Sunday, 11 December 2016

How to prevent DDOS attack?

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash. In both instances, the DoS attack deprives legitimate users (i.e. employees, members, or account
holders) the service or resource they expected.

 Victims of DoS attacks often target the web servers of high-profile organizations such as banking, commerce, and media companies, or government and trade organizations. Though DoS attacks do not typically result in the theft or loss of significant information or other assets, they can cost the victim a great deal of time and money to handle.

The difference between DoS and DDoS (Distributed Denial of Service) is in the number of machines (PC, server, mobile, in general, any device connected to the Internet that has been compromised) used to launch the attack, in the case of a denial of the ‘attack takes place from a single machine, while in the far more difficult to block the DDoS attack can take place simultaneously from hundreds of different machines.How can so imagine all the advice in this article do not ensure you total protection against DDoS, because when they are well organized and the attack comes from a large number of different machines, the only way to try to block it or more realistically , mitigate it, is to act upstream, directly on the infrastructure of your provider (which then must contact), unless you have your own network infrastructure.In this article we will see then how to prevent the boy on duty without a social life will block some services on the server showering them with requests thanks to some little program downloaded from an unknown site.


How to recognize an attack?This is definitely the first thing to learn, learn to recognize a DoS attack, I have seen many times blame suffered an attack of this type just the services hosted on the servers are unreachable, even though the more likely things are very different.First, if you are under attack, you will see a spike (which can vary from a few to several Mbit / s) in your graphics bandwidth used, and a peak in the connections netstat, for this would be good to generate graphs of all the most important services on your server.Once satisfied that there are anomalous peaks in the use of bandwidth, use this command to display the status of all active connections on your server:netstat -nat | awk ‘{print $ 6}’ | sort | uniq -c | sort -n

 The output will be something like:

        1 CLOSING

        Established 1)

        1 Foreign

        5 LAST_ACK

       15 FIN_WAIT1

       16 LISTEN

       59 FIN_WAIT2

      424 TIME_WAIT

      442 ESTABLISHED

 If you notice that there are several connections in state SYS_SENT‘re definitely under attack, at this point you just have to find the IP or IP addresses from which come more connections, you can do it with this command:

 netstat -atun | awk ‘{print $ 5}’ | cut -d: -f1 | sed -e ‘/ ^ $ / d’ | sort | uniq -c | sort -n

 At this point you will have a list sorted by number of open connections from any IP in the end most likely you will have the IP of the machine from which they are attacking you, now you just have to block these IP, as we shall see in the next chapter.

 Another very useful utility for analyzing network traffic and see it in real time is tcptrack, once installed use the following commands to start the monitoring:

 tcptrack -i eth0 will show you all traffic on port 80

 tcptrack -i eth0 src or dst 127.0.0.1 will show you all the traffic generated by the IP address specified.

 In most tcptrack mosterĂ  you real-time bandwidth usage.

What is Hacking?
Hacking is a drawback of internet technology.Suppose you have a big House,there are various way to enter into the house.Finally you secure all the way that  unauthorized people cannot enter to the house. But some unauthorized people try to enter to the house and finally they or any of them enter to the house successfully.This unauthorized people is called hacker and the procedure which is applied to enter to the house is called hacking.Similarly your server(data server) is your house and all the protocols or ports are the way to hack your server(computer).


If you want to go to a safe place then you have to disconnected from internet system. Actually in the world two types of hacker "white hat" and "black hat" hacker.White hackers are legal hacker but black hat hacker always want to stole something.

