Wednesday

Secure Computer: Protecting Services

Protecting Services

Protecting Services

Protecting Services

 


Protecting Services

How Firewall Can Protect Your Computer

How well does a firewall protect against these different types of attacks?
Command-channel attacks
A firewall can protect against command-channel attacks by restricting the number of machines to which attackers can open command channels and by providing a secured server on those machines. In some cases, it can also filter out clearly dangerous commands (for instance, invalid commands or commands you have decided not to allow).
Data-driven attacks
A firewall can't do much about data-driven attacks; the data has to be allowed through, or you won't actually be able to do anything. In some cases, it's possible to filter out bad data. For instance, you can run virus scanners over email and other file transfer protocols. Your best bet, however, is to educate users to the risks they run when they bring files to their machine and when they send data out, and to provide appropriate tools allowing them to protect their computers and data. These include virus checkers and encryption software.
Third-party attacks
Third-party attacks can sometimes be prevented by the same sort of tactics used against command-channel attacks: limit the hosts that are accessible to ones where you know only the desired services are available, and/or do protocol checking to make certain that the commands you're getting are for the service you're trying to allow.
False authentication of clients
A firewall cannot prevent false authentication of clients. It can, however, limit incoming connections to ones on which you enforce the use of nonreusable passwords.
Hijacking
A firewall can rarely do anything about hijacking. Using a virtual private network with encryption will prevent it; so will protocols that use encryption with a shared secret between the client and the server, which will keep the hijacker from being able to send valid packets. Using TCP implementations that have highly unpredictable sequence numbers will decrease the possibility of hijacking TCP connections. It will not protect you from a hijacker that can see the legitimate traffic. Even somewhat unpredictable sequence numbers will help; hijacking attempts will create a burst of invalid packets that may be detectable by a firewall or an intrusion detection system. (Sequence numbers and hijacking are discussed in more detail in Chapter 4, Packets and Protocols.)
Packet sniffing
A firewall cannot do anything to prevent packet sniffing. Virtual private networks and encrypted protocols will not prevent packet sniffing, but they will make it less damaging.
Data injection and modification
There's very little a firewall can do about data injection or modification. A virtual private network will protect against it, as will a protocol that has message integrity checking.
Replay
Once again, a firewall can do very little about replay attacks. In a few cases, where there is literally a replay of exactly the same packet, a stateful packet filter may be able to detect the duplication; however, in many cases, it's perfectly reasonable for that to happen. The primary protection against replay attacks is using a protocol that's not vulnerable to them (one that involves message integrity and includes a timestamp, for instance).
Denial of service
Firewalls can help prevent denial of service attacks by filtering out forged or malformed requests before they reach servers. In addition, they can sometimes provide assistance by limiting the resources available to an attacker. For instance, a firewall can limit the rate with which it sends traffic to a server, or control the balance of allowed traffic so that a single source cannot monopolize services.
 McAfee Total Protection 2011 3-UserMcAfee Total Protection My choiceTrend Micro Titanium Internet Security 2011 - 3 UserIf you work more than Hour on net , viewing more and more site , you can use Trend Micro Titanium For more protection ,
 AVG Internet Security 2011 (3-User)AVG antivirus Best in its Competitor you can use it free for one year
Source

Monday

Attacks Though Commands

Command Channel Attacks



A command channel attack is one that directly attacks a particular service's server by sending
it commands in the same way it regularly receives them(down it command channel).

There are two Types of Command Channel Attacks

1.Attacks that exploit valid commands to do undesirable things

2.Attacks that send invalid commands and exploit server bugs ind dealing with invalid input.

Command Prompt CMD


Data Driven Attacks

A data driven attacks is one that involves the data transferred by a protocol, instead of the server
that implements it.

