XfinalfantasyX
Yesterday, 12:53 PM EDT
get a smtp server ( i use mx1.hotmail.com) theyre normally like
mx1,mx2 etc..thehost.com.
Now, go to Start>Run>cmd
then in the cmd window, type
telnet mx1.hotmail.com 25
then
HELO hotmail.com
then
MAIL FROM : (fakeemailhere)
then
RCPT TO: (person)
then
DATA
then type your message, you can press enter for a new line, finish the message by a full stop (.) on a new line, press enter!
spoofed.
Saturday, February 13, 2010
Brute Force Hacking In Terminal Server Environments
One of the most common techniques used by hackers to penetrate your network, is just plain-old password guessing. This goes for external hacking attempts as well as internal hacking attempts. In this article I will discuss how hackers can use tools to perform brute force password hacking in your Terminal Server environments and what you can to prevent these kinds of attacks.
Introduction
Guessing passwords is one of the oldest, yet one of the most effective techniques to gain access to a system. The reason that it is one of the most effective hacking techniques is because there’s aweak link in the whole process: humans. This is because humans like “samantha1” better for a password than “Tr15%^<!+”. Although the latter would be far more difficult to hack than the first password, there’s a good chance that no user would ever get the latter password memorized. This is what hackers take advantage of. The only thing a hacker needs is a logon “vehicle”. This could be a command prompt, a web page or… the Microsoft Remote Desktop Connection conveniently included in every recent version of Windows or readily available from Microsoft’s download site.
Hacking Slang
For clarity’s sake, I’ll briefly discuss some of the terms used in relation to password hacking. Basically, there are two kinds of password hacking attacks:
* Brute force hacking a.k.a. dictionary hacking attacks
* Password cracking a.k.a hash hacking attacks.
In this article we will be focusing on brute force hacking, using dictionary attacks. This simply means that the hacker will use a tool to automate the password guessing with an accompanying dictionary file: a file that contains every single password the hacker wants to try. Usually there aretens of thousands of passwords in a dictionary file and the hacking tool tries them all, pounding the server with logon attempts: hence the term brute force hacking.
Impact Of Password Guessing in Terminal Server environments
As in other fields of security, Terminal Server environments take up a special place. This is because Terminal Servers, by their very nature, allow interactive access. Interactive access in this context means that you’re logged on to the server itself. This is the same effect as if you were walking up to the console in the datacenter and logging on there. This basically allows you to execute any program you can get your hands on and run it in the memory space of that server. Another significant issue that arises from the fact that Terminal Servers are in the business of allowing interactive access, is an issue with the admin lockout. As you probably know, by default, the local administrator account cannot be locked out. Even if you use the passprop utility, you can only lock out the administrator account for remote logons, not interactive (Terminal Server logons). Only using passprop on Windows Server 2003 allows you to lock out the local administrator account. Because this could effectively completely lock you out of your own network, this isn’t a configuration that is used a lot. Hackers know this and use this knowledge to perform brute force hacking attempts on administrator accounts.
Terminal Server Brute Force Hacking tool: TSGrinder
There are a couple of tools out there which allow you to perform brute-force password guessing in your Terminal Server environment. The most well-known however is a free tool called TSGrinder. TSGrinder is a command line tool which very basically allows automating password guessing via RDP connections. TSGrinder is a "dictionary" based attack tool, supports multiple attack windows from a single dictionary file (you can specify this on the program command line). A very interesting option in the program is the “leet” function. This leet function enables the program to cope with a popular development in password-land. What I mean is that, from the knowledgeable user up, people tend to secure their passwords by replacing letterswith well-known symbols. For example, password becomes p@ssw0rd (replacing a’s with @’s and o’s with 0’s). This is a very well thought thorough option because as we will see trying these passwords does not require you to change your dictionary file. Another very interesting option is the “banner” option. What this option does, is acknowledge any messages prior to log on. These are the kind of messages that you have to acknowledge before you can log on to a server, usually a legal disclaimer of some sort. This logon message can be set in Group Policy in Computer Policies > Security Settings > Local Policies > Security Settings > Interactive Logon. This was an issue in earlier versions of TSGrinder but that has been fixed now. This option basically renders the banner message useless as a countermeasure to these kinds of attacks. TSGrinder also supports multiple password attempts in the same connection, and allows you to specify how many times to try a username/password combination within a particular connection (the default is 5) . This is used by hackers to help avoiding detection, because by default after 5 unsuccessful logon attempts, the Terminal Server ends the connection and an event is logged to the Terminal Server event log. The event looks like this:
Brute Force Hacking In Terminal Server Environments - CRACK0HACK
So in the default config of TSGrinder you could have someone trying about 1,000,000 passwords and there would not be a single event in the event log (auditing excluded, we’ll get to that). Let’s take a look at TSGrinder. The program comes with a very limited dictionary and leet file. You can be sure that hackers have far more advanced dictionaries. Running TSGrinder from the command line yields the help:
Usage: tsgrinder.exe [options] server Options: -w dictionary file (default 'dict') -l 'leet' translation file -d domain name -u username (default 'administrator' -b banner flag -n number of simultaneous threads -D debug level (default 9, lower number is more output) Example: tsgrinder.exe -w words -l leet -d workgroup -u administrator -b -n 2 10.1.1.1
As you can see usage is pretty straight-forward. You can try it on your own test server, just like I did.
