Saturday 21 August 2010
Encrypting your IM Conversations
With the presence of numerous powerful packet sniffers and specially designed IM sniffers, the malicious person can always sniff and see your Instant Messaging Conversation over a network. So its important for the IM users to remain secured by encrypting the IM conversations they are making. And in order to provide us the encryption, there are some tools you will find useful for the purpose. Here we will be talking about some of these tools and plugins.
1) SIMP: Simp is a Windows based encryption software that supports many protocols like AIM, MSN, ICQ, YIM, etc. and works with Gaim, Trillian, and the following clients: AIM, ICQ, MSN and YIM. With Simp Lite, free version of the Simp product line, you can secure one of the following services: MSN Messenger, Yahoo! Messenger, ICQ/AOL Instant Messenger(AIM), Jabber/Google Talk. Also, SimpPro is available for download & for corporate environments and more demanding users, SimpPro encrypts and authenticates messages as well as file transfers (MSN Messenger only), making it the most comprehensive instant messenger security add-on. It uses 1024 to 2048 bit RSA keys.
Download from : http://www.secway.fr/us/products/all.php
2) Gaim-Encryption: An open source plugin to encrypt your IM conversation in the GAIM software, it uses 512 to 4096 bit RSA keys to securely encrypt your IM conversations. Grab this plugin if you use GAIM for your IM. It supports AIM, Jabber, ICQ, YIM, MSN and others too and is available for both Windows as well as Linux systems.
Download from: http://gaim-encryption.sourceforge.net/
3) Pidgin-Encrypt: Another open source plugin mainly targeted for Pidgin IM software, it also uses 512 - 4096 bit RSA keys. It automatically creates a public/private key pair for you upon loading the plugin and automatically transmits your public key to other users. A must have plugin for pidgin.
Download from: http://pidgin-encrypt.sourceforge.net/
4) OTR: "Off the Record": Another IM encryption, available for Pidgin in Linux+Windows and Adium for Mac, its a transparent encryption. A detailed explanation about its protocol can be found at http://www.cypherpunks.ca/otr/Protocol-v2-3.0.0.html.
Download from: http://www.cypherpunks.ca/otr/
5) SecureIM: SecureIM is another tool that uses 128-bit Blowfish keys to secure the IM conversation in Trillian IM software in Windows. It has lesser supports i.e. supports only AIM/ICQ protocol.
Download from: http://www.ceruleanstudios.com/
6) X-IM: Its another free instant messaging encryption which uses 256-bit session keys, 160-bit hash functions, and 2048-bit public/private key pairs. It is available for windows and officially it says "X-IM's Encryption Protocols and Algorithms are selected and designed to protect the privacy of your communications well into the foreseeable future and beyond."
Download from: http://x-im.net
Apart from these, SSL can be implemented to securely encrypt your IM conversations, you can use certificates from verisign(paid) and get the enterprise softwares from AOL, Yahoo and MSN which include encryption in their enterprise software.
Read more...
1) SIMP: Simp is a Windows based encryption software that supports many protocols like AIM, MSN, ICQ, YIM, etc. and works with Gaim, Trillian, and the following clients: AIM, ICQ, MSN and YIM. With Simp Lite, free version of the Simp product line, you can secure one of the following services: MSN Messenger, Yahoo! Messenger, ICQ/AOL Instant Messenger(AIM), Jabber/Google Talk. Also, SimpPro is available for download & for corporate environments and more demanding users, SimpPro encrypts and authenticates messages as well as file transfers (MSN Messenger only), making it the most comprehensive instant messenger security add-on. It uses 1024 to 2048 bit RSA keys.
Download from : http://www.secway.fr/us/products/all.php
2) Gaim-Encryption: An open source plugin to encrypt your IM conversation in the GAIM software, it uses 512 to 4096 bit RSA keys to securely encrypt your IM conversations. Grab this plugin if you use GAIM for your IM. It supports AIM, Jabber, ICQ, YIM, MSN and others too and is available for both Windows as well as Linux systems.
