Showing posts with label Network Security. Show all posts
Showing posts with label Network Security. Show all posts

Wednesday, January 23, 2013

10 System Admin Tools to Help You Secure Your Network


System admins are frequently bombarded with security concerns, requests, alerts, news items, “did you see this?!” emails, and more. Keeping up with all the aspects of network security can seem like an overwhelming task, but in this post we’re going to look at ten tools a system admin can use to help secure their network. Some you may be familiar with, like network security software, while others may come as a surprise, like your email client; but all will help you to stay ahead of the bad guys, keep yourself informed of the latest threats, and maintain the security of your network.

1. Network security software
When we talk about network security software, we’re talking about a class of product more than any specific tool, and how important it is for you to have an application or small group of applications that can help you to accomplish most of your tasks. There are simply too many things for any one admin to do by hand, and network security software applications help to automate the heavy lifting and ensure that you can keep up with the workload. Look for network security software that multitasks. Think about it as a Swiss Army knife of software packages that includes many of the other items on this list.

2. Vulnerability scanner
A good vulnerability scanner is a key part of any toolkit, and should be used by server admins and security engineers alike. The top network security software apps will include a scanner that has a database of the thousands of vulnerabilities that could exist on your network, so that you can quickly, easily and regularly scan your network to ensure you systems are up-to-date, configured properly and secured.

3. Port scanner
A port scanner is another regular tool that should be in your network security software application. Attackers regularly scan your Internet connection looking for ways in and so should you. But you should also scan internally so you can find unauthorized services or misconfigured systems, and to validate your internal firewalls are set up correctly.

4. Patching software
Patching operating systems and third party applications is one of the most important, regularly recurring tasks a sys admin has. Network security software that can automate this, and handle the hundreds of other applications on your network, is the only realistic way you can keep up with this.

5. Auditing software
Auditing software may strike you as a strange recommendation at first, but consider all those apps you are trying to patch. How can you be sure you have no vulnerabilities on your systems if your users can install anything on your systems? How are you going to maintain licensing compliance if you don’t know who has installed what from \software? Network security software may also include software and hardware inventory components to help you stay informed and secure.

6. Secure remote clients
Telnet, older versions of PCAnyWhere and several of the web-based remote access apps that are out there all have a common issue - they’re not secure. Use SSH v2 or later for secure access to all CLI-based systems, and the most secure versions of Remote Desktop Protocol to manage Windows boxes. Using strong encryption, good passwords, lockout policies and, when possible, mutual authentication between client and host, will help to ensure no one sniffs credentials or brute-forces their way into a system. If you have two-factor authentication in your environment, ensure that every system possible uses it to further reduce your risk from unauthorized access.

7. A good network analyzer
Whether you like the open source WireShark, the free Microsoft tool NetMon, or one of the many other commercial network analysis tools, having a good “sniffer” is key to helping secure and analyze systems. There is simply no way that’s more effective to figure out just what is going on between networked systems than to see the traffic first hand.

8. Network tools
Whenever you are dealing with connections from foreign systems, you will find the need to check network addresses, routes and more. Having good tools like DIG, WHOIS, HOST, TCPING and others close at hand makes network evaluation a breeze.

9. Log parsing software
Securing systems means going through logs; lots of them. Web logs, access logs, system logs, security logs, SNMP logs, syslog logs – the list goes on and on. Having software that can quickly and easily parse through logs is critical. Everyone has their favorite. Some install locally like LogParser, while others run on servers like Splunk. Whichever you prefer, get a good log parser to help wade through what can be millions of entries quickly and easily so you can find events you need to check.

10. Your email client
Knowledge is power, and the best way to amass that knowledge is to stay informed. Whether you subscribe to email bulletins, security alerts, or RSS feeds, your email client can provide you the first indications that something new is out there, and also what you need to do to protect your systems from the threat. Zero day exploits, out of band patches, best practices and more, can all be yours if you simply join the right distribution lists and subscribe to the right lists.