Disclaimer: Use extreme caution when using this tool. Using TSGrinder could result in legal actions taken against you because your actions could be considered a real hacking attempt.
In this very simple example we will assume that:
* we have a dictionary file called “testdict”
* we have a leetfile called “testleet”
* the username we are attacking is the default, administrator
* we want to acknowledge any logon banner messages
* we want to have 1 simultaneous thread
* the server we are attacking has the following IP address: 192.168.62.53
That would leave us with the following command line:
tsgrinder.exe -w testdict -l testleet -b -n 1 -D 8 192.168.62.53
As you can see in the screenshot below, after a while, tsgrinder neatly finds that I’ve been using P@55w0rd! as my administrator password. It’s that easy.
Brute Force Hacking In Terminal Server Environments - CRACK0HACK
Countermeasures
OK, now that you’ve seen how easy it is to attack your Terminal Server environment, it’s time to take countermeasures. Here are some concrete suggestions that can help prevent these kinds of attacks. Rename administrator account You should know that renaming the administrator account is considered a best practice. If you were not aware of that earlier, I sure hope you are now. When you rename the (local) administrator account, the hacker cannot use the administrator account to attack and must know the exact name of the renamed administrator account. This also has the added advantage that you can create a dummy administrator account that can be locked out (you do have account lock outs configured, right?) Connection Security Ideally you would want to make sure that users are already somehow checked before they attempt to logon to a Terminal Server. This used to be a huge hassle but now there’s a free tool available that does just that and more! The tool is called 2X SecureRDP. 2X SecureRDP works by accepting or denying incoming RDP connections by IP, Mac address, computer name, client version or based on time of day, before the logon screen is even displayed. This significantly enhances the control you have over your Terminal Servers. As an added bonus you can limit users to one concurrent session. This doesn’t really prevent brute force attacks from happening but it’s a very nice feature that I know many administrators are looking for. Another great feature of this program is that you can log information for every allowed or denied connection and save it to a log file. Below is a screenshot of 2X SecureRDP.
Brute Force Hacking In Terminal Server Environments - CRACK0HACK
Of course, this tool is not just for Terminal Servers,. It greatly suits every server you access via RDP. In fact, I recommend using this tool on every RDP enabled server. Auditing Enable extensive auditing. OK, so this doesn’t prevent brute force attacks from happening but at the very least it allows you too log these kinds of attacks. You should audit successful and failed logons events. Because these audit logs tend to get cluttered very soon on a busy server, you should consider an automated audit tool. These kinds of tools monitor and filter the security event logs for you so that you can see what you need to see and be alerted when anything goes bad. An example and my personal favorite of such a program is SELM (Security Event Log Monitor) from GFI. See a list of well-known similar programs here. Logon Message You should configure all of your servers to display a message at logon that must beacknowledged before you can proceed to log on to a server. This really isn’t a technical countermeasure but more of a legal one. Once you’ve acknowledged the logon message, there’s no way the perp can say: “I had no idea I wasn’t supposed to log on to that server”……..
Brute Force Hacking In Terminal Server Environments - CRACK0HACK
Conclusion
Terminal Server environments are juicy targets for hackers. In this article I showedsome techniques hackers can use to perform brute force attacks against local administrator accounts. I also showed you what you can do to prevent these attacks. Please keep in mind that these are just pointers and only make up a small part of thesteps you should take to secure your Terminal Server environment.
Introduction
Guessing passwords is one of the oldest, yet one of the most effective techniques to gain access to a system. The reason that it is one of the most effective hacking techniques is because there’s aweak link in the whole process: humans. This is because humans like “samantha1” better for a password than “Tr15%^<
Hacking Slang
For clarity’s sake, I’ll briefly discuss some of the terms used in relation to password hacking. Basically, there are two kinds of password hacking attacks:
* Brute force hacking a.k.a. dictionary hacking attacks
* Password cracking a.k.a hash hacking attacks.
In this article we will be focusing on brute force hacking, using dictionary attacks. This simply means that the hacker will use a tool to automate the password guessing with an accompanying dictionary file: a file that contains every single password the hacker wants to try. Usually there aretens of thousands of passwords in a dictionary file and the hacking tool tries them all, pounding the server with logon attempts: hence the term brute force hacking.