Download from: http://gaim-encryption.sourceforge.net/
3) Pidgin-Encrypt: Another open source plugin mainly targeted for Pidgin IM software, it also uses 512 - 4096 bit RSA keys. It automatically creates a public/private key pair for you upon loading the plugin and automatically transmits your public key to other users. A must have plugin for pidgin.
Download from: http://pidgin-encrypt.sourceforge.net/
4) OTR: "Off the Record": Another IM encryption, available for Pidgin in Linux+Windows and Adium for Mac, its a transparent encryption. A detailed explanation about its protocol can be found at http://www.cypherpunks.ca/otr/Protocol-v2-3.0.0.html.
Download from: http://www.cypherpunks.ca/otr/
5) SecureIM: SecureIM is another tool that uses 128-bit Blowfish keys to secure the IM conversation in Trillian IM software in Windows. It has lesser supports i.e. supports only AIM/ICQ protocol.
Download from: http://www.ceruleanstudios.com/
6) X-IM: Its another free instant messaging encryption which uses 256-bit session keys, 160-bit hash functions, and 2048-bit public/private key pairs. It is available for windows and officially it says "X-IM's Encryption Protocols and Algorithms are selected and designed to protect the privacy of your communications well into the foreseeable future and beyond."
Download from: http://x-im.net
Apart from these, SSL can be implemented to securely encrypt your IM conversations, you can use certificates from verisign(paid) and get the enterprise softwares from AOL, Yahoo and MSN which include encryption in their enterprise software.
Read more...
Bookmark this post: | 
|
Some Useful Mozilla Addons For Hackers
Hi there, this time I am going to inform about some of the useful plugins available for mozilla firefox... Mozilla Firefox is a very good browser and it has got tons of plugins that you can use to enhance its capabilities. Among them, I am going to provide you information about some of the useful plugins for web pen-testing and esp. useful for beginners.
User Agent Switcher: This plugin allows us to change user agent and provide fake information to the site. Visit http://www.chrispederick.com/work/user-agent-switcher/
Firebug: It says "Web Development Evolved" and is a very useful addon for web developers as well. Visit http://www.getfirebug.com/ for downloads and more
Greasemonkey: It is used to automate the manipulation of target websites with greasemonkey scripts. A great site for the Greasemonkey scripts is http://userscripts.org
RefControl: It is an extension used to modify and send different HTTP referrer to the sites... Visit http://www.stardrifter.org/refcontrol
Hackbar: Useful plugin with various options for hexing, injection, xss, etc...
More plugins that I love will be explained in another post. Stay tuned...
Read more...
User Agent Switcher: This plugin allows us to change user agent and provide fake information to the site. Visit http://www.chrispederick.com/work/user-agent-switcher/
Firebug: It says "Web Development Evolved" and is a very useful addon for web developers as well. Visit http://www.getfirebug.com/ for downloads and more
Greasemonkey: It is used to automate the manipulation of target websites with greasemonkey scripts. A great site for the Greasemonkey scripts is http://userscripts.org
RefControl: It is an extension used to modify and send different HTTP referrer to the sites... Visit http://www.stardrifter.org/refcontrol
Hackbar: Useful plugin with various options for hexing, injection, xss, etc...
Read more...
Bookmark this post: |
|
Block websites locally in Windows and LINUX
Sometimes, you may want to block access to some websites from your computer. And this is easy to do both in Windows and LINUX.By simply editing a text file named hosts, you will be able to block the websites you want to prevent access to. This is useful for blocking websites at home to prevent kids from accessing wrong type of websites for them. Note that editing the file will require administrative privilege in both systems and in case of LINUX, I root the server(will post article on this one day, google for now) and edit the hosts file.
We can find a file hosts which stores IP address to host mapping for the quicker access to the site.
