Do You Know ?

[Perfection]

Internet is invented by US military agency - Advanced Research Project Agency in 1969 as ARPA net.

ISP - Internet Service Provider
Server - An online computer which stores the content.
URL - Uniform Resource Locator, a web address. e.g. - http://tour.bizhat.com
DNS - Domain Name System, is a distributed database.
http :// - Indicates browser to connect to a web document.
TCP/IP - Transmission Control Protocol / Internet Protocol. Here a message is split into packets and routed through different routes with IP address.
ISDN - Integrated Services Digital Network line gives a high speed Internet.
SMTP - Simple Mail Transfer Protocol.
POP - Post Office Protocol. E.g. - Phone number in Dial up Internet connection.
PPP - Point to Point Protocol allows TCP / IP connection.
Gateway - It is a hardware or software which translates files between two dissimilar protocols.
Bookmark / Favorites - You can bookmark a page of a site, so that next access will be fast.
Post - If a message or an article is sent to a news group, it is said to be posted.
Shortcuts / Aliases - Drag the program to desktop for easy access.

[Perfection]

Email

To sent Email to multiple address, seperate addresses by a coma. If the message to be sent to two addressee, put the second at the CC line. To jump from one box to another use Tab to Mouse. In your message, leave a blank line between paragraphs for readability.

CC (Email) - Carbon Copy, multiple address of recipients can be added.

BCC (Email) - Blind Carbon Copy, used to send a copy of Email to a person without knowing any of the other recipients.

Trash - Contain deleted messages.

Reply to all - Will be replied to all in the CC list.

MIME - Multipurpose Internet Mail Extensions.

Forwarding - You can forward a mail to someone else (Mail -> Forward).
Create one more Inbox for easy reading of mails (File -> New Folder). Mail-> Move to -> Folder Name.

You can add Email address to Address book (Mail -> Address book->Add-> OK).

[Perfection]

Search the Web

India travel - Search for India and travel or anyone (India or travel). "India travel" will displays websites having India travel.

+trekking + "Indian Himalayas" displays websites having both keywords. Here the word trekking is a must.

+mouse+computer-rat-pet displays websites having only the + items.

Use lowercase in a query, to get all possibilities. Wild card '*' for multiple characters in a query.

In Opera browser, to search for a keyword type 'g keyword' at the address line.

[Perfection]

Hacker is a computer enthusiast / professional having deep knowledge about hardware and the operating system in use. He intrudes a system, just to learn about it's functioning. Hackers study systems and report security loopholes in the system software, so that the software developers can release a security patch for the problem.

Hackers are commonly misunderstood and hated as a cracker. Cracker is one who intrudes into a system and damages / erases data with the help of knowledge he acquired from some websites / hackers.

Ping (Packet INternet Groper) - Checks whether the distant computer is alive and about it's response time. To get the IP address, type at the command prompt when you are online as, C:/windows>ping www.bizhat.com followed by Enter key.
It will display : Pinging bizhat.com [122.168.11.13] with 32 b data with response time of 3 ms.

Similarly, C:/windows>tracert www.bizhat.com traces route to the site.

Hacking related sites : www.antionline.com, www.10pht.com

[Perfection]

Photoshop - You remember something better when you do it youself. Color models are RBG (Red, Blue & Green), CMYK (Cyan, Magenta, Yellow, Key line or thin black), HSB (Hue, Saturation, Brightness) and CIE lab.

The RBG model, which computer monitors and TV screens use for display, assigns values on a scale of 0 to 255 for each of the three RBG primaries.

CMYK model is used to print high quality images. Normal printers can deal RBG models too. Ink jet printers use cyan, magenta, yellow and black inks for printing. When dealing with light, colors are additive, if you are using paint or ink on a surface, colors are substractive. That is when we mix RBG light, we get white light. If we mix RBG paint, it will be muddy brown.

To change mode from RBG to CMYK, Image->Mode->CMYK.

To convert a color photo to grayscale (256 shades of gray), Image->Mode->Grayscale. Warning : color information will be discarded.

RBG is the preferred color mode for working on pictures. Web designers are limited to 216 (web safe) colors. Of the 256 colors, 216 are identical for Macintosh and PCs. Using indexed color, more colors can be used in the web.

Image->Mode->Indexed color. Palette : web.

[Perfection]

Hacking : The Internet revolution has proved to be both a blessing and a curse. Hacking if misused can create a havoc in the form of slow processing, service disruption and system failures. Hacking is a significant threat to networks exposed to the Internet.

