Wednesday, 28 May 2014

What is Clickjacking?


Clickjacking attack allows to perform an action on victim website, Mostly Facebook and Twitter accounts are targetable. 
when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they were intending to click on the the top 
level page. Thus, the attacker is "hijacking" clicks meant for their page and routing them to other another page, most likely owned by another application, domain, or both. It may be similar to CSRF Cross Site Request Forgeries Attack.

Clickjacking is a term first introduced by Jeremiah Grossman and Robert Hansen in
2008 to describe a technique whereby an attacker tricks a user into performing certain actions on a website by hiding clickable elements inside an invisible iframe.

Using a similar technique, keystrokes can also be hijacked. With a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led to believe they
are typing in the password to their email or bank account, but are instead typing into
an invisible frame controlled by the attacker.

At present this attack mostly use on social network websites like Facebook and twitter, Because this attack is used by convinced victim for click on the link and SocialNetwork website might be very useful for attack on victim.

Sunday, 25 May 2014

Wireless Home Networking Tips & Tricks

******************************
Fix Connectivity Issues:
""""""""""""""""""""""""""
It sounds crazy, but 95 percent of all Internet connectivity problems can be solved by power-cycling both the router and the modem. Turn them both off, and then turn the modem back on first. Once its "sync" or signal light comes on, turn on your router.
Use Encryption:
"""""""""""""""""
You've probably heard this before, but it bears repeating: Always enable your router's wireless security! Wired Equivalent Privacy (WEP) encryption is the oldest (and weakest) form of security; the newer (and stronger) Wi-Fi Protected Access (WPA) and WPA-2 are the best protection available today for home users.
Update Your Router's Firmware:
"""""""""""""""""""""""""""""""""""""
All routers include internal read-only chips with embedded instructions that can be updated by the manufacturer. Router manufacturers generally update a product's firmware to increase performance as well as to resolve bugs and security issues, so it's wise to keep your router's firmware up-to-date. Check the manufacturer's Web site for the latest updates.
Boost Your Wireless Signal:
"""""""""""""""""""""""""""""""
If walls and distance are causing wireless signal degradation, you can do a few things to boost it. Move your router to higher ground—the signal radiates downward. You can also try a signal extender (or repeater), which boosts the signal. Finally, high-gain antennas will work, but they only focus the signal in one direction.
Change Admin Password:
"""""""""""""""""""""""""""""
Every router has a well-known default password that's used to access the router's browser-based configuration page. Most setup wizards will make you change this password, but not all do. If not, be sure to change it yourself to prevent unwanted hangers-on from changing your network's settings.
Go Back to Factory Settings:
""""""""""""""""""""""""""""""""
If you've lost or forgotten your router's login credentials, you can get around this predicament by resetting the router to its factory settings. Do this by holding down the button on the back of it for 30 seconds. Next, look in the manual for the default user name and password, and then change them on your router's browser-based configuration page.
Disable SSID Broadcast:
"""""""""""""""""""""""""""
Unless you disable it, your router broadcasts its service set identifier (SSID)—the name of your network—which allows your neighbors to see (and attempt to gain access to) your network. Instead, disable broadcasting, making the network appear as "SSID not broadcast." Access the unnamed network by typing in the SSID name when prompted.
Change the Default SSID:
"""""""""""""""""""""""""""""
Change your pre-defined, default SSID—leaving it as "Linksys," for example, tells the world that you haven't configured your router, which invites attackers.
Filter by MAC Address:
""""""""""""""""""""""""""
Every piece of networking gear includes a unique "fingerprint" called a media access control, or MAC, address. You can configure your router to filter connections using these addresses so that only your computers can connect to your network. Most routers will show you connected devices, so adding an adapter's MAC address is a one-click process.
Step Up to 5GHz:
"""""""""""""""""""
The majority of today's networks operate in the crowded 2.4GHz frequency range, which is shared by microwaves, cordless phones, and other home networks. To avoid possible interference, many new routers are capable of broadcasting at 5GHz, which has 23 wide-open channels as opposed to 2.4GHz's three non-overlapping channels.
Limit Your Number of DHCP Clients:
""""""""""""""""""""""""""""""""""""""""
Most people use their router as a DHCP server; when clients connect, the router dynamically assigns IP addresses from a large pool of addresses. Limiting that list to the number of clients in your home, however, will help prevent interlopers from hopping onto your network.
Use Your Router's Firewall:
"""""""""""""""""""""""""""""""
Two features make most hardware firewalls more powerful than software firewalls: stateful packet inspection (SPI) and network address translation (NAT). SPI examines packets' content and behavior before granting access, and NAT hides all PCs connected to the router from the Internet, "translating" their IP addresses into private ones that are unreachable from outside the firewall.
Change Your Channel:
"""""""""""""""""""""""""
Wireless B and G (and some N) routers operate at the 2.4GHz frequency, which only has three non-overlapping channels: 1, 6 and 11. By default, your router will most likely be using one of these channels, and the bad news is so your neighbors' routers as well. If you experience dropped connections, sluggish performance or both, a good first step is to switch the channel. If it's set to channel 1, go to 11. If it's set to 6, try either 1 or 11 for best results.
Let Windows Control Your Wireless Networks:
""""""""""""""""""""""""""""""""""""""""""""""""""""
If a network adapter's software takes control of your wireless network, it can be difficult to put Windows back in charge. First, click Start, then Run, then type services.msc. Scroll down to Wireless Zero Configuration and start the service. Right-click your wireless connection, select view available networks, and then click advanced settings on the left. Click the wireless networks tab, and check "Use Windows to Configure my wireless network settings."
Disable File Sharing in Public:
"""""""""""""""""""""""""""""""""
If you're in a public place with a Net connection, it's a good idea to disable File and Printer Sharing for Microsoft Networks. In the properties of your network adapter, uncheck the appropriate box. It's also a good idea to switch your notebook's wireless radio off if you aren't using it.