In Windows: C:\WINDOWS\system32\drivers\etc\hosts
In Linux: /etc/hosts
Now open the hosts file in the text editor like notepad(in case of windows) and gedit(in case of Linux) and map the incorrect IP address to the website address you want to block. See the screenshot below on Windows XP to be clear on doing this.
I hope you will do some experiments on your own to do other cool stuffs with this knowledge.
Read more...
We can find a file hosts which stores IP address to host mapping for the quicker access to the site.
In Windows: C:\WINDOWS\system32\drivers\etc\hosts
In Linux: /etc/hosts
Now open the hosts file in the text editor like notepad(in case of windows) and gedit(in case of Linux) and map the incorrect IP address to the website address you want to block. See the screenshot below on Windows XP to be clear on doing this.
Read more...
Bookmark this post: |
|
Torrent2Exe - Download torrent without torrent client
Torrent2exe is a small BitTorrent client. Its basic idea is to let users download a custom-built EXE program with the torrent file integrated into it. It is a free online service that allows you to convert a torrent into a stand-alone exe and download the torrent by running that executable file.
This online service can be useful to all the regular users as well for special uses such as bypassing torrent block in some cases. I came across this service when I was searching for the online torrent download services to use in my company where I am not allowed to use/install any other torrent clients.
This service can be used to publish our torrents in the blogs and sites as well as to add extra functionality in the torrent-related sites.
In order to use this tool, we need to enter the torrent metafile URL or upload the torrent file from our PC and we will be able to download a small executable which we can run to download the file. The executable downloads the file and we need to run the program for few hours for the seeding purposes in order to prevent ban from the service.
Currently, torrent2exe.com offers two versions, the first stable version and 2nd beta version of the service.
Click HERE to go to the homepage
Click HERE to go to the Torrent2Exe Beta
Click HERE to know more about the service.
Read more...
This online service can be useful to all the regular users as well for special uses such as bypassing torrent block in some cases. I came across this service when I was searching for the online torrent download services to use in my company where I am not allowed to use/install any other torrent clients.
This service can be used to publish our torrents in the blogs and sites as well as to add extra functionality in the torrent-related sites.
In order to use this tool, we need to enter the torrent metafile URL or upload the torrent file from our PC and we will be able to download a small executable which we can run to download the file. The executable downloads the file and we need to run the program for few hours for the seeding purposes in order to prevent ban from the service.
Currently, torrent2exe.com offers two versions, the first stable version and 2nd beta version of the service.
Click HERE to go to the homepage
Click HERE to go to the Torrent2Exe Beta
Click HERE to know more about the service.
Read more...
Bookmark this post: |
|
Sunday 15 August 2010
How to remove virus manually from your system
Virus, trojans and worms are one of the biggest threats in the personal as well as enterprise computer systems leading to system instability to data loss to other serious crimes. Though they are one of the major threats, most of the users lack proper knowledge of their actions and behaviors. And, many of the antivirus are unable to remove the virii and their effects especially if the virii are of new type or newly released ones.
So, using fully updated antivirus softwares and firewalls systems can not ensure full protection of the user's system and data. And sometimes your antivirus system can not be accessed due to the virus infections. Today, I am going to put forward some basic techniques to remove the virii manually from your computer system.
For removing virii manually, its very important to know about safe mode. In safe mode, the basic essential drivers are loaded with basic graphics without loading any unnecessary drivers i.e. basically you can access windows interface by loading minimal drivers or softwares. You can achieve safe mode by pressing F8 key while you are starting your computer. Safe mode is a powerful mode to fix numbers of problems in your windows OS. You might have figured out why to start your infected PC in safe mode; because many virii won't start execution in safe mode. Second, you should know enough command prompt knowledge or you should try to learn some important commands so that you can work to remove virii manually. I assume you have some basic knowledge of command prompt.
