate your Windows.
Some things WPA does not do
WPA does not send any personal information at all about you to Microsoft. There is still an option to register the product with Microsoft, but that is separate and entirely voluntary.
If you prefer to activate via phone, you are not required to give any personal information to Microsoft.
WPA does not provide a means for Microsoft to turn off your machine or damage your data/hardware. (Nor do they even have access to your data). This is a common myth that many people have about Microsoft products.
WPA is not a “lease” system requiring more payments after two years or any other period. You may use the product as licensed in perpetuity.

I have tried my best to uncover the secret behind the WPA. For further details and more technical information you can read the actual paper by Fully Licensed GmbH at http://www.licenturion.com/xp/fully-licensed-wpa.txt. I hope you like this post. Pass your comments.

How do Email Spam Filters Work?

                                                 
If you are the one who works with emails on a daily basis, you are most likely to be using a SPAM FILTER to ease the job of sifting through a large number of spam emails every day. Needless to say that spam filters do make our job a lot simpler by automatically filtering out the spam without which it is almost impossible to manually filter the junk emails that arrive in millions each day. However, it is often necessary to have a basic knowledge of how spam filters work and on what basis they flag an email as spam.


How Spam Filters Work?

There are different kinds of spam filters:

Header Spam Filters

Header spam filters work by examining the header information of a particular email message to check if it appears to have been forged. The header of every email contains information which tells the origin of the email. ie: The incoming email ID and usually the IP address (server address) of the sender. So spammers often forge the header to input a false sender ID and IP address so as to make it difficult to trace them. Thus if an email is supposed to have a forged header or if the same message is found to have been sent to multiple recipients, it is most likely considered as a spam by many filters. This method of spam filtering is often quite effective, however occasionally it may result in some of the requested newsletters from being misdirected into the spam folders.

Content Spam Filters

Content spam filter is one of the most effective and widely used filter to combat spam emails. They use a sophisticated algorithm with a set of pre-defined rules to determine whether a given email is a spam. They work by scanning the entire text/body of the email to search for specific words and patterns that make them resemble a typical spam message. Most content spam filters work based on the following criteria and check to see

1. If the message speaks a lot about money matter. Commonly suspected words include: lottery, discount, offer, bank account, money back guarantee etc.

2. If the message contains adult terms like: viagra, pills, bed, drugs, hot and so on.

3. If there is any sort of urgency. Most spam emails call for an urgency by using terms such as hurry, offer valid till etc.

4. If the message contains a single large image with little or no text then it is often considered as spam by many filters.

Each content spam filter may have it’s own set of additional rules using which it evaluates each incoming email. In most cases content and header spam filters are combined together to achieve higher level of accuracy.

Language Spam Filters

Language spam filter is designed to simply filter out any email that is not in the user’s native language. Since spammers come from all parts of the world with different languages, a language spam filter can help get rid of those annoying emails that come in the languages that you can’t read!

User Defined Spam Filters

User defined spam filters can be very handy, however they need a considerable amount of time investment in configuring and setting up a set the rules using which the filter works. For example, the user can configure to have all the emails from friends and company to reach the inbox, newsletters to reach a secondary inbox and all those remaining to the spam folder. Here the user must carefully examine the patterns of spam emails that he receives from time to time and needs to set up the rules accordingly. This filter when improperly configured can sometime lead to false positives or false negatives.

Other Types of Spam Filters

Popular webmail services like Gmail, Yahoo and Hotmail combine both header and content spam filtering techniques. In addition to this they also use their own algorithms to combat spam. For example services like Gmail uses “optical text recognition” to identify spammy text inside an image. Also users are provided with an option to “Report Spam” whenever a spam email accidentally reaches the inbox. With the user feedback, the filter learns and becomes more powerful in carrying out the filtering process.

What is CAPTCHA and How it Works?

CAPTCHA or Captcha (pronounced as cap-ch-uh) which stands for “Completely Automated Public Turing test to tell Computers and Humans Apart” is a type of challenge-response test to ensure that the response is only generated by humans and not by a computer. In simple words, CAPTCHA is the word verification test that you will come across the end of a sign-up form while signing up for Gmail or Yahoo account. The following image shows the typical samples of CAPTCHA.





Almost every Internet user will have an experience of CAPTCHA in their daily Internet usage, but only a few are aware of what it is and why they are used. So in this post you will find a detailed information on how CAPTCHA works and why they are used.

What Purpose does CAPTCHA Exactly Serve?

CAPTCPA is mainly used to prevent automated software (bots) from performing actions on behalf of actual humans. For example while signing up for a new email account, you will come across a CAPTCHA at the end of the sign-up form so as to ensure that the form is filled out only by a legitimate human and not by any of the automated software or a computer bot. The main goal of CAPTCHA is to put forth a test which is simple and straight forward for any human to answer but for a computer, it is almost impossible to solve.