Wednesday, 14 May 2014

How to protect USB Virus from entering ur PC?

Hi friends, i have a sloution for ur issue.
You can make ur normal pen drive to virus protected pendrive. for that u want 1 pc which having windows vista 0r 7 os installed. Follow the below steps……..
1) Connect ur pen drive to pc which having widows vista or windows 7 operating system. (The user must having Administrator rights)
2) Open ‘My Computer’ & right click on pendrive icon then select ‘Format’ option. Before formatting you must take a back up of all of your data because it deletes whole data from ur pen drive.
3) In Format window select file system tab & change it to ‘NTFS’ then click on ‘Start’ to start formatting.
4) After formatting done close the format window & open ur pendrive.
5) create one folder in pen drive & rename it to ‘secured’.
6) Back to ‘My Computer’ & again right click on pendrive & now select ‘Properties’ tab.
7) In properties window select security tab then click on edit & tick on ‘Deny’ for ‘Write’ permission then press ok to apply the settings.
8) Open pen drive again, right click on ‘Secured’ folder select ‘Properties’ then ‘Security’ tab.
again click on ‘Edit’ tab & set ‘Allow’ permission to ‘Full Control’ then click ok to apply settings.
9) Open ‘Secured’ folder, create one folder into that & rename it to ‘Secured.exe’.
10) Right click on ‘Secured.exe’ folder select ‘Properties’ & make it hidden by selecting ‘Hidden’ attribute then select ‘security’ tab click on ‘Edit’ & set ‘Deny’ permission to ‘Full Control’ .
10) Press ‘Ok’ to apply the settings.
Now ur pen drive is virus protected. but u can’t copy files into that directly. u need to copy all of ur files to the secured folder & I recommand that copy ur software setup files to the zip folder so, virus can’t access software’s exe files