These 10 system admin tools are a great start towards building your toolkit for security. Network security software plays a major role in this toolkit, which you supplement with other tools and the information you need to maintain a secure environment.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. Learn more about the importance of a secure business network by downloading the free eBook: A first aid kit for SysAdmins. All product and company names herein may be trademarks of their respective owners.
Continue   Reading>>

Friday, November 4, 2011

Find If A Website Is safe To Open or not using Online sites and Tools



In last post, we explained how to check if the site is safe or not using the McAfee Advisor.  Now i am going to introduce some other sites and tools for testing the site is safe to open or not.

Websites To check sites:

Norton Safeweb:
Norton Safeweb is free online application provided by Norton Security. It works same in way as McAfeeAdvisor.
You can check the site safety here:
http://safeweb.norton.com/

Google Safe Browsing:
Google safe browsing will analyze the site for malware.  It will also report the status of site in past months.
URL to Check:
www.google.com/safebrowsing/diagnostic?site=www.google.com
replace the www.google.com with your target site.

If you manually find any sites spreading malware, you can report here:
http://www.google.com/safebrowsing/report_badware/

AVG Link Scanner:
AVG Link Scanner is free tool that also works like a McAfeeAdvisor.

  • Checks each web page in real time before it opens on your computer
  • Automatically updates whenever a new threat is discovered 
Download it from here:
http://linkscanner.avg.com/

Don't forget to check your own site frequently. Attackers can inject malicious script in your site also.
Continue   Reading>>

How to check if a website is safe to use or not? | McAfee SiteAdvisor


Cyber world is most risky world.  Here you may not know you are being attacked until your system completely destroyed or your data stolen.

if you trust whatever you website you see in Internet, then your data and system are in risk.  Website can spread malwares , this malware can infect your system without your knowledge.  In order to get protection from those sites, we have to identify harmful sites.  Here i am going to introduce McAfee SiteAdvisor. 

McAfee SiteAdvisor:
McAfee SiteAdvisor is free tool provided by McAfee to test the site safety against malware. It notifies you about potential threats and dangerous websites (adware, spyware, spam, viruses and even scams)

Install the SiteAdvisor Addon from here(chrome,Firefox):
http://www.siteadvisor.com/download/windows.html

How to use?
Whenever you search in Internet, Use McAfee Secure Search.  This will display list of sites with rating icons.  This will helpful to identify potentially dangerous sites.

If you don't like to use Addon, you can manually check the site in this site:
http://www.siteadvisor.com


Alert:
An attacker can infect your trusted websites. In internet, you should not blindly trust websites. Even facebook can be infected my malware( it is not going to happen ). So be careful. if you want proof, then check this news: 350,000 sites infected
Continue   Reading>>

Thursday, November 3, 2011

How to Hide email address when sending mail to Multiple Recipients


Recently, i got mail from my Institute(where i learned Java) regarding the Interview. when i look into the To address, it includes other email address (including girls email address).  This is not big matter when you send mail within organization. What if suppose you send to others.

Just for fun:
Just imagine you have two girl friends.  Forwarding some interesting mail to both.  If anyone notice the To address, then you will end up in hospital. 

 If you like to hide email address from other recipients while sending to multiple recipients, this article will explain how to do.  I believe this will helpful for organization and those who concerned about Security.

How to do?
It is very simple.

Whenever you send mail to group of mails, fill the mail address in BCC field instead of To field (leave the To field empty).

BCC is expanded as Blind Carbon Copy.



The receiver will see sender and his address.
He can't see others address.
Continue   Reading>>

Wednesday, November 2, 2011

Could Your Bad Password Habits Come Back To Haunt You?



According to Business Insider, the CEO of a major social network used its trusted database of user passwords in order to hack into one of its user’s email accounts. The hack was based on the guess that this user probably accessed all of their accounts using the same password.

Although the cloud has provided us with some amazing new tools, it’s also created the need for increased end-user education and policy enforcement.

Yes, it’s true that nearly all cloud providers act ethically. They invest heavily in security as a means of protecting their reputations. But also, there are laws which strictly dictate how they must handle and protect their client data.

