FN SECURE: 09/01/2011 - 10/01/2011

Call Us For Workshops Or Seminars.. In Your University, Colleges, or Schools.
Email Us At : vicky@globallyunique.in

Save as PDF

BOOST UR MOBILE MODEM!!!

Hello every one,

I know that a computer without internet is just like a dump box!!
Having a internet connection is not all!! You should get the maximum speed for surfing and downloading stuffs from net... Having slow connections would irritate us and we may even lose our good mood!!
So what to do if u have a slow net connections? This was the question I asked everyone one month back!! But today I have known a lot of facts to boost up the speed up to maximum extend and I share all my idea in this blog!! So let’s get into the topic
1) Get maximum speed via comet bird
Comet bird is advanced version of Mozilla Firefox and it is built for speed!!
It gives you the maximum speed for browsing even though its inbuilt download manager is not   
So  efficient .but that is not a problem which is discussed in next point.
TIP 1-YOU CAN SET YOUR BROWSERS HOME PAGE AS BLANK PAGE(YOU HAVE A SEARCH TOOLBAR ON TOP PF THE BLANK PAGE) AS YOU WON’T WASTE ANY TIME WAITING FOR THE HOME PAGE TO LOAD.( GO TO --tool > options > general > when comet bird starts > show a blank page )
TIP 2- ANNOYING POPUPS AND OTHER AD’S  CAN BE BOCKED BY USING ANY AD-BLOCKING ADDON IN YOUR BROWSER..ALL THE ADS HAVE HIGH GRAPHICS AND IS CONSUMES MUCH OF THE SPEED !!
USING AD-BLOCK ADDON YOUR PAGE IS LOAD ED WITHOUT AD’S AND HENCE IT IS LOADED IN LESS TIME!!

TIP 3- IF YOU WANT TO LOAD A PAGE WITH MUCH MORE SPEED, THEN YOU CAN BLOCK IMAGES IN THE WEBPAGE BY SELECTING THE SUITABLE FROM PAGE –SETUP. BUT  YOU SHOULD SACRIFICE YOUR INTERNET ‘S PLEASURE IN THIS AND ITS PRACTICAL FOR MOST OF US!!
TIP 4- YOU CAN USE MULTIPE TABS WHILE USING INTERNET FOR SURFING
NOTE-opera 11 was a good browser with its turbo connect feature that loads a webpage with its maximum speed!! But now it’s not working properly…don’t know what happened !!
You can download comet bird  browser from the following link
http://www.cometbird.com/


2) Use internet download manager
Use internet download manager for boosting your download speed up to   the limit !!
Using a trial version of internet download manager is not very beneficial because after it has expired, you won’t be able to download anything without registering it or uninstalling it!!
It is the best download accelerator that is available in the market and I suggest everyone to use it!!
You can download IDM from the following link—
http://www.internetdownloadmanager.com
3) Use Internet Turbo connect
Many manufactures  say that their product can boost up the internet speed by 200% or 300%!!
But it’s just a trick to attract people and nothing else!!
I don’t guarantee that  it would increase the speed by 200% etc but I do guarantee that it would increase your speed!! But it is a trial software and yah it will not be useful  after trial period!!

You can download internet turbo connect  from the following link—

4)If you are using mobile modem then be sure to Update It
If you are using a mobile modem then the best way to extract maximum speed is to update the PC suit !!
In nokia you should have the latest ovi suite that offers additional features for a better browsing experience ..
5) use pc tune up to find and fix problem
Everyone has one or the or the crack (pirated software) installed in your computer!!
When you patch the software it actually alters the registry and that’s how its patched.
But when you use so many cracks there arise some problems with your system that may result in a decline in the overall performance of your pc..if you are using pc tune up  ,it detects all the errors and fixes it. Therefore having a pc tune up software can improve your network speed!!
 you can download avg pc tune up from the following link-
6)using  Malwarebytes Anti-malware
Using any anti malware is method to check whether is there any malware in your pc!!
Malwares generally absorb a lot of the band width and hence decreases the speed! When we download files from internet there are chances that the content may be infected with malware or spyware !! using antimalware software  like Malwarebytes Anti-malware you can ensure that you receive the full band width which the operator offers!!it is a trial version but after trial period you get the free version that offers  all the necessary feature!! I suggest everyone to use free version that does not offer residential shield  as it may clash with the existing antivirus and also consume your RAM memory that can slow down the system!!
 Spybot is another  spyware detecting free software that is very good for detecting spywares that also consume our band width!! You can use both spybot and malwarebytes together!! Spybot works silently and don’t clash with the installed antivirus!! You can install it when you feel that your pc is spyware infected and uninstall it after repairing !!
 you can download malwarebytes antimalware  from the following link-
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

7)Use TCP OPTIMIZER
TCP optimize is a very good optimizer to optimize the internet settings and give u the best settings.