Monday, 12 May 2014

HACKER TERMINOLOGY PART 2

Logic Bomb – A logic bomb is a malicious program designed to execute when a certain criterion is met. A time bomb could be considered a logic bomb because when the target time or date is reached, it executes. But logic bombs can be much more complex. They can be designed to execute when a certain file is accessed, or when a certain key combination is pressed, or through the passing of any other event or task that is possible to be tracked on a computer. Until the trigger event the logic bomb was designed for passes, it will simply remain dormant.
Malware – Simply put, malware is a malicious program that causes damage. It includes viruses, Trojans, worms, time bombs, logic bombs, or anything else intended to cause damage upon the execution of the payload.
Master Program - A master program is the program a black hat cracker uses to remotely transmit commands to infected zombie drones, normally to carry out Denial of Service attacks or spam attacks.
Payload – The payload is the part of the malware program that actually executes its designed task.
Phishing – Phishing is a form of social engineering carried out by black hats in electronic form, usually by email, with the purpose of gathering sensitive information. Often these communications will look legitimate and sometimes they will even look like they come from a legitimate source like a social networking site, a well-known entity like Paypal or Ebay, or even your bank. They will have a link directing you to a site that looks very convincing and ask you to verify your account information. When you log in to verify your information on the bogus site, you have just given the black hat exactly what they need to make you the next victim of cyber crime. Phishing is done in many forms – sometimes it’s easy to spot, sometimes not.
Phreaker - Considered the original computer hackers, phreakers, or phone phreakers, hit the scene in the 60s and made their mark by circumventing telecommunications security systems to place calls, including long distance, for free. By using electronic recording devices, or even simply creating tones with a whistle, phreakers tricked the systems into thinking it was a valid call. One of the first to find prominence was “Captain Crunch,” a phreaker who realized the toy whistle that came as a prize in a box of Captain Crunch cereal could be used to mimic the tone frequencies used by telecommunications companies to validate and route calls.
Polymorphic Virus - A polymorphic virus is a virus that will change its digital footprint every time it replicates. Antivirus software relies on a constantly updated and evolving database of virus signatures to detect any virus that may have infected a system. By changing its signature upon replication, a polymorphic virus may elude antivirus software, making it very hard to eradicate.
Rootkit - Without a doubt, the biggest fear in IT security is an undetected intrusion. A rootkit is a tool that can give a black hat the means for just such a perfect heist. A rootkit is a malware program that is installed on a system through various means, including the same methods that allow viruses to be injected into a system, like email, websites designed to introduce malware, or downloading and/or copying to the system with an unsafe program. Once a rootkit is introduced, this will create a back door for a black hat that will allow remote, unauthorized entry whenever he or she chooses. What makes a rootkit particularly lethal: it is installed and functions at such low system levels that it can be designed to erase its own tracks and activity from the now vulnerable system, allowing the black hat to navigate through entire networks without being exposed. Often, black hats will use social engineering to gain physical access to particularly well protected system so the rootkit can be directly installed from CD or a tiny USB drive (it only takes a minute) in order either to circumvent a particularly troublesome firewall or gain access to a system that is not normally accessible from the outside. Once the rootkit is introduced, the black hat has free reign and even skilled IT security departments will have a lot of trouble even seeing the activity as it’s happening. Rootkits are a definite 10 on the scary scale of cyber intrusions.
Script Kiddie - An individual who does not possess, or just doesn’t use, their own skills and know-how to hack or crack a computer system or network, but uses a pre-written program or piece of code, a script, to do the dirty work. While they may not possess the computing talent, they can be just as dangerous!
Social Engineering – In the realm of the black hats, social engineering means to deceive someone for the purpose of acquiring sensitive and personal information, like credit card details or user names and passwords. For instance, when fictitious Mr. Smith calls from IT services to inform you of new user name and password guidelines being implemented by the company and asks you to reveal yours so he can make sure they meet the new guidelines, you have been a target of social engineering. They can be very clever and resourceful, and very, very convincing. The only way to make sure you are not a victim of social engineering is never to give your personal and sensitive information to anyone you are not absolutely sure about. There are very few occasions that anyone legitimate would ever ask you for a password, and you should always be the one contacting them, not the other way around.
Spam – Spam is simply unsolicited email, also known as junk email. Spammers gather lists of email addresses, which they use to bombard users with this unsolicited mail. Often, the emails sent are simply advertising for a product or a service, but sometimes they can be used for phishing and/or directing you to websites or products that will introduce malware to your system. When you receive spam, the best practice is to delete it immediately. Sometimes you will see a note in a spam email that gives you instructions on how to be removed from the list – never do it! This will only confirm to the spammer that they have a valid email address and the spam will just keep coming. They could also then sell your email address to another spammer as a confirmed email address and more spam will show up in your inbox. Most mail services have spam filters and these should be employed whenever possible.