In fact, most data leaks and privacy breaches are the result of “insider jobs” by people who had physical access to the victim’s computer or storage media. (It would be much easier for me to steal your laptop from your home, than for me to break into Google’s datacenter and steal the hard drive that stores your Gmail content).  But it only takes one bad apple or one security leak to put your password into the wrong hands. And once that happens, then all of the other accounts which depend on this password will be compromised.

There are a number of ways that you can protect yourself from the possibility of having your password stolen in this manner.

One simple way would be to make use of sites which feature single sign-on (such as OpenID), or where a single login would let you access multiple services (like your Google account). There are also a number of specialized apps which let you manage multiple online accounts from a single interface.This has the advantage that your credentials are only stored in a single central repository. (Every time you make a copy of a password, the chances of a data breach go up).  Of course, this still leaves you open to a breach in the event that someone steals your password, but at least it makes such breaches more difficult. Also, such a breach might leave suspicious activity patterns that could get flagged and blocked. (ex: Many SaaS providers can block or flag access coming in from a anonymizing proxy)

The ideal scenario would be to have some sort of multi-factor authentication that requires access from a specified IP address. At the moment, only a few SaaS apps offer this ability.

If you choose to aggregate your credentials in this manner, you should only do so for low-priority online services. Any services that require the handling of sensitive information should have their own dedicated unique highly-random passwords.

Another method for managing multiple accounts using a single set of credentials would be to use a single password which is scrambled using a hint that is unique to the account in question. For example, a user whose password is “pUpp1e5” could combine this password with the web site name and create an MD5 hash where the first 10 characters would be the new password.  So the password+site string “pUpp1e5 salesforce.com” might hash to “50f49dd6f3f838fb74ca1b7de5898c48”. And the new password would be 50f49dd6f3.
But the absolute best way to prevent you passwords from being used against you would be to generate and memorize completely random passwords for every account you open. Although this takes a bit of discipline, it’s not as hard as it sounds.

Many people will rely on mnemonic systems which turn these passwords into easy-to-visualize sentences.
For example:
“Y!14gtP” could be turned into “Yolanda surprised 14 green turtles named Peter”
Although these mnemonic systems are ok for short-term memorization, I’ve found that their effectiveness is overrated. For a number of reasons - which would take too long to go into for this article – I find that there’s no substitute for good old-fashioned memorization through repetition.

Here is a technique that works for me.
  • Step 1: Generate a random password and memorize it mnemonically or write it down somewhere safe. (Maybe an encrypted file)
  • Step 2: Log in and out 5 times in a row to build muscle memory.
  • Step 3: The next day, log in and out again 5 times using the new password.
  • Step 4: One week later, log in and out again 5 times using the new password.
You can now go ahead and destroy the written or saved copy of the password. By this point, you should have the password memorized for life. (Or until you’re ready to change it again)
Now that we’re living in the “cloud age”, users need to be more aggressive than ever when it comes to maintaining effective password management habits.
About The Author:
For over ten years, Storagepipe has been providing online server backup services that help companies maintain the safety, security and confidentiality of their private data.

Continue   Reading>>

Wednesday, October 5, 2011

How to recover a Hacked or Compromised Gmail Account?~Security Tips



Now a days, hacking gmail account is increasing.  Most of people doesn't know how to be secure(because they doesn't visit BreakTheSecurity).  So please refer our website to your friends as Security tips Blog. Ok let me come to the point.  In this article, i will explain how to recover your hacked or compromised gmail accounts.

First of all verify yourself whether your entering the correct password. Also check whether the caps lock is turned on.

How to Recover Your Gmail Account?
If you believe your account is hacked, then visit click the Can't access your account? link below the signin button in gmail.



Enter the Email address . it might ask for CAPTCHA ,fill it and continue.

option 1: If you have secondary email address, select secondary mail and ask to send the password to your secondary mail address.

option 2:  Answer to your security question and change the password

option 3: if you have added mobile number in your account. then you can recover through mobile.