If you want to be an hacker you have to choose any of them. But firstly you have to learn about basic level of hacking called Ethical Hacking. Because some information or some knowledge which will help you to start hacking. Some basic information are know about "IP address","port","protocol","database","server" etc.There is a community, a shared culture, of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments. The members of this culture originated the term ‘hacker’. Hackers built the Internet. Hackers made the Unix operating system what it is today. Hackers make the World Wide Web work. If you are part of this culture, if you have contributed to it and other

 people in it know who you are and call you a hacker, you're a hacker.
The hacker mind-set is not confined to this software-hacker culture. There are people who apply the hacker attitude to other things, like electronics or music — actually, you can find it at the highest levels of any science or art. Software hackers recognize these kindred spirits elsewhere and may call them ‘hackers’ too — and some claim that the hacker nature is really independent of the particular medium the hacker works in. But in the rest of this document we will focus on the skills and attitudes of software hackers, and the traditions of the shared culture that originated the term ‘hacker’. There is another group of people who loudly call themselves hackers, but aren't. These are people (mainly adolescent males) who get a kick out of breaking into computers and phreaking the phone system. Real hackers call these people ‘crackers’ and want nothing to do with them.
 Real hackers mostly think crackers are lazy, irresponsible, and not very bright, and object that being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word ‘hacker’ to describe crackers; this irritates real hackers no end. The basic difference is this: hackers build things, crackers break them.
Posted by at No comments:

Password Hacking Tricks

Password hacking is the ultimate security hacking. Password cracking is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Most passwords can be cracked by using following techniques :

 1) Brute Force :-This technique is easy but take longest time to hack. If all other techniques failed, then attackers uses brute force password cracking technique. Here an automatic tool is used which tries all possible combinations of available keys on the keyboard. As soon as correct password is reached it displays on the screen.This techniques takes extremely long time to complete, but password will surely cracked.
Long is the password, large is the time taken to brute force it.

 2) Hashing :- Here we will refer to the one way function (which may be either an encryption function or cryptographic hash) employed as a hash and its output as a hashed password.
If a system uses a reversible function to obscure stored passwords, exploiting that weakness can recover even ‘well-chosen’ passwords.
One example is the LM hash that Microsoft Windows uses by default to store user passwords that are less than 15 characters in length.
LM hash breaks the password into two 7-character fields which are then hashed separately, allowing each half to be attacked separately.

 Hash functions like SHA-512, SHA-1, and MD5 are considered impossible to invert when used correctly.

 3) Guessing :- Many passwords can be guessed either by humans or by sophisticated cracking programs armed with dictionaries (dictionary based) and the user’s personal information.

 Not surprisingly, many users choose weak passwords, usually one related to themselves in some way. Repeated research over some 40 years has demonstrated that around 40% of user-chosen passwords are readily guessable by programs. Examples of insecure choices include:

 * blank (none)
* the word “password”, “passcode”, “admin” and their derivatives
* the user’s name or login name
* the name of their significant other or another person (loved one)
* their birthplace or date of birth
* a pet’s name
* a dictionary word in any language
* automobile licence plate number
* a row of letters from a standard keyboard layout (eg, the qwerty keyboard — qwerty itself, asdf, or qwertyuiop)
* a simple modification of one of the preceding, such as suffixing a digit or reversing the order of the letters.
and so on….

 In one survery of MySpace passwords which had been phished, 3.8 percent of passwords were a single word found in a dictionary, and another 12 percent were a word plus a final digit; two-thirds of the time that digit was.
A password containing both uppercase & lowercase characters, numbers and special characters too; is a strong password and can never be guessed.

 Check Your Password Strength

 4) Default Passwords :- A moderately high number of local and online applications have inbuilt default passwords that have been configured by programmers during development stages of software. There are lots of applications running on the internet on which default passwords are enabled. So, it is quite easy for an attacker to enter default password and gain access to sensitive information. A list containing default passwords of some of the most popular applications is available on the internet.
Always disable or change the applications’ (both online and offline) default username-password pairs.