What is the Need to Create a Test that Can Tell Computers and Humans Apart?

For many the CAPTCHA may seem to be silly and annoying, but in fact it has the ability to protect systems from malicious attacks where people try to game the system. Attackers can make use of automated softwares to generate a huge quantity of requests thereby causing a high load on the target server which would degrade the quality of service of a given system, whether due to abuse or resource expenditure. This can affect millions of legitimate users and their requests. CAPTCHAs can be deployed to protect systems that are vulnerable to email spam, such as the services from Gmail, Yahoo and Hotmail.

Who Uses CAPTCHA?

CAPTCHAs are mainly used by websites that offer services like online polls and registration forms. For example, Web-based email services like Gmail, Yahoo and Hotmail offer free email accounts for their users. However upon each sign-up process, CAPTCHAs are used to prevent spammers from using a bot to generate hundreds of spam mail accounts.

Designing a CAPTCHA System

CAPTCHAs are designed on the fact that computers lack the ability that human beings have when it comes to processing visual data. It is more easily possible for humans to look at an image and pick out the patterns than a computer. This is because computers lack the real intelligence that humans have by default. CAPTCHAs are implemented by presenting users with an image which contains distorted or randomly stretched characters which only humans should be able to identify. Sometimes characters are striked out or presented with a noisy background to make it even more harder for computers to figure out the patterns.

Most, but not all, CAPTCHAs rely on a visual test. Some Websites implement a totally different CAPTCHA system to tell humans and computers apart. For example, a user is presented with 4 images in which 3 contains picture of animals and one contain a flower. The user is asked to select only those images which contain animals in them. This Turing test can easily be solved by any human, but almost impossible for a computer.

Breaking the CAPTCHA

The challenge in breaking the CAPTCHA lies in real hard task of teaching a computer how to process information in a way similar to how humans think. Algorithms with artificial intelligence (AI) will have to be designed in order to make the computer think like humans when it comes to recognizing the patterns in images. However there is no universal algorithm that could pass through and break any CAPTCHA system and hence each CAPTCHA algorithm must have to be tackled individually. It might not work 100 percent of the time, but it can work often enough to be worthwhile to spammers.

Tips to Avoid Getting Adware

                                       
  Adware, malware, spyware and viruses can bring your system to its knees. They are detrimental, lowering the performance of your computer. You might need to replace data. You might lose unique files. Keep the nasties away from your computer using these ten simple tips.

1. Use Firefox: Internet Explorer is the most popular browser on the market, controlling over 50% of the market share. The virus and adware creators specifically look for exploitable vulnerabilities within IE because they know that they will receive the best return on investment. Your switch to Firefox prevents some adware from infecting your machine.


2. Scan your PC once a week: Sometimes adware programmers take a sneaky approach. They will set up their programs to run quietly in the background to spy upon your activities. This once a week scan is necessary to remove any of those sneaky bugs.

3. Download from known sites: New sites for installing adware are popping up all the time. If you find something that you want to download, make sure that it is from a known site. A company like Amazon will not steer you wrong, but Bob’s House of Wares might be a little less trustable. If you are not sure whether you can trust a site, perform a quick search.

4. Install Adaware: Ad-Aware is the most popular free adware removal program on the market. It detects, quarantines and removes adware. It searches for other programs which may have been installed, highlighting them in an easy to use interface. This program does not have an anti-virus attached.

5. Do not click on unsolicited email: You are constantly receiving offers to increase this or improve that through unsolicited email. Your curiosity may be killing you, but don’t click on these emails. They accept your click as permission to install adware, spyware and malware on your PC.

6. Install Antivirus software: Installing two programs for virus and adware protection is a smart idea. It caters to the strengths of each program, increasing the overall strength of your antiadware and antiviral campaign. Some of the best antivirus software is free, providing real time protection. Programs to look at would be Avast Antivir and AVG.

7. Don’t install toolbars: Even some reputable sites install custom toolbars. They slow your system down and collect information about your surfing habits. While a toolbar might offer some perks, it may also diminish your experience by dragging your system to a halt. Toolbars from less reputable places install adware and sometimes infect your system outright.

8. Look at your task manager: If anything seems out of place with your computer, take a look at your task manager. This tells you about all of the programs and processes which are running on your computer. Examine the processes tab for anything which you don’t immediately recognize. Perform a web search for unfamiliar processes.

9. Do not click on popups: Clicking on a popup usually spells certain doom for your computer. It opens the door for the viruses and adware that want to infect your machine, telling these malicious applications to make themselves at home. Stay away from those constantly advertised screensavers and icons.

10. Trust your gut: If you don’t feel right about a site, don’t go there. If you are receiving warnings from the antivirus and antiadware programs which you’ve installed, don’t go there. If you don’t like the layout of a site, don’t go there. Trust your instincts about sites.