Contact Gmail:
If the above option doesn't work for you? then you have to contact the gmail.


Visit
https://www.google.com/support/accounts/bin/request.py?ara=1

It will ask whether the password recovery option worked or not. Click "No" button.  It will ask you to enter the information about your email account.  Fill everything. They will ask to enter the email to contact you, enter the alternative email address that you have.(if that also hacked, then create new account and enter it).



Submit the form.
They will contact you soon.


FAQ About Account Recovery

Q. Why can't I tell someone private information about my account that they could look up to verify my claim?
A. Account privacy rules are very strict within Google, and allowing employees to look at the contents of an account would be a serious breach of privacy.

Q. Why isn't there a comments section on the Account Recovery Form where I could add additional information to prove my claim?
A. Like above, it would be a violation of account privacy for an employee to look in the account to verify any additional information supplied.

Q. Why can't I simply talk to somebody about this?
A. Unfortunately, Google does not offer live support for the free Gmail product (see: http://mail.google.com/support/bin/request.py?contact_type=contact_policy). You must use the recovery methods provided.

Q. Why can't Google lock the account to protect it from any more damage or outgoing spam.
A. They will lock an account that the detection system identifies as being compromised and sending out spam. But again, privacy concerns would prevent them from simply locking an account because someone claims it's theirs and is compromised. In addition, since there is no live support, there is no one to even make such a request to.

Q. I had a really long password of random strings that would be impossible to guess. How was my account compromised?
A. Google (as most e-mail providers) have blocks to prevent trying lots of passwords to guess the correct one (brute-force attacks). Most accounts are compromised by harvesting passwords other ways. While a secure password is important, it's only one in a long list of things needed to keep any online account secure.

Q. But I'm very careful with my password. I don't give it to anyone except an official request from Gmail.
A. Unfortunately if you provided your password in response to any e-mail (even claiming to be from Google/Gmail) then your password was harvested by phishing. It's very common, and can trick even the most careful people.

Q. My contacts were deleted by the hacker, how do I recover them?
A. Deleted contacts can now be restored to any point in the last thirty-days: http://mail.google.com/support/bin/answer.py?hl=en&answer=1069522

Q. My e-mail history was deleted by the hacker, how do I recover it?
A. Have you looked in All Mail and Trash for the missing information? Have you used Search to try and find it? Unfortunately, messages deleted from Trash or Spam can not be recovered. If you would like to request Google attempt to recovery messages deleted by a hacker, see: http://mail.google.com/support/bin/answer.py?hl=en&answer=8256

Q. My account was deleted by the hacker, can I recover it?
A. The Account Recovery Form can sometimes restore a recently deleted account. That is your only option in this case.

Q. I don't care about the account, can I just get the e-mail history or the contacts from it.
A. Unfortunately, you have to be able to access the account in order to transfer any information out of it. This means you need to try and recover the account.

Q. I don’t care about the contents, I just need the e-mail address back because I have other things linked to that address.
A. Account names are never re-used, so you can’t re-create the account. So to get the name back you will have to try and recover the account.

Q. Can I find out who did this? Can anyone prosecute them?
A. About the only information you have available is the list of the last 10 IPs to access your account (see the Details link below the Inbox). But given how easy it is to fake IPs, and how inaccurate they are, it's unlikely that more than a general location can be determined. In general, law enforcement is not interested in a simple compromised account, and Google is not a law enforcement agency. Bottom line is: one's energy is better spent on recovery and re-securing the account.

Q. Isn't what the person did illegal? Can I sue them or get them arrested?
A. Any legal questions should be asked of local law enforcement or an attorney. Google is neither of those and can not advise you on any actions.

Q. Can I find out what they did in my account while they had access.
A. There are no account activity logs available, so you can’t find out for sure. If there is spam in your Sent Mail, they you know they used the account for that. But there’s no way to know if or what messages they may have looked at, so take appropriate precautions.

