THINGS YOU MUST KNOW BEFORE DOING INTERNET SHOPPING OR INTERNET BANKING.
Sunday 29 June 2014
Saturday 28 June 2014
DNS SPOOFING ATTACK
Dns is a domain name server which provide name to ip resolution . As you already know that every computer connected on the internet must have a unique numerical number called ip address. But in early days wo don't have a DNS server to resolve the name to ip this task was performed by Host file which is stored in our computer System32/drivers/etc/host
Above you can see the picture of host file which is stored in your computer you can check .For more detail you can watch my video tutorial on DNS spoofing or Poisoning https://www.youtube.com/watch?v=zTdkB4ib6KM
BRUTE FORCE ATTACK
Brute force attack is used to crack windows passwords and etc. This is also called password guessing technique its happen when you have a weak password . If you have choose a weak password for your account so be aware brute force is easy method to crack your password its like a password guessing technique which can guess your password from Dictionary . Cain and Abel is the software which is used for brute force attack.
Never choose easy password for your account . Always choose lengthy and combination password which contain alpha+numeric+symbol. Change your password regularly in one month or two months
Friday 27 June 2014
DHCP SERVER
DHCP is a dynamic host configuration protocol server is used to assigned the ip addressed to the host computers . As you already know that every computer who wants to go on Internet must have a IP address which is 32 bit numerical number . When you connect internet your ISP assigned you a private IP address which can be 192.168.1.0 or etc but after you go on internet or access any website your private ip address automatically changed and become public ip address remember you can not access any website with a private ip address .Network administrator assigned a DHCP scope pool in DHCP Server which can be installed in ISP Window server OS or Router also can be used as a DHCP Server . How computer get the ip address when you connect internet your computer make a DHCP Discover broadcast and send it your ISP DHCP Server whatever it is and dhcp server replies with DHCP discover/ack and give the ip address in case dhcp server doen't reply or assigned you the ip address you can not go on the internet.
BACKDOOR INTRODUCTION
Backdoor is a malicious program which is installed in your machine without your knowledge mostly when you have download free software , games , songs and etc from the internet. Once it installed in your machine by attacker he get the full access in your computer it can also bypass the security or antivirus couldn't detect it. But its not always used to harm your pc but sometimes used to troubleshooting the machine like programmers or system administrator installed backdoor in your machine to troubleshoot your desktop or computer but if attacker get to know you have installed backdoor he will get into your network or harm your network or machine.
Thursday 26 June 2014
NETWORK SECURITY TIPS
HOW TO PROTECT YOUR NETWORK SECURE
First of all you must Scan you network and check there should be no outdated software , antivirus or firewall etc your network should be fully patched and every thing should be updated. You must know you risk.
You must know your vulnerability (weakness) in your network. You should check your network and check if any vulnerably in the network you must solve it. You must guide to your domain users never download suspicious file or files from social networking websites. Although you have implement firewall or IPS but attacker can compromise your firewall.
You should try to crack your active directory users password using brute force attack or etc, you must guide or users to put strong and combination password and it should be changed every two or three weeks. You should perform penetration testing.
Social engineering are the most conman and easy attack to know your active directory passwords or access your network get together with users and guide them about social engineering attacks.
IP ADDRESSING
WHAT IS AN IP ADDRESS
Every Computer connected on the Internet has a unique no. called Ip address. There are two IPv4 or IPV6 but still IPV4 is using mostly all over the India , which is a 32 bit numerical number in decimal format like:-
192.168.1.1(Private IP address)
The above ip address have 4 octets and one octet is 8 bit so 8x4=32 bit that's why ipv4 is a 32 bit number. IPv4 are three types
Class A :- Starting from 1.0.0.0 to 126.0.0.0
Class B Starting from 128.0.0.0 to 19.255.0.0
Class C Starting from 192.0.0.0 to 223.255.255.25
Class D Multicast 224-239
IPv6 are 128 bits numerical number which represent in hexadecimal it has 16 periods 0 to 9 or A to F
MIMT Man in the middle Attack
Man in the Middle attack (Session Hijacking)
Man in the middle attack is a session hijacking technique . Whenever we lo-gin in our account or open any website it creates a session with that websites and a unique number which is session id is stored in our computer and it is only valid up that session is running until we lo-gout or close the website.
Hacker gain access to session id to eavesdrop your information access to you information
Note:-
ALWAYS USE HTTPS PROTOCOL INSTEAD OF HTTP BEFORE ENTERING YOUR INFORMATION TO ANY WEBSITE ALWAYS CHECK IT URL MUST BE START FROM HTTPS (HYPERTEXT TRANSFER PROTOCOL SECURE) IT ENCRYPT YOUR MESSAGE SO NO MIDDLE MAN CAN READ IT.
Man in the middle attack is a session hijacking technique . Whenever we lo-gin in our account or open any website it creates a session with that websites and a unique number which is session id is stored in our computer and it is only valid up that session is running until we lo-gout or close the website.
Hacker gain access to session id to eavesdrop your information access to you information
Note:-
ALWAYS USE HTTPS PROTOCOL INSTEAD OF HTTP BEFORE ENTERING YOUR INFORMATION TO ANY WEBSITE ALWAYS CHECK IT URL MUST BE START FROM HTTPS (HYPERTEXT TRANSFER PROTOCOL SECURE) IT ENCRYPT YOUR MESSAGE SO NO MIDDLE MAN CAN READ IT.
Subscribe to:
Posts (Atom)