Strict Standards: Redefining already defined constructor for class wpdb in /home/secinfin/public_html/wp-includes/wp-db.php on line 52

Deprecated: Assigning the return value of new by reference is deprecated in /home/secinfin/public_html/wp-includes/cache.php on line 36

Strict Standards: Redefining already defined constructor for class WP_Object_Cache in /home/secinfin/public_html/wp-includes/cache.php on line 389

Strict Standards: Declaration of Walker_Page::start_lvl() should be compatible with Walker::start_lvl($output) in /home/secinfin/public_html/wp-includes/classes.php on line 537

Strict Standards: Declaration of Walker_Page::end_lvl() should be compatible with Walker::end_lvl($output) in /home/secinfin/public_html/wp-includes/classes.php on line 537

Strict Standards: Declaration of Walker_Page::start_el() should be compatible with Walker::start_el($output) in /home/secinfin/public_html/wp-includes/classes.php on line 537

Strict Standards: Declaration of Walker_Page::end_el() should be compatible with Walker::end_el($output) in /home/secinfin/public_html/wp-includes/classes.php on line 537

Strict Standards: Declaration of Walker_PageDropdown::start_el() should be compatible with Walker::start_el($output) in /home/secinfin/public_html/wp-includes/classes.php on line 556

Strict Standards: Declaration of Walker_Category::start_lvl() should be compatible with Walker::start_lvl($output) in /home/secinfin/public_html/wp-includes/classes.php on line 653

Strict Standards: Declaration of Walker_Category::end_lvl() should be compatible with Walker::end_lvl($output) in /home/secinfin/public_html/wp-includes/classes.php on line 653

Strict Standards: Declaration of Walker_Category::start_el() should be compatible with Walker::start_el($output) in /home/secinfin/public_html/wp-includes/classes.php on line 653

Strict Standards: Declaration of Walker_Category::end_el() should be compatible with Walker::end_el($output) in /home/secinfin/public_html/wp-includes/classes.php on line 653

Strict Standards: Declaration of Walker_CategoryDropdown::start_el() should be compatible with Walker::start_el($output) in /home/secinfin/public_html/wp-includes/classes.php on line 678

Deprecated: Assigning the return value of new by reference is deprecated in /home/secinfin/public_html/wp-includes/query.php on line 21

Deprecated: Assigning the return value of new by reference is deprecated in /home/secinfin/public_html/wp-includes/theme.php on line 507
Sec?

Social Networking or Spamming ?

October 9th, 2007

Hi5, Myspace, Orkut and recently Facebook everyone seems to be enjoying the social networking manai. Yes, just seems to be enjoying, what they never tell you is how much spam they are getting daily after joining those network. No offence against who are enjoying those network service and the owners, but have you guys ever checked how much have these networks been exploited by spammers ?

Yesterday, my dear friend Niraj joined www.Hi5.com after he got a request from his long lost friend in USA. As soon as he uploaded his picture, he got 15 more friends requests.
OWw !

He is already popular in the gang.

Read the rest of this entry »

Fastest Oracle Password Cracker released !

October 9th, 2007

SoonerOrLater just released new version of Oracle password cracker under GPLv2 License. We advice our readers to first understand the terms and condition of the release license [http://www.gnu.org/licenses/gpl-2.0.txt] before start playing with it, specially those crackerjacker tinytots and scirpt kiddies, else you might face severe consequences and losses.

You can download both source and the compiled executable versions of the application from the site. As posted on the website homepage following are the major features of the latest Oracle Password Cracker.

Features

# Oracle password hash attack
# Oracle password hash attack for 11g. It tries to crack the old hash and checks the case sensitivity with the new algorithm.
# 8i authentication attack without oracle dlls
# 9i and 10g authentication attack with oracle dlls
# Dictionary attack
# Incremental brute force attack
# Multithreaded
# Resume mode
# Help

For any further assistance or feedback regarding the program, you can also contact the author of this program @ info@soonerorlater.hu

Captcha - Stop spam on your blog, forum or any PHP based websites

October 9th, 2007

A CAPTCHA (IPA: /?kęp?t??/) is a type of challenge-response test used in computing to determine whether the user is human. “CAPTCHA” is a contrived acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart”, trademarked by Carnegie Mellon University. A CAPTCHA involves one computer (a server) which asks a user to complete a test. While the computer is able to generate and grade the test, it is not able to solve the test on its own. Because computers are unable to solve the CAPTCHA, any user entering a correct solution is presumed to be human.

- Wikipedia

We present you one simple way to implement Captcha with PHP & GD Library.

