Saturday, April 17, 2010

iPhoned..

IMG_0045

A simple javascript to point the blog to its feed when opened via iPhone and rest is taken care by apple. (reader.mac.com). check out the source for the code.

Anyone noticing a conundrum in this post.. lol.

Friday, April 09, 2010

Panda Cloud Antivirus !!!


Interesting! Confusing! and Free!   
thinking.. Jedi vs Seth ~ Cloud vs BotNET, lol…

Panda Could Antivirus, an  interesting, a bit confusing free antivirus solution,  Would have been nice if i dint have to UNINSTALL EXISTING ANTIVIRUS TO INSTALL PANDA CLOUD!!! I hate it when AV’s do that!!! so try only if you have time and patience to… Uninstall – Reboot – Install – Possibly a reboot - Reinstall - Definitely a reboot – Done… or are you ? Any major OS updates resets the AV into reinstalling it, this may drive you crazy or you may just wanna try it on a VPC would be great if your VPC is slow. I would consider this an experimental build or a beta at best! and hence wouldn’t want this alone on my pc. but true to its word it does have a very low memory footprint 2MB!!! wow!!! and panda is a good AV, but Cloud obviously needs to be connected to work better and this is bad!!! Remember worms do block websites so that they cannot be cleaned!!! Not too bad it only asked to be connected sometimes in random, Panda: “aah... well i dont let you get infected in the first place and if u do i have a command line scanner too but no no other antivirus allowed !!!“ bad panda! lol…

First Impressions: the look is pretty dumb there is nothing, absolutely nothing to configure! You wouldn’t even know if it can scan archives, it doesn’t; if its workin and it does work!! Other than assuming the user to be dumb, well what else to assume with a dumb looking UI, no documentation to make sense how it works rather than what it is!  Searching forums help here! Think its an ok solution but a lot of scope for improvement and a has a great potential to be, Need to Evolve More lol.. May be this is how we can get rid of all the junk (bots, worms, trojans, viruses; well they are toxic waste of the cyberspace). Think of the collective finds!!! Well atleast panda’s gonna have a huge collection of sure shot signatures as a rain/result from this cloud! Anyways Avira’s back (installed it after installation of panda lol…) and both are running pretty good, not much load at all! Avira and Panda keeping watch together, Panda holding an Umbrella lol…

Well a Cloud Antivirus is probably good for systems on enterprise networks (always on, always connected and clean network) And for PC ? may be..
 
I do like the panda icon on my taskbar ;)      



Thought: Was it a Cloud or a botNET that SKYNET spreads into… let me know when t1000 arrives!!!

Monday, April 05, 2010

BEST BROWSER (*FIREFOX) ADDONS!!!

If you don’t already have these two set them up at once!

www.noscript.netNoScript: The NoScript Firefox extension provides extra protection for Firefox, Flock, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java and Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank), and provides the most powerful Anti-XSS protection available in a browser.

https://addons.mozilla.org/en-US/firefox/addon/722

 

www.adblockplus.org

AdBlockPlus: Annoyed by adverts? Troubled by tracking? Bothered by banners? Install Adblock Plus now to regain control of the internet and change the way that you view the web. You can also choose from over forty filter subscriptions to automatically configure the add-on for purposes ranging from removing online advertising to blocking all known malware domains.

https://addons.mozilla.org/en-US/firefox/addon/1865

 

www.mywot.comWOT (Web of Trust): Would you like to know which websites you can trust? The WOT add-on is a safe surfing tool for your browser. Traffic-light rating symbols show which websites you can trust when you search, shop and surf on the Web. Protect yourself from online scams, sites with adult content, spam and other Internet threats.

https://addons.mozilla.org/en-US/firefox/addon/3456

Sunday, April 04, 2010

BORG!!! BOT!!! FIGHT!!!

220px-Picard_as_Locutus

 
 
We are the Borg! You will be Assimilated! Resistance is futile!
Is your PC BORG BOT ? Just the Same!!! Just the Evil!!!