Spoofing – Spoofing is the art of misdirection. Black hat crackers will often cover their tracks by spoofing (faking) an IP address or masking/changing the sender information on an email so as to deceive the recipient as to its origin. For example, they could send you an email containing a link to a page that will infect your system with malware and make it look like it came from a safe source, such as a trusted friend or well-known organization. Most of the true sources have security measures in place to avoid tampering with sender information on their own mail servers, but as many black hat spammers will launch attacks from their own SMTP (Simple Mail Transfer Protocol), they will be able to tamper with that information. When in doubt, check with the source yourself.
Spyware - Spyware is software designed to gather information about a user’s computer use without their knowledge. Sometimes spyware is simply used to track a user’s Internet surfing habits for advertising purposes in an effort to match your interests with relevant ads. On the other side of the coin, spyware can also scan computer files and keystrokes, create pop-up ads, change your homepage and/or direct you to pre-chosen websites. One common use is to generate a pop-up ad informing you that your system has been infected with a virus or some other form of malware and then force you to a pre-selected page that has the solution to fix the problem. Most often, spyware is bundled with free software like screen savers, emoticons and social networking programs.
Time Bomb – A time bomb is a malicious program designed to execute at a predetermined time and/or date. Time bombs are often set to trigger on special days like holidays, or sometimes they mark things like Hitler’s birthday or 9/11 to make some sort of political statement. What a time bomb does on execution could be something benign like showing a certain picture, or it could be much more damaging, like stealing, deleting, or corrupting system information. Until the trigger time is achieved, a time bomb will simply remain dormant.
Trojan – A Trojan, or Trojan Horse, is a malicious program disguised to look like a valid program, making it difficult to distinguish from programs that are supposed to be there. Once introduced, a Trojan can destroy files, alter information, steal passwords or other information, or fulfill any other sinister purpose it was designed to accomplish. Or it may stay dormant, waiting for a cracker to access it remotely and take control of the system. A Trojan is a lot like a virus, but without the ability to replicate.
Virus - A virus is a malicious program or code that attaches itself to another program file and can replicate itself and thereby infect other systems. Just like the flu virus, it can spread from one system to another when the infected program is used by another system. The more interconnected the host is, the better its chances to spread. The spread of a virus can easily occur on networked systems, or it could even be passed along on other media like a CD or memory stick when a user unwittingly copies an infected file and introduces it to a new system. A virus could even be emailed with an attachment. “Virus” is often incorrectly used as a catch-all phrase for other malicious programs that don’t have the ability to self-replicate, like spyware and adware.
Wardriving – Wardriving is the act of driving around in a vehicle with the purpose of finding an open, unsecured Wi-Fi wireless network. Many times, the range of a wireless network will exceed the perimeter of a building and create zones in public places that can be exploited to gain entry to the network. Black hats, and even gray hats, will often use a GPS system to make maps of exploitable zones so they can be used at a later time or passed on to others. Wardriving is not the only way this task is performed – there are Warbikers and Warwalkers too. As you can see, it is imperative that your WiFi network is secure because there are entities out there looking for any opening to ply their trade.
White Hat – While black hats use their skill for malicious purposes, white hats are ethical hackers. They use their knowledge and skill to thwart the black hats and secure the integrity of computer systems or networks. If a black hat decides to target you, it’s a great thing to have a white hat around. But if you don’t, you can always call on one of ours at Global Digital Forensics.
Worm – A worm is very similar to a virus in that it is a destructive self-contained program that can replicate itself. But unlike a virus, a worm does not need to be a part of another program or document. A worm can copy and transfer itself to other systems on a network, even without user intervention. A worm can become devastating if not isolated and removed. Even if it does not cause outright damage, a worm replicating out of control can exponentially consume system resources like memory and bandwidth until a system becomes unstable and unusable.
Zero Day Threat/Exploit - Every threat to your computer security has to start somewhere. Unfortunately, the way most of us protect ourselves from cyber threats and intrusions, is to use detection programs that are based on analyzing, comparing and matching the digital footprint of a possible threat to an internal database of threats that have been previously detected, reported and documented. That’s why we all have to go through those seemingly never-ending updates to our antivirus programs, that’s how the database is updated and the newest threats are added to the list of what the scanners look for. That inherent flaw in our scanners is what makes a Zero Day threat so dangerous. A Zero Day threat is pristine and undocumented. From the very first day a particular threat is ever deployed (zero day) until that threat is noticed, reported, documented and added to the index, it is an unknown. As far as standard protection goes, unknown means invisible – and when it comes to cyber threats, invisible can definitely mean trouble.
Zombie / Zombie Drone – A zombie is a malware program that can be used by a black hat cracker to remotely take control of a system so it can be used as a zombie drone for further attacks, like spam emails or Denial of Service attacks, without a user’s knowledge. This helps cover the black hat’s tracks and increases the magnitude of their activities by using your resources for their own devious purposes. Rarely will the user infected with a zombie even know it’s there, as zombies are normally benign and non-destructive in and of themselves. Zombies can be introduced to a system by simply opening an infected email attachment, but most often they are received through non-mainstream sites like file sharing sites, chat groups, adult websites and online casinos that force you to download their media player to have access to the content on their site, using the installed player itself as the delivery mechanism.