Impact Of Password Guessing in Terminal Server environments
As in other fields of security, Terminal Server environments take up a special place. This is because Terminal Servers, by their very nature, allow interactive access. Interactive access in this context means that you’re logged on to the server itself. This is the same effect as if you were walking up to the console in the datacenter and logging on there. This basically allows you to execute any program you can get your hands on and run it in the memory space of that server. Another significant issue that arises from the fact that Terminal Servers are in the business of allowing interactive access, is an issue with the admin lockout. As you probably know, by default, the local administrator account cannot be locked out. Even if you use the passprop utility, you can only lock out the administrator account for remote logons, not interactive (Terminal Server logons). Only using passprop on Windows Server 2003 allows you to lock out the local administrator account. Because this could effectively completely lock you out of your own network, this isn’t a configuration that is used a lot. Hackers know this and use this knowledge to perform brute force hacking attempts on administrator accounts.
Terminal Server Brute Force Hacking tool: TSGrinder
There are a couple of tools out there which allow you to perform brute-force password guessing in your Terminal Server environment. The most well-known however is a free tool called TSGrinder. TSGrinder is a command line tool which very basically allows automating password guessing via RDP connections. TSGrinder is a "dictionary" based attack tool, supports multiple attack windows from a single dictionary file (you can specify this on the program command line). A very interesting option in the program is the “leet” function. This leet function enables the program to cope with a popular development in password-land. What I mean is that, from the knowledgeable user up, people tend to secure their passwords by replacing letterswith well-known symbols. For example, password becomes p@ssw0rd (replacing a’s with @’s and o’s with 0’s). This is a very well thought thorough option because as we will see trying these passwords does not require you to change your dictionary file. Another very interesting option is the “banner” option. What this option does, is acknowledge any messages prior to log on. These are the kind of messages that you have to acknowledge before you can log on to a server, usually a legal disclaimer of some sort. This logon message can be set in Group Policy in Computer Policies > Security Settings > Local Policies > Security Settings > Interactive Logon. This was an issue in earlier versions of TSGrinder but that has been fixed now. This option basically renders the banner message useless as a countermeasure to these kinds of attacks. TSGrinder also supports multiple password attempts in the same connection, and allows you to specify how many times to try a username/password combination within a particular connection (the default is 5) . This is used by hackers to help avoiding detection, because by default after 5 unsuccessful logon attempts, the Terminal Server ends the connection and an event is logged to the Terminal Server event log. The event looks like this:
Brute Force Hacking In Terminal Server Environments - CRACK0HACK
So in the default config of TSGrinder you could have someone trying about 1,000,000 passwords and there would not be a single event in the event log (auditing excluded, we’ll get to that). Let’s take a look at TSGrinder. The program comes with a very limited dictionary and leet file. You can be sure that hackers have far more advanced dictionaries. Running TSGrinder from the command line yields the help:
Usage: tsgrinder.exe [options] server Options: -w dictionary file (default 'dict') -l 'leet' translation file -d domain name -u username (default 'administrator' -b banner flag -n number of simultaneous threads -D debug level (default 9, lower number is more output) Example: tsgrinder.exe -w words -l leet -d workgroup -u administrator -b -n 2 10.1.1.1
As you can see usage is pretty straight-forward. You can try it on your own test server, just like I did.
Disclaimer: Use extreme caution when using this tool. Using TSGrinder could result in legal actions taken against you because your actions could be considered a real hacking attempt.
In this very simple example we will assume that:
* we have a dictionary file called “testdict”
* we have a leetfile called “testleet”
* the username we are attacking is the default, administrator
* we want to acknowledge any logon banner messages
* we want to have 1 simultaneous thread
* the server we are attacking has the following IP address: 192.168.62.53
That would leave us with the following command line:
tsgrinder.exe -w testdict -l testleet -b -n 1 -D 8 192.168.62.53
As you can see in the screenshot below, after a while, tsgrinder neatly finds that I’ve been using P@55w0rd! as my administrator password. It’s that easy.
Brute Force Hacking In Terminal Server Environments - CRACK0HACK
Countermeasures
OK, now that you’ve seen how easy it is to attack your Terminal Server environment, it’s time to take countermeasures. Here are some concrete suggestions that can help prevent these kinds of attacks. Rename administrator account You should know that renaming the administrator account is considered a best practice. If you were not aware of that earlier, I sure hope you are now. When you rename the (local) administrator account, the hacker cannot use the administrator account to attack and must know the exact name of the renamed administrator account. This also has the added advantage that you can create a dummy administrator account that can be locked out (you do have account lock outs configured, right?) Connection Security Ideally you would want to make sure that users are already somehow checked before they attempt to logon to a Terminal Server. This used to be a huge hassle but now there’s a free tool available that does just that and more! The tool is called 2X SecureRDP. 2X SecureRDP works by accepting or denying incoming RDP connections by IP, Mac address, computer name, client version or based on time of day, before the logon screen is even displayed. This significantly enhances the control you have over your Terminal Servers. As an added bonus you can limit users to one concurrent session. This doesn’t really prevent brute force attacks from happening but it’s a very nice feature that I know many administrators are looking for. Another great feature of this program is that you can log information for every allowed or denied connection and save it to a log file. Below is a screenshot of 2X SecureRDP.
