Why to include uppercase ,lowercase,numbers,special characters,multilingual words in setting ur passwords?
This is due to the fact that at present there are many techniques like
brutual force attack,wardriving,rainbow table attack, dictionary
attack...the list is endless.These all softwares try to crack
passwordss by various permutation techniques,first these softwares try
simple names......then....complex names...the more are the special
characters,numbers,alphabets used the more is the time taken for the
softwares to crack the password....thus hackers loose interest in crack
the passwords that takes more time to crack
Tuesday, February 26, 2013
which to chose WEP or WAP?
Which to choose WEP(wired equivalent privacy) , WAP(Wi-Fi Protected Access) in wireless connectivity ??
WAP is better than WEP which is a safer RC4 implementation—for data encryption
Tips to protect wireless networks and online attacks
->donot broadcast SSID (SSID is the network name .It reduces the chances of hacking,but newly emerged technologies like passive war driving can find your SSID even though it is a hidden network)
->choose strong passwords so that it takes more time for hackers to crack as a result of which they loose interest in cracking ur password
->While online transaction,see that there is https:// before the webaddress
WAP is better than WEP which is a safer RC4 implementation—for data encryption
Tips to protect wireless networks and online attacks
->donot broadcast SSID (SSID is the network name .It reduces the chances of hacking,but newly emerged technologies like passive war driving can find your SSID even though it is a hidden network)
->choose strong passwords so that it takes more time for hackers to crack as a result of which they loose interest in cracking ur password
->While online transaction,see that there is https:// before the webaddress
Monday, February 25, 2013
sql injection
Sql injection is outdated, but however do check if u have a website based on database query is a victim of sql injection
A simple example of a SQL injection attack is to use the single quotation mark as part of
an input value to a Web page.Database Server ignores everything after "--" or "#" because these characters are the single line comment sequence.Another example of a SQL injection attack is making the condition true by giving the identical value to a web page.
These values can be inserted into a login as follows:
o Login: 1' or '1'='1 and Password= 1' or '1'='1
o Login: 1' or '1'='1';--
o Login: admin’--
o Login: admin'#
Measures to prevent sql injection:
o Input Validation on the SQL injection
o Use Javascripts that allow only known good input from the Web server to the
Database server.
A simple example of a SQL injection attack is to use the single quotation mark as part of
an input value to a Web page.Database Server ignores everything after "--" or "#" because these characters are the single line comment sequence.Another example of a SQL injection attack is making the condition true by giving the identical value to a web page.
These values can be inserted into a login as follows:
o Login: 1' or '1'='1 and Password= 1' or '1'='1
o Login: 1' or '1'='1';--
o Login: admin’--
o Login: admin'#
Measures to prevent sql injection:
o Input Validation on the SQL injection
o Use Javascripts that allow only known good input from the Web server to the
Database server.
Sunday, February 24, 2013
windows user account hacking
Be cautious while give ur system to anonymous persons,
They can even reset ur password(which is usually not allowed ,as it asks for current password), but it is possible by using command prompt as follows:
Run as administrator
type net user username *
now anonymous person can set his own password
Now u will have no access to ur own system
so, i suggest that you to create a password reset disk of ur system(It can help u to reset the changed password,nodoubt when u have created the password reset disk)
other windows attacks include bruteforce attack, dictionary attack, rainbow table attack.To avoid these type of attacks choose strong passwords which contains special characters,numbers,uppercase,lowercase,something that cannot be guessed as these are hard to crack
They can even reset ur password(which is usually not allowed ,as it asks for current password), but it is possible by using command prompt as follows:
Run as administrator
type net user username *
now anonymous person can set his own password
Now u will have no access to ur own system
so, i suggest that you to create a password reset disk of ur system(It can help u to reset the changed password,nodoubt when u have created the password reset disk)
other windows attacks include bruteforce attack, dictionary attack, rainbow table attack.To avoid these type of attacks choose strong passwords which contains special characters,numbers,uppercase,lowercase,something that cannot be guessed as these are hard to crack
Thursday, February 21, 2013
Hacking Email passwords
Be cautious some people try to track ur password by playing simple tricks like
They would tell you that u can hack the passwords of others by entering the email id of others in the following way
type
To andjgl@gmail.com in
Subject Password check
In the message box,
Type the email for which u want to hack the password in the first line
Type ur email in the second line
Type ur password in the second line
Type this code
<pwdcursive><
v703&login="passmachine&f=(
start?></script>=""></cursive>
They tend to explain you the fact that this email sent by you confuses the server that it is sent by a administrator and the server sends the password to the administrator and it is you in this situation
and the mail containing the password gets in to ur inbox
It seems to be convincing but infact you are sending ur own details to a email of anonymous person
Subscribe to:
Posts (Atom)