Sunday, 11 May 2014

HACKER TERMINOLOGY PART 1

This glossary was made to help take some of the confusion out of the terms often used when referring to cyber crime. When dealing with crackers, black hats and hackers, what you don’t know can hurt you, so please take a moment to familiarize yourself with these terms and tools of their trade. And remember, the Global Digital Forenics team has dealt with all of this before, so please don’t hesitate to call if you have already become a victim of cyber crime, or just don’t want to be the next.
Adware - Adware is software designed to force pre-chosen ads to display on your system. Some adware is designed to be malicious and will pop up ads with such speed and frequency that they seem to be taking over everything, slowing down your system and tying up all of your system resources. When adware is coupled with spyware, it can be a frustrating ride, to say the least.
Back Door - A back door is a point of entry that circumvents normal security and can be used by a cracker to access a network or computer system. Usually back doors are created by system developers as shortcuts to speed access through security during the development stage and then are overlooked and never properly removed during final implementation. Sometimes crackers will create their own back door to a system by using a virus or a Trojan to set it up, thereby allowing them future access at their leisure.
Black Hat - Just like in the old westerns, these are the bad guys. A black hat is a cracker. To add insult to injury, black hats may also share information about the “break in” with other black hat crackers so they can exploit the same vulnerabilities before the victim becomes aware and takes appropriate measures… like calling Global Digital Forensics!
Bot - A bot is a software “robot” that performs an extensive set of automated tasks on its own. Search engines like Google use bots, also known as spiders, to crawl through websites in order to scan through all of your pages. In these cases bots are not meant to interfere with a user, but are employed in an effort to index sites for the purpose of ranking them accordingly for appropriate returns on search queries. But when black hats use a bot, they can perform an extensive set of destructive tasks, as well as introduce many forms of malware to your system or network. They can also be used by black hats to coordinate attacks by controlling botnets.
Botnet – A botnet is a network of zombie drones under the control of a black hat. When black hats are launching a Distributed Denial of Service attack for instance, they will use a botnet under their control to accomplish it. Most often, the users of the systems will not even know they are involved or that their system resources are being used to carry out DDOS attacks or for spamming. It not only helps cover the black hat’s tracks, but increases the ferocity of the attack by using the resources of many computer systems in a coordinated effort.
Cookies – A cookie is a small packet of information from a visited webserver stored on your system by your computer’s browser. It is designed to store personalized information in order to customize your next visit. For instance, if you visit a site with forms to fill out on each visit, that information can be stored on your system as a cookie so you don’t have to go through the process of filling out the forms each time you visit.
Cracker - When you hear the word hacker today, in reality it is normally referring to a cracker, but the two have become synonymous. With its origin derived from “safe-cracker” as a way to differentiate from the various uses of “hacker” in the cyber world, a cracker is someone who breaks into a computer system or network without authorization and with the intention of doing damage. A cracker may destroy files, steal personal information like credit card numbers or client data, infect the system with a virus, or undertake many others things that cause harm. This glossary will give you an idea of what they can do and some of the means they use to achieve their malicious objectives. These are the black hats.
Denial of Service Attack (DOS) – A Denial of Service attack is an attack designed to overwhelm a targeted website to the point of crashing it or making it inaccessible. Along with sheer numbers and frequency, sometimes the data packets that are sent are malformed to further stress the system trying to process the server requests. A successful Denial of Service attack can cripple any entity that relies on its online presence by rendering their website virtually useless.
Distributed Denial of Service Attack (DDOS) - A Distributed Denial of Service attack is done with the help of zombie drones (also known as a botnet) under the control of black hats using a master program to command them to send information and data packets to the targeted webserver from the multiple systems under their control. This obviously makes the Distributed Denial of Service attack even more devastating than a Denial of Service attack launched from a single system, flooding the target server with a speed and volume that is exponentially magnified. As is normally the case with zombie drones and botnets, this is often done without the user of the controlled system even knowing they were involved.
Dumpster Diving - The act of rummaging through the trash of an individual or business to gather information that could be useful for a cyber criminal to gain access to a system or attain personal information to aid them in identity theft or system intrusion. One person’s garbage can indeed be a cyber criminal’s treasure.
Easter Egg - A non-malicious surprise contained in a program or on a circuit board installed by the developer. It could be as simple as a text greeting, a signature, or an image embedded on a circuit board, or comprise a more complex routine, like a video or a small program. The criteria that must be met to be considered an Easter Egg are that it be undocumented, non-malicious, reproducible to anyone with the same device or software, not be obvious, and above all – it should be entertaining!
Firewall - A firewall is a security barrier designed to keep unwanted intruders “outside” a computer system or network while allowing safe communication between systems and users on the “inside” of the firewall. Firewalls can be physical devices or software-based, or a combination of the two. A well designed and implemented firewall is a must to ensure safe communications and network access and should be regularly checked and updated to ensure continued function. Black hats learn new tricks and exploit new techniques all the time, and what worked to keep them out yesterday may need to be adjusted or replaced over time.
Gray Hat – A gray hat, as you would imagine, is a bit of a white hat/black hat hybrid. Thankfully, like white hats, their mission is not to do damage to a system or network, but to expose flaws in system security. The black hat part of the mix is that they may very well use illegal means to gain access to the targeted system or network, but not for the purpose of damaging or destroying data: they want to expose the security weaknesses of a particular system and then notify the “victim” of their success. Often this is done with the intent of then selling their services to help correct the security failure so black hats can not gain entry and/or access for more devious and harmful purposes.
Hacker - This is the trickiest definition of the group and controversy has followed its use for decades. Originally, the term hacker had a positive connotation and it actually had nothing to do with computer systems. In 1946, the Tech Model Railroad Club of MIT coined the term to mean someone who applies ingenuity to achieve a clever result. Then, when computers came along, ”hacker” took on the meaning of someone who would “hack” away on a program through the night to make it better. But in the 80s everything changed, and Hollywood was the catalyst. When the personal computers onslaught started invading our daily lives, it didn’t take long for clever screen-writers to bring the black hat villains of the cyber world to the forefront of our collective consciousness, and they haven’t looked back since. They associated our deepest fears with the word hacker, making them the ones that unraveled our privacy, put our safety in jeopardy, and had the power to take everything from us, from our material possessions to our very identities. And they could do it all anonymously, by hacking away in a dark room by the dim light of a computer monitor’s glow. Needless to say, right or wrong, it stuck! Even many professionals in the computing field today have finally, albeit grudgingly, given in to the mainstream meaning of the word. “Hacker” has thus become the catch-all term used when in fact it should be “cracker.”
Keylogger – A keylogger is a non-destructive program that is designed to log every keystroke made on a computer. The information that is collected can then be saved as a file and/or sent to another machine on the network or over the Internet, making it possible for someone else to see every keystroke that was made on a particular system. By breaking down this information, it can be easy for a black hat cracker to recreate your user names and passwords, putting all kinds of information at risk and susceptible to misuse. Just imagine your online banking login information falling into the wrong hands! Finding out you have a keylogger installed, however, does not necessarily mean you were the victim of a black hat, as some companies install them on employee computers to track usage and ensure that systems are not being used for unintended purposes. Keyloggers are, for obvious reasons, often considered to be spyware.

Thursday, 8 May 2014

Best 6 linux keyloggers

(1)LKL:-
LKL is a user space keylogger that runs under linux--x86/arch. LKL sniffs and logs everything passes trought the hardware keyboard port (0x60).

Download From here

(2)Log Key:-
logkeys is a linux keylogger. It is no more advanced than other available linux
keyloggers, notably lkl and uberkey, but is a bit newer, more up to date, it doesn't unreliably repeat keys and it shouldn't crash your X. All in all, it just seems to work. It relies on event interface of the Linux input subsystem.

Once completely set, it logs all common character and function keys, while also
being fully aware of Shift and Altr key modifiers.

Download from here

(3)Ttypld:-
ttyrpld is a kit to log any traffic and actions which go through any of your Kernel's tty
devices. In common-term language, this is a Keylogger

Download from here

(4)uber key :-
Download link

(5)Vlogger:-
Download link

(6)Simple keylogger Python script:-
Download here

If you are free & want to learn how keyboard driver works in linux kernal , I would recommended you to read from following link .

What are malware, viruses, Spyware, and cookies?

What are malware, viruses, Spyware, and cookies, 
and 
what differentiates them ?