Brute Force Hacking In Terminal Server Environments - CRACK0HACK
Of course, this tool is not just for Terminal Servers,. It greatly suits every server you access via RDP. In fact, I recommend using this tool on every RDP enabled server. Auditing Enable extensive auditing. OK, so this doesn’t prevent brute force attacks from happening but at the very least it allows you too log these kinds of attacks. You should audit successful and failed logons events. Because these audit logs tend to get cluttered very soon on a busy server, you should consider an automated audit tool. These kinds of tools monitor and filter the security event logs for you so that you can see what you need to see and be alerted when anything goes bad. An example and my personal favorite of such a program is SELM (Security Event Log Monitor) from GFI. See a list of well-known similar programs here. Logon Message You should configure all of your servers to display a message at logon that must beacknowledged before you can proceed to log on to a server. This really isn’t a technical countermeasure but more of a legal one. Once you’ve acknowledged the logon message, there’s no way the perp can say: “I had no idea I wasn’t supposed to log on to that server”……..
Brute Force Hacking In Terminal Server Environments - CRACK0HACK
Conclusion
Terminal Server environments are juicy targets for hackers. In this article I showedsome techniques hackers can use to perform brute force attacks against local administrator accounts. I also showed you what you can do to prevent these attacks. Please keep in mind that these are just pointers and only make up a small part of thesteps you should take to secure your Terminal Server environment.
Essential Wireless Hacking Tools
[Untitled]
Finding Wireless Networks
Locating a wireless network is the first step in trying to exploit it. There are two tools that are commonly used in this regard: Network Stumbler a.k.a NetStumbler – This Windows based tool easily finds wireless signals being broadcast within range – A must have. It also has ability to determine Signal/Noise info that can be used for site surveys. I actually know of one highly known public wireless hotspot provider that uses this utility for their site surveys. Essential Wireless Hacking Tools - CRACK0HACK
(NetStumbler Screenshot) Kismet – One of the key functional elements missing from NetStumbler is the ability to display Wireless Networks that are not broadcasting their SSID. As a potential wireless security expert, you should realize that Access Points are routinely broadcasting this info; it just isn’t being read/deciphered. Kismet will detect and display SSIDs that are not being broadcast which is very critical in finding wireless networks. Essential Wireless Hacking Tools - CRACK0HACK
(Kismet Screenshot)
Attaching to the Found Wireless Network
Once you’ve found a wireless network, the next step is to try to connect to it. If the network isn’t using any type of authentication or encryption security, you can simply connect to the SSID. If the SSID isn’t being broadcast, you can create a profile with the name of the SSID that is not being broadcast. Of course you found the non-broadcast SSID with Kismet, right? If the wireless network is using authentication and/or encryption, you may need one of the following tools. Airsnort – This is a very easy to use tool that can be used to sniff and crack WEP keys. While many people bash the use of WEP, it is certainly better than using nothing at all. Something you’ll find in using this tool is that it takes a lot of sniffed packets to crack the WEP key. There are additional tools and strategies that can be used to force the generation of traffic on the wireless network to shorten the amount of time needed to crack the key, but this feature is not included in Airsnort. Essential Wireless Hacking Tools - CRACK0HACK
(Screenshot of Airsnort in Action) CowPatty – This tool is used as a brute force tool for cracking WPA-PSK, considered the “New WEP” for home Wireless Security. This program simply tries a bunch of different options from a dictionary file to see if one ends up matching what is defined as the Pre-Shared Key. Essential Wireless Hacking Tools - CRACK0HACK
(Cowpatty Options Screenshot) ASLeap – If a network is using LEAP, this tool can be used to gather the authentication data that is being passed across the network, and these sniffed credentials can be cracked. LEAP doesn’t protect the authentication like other “real” EAP types, which is the main reason why LEAP can be broken. Essential Wireless Hacking Tools - CRACK0HACK
(Asleap Options Screenshot)
Sniffing Wireless Data
Whether you are directly connected to a wireless network or not, if there is wireless network in range, there is data flying through the air at any given moment. You will need a tool to be able to see this data. Wireshark (formerly Ethereal) – While there has been much debate on the proper way to pronounce this utility, there is no question that it is an extremely valuable tool. Ethereal can scan wireless and Ethernet data and comes with some robust filtering capabilities. It can also be used to sniff-out 802.11 management beacons and probes and subsequently could be used as a tool to sniff-out non-broadcast SSIDs. Essential Wireless Hacking Tools - CRACK0HACK
(Screenshot of Ethereal in Action) Essential Wireless Hacking Tools - CRACK0HACK
(Yahoo IM Session being sniffed in Ethereal) The aforementioned utilities, or similar ones, will be necessities in your own wireless security toolkit. The easiest way to become familiar with these tools is to simply use them in a controlled lab environment. And cost is no excuse as all of these tools are available freely on the Internet.