There are two types of data driven attacks
Blocking The Attacks

SSL Connection

1.Attacks that involve evil data
2.Attacks that compromise good data

Viruses transmitted in electronic mail messages are data driven attacks that involve evil data

Attack that steal credit card numbers in transit are data driven attack that compromise good data


Third Party Attacks


A third-party attack is one that doesn't involve the service you're intending to support at all but that uses the provisions you've made to support one service in order to attack a completely different one. For instance, if you allow inbound TCP connections to any port above 1024 in order to support some protocol, you are opening up a large number of opportunities for third-party attacks as people make inbound connections to completely different servers.







A Stolen LifeHarry Potter Paperback Box Set (Books 1-7)The Sorcerer's Companion: A Guide to the Magical World of Harry Potter, Third EditionThe Sorcerer's Companion: A Guide to the Magical World of Harry Potter, Third Edition
Stolen Life




More

Web Application Problems
TCP/IP  
Boot Virus

 

Friday

Secure Computer: Identify Your Computer Services from Ports and Protocols

Identify Your Computer Services from Ports and Protocols

You can also determine what programs are running on a system by looking at what ports are
open and what protocols are in use.
Start by looking at your own local computer. Go to a command line or shell prompt and run
the netstat program using the -a (or all) switch:
netstat -a
The computer will display a list of open ports and some of the services that are using those
ports:
Active Connections

Proto       Local Address                             Foreign Address                                 State
TCP        YourComputer:microsoft-ds          YourComputer:0                            LISTENING
TCP        YourComputer:1025                     YourComputer:0                            LISTENING
TCP        YourComputer:1030                     YourComputer:0                            LISTENING
TCP        YourComputer:5000                     YourComputer:0                            LISTENING
TCP        YourComputer:netbios-ssn            YourComputer:0                            LISTENING
TCP        YourComputer: 1110                     216.239.57.147:http                     TIME_WAIT
UDP       YourComputer:microsoft-ds            *:*
UDP       YourComputer:isakmp                    *:*
UDP      YourComputer:1027                        *:*
UDP      YourComputer:1034                        *:*
UDP      YourComputer:1036                        *:*
UDP      YourComputer:ntp                           *:*
UDP      YourComputer:netbios-ns                *:*
UDP      YourComputer:netbios-dgm             *:*


From this you can see many of the programs and services that are running on your local
computer – many of which you don't even realize are running.
Another program, called fport, provides information similar to that which netstat does, but it
also details which programs are using the open ports and protocols. (Fport is available for free
download from www.foundstone.com.)
Another program, called nmap (for network mapper), will more thoroughly probe your
computer for open ports. When nmap is run, it will display a list of open ports and the services
or protocols that use those ports. It may also be able to determine what operating system
your computer is using. For example, if you run nmap on your local computer, you might see
the following output:
Port              State       Service
22/tcp              open     ssh
68/tcp              open     dhcpclient
139/tcp            open     netbios-ssn
445/tcp            open     microsoft-ds
Device type: general purpose
Running: Linux 2.4X|2.5.X
OS details: Linux Kernel 2.4.0 – 2.5.20
Uptime 1.024 days (since Sat Jul 4 12:15:48 2004)

Nmap is available on your Hacker Highschool or L. A. S. cd. It is also available for download
from  insecure



TCPIP Model

PASSWORD PROBLEM  

Topologies


Sid Meier's Civilization V [Download]Mac OS X version 10.6.3 Snow LeopardBattlefield Bad Company 2 [Download]

Saturday

How to install clean Windows 7

How to Install window7 Clean ?

Not What is "How to install window7 clean ? " so here You Rember that in older versions of windows,Microsoft wolud actually prompt you to insert an install floppy or CD from a vprevios eindows version, to rpove that your qulifed for the upgrad version. but begining with windows XP,PC makers were able to dramatically change the Windows install disc, so much so that , so clearly different system was required.

In windows vista ,Microsoft supported in place upgrades from windows XP< but if you wanted to use an upgrade version of the winodws vista setup disc to do clean install,you had to perform a double install trick.

When it comes to perform a clean install of windows 7 using upgrade media, there's no simple answer .