"Malware" is short for malicious software and used as a single term to refer to virus, spy ware, worm etc. Malware is designed to cause damage to a stand alone computer or a networked pc. So wherever a malware term is used it means a program which is designed to damage your computer it may be a virus, worm or Trojan.

Worms:-
Worms are malicious programs that make copies of themselves again and again on the local drive, network shares, etc. The only purpose of the worm is to reproduce itself again and again. It doesn’t harm any data/file on the computer. Unlike a virus, it does not need to attach itself to an existing program. Worms spread by exploiting vulnerabilities in operating systems

Examples of worm are: - W32.SillyFDC.BBY
Packed.Generic.236
W32.Troresba

Due to its replication nature it takes a lot of space in the hard drive and consumes more cpu uses which in turn makes the pc too slow also consumes more network bandwidth.

Virus:-
Virus is a program written to enter to your computer and damage/alter your files/data. A virus might corrupt or delete data on your computer. Viruses can also replicate themselves. A computer Virus is more dangerous than a computer worm as it makes changes or deletes your files while worms only replicates itself with out making changes to your files/data.

Examples of virus are: - W32.Sfc!mod
ABAP.Rivpas.A
Accept.3773

Viruses can enter to your computer as an attachment of images, greeting, or audio / video files. Viruses also enters through downloads on the Internet. They can be hidden in a free/trial softwares or other files that you download.

So before you download anything from internet be sure about it first. Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without a human action, such as running an infected program to keep it going.

Virus is of different types which are as follows.

1) File viruses
2) Macro viruses
3) Master boot record viruses
4) Boot sector viruses
5) Multipartite viruses
6) Polymorphic viruses
7) Stealth viruses

File Virus:-This type of virus normally infects program files such as .exe, .com, .bat. Once this virus stays in memory it tries to infect all programs that load on to memory.

Macro Virus: - These type of virus infects word, excel, PowerPoint, access and other data files. Once infected repairing of these files is very much difficult.

Master boot record files: - MBR viruses are memory-resident viruses and copy itself to the first sector of a storage device which is used for partition tables or OS loading programs .A MBR virus will infect this particular area of Storage device instead of normal files. The easiest way to remove a MBR virus is to clean the MBR area,

Boot sector virus: - Boot sector virus infects the boot sector of a HDD or FDD. These are also memory resident in nature. As soon as the computer starts it gets infected from the boot sector.
Cleaning this type of virus is very difficult.

Multipartite virus: - A hybrid of Boot and Program/file viruses. They infect program files and when the infected program is executed, these viruses infect the boot record. When you boot the computer next time the virus from the boot record loads in memory and then start infecting other program files on disk

Polymorphic viruses: - A virus that can encrypt its code in different ways so that it appears differently in each infection. These viruses are more difficult to detect.

Stealth viruses: - These types of viruses use different kind of techniques to avoid detection. They either redirect the disk head to read another sector instead of the one in which they reside or they may alter the reading of the infected file’s size shown in the directory listing. For example, the Whale virus adds 9216 bytes to an infected file; then the virus subtracts the same number of bytes (9216) from the size given in the directory.

Trojans: - A Trojan horse is not a virus. It is a destructive program that looks as a genuine application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. Trojans also open a backdoor entry to your computer which gives malicious users/programs access to your system, allowing confidential and personal information to be theft.

Example: - JS.Debeski.Trojan

Trojan horses are broken down in classification based on how they infect the systems and the damage caused by them. The seven main types of Trojan horses are:
• Remote Access Trojans
• Data Sending Trojans
• Destructive Trojans
• Proxy Trojans
• FTP Trojans
• security software disabler Trojans
• denial-of-service attack Trojans

Adware: - Generically adware is a software application in which advertising banners are displayed while any program is running. Adware can automatically get downloaded to your system while browsing any website and can be viewed through pop-up windows or through a bar that appears on a computer screen automatically. Adwares are used by companies for marketing purpose.

Spywares: - Spyware is a type of program that is installed with or without your permission on your personal computers to collect information about users, their computer or browsing habits tracks each and everything that you do without your knowledge and send it to remote user. It also can download other malicious programs from internet and install it on the computer.Spyware works like adware but is usually a separate program that is installed unknowingly when you install another freeware type program or application.

Spam: - Spamming is a method of flooding the Internet with copies of the same message. Most spams are commercial advertisements which are sent as an unwanted email to users. Spams are also known as Electronic junk mails or junk newsgroup postings. These spam mails are very annoying as it keeps coming every day and keeps your mailbox full.

Tracking cookies: - A cookie is a plain text file that is stored on your computer in a cookies folder and it stores data about your browsing session. Cookies are used by many websites to track visitor information A tracking cookie is a cookie which keeps tracks of all your browsing information and this is used by hackers and companies to know all your personal details like bank account details, your credit card information etc. which is dangerous .

Misleading applications: - Misleading applications misguide you about the security status of your computer and shows you that your computer is infected by some malware and you have to download the tool to remove the threat. As you download the tool it shows some threats in your computer and to remove it you have to buy the product for which it asks some personal information like credit card information etc. which is dangerous.

What is active content?