Protecting Against These Tools
Just as it’s important to know how to utilize the aforementioned tools, it is important to know best practices on how to secure your Wireless Network Against these tools. NetStumbler – Do not broadcast your SSID. Ensure your WLAN is protected by using advanced Authentication and Encryption. Kismet – There’s really nothing you can do to stop Kismet from finding your WLAN, so ensure your WLAN is protected by using advanced Authentication and Encryption Airsnort – Use a 128-bit, not a 40-bit WEP encryption key. This would take longer to crack. If your equipment supports it, use WPA or WPA2 instead of WEP (may require firmware or software update). Cowpatty – Use a long and complex WPA Pre-Shared Key. This type of key would have less of a chance of residing in a dictionary file that would be used to try and guess your key and/or would take longer. If in a corporate scenario, don’t use WPA with Pre-Shared Key, use a good EAP type to protect the authentication and limit the amount of incorrect guesses that would take place before the account is locked-out. If using certificate-like functionality, it could also validate the remote system trying to gain access to the WLAN and not allow a rogue system access. ASLeap – Use long and complex credentials, or better yet, switch to EAP-FAST or a different EAP type. Ethereal – Use encryption, so that anything sniffed would be difficult or nearly impossible to break. WPA2, which uses AES, is essentially unrealistic to break by a normal hacker. Even WEP will encrypt the data. When in a Public Wireless Hotspot (which generally do not offer encryption), use application layer encryption, like Simplite to encrypt your IM sessions, or use SSL. For corporate users, use IPSec VPN with split-tunneling disabled. This will force all traffic leaving the machine through an encrypted tunnel that would be encrypted with DES, 3DES or AES.
Finding Wireless Networks
Locating a wireless network is the first step in trying to exploit it. There are two tools that are commonly used in this regard: Network Stumbler a.k.a NetStumbler – This Windows based tool easily finds wireless signals being broadcast within range – A must have. It also has ability to determine Signal/Noise info that can be used for site surveys. I actually know of one highly known public wireless hotspot provider that uses this utility for their site surveys. Essential Wireless Hacking Tools - CRACK0HACK
(NetStumbler Screenshot) Kismet – One of the key functional elements missing from NetStumbler is the ability to display Wireless Networks that are not broadcasting their SSID. As a potential wireless security expert, you should realize that Access Points are routinely broadcasting this info; it just isn’t being read/deciphered. Kismet will detect and display SSIDs that are not being broadcast which is very critical in finding wireless networks. Essential Wireless Hacking Tools - CRACK0HACK
(Kismet Screenshot)
Attaching to the Found Wireless Network
Once you’ve found a wireless network, the next step is to try to connect to it. If the network isn’t using any type of authentication or encryption security, you can simply connect to the SSID. If the SSID isn’t being broadcast, you can create a profile with the name of the SSID that is not being broadcast. Of course you found the non-broadcast SSID with Kismet, right? If the wireless network is using authentication and/or encryption, you may need one of the following tools. Airsnort – This is a very easy to use tool that can be used to sniff and crack WEP keys. While many people bash the use of WEP, it is certainly better than using nothing at all. Something you’ll find in using this tool is that it takes a lot of sniffed packets to crack the WEP key. There are additional tools and strategies that can be used to force the generation of traffic on the wireless network to shorten the amount of time needed to crack the key, but this feature is not included in Airsnort. Essential Wireless Hacking Tools - CRACK0HACK
(Screenshot of Airsnort in Action) CowPatty – This tool is used as a brute force tool for cracking WPA-PSK, considered the “New WEP” for home Wireless Security. This program simply tries a bunch of different options from a dictionary file to see if one ends up matching what is defined as the Pre-Shared Key. Essential Wireless Hacking Tools - CRACK0HACK
(Cowpatty Options Screenshot) ASLeap – If a network is using LEAP, this tool can be used to gather the authentication data that is being passed across the network, and these sniffed credentials can be cracked. LEAP doesn’t protect the authentication like other “real” EAP types, which is the main reason why LEAP can be broken. Essential Wireless Hacking Tools - CRACK0HACK
(Asleap Options Screenshot)
Sniffing Wireless Data
Whether you are directly connected to a wireless network or not, if there is wireless network in range, there is data flying through the air at any given moment. You will need a tool to be able to see this data. Wireshark (formerly Ethereal) – While there has been much debate on the proper way to pronounce this utility, there is no question that it is an extremely valuable tool. Ethereal can scan wireless and Ethernet data and comes with some robust filtering capabilities. It can also be used to sniff-out 802.11 management beacons and probes and subsequently could be used as a tool to sniff-out non-broadcast SSIDs. Essential Wireless Hacking Tools - CRACK0HACK
(Screenshot of Ethereal in Action) Essential Wireless Hacking Tools - CRACK0HACK
(Yahoo IM Session being sniffed in Ethereal) The aforementioned utilities, or similar ones, will be necessities in your own wireless security toolkit. The easiest way to become familiar with these tools is to simply use them in a controlled lab environment. And cost is no excuse as all of these tools are available freely on the Internet.