First up, let's define what it is I'm describing. For purposes of this discussion, a clean install--or what Microsoft calls a custom install--is when you boot your PC with Windows 7 Setup media (typically a Setup DVD, but with this version it could also be a specially created, bootable USB memory device containing the Setup bits) with the intention of installing just Windows 7 on the PC. There could be a previous version of Windows (XP or Vista) installed on the PC already. You will either install Windows 7 to a separate partition or will wipe out the previous Windows version during Setup. If it's the latter, please--please--be sure to backup all your data first. Please.

A clean install with Upgrade media is just what it sounds like: You will perform a clean install of Windows 7 using an Upgrade version of Windows 7, instead of the so-called (and more expensive) "Full" version. Upgrade versions of Windows 7 are far more common than Full versions, both because they are less expensive and because Microsoft offered (and in some cases is still offering) exceptionally cheap pricing on Upgrade media.

Note: One such special offer, the Windows 7 Family Pack, consists of 32-bit and 64-bit Windows 7 Home Premium Upgrade media Setup discs and a single product key which can be used to activate three copies of the OS on three different PCs. The Family Pack costs $150, or just $30 more than a single copy of Windows 7 Home Premium Upgrade. It's kind of a no-brainer. But rememeber what you're getting there: The Family Pack comes with Upgrade, not Full, product keys.

But here's the paradox. While anyone with a valid, licensed copy of Windows XP or Vista qualifies for any Upgrade version of Windows 7--and by the way, that's pretty much every single PC user on earth--only Vista users can do an in-place upgrade, which is the install type for which Upgrade media is optimized. If you're an XP user, there's no way to do an in-place upgrade. So you have to perform a migration, which consists of three steps:

1. Backup your crucial data and settings using Windows Easy Transfer (it's on the Windows 7 Setup DVD) and make note of the applications that are installed, because you'll have to manually reinstall them again after the fact.

2. Perform a clean install of Windows 7 using the Upgrade media. I describe this process in this article.

3. Restore your crucial data and settings using Windows Easy Transfer (part of Windows 7) and then reinstall your applications.

Put simply, there are millions of people out there who will be performing clean installs with Upgrade media. Many people have experienced issues with Windows 7 upgrades, especially those trying to do clean installs with Upgrade media, but if you follow the advice in this article, you will get up and running. You will get a legally activated, legitimate version of Windows 7 installed on your PC.

Is this process bulletproof? I'm not sure yet, but I think so. In any event, here's a checklist of things to try, in order from least painful to most painful. One of these methods will work for you.

Note: In all of these methods, you should observe one simple rule. Do not enter your product key during Setup. Instead, you will attempt to activate Windows 7 manually after it is installed. So you can just enter your product key later.

Understanding the secrets of clean-installing with Upgrade media
Before we get started, here are some general guidelines to help you understand what will and won't work during Setup with Upgrade media. These tips and tricks represent the bulk of the information we didn't have before Microsoft shipped Windows 7 to millions of people in October 2009. Each of these was confirmed by the team at Microsoft that created the Windows 7 Setup technology.

If you have a previous version of Windows (XP or Vista), try launching Windows 7 Setup from that OS first, even if you want to wipe out the previous Windows verison. If you run Windows 7 Setup from your previous OS, Windows 7 will always activate.
If you boot your PC with the Windows 7 Setup DVD, as described below, and there is an existing install of Windows on the first partition, Windows 7 will always activate. If the existing install of Windows is on some other partition, Windows 7 should still activate. There are instances in which this won't work--especially when people really muck around with directory structures and so on, but it should activate.
Windows 7 Setup does its compliance checking before the phase of Setup where you format the disc. (Unlike with Windows Vista.) This means that you can format your existing hard drive, and blow away a previous Windows version, and not worry about activation. If it was there, Windows 7 will still activate.
Recovery partitions don't count. While Windows 7 Setup will look for previous installations of Windows, it will not look for recovery partitions or use them for compliance checking.
While I provide two workarounds for Windows 7 installs that will not activate, Microsoft's preference is that you simply call Microsoft Support instead. The call is free, and they will get you up and running (i.e. activated) very quickly.