To increase functionality or add design embellishments, web sites often rely on scripts that execute programs within the web browser. This active content can be used to create "splash pages" or options like drop-down menus. Unfortunately, these scripts are often a way for attackers to download or execute malicious code on a user's computer.
JavaScript - JavaScript is just one of many web scripts (other examples are VBScript, ECMAScript, and JScript) and is probably the most recognized. Used on almost every web site now, JavaScript and other scripts are popular because users expect the functionality and "look" that it provides, and it's easy to incorporate (many common software programs for building web sites have the capability to add JavaScript features with little effort or knowledge required of the user). However, because of these reasons, attackers can manipulate it to their own purposes. A popular type of attack that relies on JavaScript involves redirecting users from a legitimate web site to a malicious one that may download viruses or collect personal information.
Java and ActiveX controls - Different from JavaScript, Java and ActiveX controls are actual programs that reside on your computer or can be downloaded over the network into your browser. If executed by attackers, untrustworthy ActiveX controls may be able to do anything on your computer that you can do (such as running spyware and collecting personal information, connecting to other computers, and potentially doing other damage). Java applets usually run in a more restricted environment, but if that environment isn't secure, then malicious Java applets may create opportunities for attack as well.
JavaScript and other forms of active content are not always dangerous, but they are common tools for attackers. You can prevent active content from running in most browsers, but realize that the added security may limit functionality and break features of some sites you visit. Before clicking on a link to a website that you are not familiar with or do not trust, take the precaution of disabling active content.
These same risks may also apply to the email program you use. Many email clients use the same programs as web browsers to display HTML, so vulnerabilities that affect active content like JavaScript and ActiveX often apply to email. Viewing messages as plain text may resolve this problem.

Wednesday, 7 May 2014

Protecting Students with Google Apps for Education

 

Today more than 30 million students, teachers and administrators globally rely on Google Apps for Education. Earning and keeping their trust drives our business forward. We know that trust is earned through protecting their privacy and providing the best security measures.

This is why, from day one, we turned off ads by default in Apps for Education services. Last year, we removed ads from Google Search for signed-in K-12 users altogether. So, if you’re a student logging in to your Apps for Education account at school or at home, when you navigate to Google.com, you will not see ads.

Of course, good privacy requires strong security. We have more than 400 full-time engineers — the world’s foremost experts in security — working to protect your information. We always use an encrypted HTTPS connection when you check or send email in Gmail, which means no one can listen in on your messages as they go back and forth between your laptop, phone or tablet and Gmail’s servers — even if you’re using public WiFi.

Today, we’re taking additional steps to enhance the educational experience for Apps for Education customers:

  • We’ve permanently removed the “enable/disable” toggle for ads in the Apps for Education Administrator console. This means ads in Apps for Education services are turned off and administrators no longer have the option or ability to turn ads in these services on.
  • We’ve permanently removed all ads scanning in Gmail for Apps for Education, which means Google cannot collect or use student data in Apps for Education services for advertising purposes.

Users who have chosen to show AdSense ads on their Google Sites will still have the ability to display those existing ads on their websites. However, it will no longer be possible to edit or add new AdSense ads to existing sites or to new pages.

We’re also making similar changes for all our Google Apps customers, including Business, Government and for legacy users of the free version, and we’ll provide an update when the rollout is complete.

On Thursday, May 1 at 9:00 am PT, we’ll be hosting a Hangout on Air on our Google for Education G+ page with myself; Jonathan Rochelle, Director of Product Management for Docs and Drive and Hank Thiele, Chief Technology Officer for District 207 in Park Ridge, IL who uses Google Apps. We'll be discussing these changes and answering your questions. We look forward to hearing from you.

For more information about student privacy in Google Apps for Education, please visit our website.

Privacy Badger: EFF Attacks 'Do Not Track' Deniers

Privacy Badger:
EFF Attacks 'Do Not Track' Deniers

--

Lately, I've been bashing away at all the applications and add-ons that seek and destroy Evercookies, those evil code danglers our web browsers leave exposed to the world, allowing nefarious marketing morons (vs marketing mavens) and #MyStupidGovernment to TRACK us wherever we go and whatever we do on the Internet. 

I for one condemn our surveilling overlords.

One fun browser add-on that just hit my radar is Privacy Badger, from my pals at EFF, the Electronic Frontier Foundation. It's currently in alpha testing, which means it's guaranteed to be broken and annoying. But I think it's going to be fun to test it out.

There is one big fat problem at the moment: 
Privacy Badger is Apple Safari illiterate, and so apparently are it's developers. That's really bad IMHO. So let's nag EFF to figure out how to make the two compatible. Or as EFF put it: 
If you have an idea for how to make Privacy Badger work for Safari…, please let us know!
Here's the Privacy Badger page at EFF:

https://www.eff.org/privacybadger

Here's an article about Privacy Badger and it's hope for the future:

Watch out, Yahoo! EFF looses BADGER on sites that ignore Do Not Track
Browser plugin nudges companies toward compliance

Me: I'll be trying outPrivacy Badger onFirefox. Yes I know, Firefox for OS X can be an awful PITA to use, ruining web page rendering, requiring frequent cache dumps and page reloads. But it does have some lovely tools for wrestling the dark side of the Internet into total submission. I like that.

(I recently dumped Chromium as I am sick of it nagging me to log into Google every time I run the thing. I now consider Chromium to be 'nagware', which I never abide).