 5) Phishing :- This is the most effective and easily executable password cracking technique which is generally used to crack the passwords of e-mail accounts, and all those accounts where secret information or sensitive personal information is stored by user such as social networking websites, matrimonial websites, etc.
Phishing is a technique in which the attacker creates the fake login screen and send it to the victim, hoping that the victim gets fooled into entering the account username and password. As soon as victim click on “enter” or “login” login button this information reaches to the attacker using scripts or online form processors while the user(victim) is redirected to home page of e-mail service provider.
Never give reply to the messages which are demanding for your username-password, urging to be e-mail service provider.

 It is possible to try to obtain the passwords through other different methods, such as social engineering, wiretapping, keystroke logging, login spoofing, dumpster diving, phishing, shoulder surfing, timing attack, acoustic cryptanalysis, using a Trojan Horse or virus, identity management system attacks (such as abuse of Self-service password reset) and compromising host security.
However, cracking usually designates a guessing attack.

 Thank you
Posted by at No comments:

How to Hack any social networking user account ?


Social networking website(facebook,google+) servers are very secure. You cannot hack their server easily.But there has some trick which help you hack a user account easily.

 Every social networking websites use mail-protocols like pop3,smtp,imap etc.So,you can easily check every user account with

 mail form like "user_account.website_name.domain_name".

 All the steps are given below:

 1.Open any social networking website.
2.go to the search box where you can search any friend(user).
3.open any profile.

 4.go to the url link.
5.copy the part of after website name.
6.logout your account.
7.click on "sign_in".
8.click on "forget password".
9.Paste on user_name box.
10."right click" on mouse.
11.open "inspect element"
12.open "edit HTML".
13.Run a script on "form" part.
14.Account is hacked.
Method 2 also you can apply:-

 ) Make sure the person uses google chrome.. it's needed
-) If the user prefers save password, he's gone!

Step One: Open Google Chrome. Go to the website that you want to the steal that certain password from. (ex. YouTube, Facebook, G mail)

Step Two: Go to the login interface. If they use Google Chromes program to save passwords, then your in luck.

Step Three: Highlight the password.

Step Four: Right click > Inspect Element

Step Five: This is where things get tricky. A box with a bunch of codes should popup below. The line you're looking for should be highlighted. Look for the following code:" <input type=''password'' "



Step Six: Right click > Edit Attribute

Step Seven: rename 'password' to 'text'.

Step Eight: Copy down the password, you are done!
 Thank You.
Posted by at No comments:

How to know your friend's IP address?

The first step of hacking is to know the IP address of victim's computer.
This is very easy steps to know friend's IP address if you and your friend start chat using any messenger application.
   follow the steps:

 1.open your messenger application (don't start chat)
2.run
3.enter "cmd"
4.Now go to the cmd
5.type "netstat -n"
6.check all address
7.Now start chat with your friend
8.go to cmd
9.again type "netstat -n"
10.Now here you see a new ip address which is your friend's messenger ip address.

    Let's try "Thank You"
Posted by at No comments:

How to check your Internet speed?


With connection speed test you know how fast you can download and upload data from your computer.
Check the speed, quality and performance of your Internet connection.There are number of website where you can check
your internet speed.
www.speedtest.net

testmy.net
www.att.com
Use Speed test for easy, one-tap connection testing in under 30 seconds—accurate anywhere thanks to global network. 

 For Android Mobile - Install this app and follow instructions.

 Thank You...
Posted by at No comments:

Smart mobile free recharge in 2 min

Although there are no such requirements but you should know how to install app from playstore.
So without wasting much time I come to Free Mobile Recharge Tricks Tutorial For Airtel, Idea, Reliance etc. which is designed for absolute beginners to get free mobile recharge for their smartphone from their smartphone itself.
So first of all download the following apps in your smartphone from Play Store.