Q. How was my account compromised?
A. There are many ways passwords can be harvested and account compromised, but the most common ones include:
  • Using the same password on multiple web-sites. A less secure site is hacked and they get the user database (e-mail and password) and then just try them all. If the person did not use a unique password, the hacker gains access to the e-mail account.
  • Phishing e-mails that ask for account information or direct you to a phishing web-site. Don't dismiss this because the messages are a lot more convincing that you would imagine, often using text copied from actual Google e-mails or on-line forms.
  • Use of a computer that is infected with a key-logger or other malware (most common for public computers like at a school or library) which records your login information.

When you reclaim Your Account:

Begin by scrolling to the bottom of your Gmail page and see if there are any other sessions signed into your account ("This account is open in 1 other location"). Then click the word "Details" where it says "Last account activity" and then "Sign out all other sessions". Now change your password to anything reasonable but without worrying too much about how secure because you are going to change it again. Next check all the following items and verify that they are set correctly.

Note: in the following “Settings” means “Mail settings” as found under the Gear icon in the upper/right of the Gmail window. If you still have the old layout, then “Settings” will be one of the choices along the top. If you have the older “Settings” link, some of the paths below will be slightly different.


Account Security:
  • Settings -> Accounts and Import -> Change Account Settings -> Change Password [pick a new secure password]
  • Settings -> Accounts and Import -> Change Account Settings -> Change password recovery options [verify secret question, SMS and recovery e-mail address]
  • Settings -> Accounts and Import -> Change Account Settings -> Other Google account settings -> Email Address -> Edit [verify your name and other settings]
  • Settings -> Accounts and Import -> Change Account Settings -> Other Google account settings -> Authorizing applications & sites [revoke Access to any sites listed]
  • Settings -> Accounts and Import -> Change Account Settings -> Other Google account settings -> Using 2-step verification [enable 2-step verification]

Potential Spam:
  • Settings -> General -> Signature [make sure nothing as been added]
  • Settings -> General -> Vacation Responder [make sure it's disabled and empty]

E-mail Theft
  • Settings -> Forwarding and POP/IMAP -> POP Download [disabled]
  • Settings -> Forwarding and POP/IMAP -> IMAP Access [disabled]
  • Settings -> Forwarding and POP/IMAP -> Forwarding [disabled or correct address]
  • Settings -> Filters [no filters that forward or delete e-mail]
  • Settings -> Accounts and Import -> Send Mail As [make sure it is using your correct e-mail address, delete any unrecognized entries]


Continue   Reading>>

Saturday, August 20, 2011

Bikini-clad women and photo tags | Facebook scammers


I have explained about Facebook scamming in my previous posts.  Still people believe that "Facebook will provide Facebook visitors tracker".  If you believe also, please read this article.  This is not only for Facebook users but also for twitter users.

Continue   Reading>>

Tuesday, August 9, 2011

How to Re-Enable Task Manager,System Restore,cmd,run,Registry? Fixed


Hi friends, today i faced a problem.  A virus attacked my XP. I was unable to use Task Manager, System Restore,cmd,run,Registry.


This malware disabled important windows features(task manager, system restore,.......)

Continue   Reading>>

How does your Website becomes vulnerable to SQL Injection?


Developer is the one and only reason for the SQL Injection Vulnerability. While developing the Web Application, he fails to handle some vulnerability(because he doesn't know about it. Don't be one of them. If you are Web Application developer, then you must read these security techniquest in order to overcome the SQL Injection Vulnerability.

Continue   Reading>>

Friday, August 5, 2011

A Guide to Online Anonymity - How can i be completely untraceable ?



Definition:
The act of keeping your identity hidden online by using connection methods and encryption methods, to make yourself untraceable to a person, website, company, school or whatever else you are doing/connecting to.

Continue   Reading>>

Wednesday, August 3, 2011

How to Setup your own Proxy Server For Free using Hamachi and Privoxy?


Read this post to know  What is proxy server?

Why should i use Proxy server?