Protecting Against These Tools
Just as it’s important to know how to utilize the aforementioned tools, it is important to know best practices on how to secure your Wireless Network Against these tools. NetStumbler – Do not broadcast your SSID. Ensure your WLAN is protected by using advanced Authentication and Encryption. Kismet – There’s really nothing you can do to stop Kismet from finding your WLAN, so ensure your WLAN is protected by using advanced Authentication and Encryption Airsnort – Use a 128-bit, not a 40-bit WEP encryption key. This would take longer to crack. If your equipment supports it, use WPA or WPA2 instead of WEP (may require firmware or software update). Cowpatty – Use a long and complex WPA Pre-Shared Key. This type of key would have less of a chance of residing in a dictionary file that would be used to try and guess your key and/or would take longer. If in a corporate scenario, don’t use WPA with Pre-Shared Key, use a good EAP type to protect the authentication and limit the amount of incorrect guesses that would take place before the account is locked-out. If using certificate-like functionality, it could also validate the remote system trying to gain access to the WLAN and not allow a rogue system access. ASLeap – Use long and complex credentials, or better yet, switch to EAP-FAST or a different EAP type. Ethereal – Use encryption, so that anything sniffed would be difficult or nearly impossible to break. WPA2, which uses AES, is essentially unrealistic to break by a normal hacker. Even WEP will encrypt the data. When in a Public Wireless Hotspot (which generally do not offer encryption), use application layer encryption, like Simplite to encrypt your IM sessions, or use SSL. For corporate users, use IPSec VPN with split-tunneling disabled. This will force all traffic leaving the machine through an encrypted tunnel that would be encrypted with DES, 3DES or AES.
Hack To Send Free SMS From Airtel
Numerous forums and blog posts all over internet claim working hack to send free SMS by changing your default service provider SMS message center to some other number, but in reality there is no free lunch and these tricks dont work, I have personally tested these so called free SMS hacks on three different Airtel/BSNL numbers but none worked. If you still want to give it a try, here is a detailed walkthrough :
1. Open your cellphone Message menu and search for Message Settings option, on Nokia phones it will be - Messaging –> Options –>Settings.
2. Find Text Message option and open Message Centers, create a new message center profile or edit existing to new number - +919810051905 (do note down your original message center number).
3. Now change preferred connection setting from GSM to Packet Data.
4. If you created a new message center profile in step above activate it to default profile.
5. Now navigate to your Connection preference and change it to When Available, Phone Settings –> Connection Setting –> Packet Data -> When Available.
6. Change Access Point setting to Airtel Live!.
7. Now, send SMS as usual but prefix a zero before the number.
8. This completes the trick circulated but as I told earlier this does not work.
If you have similar trick which works, do post it in comments and you can win a free one month Rapidshare account if found working.
1. Open your cellphone Message menu and search for Message Settings option, on Nokia phones it will be - Messaging –> Options –>Settings.
2. Find Text Message option and open Message Centers, create a new message center profile or edit existing to new number - +919810051905 (do note down your original message center number).
3. Now change preferred connection setting from GSM to Packet Data.
4. If you created a new message center profile in step above activate it to default profile.
5. Now navigate to your Connection preference and change it to When Available, Phone Settings –> Connection Setting –> Packet Data -> When Available.
6. Change Access Point setting to Airtel Live!.
7. Now, send SMS as usual but prefix a zero before the number.
8. This completes the trick circulated but as I told earlier this does not work.
If you have similar trick which works, do post it in comments and you can win a free one month Rapidshare account if found working.
Making Use Of Non-Addressable Wasted RAM On 32 Bit Systems
If you own a 32-Bit computer with more then 3 GB of RAM you must be knowing that your operating-system can only make use of roughly 3 GB RAM and rest remains unused because of memory addressing space limitation on 32 Bit systems, today I will be showing how you can make use of this wasted memory improving your computer speed significantly. The best way to utilize this wasted memory and speed-up your computer is to use it as an RAMDISK, storing frequently accessed temporary files like system pagefile, temp-files and web-browser cache, since I/O operations to RAM is significantly faster then disk you will greatly benefit from using RAMDISK as a temporary file storage.