 TaskBucks App
Earn Talktime App
Mcent App
Pocket Money
Now install all of these apps and follow the instructions.After completed installation process install all app under this app.
Omni Swipe – Rs 7
Riddler App – Rs 24
Newshunt App – Rs 15
Bikedekho App – Rs 20
Leo Privacy Guard App – Rs 18
Tinyowl App – Rs 20
The Viral Shots App – Rs 24
Rdio Music App – Rs 18
Foodpanda App – Rs 20
Real Teen Patti – Rs 10
Guvera Music App – Rs 18
My Airtel App – Rs 5
UC Browser – Rs 20
WasaBee App – Rs 12
ClearTrip App – Rs 10
Goibibo App – Rs 10
Olx App – Rs 20
Flipkart App – Rs 10
Amazon App – Rs 12
BookMyShow App – Rs 8
Gaana App – Rs 12
Mobikwik App – Rs 15
Wechat App – Rs 7
Junglee Ad Posting – Rs 19
Askmebazaar App – Rs 7
Snapdeal Selller Registration – Rs 4

 Now try this and Enjoy.
Thank you.

Posted by at No comments:

Get 1.2 GB free data by installing 4 app

Airtel is offering 1.2GB 3G internet data for downloading 4 apps. This is an amazing offer from airtel.
Download all these fou apps and you will get 1.2GB 3G data for free. To get free data follow these steps:
1) Go to Offer Page
2) Enter your mobile number
3) Click on Get The Link
4) You will get download link for four apps
* MyAirtel App
* Wynk Music App
* Wynk Movies App
* Wynk Games App
5) Download all these apps and you will get 1.2GB 3G data for free.


Terms & Conditions :-

1) The free 1.2 GB offer is available for all Airtel Prepaid subscribers (User) in India starting from 7th January, 2016 (“Offer”).
2) This offer entitles the Users to get free data up to 1.2 GB, which can be used only at Night (from 12 AM to 6 AM) at the existing speed which the User has subscribed to.
3) The Offer will be delivered in 100 MB installments each valid for 7 days from the date of credit of such installment
4) To avail the Offer, Users will be required to follow the following steps:
*  In the My Airtel app, the Users can claim the offer through the latest updated version of the app installed on his/her mobile device, once every calendar month for the next 3 months from the start date mentioned above.
*  In the Wynk Music & Wynk Movies App, the first installment will be credited on installing & opening the latest updated version of the app through Airtel mobile internet or post registration with an Airtel prepaid number. The second installment can be claimed by opening the above Wynk apps post 30 days of first claiming the Offer. The third installment can be claimed post 30 days of claiming the second installment through above Wynk apps. The third installment needs to be claimed within 90 days of claiming the first installment of the Offer.
*  In the Wynk Games App, the first installment will be credited to the Users post opening the app through Airtel mobile internet network or on post registration with an Airtel prepaid mobile number. The second installment can be claimed by activating the FREE Games subscription via the app post 30 days of first claiming the Offer. The third installment can be claimed post 30 days of claiming the second installment by activating the FREE games subscription via the app. The third installment needs to be claimed within 90 days of claiming the first installment of the Offer.
5) The differential of 28.8 MB between 1200 MB which is 12 installments of 100 MB each and 1.2 GB shall be credited as and when the Users complete the steps as laid down above to avail the Offer across all the apps, along with the 12th installment.
6) The offer will be applicable for Users on the following platforms:
* My Airtel: Android & iOS users
* Wynk Music: Android, iOS and Windows mobile users
* Wynk Movies: Android, iOS users
* Wynk Games: Android users.
7) This offer cannot be combined with existing 50% Night Cashback Offer on Airtel Prepaid.
8) Existing users of all the above apps namely My Airtel app, Wynk Music, Wynk Movies App, Wynk Games app will also be eligible to avail the Offer and can claim the same in accordance with the steps laid down above.
9) Users acknowledge that he/she waives his/her right to ‘Do Not Disturb’ services and Airtel/Wynk is free to communicate regarding this Offer or other offers related to these apps, with the Users.
10) The Users acknowledge that this Offer is a gratuitous offer being extended by Airtel and Airtel will accordingly be entitled to withdraw the Offer at any time.

Thank You...

Posted by at No comments:
Subscribe to: Posts (Atom)