Open Wi-Fi Connections:
It is possible for anyone to monitor everything you do on an Open Wi-Fi Network. Not all sites that you visit may use HTTPS Encryption. Sometimes even sites that do use HTTPS only do so for certain actions and then revert to regular unencrypted HTTP connections, which are visible by anyone on the network. Using a proxy server will direct all web traffic through a secure and encrypted tunnel making all of your browsing safe and unseeable.


Bypass Firewalls and Corporate Web Filtering:
Users who wish to bypass web monitoring and restrictions imposed by their employer may utilize Proxy Servers. This is great for users and dangerous for IT Professionals as it may pose a danger to network security.

How to Set up the proxy server using Hamachi and Privoxy? 

Requirements:
  1. 2 computers. One works proxy server. Other one use the proxy server(client). Both system should have Internet connection.
  2. Hamachi: A free (for non-commercial use), cross-platform VPN service that, gives you secure access to your home network no matter where you are. Download it from here:
    https://secure.logmein.com/products/hamachi2/
  3. Privoxy: A free, Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks. Download it from here:
    http://www.privoxy.org/
Installing Hamachi and Set up the Server
Step 1: 
 Decide which Computer is going to work as Proxy Server.  Install the Hamachi in that computer.
Step 2:
Once you installed, run the application.  It will open small Hamachi application window with thanks message.

Step 3:
Click the Power Button.  It will automatically detect the host name and ask you to register the client.

Once you registered, it will show some IP address like 5.xx.xxx.xxx near to the power button.  Note this is our proxy ip Address.

Step 4:
Now you will get two options. 1. Create New Network 2.Join an existing Network.
This is server Computer, we have to create network to used by client.
So click the Create a New Network button.

Step 5:
It will ask you to enter network id and password(i entered id as proxy_BreakTheSecurity).   Enter your desire id and password(Should be strong password).
Click the Create button.

That's all your server is ready to be used.

Using Our Proxy Server in client Side
Now move to your client system( i mean any other computer).  Install Hamachi in your that system.
Follow the first three step mentioned above.
Step 4:
Now you will get two options. 1. Create New Network 2.Join an existing Network.
This is Client System, right? so Click the Join an Existing network.


Step 5:
Enter the Network id and password that you used to create network.  (in my case, network id i entered is proxy_BreakTheSecurity)

You can rinse and repeat this on every machine you want to do this with, for up to 16 clients (that’s the limit for Hamachi’s free-for-non-commercial-use version)

Installing the Privoxy in the client system:
Install the privoxy and run.
Step 1:
In system tray, you can see P icon. right click on the P
and select Edit->Main Configuration.


Step 2:
It will open the config.txt file in notepad.
Search for the "listen-address 127.0.0.1:8118"
Replace the 127.0.0.1 with our proxy ip address(address that displayed in server hamachi apps) created in server side.
For example listent-address 5.xx.xxx.xxx:8118
Save the file.


That's all you finished.  Restart the privoxy.
Now we have to use the Proxy server.

Set Up Your Web Browser to Use Your New Secure Proxy:
Open the Mozilla Firefox
Open Tools->Preferences.
It will open the preference window of Firefox.
Select Advanced->Network tab.
Click the Settings button near to the "Configure how Firefox connects to the Internet”
Select the Manual proxy configuration.
Enter our Server Proxy Address(5.xx.xxx.xx) and port as 8118.
click ok.



Test the Proxy Server.
Now we have to test whether our proxy is working or not.

Visit http://config.privoxy.org/. It will detect whether you use proxy or not.

If proxy is used, you’ll see a message like “This is Privoxy 3.0.17 on Windows (5.xxx.xxx.xx), port 8118, enabled.”

If not, you’ll see a page that reads “Privoxy is not being used”.


Also, if you’re on a public Wi-Fi connection and you navigate to something like WhatIsMyIP.com with your proxy turned off, you should see a different IP when you reload the page with your proxy turned on.
(Essentially, when turned on, your home’s public IP address should be showing.)