Most of the virii attach themselves to startup by any of the several means such as registry, startup folder, autoexec, etc. Usually virii affect the registry most and modify several keys in your system's registry. You might have been confused what registry is. It is a hierarchical database that stores configuration settings, options and low level OS components for windows OS. So its an important part of your system and you can modify the entries in the registry by using a tool called Registry Editor. You can access registry editor by typing "regedit" or "regedt32" in run command.
Now we are ready with basics so lets start our way into removing the active virus in our computer. Remember, its always better to start in safe mode for virus removal in windows.
When you have got an active virus in your system, there's a task associated with the virus. So try to view and figure out the related virus process in tasklist. Try to end the process and if the process doesn't reappear after ending, its good but most virii processes get re-invoked after the parent process is killed. So again, its command prompt that's going to be useful for us. Fire up the command prompt (cmd, or command.com from run menu) and type "tasklist". You'll see the list of current tasks running. From there, you'll have to figure out the process for the virus. This is one of the tough works so you'll need some practice of removing virii manually to master this. Now, you know the process of your virus, you will end the task process using the "taskkill" command. Type "taskkill /f /T /im virusprocess.exe" in the command prompt where virusprocess.exe is the name of the process you will end and /f is the switch for forceful termination of the process and /T for tree kill i.e. killing the child processes too. And /im means the image name or executable process image name seen in tasklist.
After ending the task, its now time to remove virus process from startup because most of the virii are attached to the startup. For this, you'll have to edit registry and startup folder. There's another tool called "msconfig" which will be useful to remove programs from startup. Type "msconfig" in run menu and a system configuration utility window will open. Switch to the startup tab and from there, uncheck the reference to the virus from startup items list. Also, some virii place their shortcut in the startup folder so right click on the start menu and click on open. From there, navigate to Program files>Startup where you'll see shortcut that must be deleted to prevent virus execution in future restarts. Also, if you love to edit registry, you can delete the related virus startup keys from:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
Also, some virii start themselves from other files like win.ini and system.ini so look through them and modify if needed.
Now you have ended virus process and its startup reference, you'll have to search for virus executable. Usually, virus copies itself to the root folders of each drive and to the folders "windows" and "windows/system32" of the XP partition. To delete them, open command prompt and navigate to the drive or directory.
For example, to change drive, type drive letter followed by colon eg. D: to go to D:\ drive. Now since virii are usually hidden, you will want to see the virii by typing "dir /ah" which will list you the hidden files and folders. After seeing the list of files, delete them by issuing "del" command like "del /f /ah virus.exe" where virus.exe is the virus file. Also, delete autorun.inf(like above) file from root drives as they are usually responsible for executing virus when you open your drives. Also, don't forget to delete virii from C:\windows and C:\windows\system32 following similar steps as above. To navigate to the directories, use the "cd" command.
Now restart your computer and you'll find your computer free from virus. This works for most of the virii perfectly and is the method followed by many virus removal tools, too. Also, if you want to prevent yourself from being affected by virii, run your system with low privilege users. And most important part, be careful enough not to delete any system files while removing your virus manually. Many times, you would need to check and set the new permissions. There's a very useful command called "attrib". Learn about it by typing "attrib /?" in command prompt. You'll yourself figure out its use because you can use it to set attributes of files like hidden, system files, read only, etc. Finally, there's cool programs from sysinternals(www.sysinternals.com) to help you accelerate the manual virus removal. And you can apply these processes to remove virus from your pen drive too. Have fun removing the virus manually. Its really a fun and entertaining task for the computer enthusiasts. Give it a try.
Read more...
So, using fully updated antivirus softwares and firewalls systems can not ensure full protection of the user's system and data. And sometimes your antivirus system can not be accessed due to the virus infections. Today, I am going to put forward some basic techniques to remove the virii manually from your computer system.
For removing virii manually, its very important to know about safe mode. In safe mode, the basic essential drivers are loaded with basic graphics without loading any unnecessary drivers i.e. basically you can access windows interface by loading minimal drivers or softwares. You can achieve safe mode by pressing F8 key while you are starting your computer. Safe mode is a powerful mode to fix numbers of problems in your windows OS. You might have figured out why to start your infected PC in safe mode; because many virii won't start execution in safe mode. Second, you should know enough command prompt knowledge or you should try to learn some important commands so that you can work to remove virii manually. I assume you have some basic knowledge of command prompt.