Simple and quick PHP solution for implemet CAPTCHA:

Read the rest of this entry »

Catch Peeping Tom in Windows XP

October 7th, 2007

Are you a typical user who is working in a small peer-to-peer network with less than 10 hosts? Since, this type of network is devoid of servers, every workstation is configured to act as if it is a client and a server. Every host is forced to share its resources which make it highly likely that someone might misuse the shares.

Well, at least you can monitor which users and computers are accessing your shares. Find out who is the peeping Tom.

How?

It is quite simple.

1. Click on Start and then click on Run.
2. Type fsmgmt.msc.

3. In the window that opens up, on the left-hand pane, click on Sessions.
4. On the right-hand pane, there is a list of computers and the associated users that are accessing your shares.

5. Click on Open files to view the files that are being accessed by the users.

So now you know where to go and check if you suspect that somebody is using the network to misuse your shares.

Note: To perform the above tasks you must log on as a user who is at least a member of Power Users group

Top Ten administrator passwords you should avoid

October 5th, 2007

Researchers at The Univerisity of Maryland recently completed a study in which four Linux servers were set out as bait to see the frequency of attacks.They found out that there were 269,262 attempts in a 24-day period (ref: http://www.darkreading.com/document.asp?doc_id=117302). Michel Cukier, a professor of the University of Maryland led the study on the most frequently-used (and guessed) administrative passwords in cyberspace. According to him, Here is the list of the most commonly-guessed passwords, in order of frequecy:

1. (username)
2. (username)123
3. 123456
4. password
5. 1234
6. 12345
7. passwd
8. 123
9. test
10. 1

For tips to create a secure password, check out our earlier post - Tips to create secure password.

ABC of a secure wireless network

October 4th, 2007

As wireless networks become more and more common these days, networks are becoming easier to break into. The problems stem from the fact that WLANs are very easy to set up and configure. Another reason is that most of the networks are set up with default factory setting which understandably has no restrictions. However, I don’t mean to defame WLANs, because if properly configured, they can become a boon for mobile users.
So how do we secure our Wifi infrastructure?

Do not broadcast your SSID

Almost every access point and router persistently broadcasts the network’s name, or SSID (Service Set Identifier). While this makes setting up wireless clients extremely easy since they discover a WLAN without having to know what it’s called, it will also make your WLAN visible to any wireless system that is within the proximity. Turning off SSID broadcast makes your WLAN invisible to any passer-by.

Change the default password of your AP

Do not leave your access point connected to your network with default passwords. Use a strong password to protect your AP.

Use MAC filtering to control access
Find out the MAC (Media Access Control) address of every system that will connect to your WLAN so that you can limit network access to only your systems by using MAC filtering.

Use WPA encryption instead of WEP
WEP (Wired Equivalent Privacy) encryption has some weaknesses that makes it vulnerable to network crackers. WPA (Wi-Fi Protected Access) provides better protection and is also easier to use, since your password characters aren’t limited to 0-9 and A-F as they are with WEP. A newer version, WPA2, is found in newer hardware and provides even stronger encryption.

Control remote administration
Most WLAN routers can be remotely administered via the Internet. Keep remote administration turned off, unless you absolutely need this capability. Even if you need to use this feature, define a specific IP address or limited range of addresses that will be able to access the router.

Control your broadcast area
Adjust the signal strength and direction of your AP so that your signals won’t exceed your exterior walls. This is likely to prevent malicious users with snooping equipments from picking up the wireless signals.

Use a firewall
Make sure you have a personal firewall up and running before you start using the public hotspots in an airport or hotel lobby.

Change the default SSID of your AP
Change the default SSID of your AP. Do not use anything obvious like your office name or your department name as your SSID.

Use RADIUS
Using a RADIUS server provides centralized authentication and accounting which is likely to increase security.

Limit the scope of DHCP addresses
Most access points also act as a DHCP server which provides IP Addresses to clients. Limit the DHCP scope to the number of addresses that is actually required for your network. This is likely to prevent unauthorized users from obtaining IP address from your AP and connecting to your network.

Secure your files and folder in Window Xp (part 1)

July 23rd, 2007

Ever wondered how to prevent your younger brother from peeking into your personal files in your shared home PC?

Well, if you have such worries, relax now because you can use Windows NTFS permissions and file and folder encryption to secure your private data.

However, REMEMBER that the drive containing the data should have been formatted with NTFS file system. So, first of all you should verify the file system of the drive. If it is FAT16 or FAT32 convert it to NTFS. How to do it?

It is very simple.

Read the rest of this entry »