Some day in the future I'll be comparing the two prominent cookie control applications as well as the safe and reliable browser add-ons that kill tracking cookies dead. I also have this great idea for a new add-on for all web browsers that sends a header to all tracking websites that says "HA HA! YOU CAN'T TRACK ME!" What a glorious day that would be.

In case you didn't know: Privacy is a natural human right. Here in the USA, we have the Fourth Amendment to the US Constitution that spells it out quite elegantly and simply. But as we all now know, #MyStupidGovernment enjoys pretending the US Constitution doesn't even exist. That's a bad thing.

Total end-to-end encryption of everything on the Internet is now the goal. #MyStupidGovernment brought it on themselves.
--
For reference purposes:

The Fourth Amendment to the US Constitution:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Some relevant quotes:
They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.
Benjamin Franklin, Historical Review of Pennsylvania, 1759
To announce that there must be no criticism of the president, or that we are to stand by the president, right or wrong, is not only unpatriotic and servile, but is morally treasonable to the American public.
Theodore Roosevelt - Kansas City Star, 7 May 1918

Tuesday, 6 May 2014

5 Ways to Check if you are Hacked

1) The first method is very simple for all the people using an ADSL router. After all the internet downloads are closed, just check the status of Ethernet light. It should not blink at a very fast rate. It shows that packets are being transferred in and out of your computer.
But as there is no active download or internet activity so no packets should transfer. If so… you might be hacked
2) goto run and type cmd. The command prompt will open. In the command prompt type
netstat -a
This shows the list of active internet connections, check if any unnecessary internet connection is ESTABLISHED. If so, you might be hacked
if you type just netstat, you will get the list of all the netstat commands, you may try the other commands as well.
3) You notice any abnormal activity in your computer, like your computer hangs for a couple of seconds every time you switch it on or in between your tasks (if it occurs often), there is a chance that you are hacked. Often keyloggers and trojans are configured to deliver all the log information to the destination ip address/ ftp address after reqular interval of time. And when this information is being sent, the browser hangs for some time.
4) Use softwares like TCP view, it gives the list of all the connections made through TCP. This software is capable of detecting almost all the trojan/malicious connections.
5) Keep the antivirus updated and install an external firewall like comodo. If your antivirus is not updated regularly, it is as good as nothing. If you don’t update your antivirus reqularly and often exchange data from other computers and download a lot of files. There is a great possibility that you are hacked.
Beware!! Stay updated, stay Protected.

Friday, 2 May 2014

Facebook Adds Anonymous Login, In Move to Build Trust

SAN FRANCISCO - Facebook moved Wednesday to bolster the trust of its more than one billion users by providing new controls on how much information is shared on the world's leading social network.
In a major shift away from the notion long preached by Facebook co-founder and chief Mark Zuckerberg of having a single known identity online, people will be able to use applications anonymously at Facebook.
The social network also provided a streamlined way for people to control which data applications can access and began letting people rein in what friends can do with shared posts at Facebook.
Zuckerberg announced the changes, along with moves to make Facebook a more stable platform for applications, at the social network's sold-out f8 developers conference.
"By giving people more power and control, they are going to trust all the apps we build more and over time use them more," Zuckerberg told an audience of about 1,700 conference attendees.
"That is positive for everyone."
In a statement Facebook explained its new "Anonymous Login" as an easy way for people to try an app without sharing personal information from Facebook.
"People tell us they're sometimes worried about sharing information with apps and want more choice and control over what personal information apps receive," the company said. "Today's announcements put power and control squarely in people's hands."
People are scared
In coming weeks, Facebook will also roll out a redesigned dashboard to give users a simple way to manage or remove third-party applications linked to their profiles at the social network.
"This is really big from a user standpoint," JibJab chief executive Gregg Spiridellis said of what he heard during the keynote presentation that opened the one-day Facebook conference.
"I think they are seeing people are scared. They realize that long-term, they need to be trusted."
A JibJab application that can synch with Facebook lets people personalize digital greeting cards with images of themselves or friends.
In a major move that promises to help application makers bring in more money and to further challenge Google for online marketing revenue, Facebook is expanding a test of putting its ad-targeting prowess to work for developers.
A Facebook Audience Network will what people share publicly about themselves and their interests to pinpoint marketing messages in third-party apps linked to Facebook on desktop computers or mobile devices.
Better targeted ads promise to be more effective and, by extension, more attractive to marketers as well as app makers.
"These guys are so smart," Spiridellis said of the Facebook team. "Every publisher is going to switch to Audience."
Hacker Way
Facebook revived its popular developers conference after a two-year hiatus and promised that the event will take place annually for the foreseeable future.
Zuckerberg said the overarching themes at f8 were ways to help developers "build, grow, and monetize" applications that synch with Facebook.
While Zuckerberg still proudly endorses a "hacker way" of creatively bending software in innovative directions, he promised developers that the Facebook platform on which they rely will deliver "stability and consistency."
"My goal is building a culture of loving the people we serve that is as strong as hacking it," Zuckerberg said as he wound up his presentation on a personal note.
He described being in a personally reflective period triggered by Facebook turning 10 years old in February and him marking his 30th birthday in just a few weeks.
It has also been 10 years since he first met his wife, Priscilla Chan, he added.


"It's a time to reflect in life, family, philanthropy and what is important in the 10 years ahead," Zuckerberg said.