TECH TIPS & TRICKS: 2010

Thursday, September 30, 2010

Password Cracking

Password Cracking:

Passwords are the most common mode of security on almost all the websites and computer networks.Password cracking is way gaining unauthorized access to ftp servers, websites and networks.


Dictionary Attack:
In a dictionary attack, a list of most common passwords is used to crack the security password of the ftp servers and websites.Strong passwords are not vulnerable to such attacks.You can implement this attack using a Password Cracker called Brutus AET2.

FTP stands for File Transfer Protocol, a simple way to transfer files over the network.If a hacker gains access to one's ftp server, he can upload/delete,modify all files on the server or website.

Steps:
1) Download and Install Brutus from the link above, before installing disable your antivirus or antispyware.
2)Choose a target i.e website address or the ftp server address, say 127.0.0.1
3)When you type ftp://127.0.0.1 on the address bar of your browser , a window pops out asking for the username and the password.

4)Now Open Brutus,in the target field type the ftp server address or IP address of the website, in this case it's 127.0.0.1.From the Drop down menu "Type", choose the appropriate option, in this case it is FTP.

5)The default port is 21 but sometimes websites change it, to make it more secure.In such cases you can find the right port or any open port by performing a port scan using Nmap or Angry IP Scanner.

.
6)You will have to get a list of most common usernames and passwords.You can find some good lists here.
7)Choose the "Pass Mode" as Word list, browse and select the user list & password list you have downloaded.
8)Click on start and the Brutus will carry out all password combinations to gain access to the ftp server and website.

9)But the drawback is that ,in this mode of attack-Brutus will leave many footprints, i.e a huge log of your presence on the server(see below).Hence you can get into problems with law.To Avoid this one can use a proxy, an intermediate server which connects to the target computer on behalf of your request, thereby allowing you to connect anonymously, making you more secure.
The dictionary attack has a very low success rate because most of the passwords are a mixed combination of letters,numbers & special characters etc.The dictionary attack will work only if the password consists of only letters.

To overcome this drawback one can employ Brute-Force method of cracking, which will try every possible combination including letters,numbers, special characters etc. The only limitation is that it will take a long time.
The speed depends upon the computer running the software as well as the complexity of the password which you are trying to crack.

1)To employ a brute-force attack, choose "Brute force" from the "Passmode" menu, in Brutus.You can select the range option if you have some idea of the length of the password.

Preventive Measures:

1) Change your FTP port in order to make it more secure.
2)Use SSL(Secure Sockets Layer) for websites and ftp servers.It is the most widely used technology for providing a secure communication between the web client and the web server.

WARNING:THE ABOVE INFORMATION PROVIDED IS FOR EDUCATIONAL PURPOSE ONLY.I DON'T HOLD RESPONSIBLE FOR ANY MISUSE.

Monday, September 27, 2010

Run Linux on Windows Operating System

Run Linux on Windows Operating System:

Linux is a free, open-source, UNIX-like operating system.Here I will tell you how to install & run a Linux based Operating system called Ubuntu on a Windows platform.
The utility VM Virtual Box allows you to do this, i.e you can run Ubuntu on a Windows Operating system just like you access and run any other application.Before you start, download the Ubunto OS(an iso image file).

Steps
1:Download and Install VM Virtual Box
2.Open it and click on New on top and click next.
3.Name the OS, & choose Ubuntu from the dropdown list.
4.Choose the amount RAM you want to allocate for the OS, say if u have 2 GB RAM-allocate 512 MB and click next.
5. When it asks you to choose the type of hardisk image-choose dynamically expanding image if you have lost of space on your hard disk else go for Fixed size image.Allocate a min of 2 GB.
6.Then Hit Finish, you will see a main page similar to the one below.
7.Click on Settings,and from the system tab-change the boot order to CD/DVD ROM first,followed by Harddisk.
8.Now from the storage tab-click on the small button(which has plus icon) on the top right corner-which says Add CD/DVD device and select the iso image file(Ubuntu OS) which you had downloaded.
9.You will see the Ubuntu OS icon on the main page, select it and click on start!(as above).
10.Click on the Option "Try Ubuntu"  to use, so you need not have to install it.