Windows RAMDisk
Follow the simple guide next to create a RAMDISK and use it to store temporary files.
1. Download and install free Gavotte Ramdisk Utility.
2. Extract the archive and launch ramdisk.exe.
3. Click Install Ramdisk button.
Installing The Ramdisk
4. Once installed, configuration options will get enabled select disk-size and drive-letter as per your requirements, now select media-type as Fixed Media and click Apply button, this process will take few seconds to complete and a success confirmation dialog will get displayed.
Configuring And Enabling Ramdisk In Windows
5. You can now click OK and exit the application, the new RAMDISK will be now visible in My Computer.
Windows Explorer Ramdisk
6. The RamDisk can now be used as a regular disk-drive but keep in mind its temporary and any data on it will get lost on power-off, so better use it for temporary storage like pagefile, browser cache and temp file storage.
7. To use RAMDISK as pagefile right-click My Computer and navigate to Properties -> Advanced -> Performance - Settings -> Advanced -> Virtual Memory - Change, now select the RAMDISK and set the pagefile.
RAMDISK Pagefile
NOTE : If the utility fails to recognize full installed RAM capacity, simply enable the PAE mode in BOOT.INI and merge ram4g.reg registry file found in archive followed by an system reboot.
Windows RAMDisk
Follow the simple guide next to create a RAMDISK and use it to store temporary files.
1. Download and install free Gavotte Ramdisk Utility.
2. Extract the archive and launch ramdisk.exe.
3. Click Install Ramdisk button.
Installing The Ramdisk
4. Once installed, configuration options will get enabled select disk-size and drive-letter as per your requirements, now select media-type as Fixed Media and click Apply button, this process will take few seconds to complete and a success confirmation dialog will get displayed.
Configuring And Enabling Ramdisk In Windows
5. You can now click OK and exit the application, the new RAMDISK will be now visible in My Computer.
Windows Explorer Ramdisk
6. The RamDisk can now be used as a regular disk-drive but keep in mind its temporary and any data on it will get lost on power-off, so better use it for temporary storage like pagefile, browser cache and temp file storage.
7. To use RAMDISK as pagefile right-click My Computer and navigate to Properties -> Advanced -> Performance - Settings -> Advanced -> Virtual Memory - Change, now select the RAMDISK and set the pagefile.
RAMDISK Pagefile
NOTE : If the utility fails to recognize full installed RAM capacity, simply enable the PAE mode in BOOT.INI and merge ram4g.reg registry file found in archive followed by an system reboot.
Simple Hack To Bypass Logon Passwords On Windows 7, Vista, XP, Gentoo, Debian, Ubuntu and Fedora
Imagine the security nightmare if general users are able to bypass your operating system security and logon as Administrator or root account having all privileges by simply inserting an floppy or CD, now this scary situation is possible using a prototype software KON-BOOT which hacks into Windows and linux kernel on the fly while booting, the novice friendly softwares allows users to bypass logon passwords completely by simply booting via the KON-BOOT CD or Floppy disk, in its current incarnation the software has been tested to bypass logon passwords on Windows 7, Windows Vista, Windows XP, Windows Server 2003/2008, Gentoo, Ubuntu, Debian and Fedora.
Hacking Windows And Linux Logon Passwords
Just follow the simple steps ahead to create KON-BOOT bootable CD or Floppy and bypass logon passwords easily.
1. Download the KON-BOOT bootable CD or Floppy image, If your anti-virus software complaints disable it for a while.
2. Burn the disk images to suitable media and configure BIOS to boot from the media first.
Hacking Windows And Linux Logon Passwords
Just follow the simple steps ahead to create KON-BOOT bootable CD or Floppy and bypass logon passwords easily.