1)OPEN TCP OPTIMIZER .CHOOSE THE MAXIMUM SPEED IN Mbps.

2)TICK “MODIFY NETWORK ADAPTER”
3)CLICK “OPTIMAL ” SETTINGS AND CLICK APPLY
4)CLICK OK WHEN IT ASKS TO REBOOT
 you can download tcp optimizer  from the following link


8)use Hoot  to find your network speed
Hoot is software to check your network speed !!
Monitor your network speed and find them best suitable time when there is less traffic and you get the maximum speed!!
you can download hoot from the following link-
9)change your configurations
you can change the configuration of your system
1)GO TO CONTROL PANEL
2)CLICK “VIEW NETWORK STATUS AND TASKS”

3)CLICK ON YOUR CONNECTION(HERE IT IS “NOKIA 3110C CLASSIC USB MODEM#2(NOKIA OVI SUITE)”)
4)CLICK PROPERTIES

5)CLICK CONFIGURE

6)Change the maximum speed (bps) TO THE MAXIMUM
THAS ALL!!!

10)use web-of thrust (WOT)add-on
Using WOT  add-on won’t actually increase your network speed and  It  can even decrease  the network speed ,but it is still useful in the sense that it shows the reputation of every website and marks all the fraud websites ,thus saving our valuable time!! It won’t decrease your speed to a maximum ..but it shows the reputation of every site and thus we can easily choose the best one!!
Hope this blog benefited others who were irritated  by the slow network speed and to those who want to boost their network speed to the maximum!! if you have any doubts regarding this do post your question  and I will you the best answer !!do suggest this link to others!!!

You can download this from the link below-
11)use net setters for extracting the best speed from sim
Use a net setter for extracting the maximum speed  from the sim network !!
I suggest everyone to use idea net setter as we can unlock(unlocking means to use the idea net setter with sim cards other than idea) it easily!!

Read more

MySQL and Sun websites hacked using SQL injection


MySQL.com, the official website of the database management system of the same name, was today subjected to an attack whereby hackers used SQL injection exploits to gain access to a complete list of usernames and passwords on the site.
News of the attack surfaced when the attackers posted details of the compromise on the Full Disclosure mailing list, publicly listing the contents of database tables used to store member and employee data, but also a small sample of user logins and password hashes.
MySQL Sun Hacked
Owned by Oracle, MySQL is used by millions of websites to store and deliver information, with some of the most popular online services and platforms including WordPress and Joomla utilising the software.
The attack was achieved using “blind SQL injection”, targeting MySQL.com, MySQL.fr, MySQL.de and MySQL.it, but also two Sun domains.
It appears that the attacks were not due to flaws in the MySQL software itself, but flaws in the implementation of their websites.

Read more

sqlmap 0.9 Released – SQL Injection Tool


After a year of hardcore development, sqlmap 0.9 is out!
Introduction:
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL Injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for the ultimate penetration testor and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
New Features:
  • Rewritten SQL injection detection engine
  • Support to directly connect to the database without passing via a SQL injection, -d switch
  • Added full support for both time-based blind SQL injection and error-based SQL injection techniques
  • Implemented support for SQLite 2 and 3
  • Implemented support for Firebird
  • Implemented support for Microsoft Access, Sybase and SAP MaxDB
  • Added support to tamper injection data with –tamper switch
  • Added automatic recognition of password hashes format and support to crack them with a dictionary-based attack
  • Added support to fetch unicode data
  • Added support to use persistent HTTP(s) connection for speed improvement, –keep-alive switch
  • Implemented several optimization switches to speed up the exploitation of SQL injections
  • Support to parse and test forms on target url, –forms switch
  • Added switches to brute-force tables names and columns names with a dictionary attack, –common-tables and –common-columns.
Demo:

Read more

Groupon Leaks Entire Indian User Database


The entire user database of Groupon’s Indian subsidiary Sosasta.com was accidentally published to the Internet and indexed by Google.
The database includes the e-mail addresses and clear-text passwords of the site’s 300,000 users. It was discovered by Australian security consultant Daniel Grzelak as he searched for publicly accessible databases containing e-mail address and password pairs.
Grzelak used Google to search for SQL database files that were web accessible and contained keywords like “password” and “gmail”.
“A few hours and tweaks later, this database came up,” he said. “I started scrolling, and scrolling and I couldn’t get to the bottom of the file. Then I realised how big it actually was.”
Grzelak contacted Risky.Biz after the Sosasta discovery to seek advice on disclosure. This website contacted the CEO of Groupon, Andrew Mason, who called back personally within 24 hours of initial contact.
The database was removed immediately and the company has launched an internal investigation to find out how it wound up publicly accessible in the first place.
Groupon is notifying all its Sosasta users of the incident and is advising them that the passwords they used on the website are now compromised and cannot be relied upon to secure other accounts.
Source: Risky.Biz

Read more

Ubertooth One : A Bluetooth Network Hacking Tool


Ubertooth One is a cheap, open-source Bluetooth network sniffer. Unlike Wi-Fi, which has had a wide range of free network monitoring tools for years, Bluetooth has remained pretty closed. Michael Ossman is about to change this, with his Ubertooth Kickstarter project.
Ubertooth One
The Ubertooth One is a USB plug with an antenna, and a ARM Cortex-M3 processor-based board in-between. Plug it into your computer and you can use it with various wireless monitoring tools like Kismet. The Ubertooth allows you to use Bluetooth in monitoring mode. This “promiscuous” mode makes the radio pass everything that it picks up onto the host computer. Normally, wireless receivers will ignore anything not addressed to them. In promiscuous mode, you can sniff and gather data meant for other devices.
These tools can be used for testing network security, or for hacking. Kismet, for example (and derivatives like the Mac OS X version KisMac) can be used to crack Wi-Fi networks’ passwords.
Until now, Bluetooth monitoring hardware would cost upward of $1,000. Ossman’s device will cost just $100 and, because both the software and hardware are open-source, you can build your own.
Ossman demonstrated the Ubertooth One at the ShmooCon hackers convention on Friday. Future software updates will enable Bluetooth injection and expanded monitoring modes.
More Info:
Project Ubertooth [Sourceforge]
Ubertooth One on Kickstarter [Michael Ossman’s blog

Read more

PacketFence – Open Source Network Access Control (NAC) System


PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system.
Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively secure networks – from small to very large heterogeneous networks.
What you can do with PacketFence :
PacketFence
  • Block iPods wireless access
  • Forbid rogue access points
  • Perform compliance checks
  • Eliminate Peer-to-Peer traffic
  • Provide guest access
  • Simplify VLAN management

Read more

Windows Remote Desktop Worm “Morto” Spreading


FN-Secure just found a new Internet worm, and it’s spreading in the wild. The worm is called Morto and it infects Windows workstations and servers. It uses a new spreading vector that we haven’t seen before: RDP (Remote Desktop Protocol). Windows has built-in support for this protocol via Windows Remote Desktop Connection. Once you enable a computer for remote use, you can use any other computer to access it.
Windows Remote Desktop Worm Morto
When you connect to another computer with this tool, you can remotely use the computer, just like you’d use a local computer.
Windows Remote Desktop Worm Morto
Once a machine gets infected, the Morto worm starts scanning the local network for machines that have Remote Desktop Connection enabled. This creates a lot of traffic for port 3389/TCP, which is the RDP port.
When Morto finds a Remote Desktop server, it tries logging in as Administrator and tries a series of passwords:
admin
password
server
test
user
pass
letmein
1234qwer
1q2w3e
1qaz2wsx
aaa
abc123
…….
………..
Once you are connected to a remote system, you can access the drives of that server via Windows shares such as \\tsclient\c and \\tsclient\d for drives C: and D:, respectively. Morto uses this feature to copy itself to the target machine. It does this by creating a temporary drive under letter A: and copying a file called a.dll to it.
The infection will create several new files on the system including \windows\system32\sens32.dll and
\windows\offline web pages\cache.txt.
Morto can be controlled remotely. This is done via several alternative servers, including jaifr.com and qfsl.net.
F-Secure Lab detected Morto components as Backdoor:W32/Morto.A andWorm:W32/Morto.B.

Read more

Using Google Servers as a DDoS Tool


Google’s servers can be used by cyber attackers to launch DDoS attacks, claims Simone “R00T_ATI” Quatrini, a penetration tester for Italian security consulting firm AIR Sicurezza.
Google Servers
Quatrini discovered that two vulnerable pages – /_/sharebox/linkpreview/ and gadgets/proxy? – can be used to request any file type, which Google+ will download and show – even if the attacker isn’t logged into Google+.
By making many such request simultaneously – which he managed to do by using a shell script he’s written – he practically used Google’s bandwidth to orchestrate a small DDoS attack against a server he owns.
He points out that his home bandwidth can’t exceed 6Mbps, and that the use of Google’s server resulted in an output bandwidth of at least 91Mbps.
“The advantage of using Google and make requests through their servers, is to be even more anonymous when you attack some site (TOR+This method); The funny thing is that apache will log Google IPs,” says Quatrini. “But beware: igadgets/proxy? will send your IP in apache log, if you want to attack, you’ll need to use /_/sharebox/linkpreview/.”
He says he has discovered the flaws that allow the attack on August 10 and that he contacted Google’s Security center about it. After 19 days of receiving no reply from Google, he published his findings.

Read more

Save this Page

Download as PDF