I dint quite came around talking about Bots before so here it is: In one of my boredom experiments i tested a new install (vista, not a test install but that’s another story, lots of others too soon..) just to see how just how long it takes to get a pc botted and surprisingly it went well i dint disable the inherent security features the OS comes with (Defender, UserAccessControl, Firewall) nor added any additional security features. It was not untill i disabled the UserAccessControl (Don’t do that! if u hate UAC nag screens like i do install security solutions and use limited account / UAC was disabled because i was impatient and i intended on getting the system infected faster not because it was 100% foolproof although an admirable feature security features should not be a nag) nyways it dint take long to get infected, Infection started from a legit file sharing site hosting a infected javascript file! ~ErrorBadMemoryRecallFailure~ another reason i should be blogging more! Viruses, Worms (check previous posts for them) and even Bots were ON within a few minutes of dumb surfing…

  Btw, OpenDNS lets you know if you are botted:
 [botnet[3].jpg] 

BotNET’s are growing more and more they are considered a more lucrative business in underground communities, not that difficult to imagine why? There’s no direct link between the worm bot and the creator nor it would directly be causing menace no fear of a bounty on their heads no easy way to trace b’caz they are not profited directly, (not sure but i don’t think the bot will be silent if you are typing a 15,16 digit code (your cc number)) you are sold as a hive (millions of infected pc ~ a borg collective?) to do their bidding for just a few thousand dollars! implies each bot pc (well its no more your pc) is cheaper than a penny check out how spam works when Click Online acquires a botNET:

They even have a user interface to be controlled from (complete control over your the hive ~borg queen~) Spam, Keylog (send whatever you type), Bring down a website (DDOS) Attacks (thousands of bots hit a website making it inaccessible to anybody real), other yuck, yuck, etc…

Now if the question is what the Antivirus companies are doing well they are at work a few of the BEST can detect bots using heuristic methods but mostly antivirus depends on signatures of the viruses the way they detect them in simple terms antivirus (wbc) need signatures (antibodies) to kill them, cant get simpler than that lol.. now its practically impossible for the antivirus companies to recognise all the virus in the world especially when these bots can not only AutoUpdate bypass firewall and fool your antivirus but also use you (your pc) as a medium to spread more to your network your mailing list and so on!!! sounds scary isn’t it it is and the worst is most of them reside at ignorant Institutions and Organizations which should be the most secure! Follow these Guidelines for a safer computing!!!

PS: A Pulse Modulating Phazer kills the Borg!    

GUIDELINES FOR SAFE COMPUTING:

Welcome to Defense against the Dark Arts.. lol!    

  • Use a LIMITED Account Always!
    If this might be of any incentive its actually faster than an Admin Account.
  • Keep your OS and your Security Solutions Updated!
    Do i need to say more bugs get pached so that you (your pc) are not venerable.
  • Don't Use illegal Software or cracks and warez! (trojan’s beware!)
    Studies show that’s how many get infected in the first place and pass on!
  • Keep two Antivirus Solutions at hand (One Active Other on Schedule Scan preferably weekly)
    Both being Active can result system slowdown! heatup! reduces your hard-disk lifespan! (as both the antivirus solutions will be fighting to scan everything parallel to what you are accessing. Nevertheless if you want them both ON use ones that are thou powerful but put on less load (like Avira) and keep a look out for two antivirus fighting between themself to kill a virus lol..
    PS: DONT FORGET TO DISABLE ARCHIVE SCANING IN ATLEAST ONE OF THEM!!!
  • Use a Sandbox Software for testing new software's and solutions!
    Two Advantages: One, keeps u safe from unwanted modifications to your system at worst an embedded virus probably not intentional by the developer but infected intentionally / unintentionally through the chain of hands it came to you (have a option of downloading than using an old copy on disk download u get newer version and less possibility of infection. Two, keeps your registry clean = faster PC.
  • Use Community Supported Antispyware Solutions!
    Tells you if the file you are downloading is a safe one or not!
  • Enable DEP (Data Execution Prevention) and Use a Memory Firewall
    Check my Previous posts on how to, only Free Memory Firewall Available is Comodo.
  • Firewall : Windows Firewall is …
    Gud it blocks all inbound connections except ones u allow its better if you are on a limited account so no program tries to bypass it if all the applications on your system are clean if you are not already infected if… (Argh! to many if’s) Don’t use a firewall unless it can block and filter most of the incoming and outgoing junk itself without your interference meaning Windows Firewall is good, i love it for its simplicity but we need better! or stay in a clean network. Windows Firewall at best is a good filter put a firewall that’s a kick ass!!! if you don’t want to change use threatfire it will act like an addon increasing your security.
  • Additional Security and Added Solutions are useful!
    Sensitive data on your PC is better stored encrypted, Lock the Folders from prying eyes and programs, Denied Access or change, this can be achieved by variety of applications available free to simple settings of NTFS Access Control Lists. (Note: NFTS Encryption can be cracked)
  • