What Is Distributed Denial Of Service(DDos) Attack

Hi Friends!

I heartily welcome you to our learning session. Today we develop an understanding of Distributed Denial Of Service (DDoS) attack (or informally zombie attack).

Definition:
It is a type of attack in which an online target is rendered unavailable (i.e. no one is able to access the site, i.e. not even legitimate users).

Explanation:
Lets begin by understanding "Denial of Service" first.

In India, we have general public telephone number to contact local police @100.

Assume, a bad guy(or group), everyday, goes to telephone booth and dials this number, say between, 6:00 am to 9:00 pm. In that case, if any legitimate user wants to call police for an emergency, he/she will always find the line engaged! This is what is known as "Denial of Service".

It is easy to track down from where the call is made and hence relatively easy to prevent this attack.

Now, let's understand the "Distributed" part:

It is common sense that the police station in a district won't have just a single inbound line to cater to calls. So lets us assume that there are 200 lines available. What if, 200(or more) bad guys start making calls to the police station from different pay phones. The phone lines are bound to get flooded thereby preventing 'needy' person to reach to Police.

Here, the bad guys make a coordinated attack on the Police contact lines from different locations. And hence, the scope of this attack is major.

Now, consider the same situation, replace 'Police telephone lines' with the web site's server you are trying to use[bad guys still remain the same!]

Targets(mostly):
1. Banks
2. News websites
3. Government websites

How it is done:
#1. To launch DDos, attackers needs millions of machines as sources of request. They develop malicious software, web sites, advertisements etc. to attract users to click them.

#2: Once clicked on these links, a malicious software is installed in to the users machine, without they being even aware of it.

#3: These machines are called botnets.
Now these botnets can be used by the hacker like his own system to send requests to the target.

Symptoms:
#1: Inability of authenticated users to open web sites or Unavailability of web site
#2: Unusually slowness of the site

Categories:
There are 2 flavors of the attack:
#1: Crash services
#2: Flood services

Google them for more understanding! :)

Precautions:
To prevent your machines to be one of botnets, know which web site are you visiting(online games, adult sites, songs/movies downloading sites mostly have these flashing links), don't run any executable on your machine unless you are sure of its 'origin'. Keep your anti-virus updated with internet security turned ON.

There are a lot of things you can do. Better will be to Google it!

Is there any map where I can get the look and feel of DDos Attack:
Well this question shows the inquisitiveness of my blog's readers. And, yes I won't disappoint you all. The answer to this question is: YES

You can find the link here (or alternatively, you can copy+paste "http://www.digitalattackmap.com" in your web browser.)

Hope you find this session interesting.

Feel free to leave a comment.

Cheers!

Access Shared Folders Over Network: NetBios Attack

Hi friends!

Greetings!!

Today we are going to learn one of the primitive types of hacking: NetBios Attack.

Disclaimer: The below attack is for tutorial purpose and the blogger does not endorse the technique. Please note that if any thing (relating to this post or any other) goes awry, the blogger cannot be held responsible. This tutorial is only to show a potential attack of this type exist and all parties using computers should use preventive measures to be safe from this type of attack. The misuse of the tutorial can result in criminal charges brought against the person in question and the blogger cannot be held responsible in case anyone is misusing below information to break the law. This blog was created for information purpose only.

[I took more time to write Disclaimer than the tutorial]

What exactly it is: Well, If you are running a home network, chances are that you may have some folders, files or printer sharing turned on. With this attack, a hacker can get access to your shared resources over the network.

So lets see how it is done:

N.B.: I am using my own system for demo purpose.

#1: Find out the IP address of systems over your network(I have a separate tutorial lined up for this). For now arp -a could be used:

#2: Once you have the IP handy, let check if there is any shared files available on the system:

N.B.: 'A' is caps in the above command

#3: If there is no <20> under Remote column, then that system is not vulnerable to this attack. If there is, as in case of my system(see screen shot above), we can move to #4.

#4: Now its time to find out shared files over this system:

#5: We see that 4 files are shared over the network. Let's see how it can be accessed:

If all goes well, it will generally take 10-15 seconds to get a positive response

#6: Now opening the accessed folder in Explorer should be piece of cake for you:

That's all folks. You can watch videos on your local system as if it is your own system and not somewhere in the network.

Rest is Next
Cheers!

Chkdsk Demystified : Part 1

Hi Friends!

Here I am(sounds like Brian Adams solo, right!) with another post in which we will explore Windows built in utility known as CHKDSK .

Lets get started.

What does CHKDSK mean, let us try to understand what Wikipedia has to say,

CHKDSK (short for "check disk") is a system tool in DOS, OS/2 and Windows. It verifies the file system integrity on hard disks or floppy disk and fixes logical file system errors

                                                                                                      -- Wikipedia

So, it means it is used to Check, Repair and Recover data(if possible) on the drive. It comes with a number of parameters. With command prompt help, you can find all the parameters and their actions using the cmd/? option.

Let us see what this results into in a Win 7 machine:

Well the options are self explanatory, for example:

#1: chkdsk /f : Will fix the errors on the current disk. Like if I run it on the above screen, it will take C: and try to fix the errors on C:

#2: chkdsk /r : Will attempt to recover data from from damaged sectors.

One important point, CHKDSK requires the drive not to be Locked. If the drive cannot be locked (you see a message, The Volume is in use by another process and that process is none other than your OS!), then, it will prompt you if you want to schedule it on the next system restart. If you press 'y' / 'Y'; it schedules on the next restart of the system.

In Win Vista or Win 7, the output is actually piped to App Event Log found in bootex.log in the root folder of the drive.

Let me show you the path to that folder --->> it is in C:\bootex.log !! [Sorry, I just tried to be funny!]

If it is not there, simply, run the CHKDSK utility again, it will appear!!! 

I will continue with the UI version of this in my next article!

See you later!

Basic Computer Definitions By Intel Corporation

Hi Friends!

Today, I am going to share my grey cells, but instead will share a link which will familiarize you with the basics of computer terminologies.

This article is from Intel corporation in which they have written crisp and succinct definition of many computer fundamentals. My sincere advice to you all, please read it and add to your understanding!

You can navigate to the link by clicking here.

[or you can copy + paste the link in your address bar: http://smb.intel.in/solutions/get-an-understanding-of-the-computer-terms?cid=40_smb_outbrain_common-computer-phrases_link ]


Feel free to ask your queries in the comment section.


Rest Is Next!

What is 'Bricking'?

Hi Friends!

Windows last weekend released Windows RT 8.1 update. But alas! things didn't work out as expected and it was reported that the Surface devices have bricked.

Let us understand what does bricking a device means.

Bricking of a device(computer, router, mobile devices...) means that the device will not normally boot up or function properly. In simpler terms, the device(i.e. the software part of the device) has become a brick: hard, rigid and untenable( i.e. its current position cannot be justified).

Causes:

Bricking is caused usually when there is an up gradation of lower level system or firmware. Mostly, on a Windows machine, you would have seen notification as shown below:

Some of these updates requests you to restart your system. And while you are restarting, you see a screen like:

This is the time when most of these low level operations take place, say up gradation of BIOS , then your system restarts and the new configuration is loaded.

But, in case, your device switches-off during this instant(while the operation is in progress) or the battery dies, the firmware is partially over-written. Hence, the next time you try to boot your system, nothing may happen, it may not even allow you to install a new OS!

Solution

Well, recovery options may not be helpful technically, here's what you can try:

• Contact your system manufacturer and get it done by them: This is plain and simple advice. Don't get your hands dirty on something where your domain knowledge is low.
• For Apple devices, there is a DFU Mode for recovering from seemingly bricked situation.

So, be sure of the place from where you download updates for your devices! I am getting a one-liner here:                       

                                   Smart Device In The Hands Of A Smart User 

                                               (I'll get a copyright for this line!)

Also, Microsoft has released an fix for this. You can read the coverage here.

Cheers!

No Taskbar When Chrome/Firefox Is Open

Hi Friends!

Yesterday one of my colleague summoned me this time and asked me that he is not able to see task bar at the bottom of her computer when Chrome/Firefox is open. I asked him in plain words rather sleepily, 'Dude just revert whatever you did, & it should be fine!'.

But the element of surprise was that he did not do anything[apart from browsing some images, ya I know its weird!].

I did not know what was wrong so told him to do what I call as the Elixir for Windows.

The Elixir is to reboot explorer.exe process. So lets see how it is done.

#1: Open Task Manager(on keyboard, press CTRL+SHIFT+ESC)

#2: Follow the instructions to kill the explorer process

N.B. Once you kill the explorer process, there will be no task bar or anything on your desktop. Worry not! In the next step, we are again going to learn to start the process. :)

#3: On the Task Manager, navigate to File -> New Task(Run...) as shown below:

#4: Type explorer.exe in the space provided and hit enter/press OK

And everything is back on track! It should right, doesn't this is exactly what an elixir supposed to do?!


Now be assured and browse whatever you want, let this problem occur, we are equipped with its solution!

Happy Surfing!
[Apologies for the bad quality of images, can't help!]

ClickJacking: Your Facebook/Twitter Nemesis

Hi Friends!

My friends in Facebook complained that there was a video posted from a friend. He clicked on the video and he was presented with a fake CAPTCHA code, after which the video was indirectly posted the video onto his wall and also was "Liked" by him!

& he intended non of it!

So what went wrong? How did all of this happened if he never clicked "Share" or "Like"?

Dear friends! My pal was victim of ClickJacking. Let us understand in layman's language what ClickJacking is:

"Clickjacking (User Interface redress attack, UI redress attack, UI redressing) is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. It is a browser security issue that is a vulnerability across a variety of browsers and platforms. A clickjack takes the form of embedded code or a script that can execute without the user's knowledge, such as clicking on a button that appears to perform another function. The term "clickjacking" was coined by Jeremiah Grossman and Robert Hansen in 2008. Clickjacking can be understood as an instance of the confused deputy problem."
                                                                                                                 --- Wikipedia

This definition, I presume is pretty straight forward.

You navigate to a site, you see a CATCHY (I guess, you understood what I mean. For those, who don't, hmm... Forget it!) pop up. You click on it to close the pop-up. But what you do not know is that there could be a Trojan horse associated with the click which can sneak into your computer system.

Click on the Link to know more. Here's an detailed explanation with a short demo and resolution techniques.


Surf Safe, Play Safe!

Add Translator To Your Web Site: A Step By Step Tutorial

Hi Friends,

Greetings.

I am glad that I have once again become frequent with my blogging capabilities.

Today, we will add a Google translator to your web site. Google translate provides you option to translate your web content to 70+ languages(though Google limit the number to just 60+, very modest Google!) and that will result in more audience base(/traffic) to your site. So, I highly recommend you to add it to your site.

But, wait a second, where on Earth, do we look out for a step-by-step process to add it. Well, friends, you have knowingly(or unknowingly) landed on the correct post. ;P

So lets get started:

Step #1: Navigate to the URL: https://translate.google.com/manager/website/
              You will be directed to this page:

                      

The steps to be taken are mentioned in the screen shot. Click on Add to your website now button as shown above

Step #2: You will now land onto the below page under Website Info tab:

Fill in the details of your web site details as I have done for my blog. Click on Next>> 

Step #3: Now you will be navigated to the second tab Plugin Settings tab:

Step #4: Now you will be redirected to the 3rd tab Add Plugin tab as shown below:
               

Copy this code to say notepad and keep it handy. We have all the prerequisites at our disposal! You have to now add this code in the template of your blog. You can understand template as a Master Page which is consistent to all the pages in your blog.

Step #5: Now equipped with the required code, navigate to the template code of your blog. The URL of the page will be something like:
               http://www.blogger.com/blogger.g?blogID=<<your 19-digit blogID>>#templatehtml

Add the code copied in Step #4 (for quick reference, I have added a screen shot above for the same)

And we are done!

Now, visitors to your site can read your site in more than 70+ languages. The translator is available in my blog as well[towards the top, see screen shot below].

That's all pals,

Catch you in my next blog. Feel free to write your comments or like it.

Cheers!

Cross-Site Scripting: Basics and Prevention

Hi Friends,

Greeting!

Apologies for no contacts with you all. Was kinda busy with my very tight schedule. ;P
Nevertheless, who does not find time to explore technology, and geeks like us... needs technology like food(sorry, if I exaggerated a bit).

So, back at my workplace, one of my colleague asked me what cross-site scripting is. Phew! Let me write what I conveyed to her.

Definition:
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy.
                                                                                                                    ---Wikipedia

The definition given above is easily understood with the following pictorial representation:

Let us decipher what it represents.

There is an entry form in your web site with four inputs: First Name, Last Name, Email and Message.

Now, a hacker, instead of providing these details, inserts some client side scripts in these text boxes. These scripts will get stored, persistently or on temporary basis(depending upon the category of XSS: persistent or non-persistent) into database or any other storage medium.

Now these scripts are requested by the application to generate dashboard or any other user(victim) without these scripts being filtered.

Let us visualize a situation in which the above form with malicious data is stored in the database which is later viewed by the administrator of the site.

You all know that most of the applications today use cookie to keep track of all details of users. So in our case, the hacker may redirect the administrator to some other page(created by him, say malicious page) using the scripts and on the page_load function(/document.ready()) of that page(i.e. malicious page), may steal the admin data(cookie) and again redirect the admin to the original page, as if nothing has happened and everything is working as expected.

Hence, the administrator will never come to know that his data is compromised and the hacker has access to the whole server!!

Usage:
XSS are used for mostly two purposes:

1. Bypass access controls
2. Impersonate users

Prevention:

After analyzing the ill-effects, it is very important to understand how can we prevent it from occurring in the first place. I found a very comprehensive and detailed article in Microsoft knowledge base. You can find it here

I am afraid I will have to end it here. Please feel free to post comment. (No scripts please!!!)

I wish you all Happy Safe Site Creation!

Cheers! ^_^

My Internet Is Slow! 10 Points To Make Your Internet Connection FAST!

Hi Friends!

Greetings!!

Today we are going to troubleshoot the most common problem faced by all: My Internet is very slow.

Without wasting a second, lets get started:

#1: Delete all your temp and temporary internet files. Delete cookies.

#2: Repair your internet connection. This link is available in Control Panel-> Network Connections

#3: Check/ recall if you have installed any new software(esp. antivirus). If yes, try Uninstalling the software, and then try reloading your browser. If your favorite sites loads faster now, either change your software or go for a low version of the software(hit-and-trial method)

#4: Reboot/reset your modem. To reset, at the back of your modem, there will be a small button, press it(the button is so small that you may need a pens' tip to do this). To Reboot, simply press the power button and keep your modem off for 1 mins. Then press it again to start it.

#5: Your system might be infected with virus or malwares. Update your anti virus and run a full scan of your system. You may find this Microsoft link for more information

#6: In the command prompt, try these commands:

1. ipconfig/flushdns (press Enter)
2. ipconfig/release (if it does not work, try with ipconfig/releases)
3. ipconfig/renew

#7: If you are using a wireless connection, make sure that it is ENCRYPTED, so that someone else is not using your connection clandestinely. 

#8: If you remember that your internet was running like Bolt on some earlier period, then do a SYSTEM RESTORE to that point of time.

#9: Last but not the least, RESTART your machine and try!

Not to make it as the 10th point, but even if you are not able to get your internet connection as it was earlier, please contact your ISP, check if anything is wrong with them.

Disclaimer: You will get the speed less than the what you have purchased from your ISP. So the above steps are to make your system make the maximum use of your internet connection.

Hope the 10 steps get you a better internet speed.

Happy surfing!

Turn Off Private Browsing In Mozilla Firefox

Hi Friends!

You will have become accustomed to my apologies for not being with touch with you all... yeah.. I know.. heartily Apologies.. again!

A  friend of  mine at my place asked me that he uses Firefox(in Private mode) to browse the internet. Now, he doesn't remember what he did but now the Firefox in his system always opens in Private mode. How to get rid of this setting... lets resolve it together!

So initially you all know that to open Firefox in Private mode you do an CTRL+SHIFT+P.

Now to get rid of this always Private mode, follow the mentioned steps:

#1: Navigate to Options menu as shown in the screenshot:

#2: Once Options window opens, check which drop down value is selected for History legend.

Generally the problem comes when you have the following setting: Firefox will [Never remember history]. 

Change it to Use custom settings for history as shown below:(version 17.0.1)

\

#3: Restart Firefox and you are done!

This will open Firefox in Normal mode and hence you can do a CTRL+H (to check history of the pages you visited) and it will give you result!

Feel free to drop a comment. Rest is next!

Happy Browsing!!! ^v^

Schedule Computer Shutdown

Hello Friends!

I welcome you again to the exciting world of KNOW-UR-PC. It feels like months that I have not written something for knowledge sharing(It's true actually).

So, here I am back again to restart this wonderful journey.

In today's knowledge sharing, I will teach you to schedule the process of shutting down your system.

Lets get started:

#1: Press Windows(icon in your keyboard)+R key

You will see the Run window

#2: Type shutdown.exe -s -t xxxx

Here xxxx is the time(in seconds), after which you wish to shutdown the terminal

For eg: for 2 hours, xxxx = 7200(as 60*60)

Now press Enter(or click OK)

#3: There's no 3rd step! you are done dear readers!!

To Abort this process

#1: Open Run window again as mentioned in the #1 of the previous step.

#2: Type shutdown.exe -a

& you are done... :)

From next time onwards, if you are downloading a movie, you don't have to follow up on that!

Simply run these set of commands and the system will take care of itself!!!


Rest is Next.

Happy Downloading.. :)

Diagnose Blue Screen Of Death (BSOD): Memory Dump

Hello Friends!

Long time since my last post. Actually, I didn't wish 'Happy New Year' to you pals. So, apologies &

Wish You A Happy & Prosperous New Year!!

Now, coming back to the topic. 

A Memory Dump is a useful tool to decipher why your computer is not responding or has stopped unexpectedly.

The Dump file typically contains:

• The Stop messages, parameters and other data
• A list of loaded drivers
• The processor context (PRCB) for the processor that stopped
• The process information and kernel context (EPROCESS) for the process that stopped
• The process information and kernel context (ETHREAD) for the thread that stopped
• The kernel-mode call stack for the thread that stopped

So let us understand how to save it and where are they stored

Step 1: Right-click on My Computer->Properties

Step 2: Click on Advanced system settings on the left navigation and follow the screen shot

Step 3: In the System failure section, ensure that the following options are checked:

• Write an event to the system log
• Send an administrative alert
• Automatically restart

Step 4: In the Write debugging information section, you will have the following options:

Select Small memory dump (256 KB) or Kernel memory dump depending upon your wish to debug. Due to space constraints, I prefer the check on Overwrite any existing file. Each dump may provide an additional and different information, hence set this option according to your requirements.

Step 5: The Write debugging information section also tells you the location where your system's dump file will be created:

On XP and 2003 systems, mini dumps are located at %SystemRoot%\Minidump, or C:\Windows\Minidump.

Kernel and full dumps are located at %SystemRoot%\MEMORY.DMP or C:\Windows\MEMORY.DMP.

For Win 2000 systems, memory dump files are located at C:\winnt\memory.dmp.

Here is a link to download  the debug tool. To use it in XP or Vista, go for a compatible mode and then run as administrator.