Even though your proxy is running over an HTTP connection, Hamachi is encrypting everything that runs between your computers, so it’s still a secure option
Continue   Reading>>

Tuesday, August 2, 2011

SQL Inject Me -SQL Injection Tool to test the Vulnerability for Pen Testers


So far i have written what is sql Injection, How to prevent SQL Injection? .  In this post, i am going to introduce a new SQLi tool for Pen Testers and Webmasters.
The tool name is SQL Inject Me.

What is SQL Inject Me?
SQL Inject Me is Mozilla addon that is used to test the SQL Injection Vulnerability of Web Application.  It reduces the workload of Manual SQL Injection Test.  This is especially designed for Pen Testers and Web Masters not for hackers.

Continue   Reading>>

Monday, August 1, 2011

How to Prevent SQL Injection Vulnerability? Website Security


Hi webmasters and budding Pen Testers, I hope you read my article about SQL Injection. Our Aim is to provide Security, right? So here is the prevention techniques.

Continue   Reading>>

Thursday, July 28, 2011

What is Virtual and Physical Ports?-Hackers tutorials



There two different ports are there.

First one is Physical Ports that are used to connect two different hardwares.  It will available behind your CPU. The different types of physical ports :
  • Ethernet ports
  • USB ports
  • Serial/Parallel ports
Using the physical ports only, we connect the Keyboard,monitor,Mouse,Modem to your CPU.

Continue   Reading>>

Apache Log Extractor Tool for Pen Testers


We know that Apache Server is Famous Web server.  Let us see what is Apache log extractor tool .
What is Apache Log Extractor Tool?
Apache Log Extractor is a quick script to export URL information from Apache access logs. The thought behind this script was to provide a list of known URL’s on a remote server by analysing the logs. This list could then be used as the input for further testing tools e.g Burp Suite – Intruder.
Continue   Reading>>

Wednesday, July 20, 2011

Scan files for Virus and Keylogger in Online for free-VirusTotal.com


Usually if we download free software from public file hosting service website, it may contain some virus or keylogger.  If you run the program without scanning, it leads to problem in your computer. So it is necessary to scan your files before you run or open.

For scanning purpose, you don't need any anti virus but Internet.

VirusTotal.com will scan your file and give reports about the file.

if you have the download link, then select submit url and paste url. Click the Send file.  It will star the scanning process.  Wait for a while.

If you already downloaded the file or want to scan local file, then use upload file.


This virustotal will scan file with all antivirus' virus signature.
Continue   Reading>>

Tuesday, July 19, 2011

Google Search Detects malware


Some particular malwares infect the user computer and try to send traffic to  Google through a small number of intermediary servers called “proxies.”  Google found some unusual traffic while performing routine maintenance on one of their data centers.

Continue   Reading>>

Sunday, July 10, 2011

cyber cafe security [Guest Post]


Now days people are always talking about system security even our government
also amend many cyber laws but can we say that everything is safe does we know

everything about our security.

According to me "NO" usually we are not aware that we left behind us our Important Information.  if someone want to use them theycan harm us badly.

Continue   Reading>>

Sunday, June 26, 2011

Why you should hide IP(Internet protocol)address?


What is IP Address?
 IP address is Unique Identification Number that is assigned to your Internet Connection.Each house has unique address ,right? Likewise, In Internet each machine some unique Address .   This will be used to identify your computer in Internet.  Using IP address, we can trace the location of the User.
 
Continue   Reading>>

Friday, June 24, 2011

How to Hide IP address and surf anonymously for free?


Hi Break the security readers, in my last post, i introduced "Hide The IP" software. "Hide The IP" is best IP hiding software. The drawback of this software is cost. My one of reader comment "this is best software but it is costly to buy end users". So i am here going to guide you how to hide your IP address manually.


samair.ru website for proxy

http://www.samair.ru
you can get fresh and new proxy IP address from the above website. All IP address are complete free.

Features:
  • you can get all types of IP address(transparent,anonymous, Highly anonymous)
  • you can get any country IP address
  • you can order ip order based on time,country,IP address,Anonymity level.

Don't know how to use this proxy IP address? Read this post.
how to use proxy IP address for surfing anonymously
Continue   Reading>>
Older Post Home
 

© Break The Security. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com