1. Download the KON-BOOT bootable CD or Floppy image, If your anti-virus software complaints disable it for a while.
2. Burn the disk images to suitable media and configure BIOS to boot from the media first.
How to increase download speeds of uTorrent
uTorrent was very slow for me until recently I applied a few tweaks. Here’s what I did. Note: Some of the settings mentioned below are optimized for 256k connection. If you want to calculate the optimal settings for your connection, check at the end of this tutorial. But I suggest you to read the entire tutorial for guidance on other settings. First go to Options>Preferences>Network 
Options>Preferences>Torrents 
Options>Preferences>Advanced net.max_halfopen: 50 If you use Windows XP SP2, patch tcpip.sys with LvlLord’s Event ID 4226 Patcher to get better performance. DO NOT CHANGE THIS OPTION unless you have Windows XP SP2 and have patched tcpip.sys. You can also patch tcpip.sys with xp-Antispy If you have a firewall
How to calculate optimal settings for your connection In order to apply the following tips you need to know your maximum upload and download speeds. You can test your bandwidth over here. Maximum upload speed If you use your Maximum upload speed, there won’t be not enough space left for the files you are downloading. So you have to cap your upload speed. This is how I calculate my optimal upload speed… upload speed * 80% Maximum download speed Setting your maximum download speed to unlimited will hurt your connection. So use this to calculate your optimal setting. download speed * 90% Maximum connected peers per torrent upload speed * 1.3 Maximum upload slots 1 + (upload speed / 6) Disable Windows Firewall Windows Firewall hates P2P and so disable it and get yourself a decent firewall like Zone Alarm. And last optimize your Internet connection with TCP Optimizer. Know any other tricks to increase uTorrent’s download speed? Please share them here.
- Under ‘Port used for incomming connections’, enter any port number. It is best to use a port number above 10000. I use 45682.
- Randomize port each time utorrent starts: UNCHECKED. I leave this unchecked because I have a router. If you do not have a router or a firewall, and want extra security,check this option.
- Enable UPnP port mapping (Windows Xp or later only): UNCHECKED. I leave this unchecked because I have experienced it slowing down speeds. It is not needed if you manually port forward.
- Add utorrent to Windows Firewall exceptions (Windows XP SP2 or later only): UNCHECKED (do this only if you have windows firewall disabled)
- Global Maximum upload rate (kb/s): [0: unlimited]: 22 (for 256k connection)
- Protocol Encryption: ENABLED. I would recommend everyone to enable this. This can help increase speeds with many ISPs.
- Allow incoming Legacy Connections: CHECKED
Options>Preferences>Torrents - Global Maximum Number of Connections: 130 (for 256k connection)This number should not be set too low or the number of connections made to your torrents will be limited. Setting it too high may cause too much bandwidth to be used and can cause slowdowns.
- Maximum Number of connected peers per torrent: 70 (for 256k connection)If you see that the peers connected to a specific torrent are exactly this number, or very close, increase this number to improve speeds.
- Number of upload slots per torrent: 3 (for 256k connection)This depends on how much you want to upload to other users. Do not set too low or it may affect download speeds.
- Use additional upload slots if upload speed <90%:>
- Maximum number of active torrents: 2 (for 256k connection)
- Maximum number of active downloads: 1 (for 256k connection)
- Enable DHT Network: CHECKEDThis is recommended to be checked to improve speeds. More people will be available for sharing if this is checked.
- Enable DHT for new torrents: CHECKED
- Enable Peer Exchange: CHECKED
- Enable scrapping: CHECKED
- Pre-allocate all files: CHECKED
- Append .!ut to incomplete files: UNCHECKED
Options>Preferences>Advanced net.max_halfopen: 50 If you use Windows XP SP2, patch tcpip.sys with LvlLord’s Event ID 4226 Patcher to get better performance. DO NOT CHANGE THIS OPTION unless you have Windows XP SP2 and have patched tcpip.sys. You can also patch tcpip.sys with xp-Antispy If you have a firewall - Open up the options/preferences/settings for the firewall – usually your firewall will have an icon to click in the taskbar
- Look for the keywords “allow list” or “programs”
- Add the application you want to give access to the internet
- Make sure to save your settings when you are done
- Go to start>run>type cmd, press enter>type ipconfig, press enter
- Remember both your ip address and your default gateway
- Type in your default gateway into your default browser, a password prompt may come up. The default username and password are admin for my router
- Under ‘Applications’ fill out one line for each p2p client you use
- You need to use your ip address, the correct port range and set either tcp or udp
- You can find and change the ports in the actual p2p client’s settings, just make sure they are the same in the router
- Most p2p apps need both tcp and udp checked, if you are not sure check your p2p client’s FAQ
- Save your settings
How to calculate optimal settings for your connection In order to apply the following tips you need to know your maximum upload and download speeds. You can test your bandwidth over here. Maximum upload speed If you use your Maximum upload speed, there won’t be not enough space left for the files you are downloading. So you have to cap your upload speed. This is how I calculate my optimal upload speed… upload speed * 80% Maximum download speed Setting your maximum download speed to unlimited will hurt your connection. So use this to calculate your optimal setting. download speed * 90% Maximum connected peers per torrent upload speed * 1.3 Maximum upload slots 1 + (upload speed / 6) Disable Windows Firewall Windows Firewall hates P2P and so disable it and get yourself a decent firewall like Zone Alarm. And last optimize your Internet connection with TCP Optimizer. Know any other tricks to increase uTorrent’s download speed? Please share them here.
Subscribe to:
Posts (Atom)