With proper vigilance, you can keep aggravating adware, spyware and malware from your machine. Trust your instincts. Install Ad-Aware and an antivirus program. Play it safe. The care you spend in preventing adware from infecting your machine can save money and time.

How FireWall Works?

                                                                                                                                                                             
If you have been using Internet on a regular basis or working in a large company and surf the Internet while you are at work, you must have surely come across the term firewall. You might have also heard of people saying “firewalls protect their computer from web attacks and hackers” or “a certain website has been blocked by firewall in their work place”. If you have ever wondered to know what exactly is this firewall and how it works, here we go. In this post I will try to explain “How firewalls work” in a layman’s terms.
How Firewalls Work



Firewalls are basically a barrier between your computer (or a network) and the Internet (outside world). A firewall can be simply compared to a security guard who stands at the entrance of your house and filters the visitors coming to your place. He may allow some visitors to enter while denying others whom he suspects of being intruders. Similarly a firewall is a software program or a hardware device that filters the information (packets) coming through the Internet to your personal computer or a computer network.



Firewalls may decide to allow or block network traffic between devices based on the rules that are pre-configured or set by the firewall administrator. Most personal firewalls such as Windows firewall operate on a set of pre-configured rules that are most suitable under normal circumstances so that the user need not worry much about configuring the firewall.

Personal firewalls are easy to install and use and hence preferred by end-users for use on their personal computers. However large networks and companies prefer those firewalls that have plenty of options to configure so as to meet their customized needs. For example, a company may set up different firewall rules for FTP servers, Telnet servers and Web servers. In addition the company can even control how the employees connect to the Internet by blocking access to certain websites or restricting the transfer of files to other networks. Thus in addition to security, a firewall can give the company a tremendous control over how people use the network.

Firewalls use one or more of the following methods to control the incoming and outgoing traffic in a network:

1. Packet Filtering: In this method packets (small chunks of data) are analyzed against a set of filters. Packet filters has a set of rules that come with accept and deny actions which are pre-configured or can be configured manually by the firewall administrator. If the packet manages to make it through these filters then it is allowed to reach the destination; otherwise it is discarded.

2. Stateful Inspection: This is a newer method that doesn’t analyze the contents of the packets. Instead it compares certain key aspects of each packet to a database of trusted source. Both incoming and outgoing packets are compared against this database and if the comparison yields a reasonable match, then the packets are allowed to travel further. Otherwise they are discarded.

Firewall Configuration


Firewalls can be configured by adding one or more filters based on several conditions as mentioned below:

1. IP addresses: In any case if an IP address outside the network is said to be unfavorable, then it is possible to set filter to block all the traffic to and from that IP address. For example, if a cetain IP address is found to be making too many connections to a server, the administrator may decide to block traffic from this IP using the firewall.

2. Domain names: Since it is difficult to remember the IP addresses, it is an easier and smarter way to configure the firewalls by adding filters based on domain names. By setting up a domain filter, a company may decide to block all access to certain domain names, or may provide access only to a list of selected domain names.

3. Ports/Protocols: Every service running on a server is made available to the Internet using numbered ports, one for each service. In simple words, ports can be compared to virtual doors of the server through which services are made available. For example, if a server is running a Web (HTTP) service then it will be typically available on port 80. In order to avail this service, the client needs to connect to the server via port 80. Similarly different services such as Telnet (Port 23), FTP (port 21) and SMTP (port 25) services may be running on the server. If the services are intended for the public, they are usually kept open. Otherwise they are blocked using the firewall so as to prevent intruders from using the open ports for making unauthorized connections.

4. Specific words or phrases: A firewall can be configured to filter one or more specific words or phrases so that, both the incoming and outgoing packets are scanned for the words in the filter. For example, you may set up a firewall rule to filter any packet that contains an offensive term or a phrase that you may decide to block from entering or leaving your network.

Hardware vs. Software Firewall


Hardware firewalls provide higher level of security and hence preferred for servers where security has the top most priority whereas, the software firewalls are less expensive and are most preferred in home computers and laptops. Hardware firewalls usually come as an in-built unit of a router and provide maximum security as it filters each packet in the hardware level itself even before it manages to enter your computer. A good example is the Linksys Cable/DSL router.

Why Firewall?


Firewalls provide security over a number of online threats such as Remote login, Trojan backdoors, Session hijacking, DOS & DDOS attacks, viruses, cookie stealing and many more. The effectiveness of the security depends on the way you configure the firewall and how you set up the filter rules. However major threats such as DOS and DDOS attacks may sometimes manage to bypass the firewalls and do the damage to the server. Even though firewall is not a complete answer to online threats, it can most effectively handle the attacks and provide security to the computer up to the maximum possible extent.