Most of the virii attach themselves to startup by any of the several means such as registry, startup folder, autoexec, etc. Usually virii affect the registry most and modify several keys in your system's registry. You might have been confused what registry is. It is a hierarchical database that stores configuration settings, options and low level OS components for windows OS. So its an important part of your system and you can modify the entries in the registry by using a tool called Registry Editor. You can access registry editor by typing "regedit" or "regedt32" in run command.
Now we are ready with basics so lets start our way into removing the active virus in our computer. Remember, its always better to start in safe mode for virus removal in windows.
When you have got an active virus in your system, there's a task associated with the virus. So try to view and figure out the related virus process in tasklist. Try to end the process and if the process doesn't reappear after ending, its good but most virii processes get re-invoked after the parent process is killed. So again, its command prompt that's going to be useful for us. Fire up the command prompt (cmd, or command.com from run menu) and type "tasklist". You'll see the list of current tasks running. From there, you'll have to figure out the process for the virus. This is one of the tough works so you'll need some practice of removing virii manually to master this. Now, you know the process of your virus, you will end the task process using the "taskkill" command. Type "taskkill /f /T /im virusprocess.exe" in the command prompt where virusprocess.exe is the name of the process you will end and /f is the switch for forceful termination of the process and /T for tree kill i.e. killing the child processes too. And /im means the image name or executable process image name seen in tasklist.
After ending the task, its now time to remove virus process from startup because most of the virii are attached to the startup. For this, you'll have to edit registry and startup folder. There's another tool called "msconfig" which will be useful to remove programs from startup. Type "msconfig" in run menu and a system configuration utility window will open. Switch to the startup tab and from there, uncheck the reference to the virus from startup items list. Also, some virii place their shortcut in the startup folder so right click on the start menu and click on open. From there, navigate to Program files>Startup where you'll see shortcut that must be deleted to prevent virus execution in future restarts. Also, if you love to edit registry, you can delete the related virus startup keys from:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
Also, some virii start themselves from other files like win.ini and system.ini so look through them and modify if needed.
Now you have ended virus process and its startup reference, you'll have to search for virus executable. Usually, virus copies itself to the root folders of each drive and to the folders "windows" and "windows/system32" of the XP partition. To delete them, open command prompt and navigate to the drive or directory.
For example, to change drive, type drive letter followed by colon eg. D: to go to D:\ drive. Now since virii are usually hidden, you will want to see the virii by typing "dir /ah" which will list you the hidden files and folders. After seeing the list of files, delete them by issuing "del" command like "del /f /ah virus.exe" where virus.exe is the virus file. Also, delete autorun.inf(like above) file from root drives as they are usually responsible for executing virus when you open your drives. Also, don't forget to delete virii from C:\windows and C:\windows\system32 following similar steps as above. To navigate to the directories, use the "cd" command.
Now restart your computer and you'll find your computer free from virus. This works for most of the virii perfectly and is the method followed by many virus removal tools, too. Also, if you want to prevent yourself from being affected by virii, run your system with low privilege users. And most important part, be careful enough not to delete any system files while removing your virus manually. Many times, you would need to check and set the new permissions. There's a very useful command called "attrib". Learn about it by typing "attrib /?" in command prompt. You'll yourself figure out its use because you can use it to set attributes of files like hidden, system files, read only, etc. Finally, there's cool programs from sysinternals(www.sysinternals.com) to help you accelerate the manual virus removal. And you can apply these processes to remove virus from your pen drive too. Have fun removing the virus manually. Its really a fun and entertaining task for the computer enthusiasts. Give it a try.
Read more...
Bookmark this post: |
|
Subscribe to:
Posts (Atom)