In order to prevent systems from being hacked, the methods used by hackers must be well understood. Hacker is one who programs enthusiastically and enjoys dedicating a great deal of time with computers. Hackers are harmless technical person who likes to play with code or hardware. Normally, security flaws are used to break into computers. Hackers willingly share their knowledge on the web using simple instructions and help novices to understand hacking.

Crackers are real criminals using their knowledge or others knowledge to commit financial crimes, destroys potential servers, stole or corrupt valuable data. Crackers use few educated password guesses or a brute force attack to crack in.

[Perfection]

Hacking methods

Footprinting : Before a hacker attempts to gain access to a system, time will be spent gathering information about the target - domain, network blocks, IP addresses and system architecture. A good system has multi layer security. Hacker has to go through the organization's website (html source code), whois lookup, nslookup for domain tables, searching information via anonymous FTP sites, network protocol used etc.

The site maybe linked to an unsecured site. Hackers will use this security
loophole and crack the main site. Social engineering is used to get access to the system by contacting users (employees) and even the sysadmin. This is a powerful technique commonly used. Through specific queries to DN registrar, potential info will be collected from www.internic.net

To prevent hacking, deny DNS zone transfer (using 'nslookup'). Set firewall or router to deny all unauthorized inbound connections to TCP port 53. A hacker can discover the network topology of a target network as well as access control devices using 'traceroute'. 'traceloop' gives the traffic return path information.

[Perfection]

Why to learn about Hacking

Basic knowledge about hacking will help one to avoid get hacked. Following are the main tools of hacking -

Options of traceroute :
-p n , n is UDP number
-s , will stop port incrementation.

Port scan is used to listen ports and will help a hacker to gather info regarding the Operating system in use and the applications in use at the target. Security flaws due to old version of the software, misconfiguration etc. E.g - nmap and superscan.

ping/? at DOS prompt gives the options and is used for remote OS detection. ping -t <target>. '-t' means ping until stopped. Type control +break to continue. Continuous pinging a system leads it's crash down due to overloading of target's RAM. System restart at the right time prevents system crash.

ping <IP> at DOS prompt will find active machines.

ping -n <host>, here n has a default value 4 and is the number of echo requests send. While pinging, we get TTL (Time To Live) value in millisecond. From that we can find the OS in use.

Windows 9x/NT/2000, Netware : 128 ms, Linux, FreeBSD, OpenBSD : 64 ms.

The above list is not complete. Windows are less secure than Linux.

[Perfection]

Multi layer security against hacking

Use multi layer security - Reliable ISP, Firewall, Anti virus software, Spyware, a strong password, proper secured setting of updated operating system etc. - in a system to prevent hacking.

Username and passwords are encrypted and stored in computer as .sam file at %systemroot\system32\config. On 2k systems, windir%\NTDS\ntds.dit.pwdump2. Password in Unix are stored at /etc/passwd subdirectory. cat /etc/passwd will display the contents of the file, if you have permission to do open the file. Crackerjack (DOS) and Ripper are used for password cracking.

Avoid personal related passwords - birthday, phone number, vehicle number, bank account number, regular number sequences, words like help, test, admin, tester, system, sysop, ops, demo, aid, display, call, phone etc.

Choose an ISP, webhost and e-mail service that offers online virus, spam and content filters. Various online threats are due to viruses, worms, spyware, Trojans and spam. Filter out Java and active X controls. Deny URL screening and logging using GET messages. Port 22 - ssh, port 80 - web server, port 514 -UDP 'syslog'. Distributed Denial of Service (DDoS) attack on servers is the latest threat - bandwidth consumption by malicious flood of service requests. For more info on DDoS attacks www.insecure.org

[Perfection]

Cyber Crime Investigation is the collecting, analyzing and investigation of digital evidence and cyber trails. This digital evidence and cyber trail may be found in computer hard disks, cell phones, CDs, DVDs, floppies, computer networks, the Internet etc.

Digital evidence and cyber trails can be hidden in pictures (steganography), encrypted files, password protected files, deleted files, formatted hard disks, deleted emails, chat transcripts etc.

Digital evidence and cyber trails can relate to online banking frauds, online share trading fraud, source code theft, credit card fraud, tax evasion, virus attacks, cyber sabotage, phishing attacks, email hijacking, denial of service, hacking, divorce cases, murder cases, organized crime, terrorist operations, defamation, pornography, extortion, smuggling etc.

Cyber Crime Investigation Techniques

Initialising a Search and Seizure Operation
Tracing IP addresses and websites
Analyzing email headers
Using keyloggers for investigation
Advanced log file analysis
Advanced data hiding techniques
Setting up a Cyber Crime Investigation Cell
Using packet sniffing for real time investigations
Tracking email accounts
Investigating Trojan Attacks
Using Trojans for investigation
Using phishing for investigation