Many, many readers report that they have been able to simply treat the Windows 7 Upgrade media as if it were Full media, and that it just works. And you know what? It doesn't hurt to simply try this method, because if it doesn't work, you can then try methods 2 and then 3, in order, afterwards. There is no downside to trying this.

Here's what you do. Insert the Windows 7 Upgrade DVD in your PC's optical disc, reboot the computer, boot off the DVD, and then follow the steps to install Windows 7. If you are installing onto a computer that already has another version of Windows, be sure to back everything up first.

After Windows 7 is set up, and you've booted into the desktop, run Windows Update, download any pending updates, reboot as needed, and repeat until there are no more updates. Then, type activate in Start Menu Search to bring up the Activate Windows utility. Type in your product key and attempt to activate Windows.

If it works, you're all set. You're done. Congratulations.



Here's what you do want to see.

If this does not work, either call Microsoft Support and have them provide you with an activation code, or move on to method 2.



Here's what you don't want to see. But don't worry, we can overcome this.

Method #2: Registry hack

Note: This workaround is not supported by Microsoft but my understanding is that it has a 100 percent success rate. If you are nervous that performing this workaround will lead to later complications--unlikely, but not impossible--please use Method #3, below, instead. Method #3 is supported by Microsoft.

Open regedit.exe with Start Menu Search and navigate to:
HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Setup/OOBE/



Change MediaBootInstall from "1" to "0". (Double-click it and then enter 0 in the dialog that appears.)



Close RegEdit.

Open the Start Menu again and type cmd in Start Menu search to display a shortcut to the Command Line utility. Right-click this shortcut and choose "Run as administrator." Handle the UAC prompt.

In the command line window, type: slmgr /rearm

Then tap ENTER and wait for the "Command completed successfully" dialog.



Then, close the command line window and reboot. When Windows 7 reboots, run the Activate Windows utility, type in your product key and activate windows.

If it works, you're all set. You're done. Congratulations.

If this does not work, you can try two different things:
First, ensure there are no pending Windows Updates to install. In my experience, some of these can cause this method to fail. Install them and reboot PC. Re-run the command line (with administrative privileges) noted above, reboot again, and re-attempt the activation.

If that does not work, try Method #3.

Method #3: The good old "double install" method
If the above two methods fail, you can always fall back on the old "double install" method that I previously documented for Windows Vista. This workaround is fully supported by Microsoft. There's already a whole article dedicated to this topic, but here's the short version since you've already done the initial install:

1. Insert the Windows 7 Setup DVD in the optical drive if it isn't already there and choose Run Setup from the auto-run dialog that appears. Or, if it is already inserted, navigate to the optical drive in Computer and double-click is icon to trigger Setup.

2. At the appropriate stage of Setup, choose Upgrade (and not Custom). Windows 7 will install as before, though you might notice that it takes quite a bit longer this time. Because you're upgrading this time, you won't be prompted to enter your user name or most of the other information that you need to provide during a clean install. Using the user name (and password) you created during the first install, logon to Windows 7.
Now, activation will work. To activate Windows 7 immediately, type activate in Start Menu Search. This brings up the Activate Windows utility. Type in your product key and attempt to activate Windows.

Final thoughts
The methods described above will work for just about anyone and at least two of these methods are supported by Microsoft, if you're a valid, licensed owner of a previous Windows version. (Which is, of course, the assumption.) And remember that you can also take advantage of Microsoft's free support line if you need or want to activate otherwise. However you do it, these tips, tricks, and workarounds should get you up and running in Windows 7 legally, safely, and easily. My only regret is that it took so long to get this information out to you. Hopefully, with the next Windows version, the Upgrade process will be more well known before the product launches.




Windows 8 lauch soon may be 2012

Shop

Wolf - 150 x 150

Dmoz

Comments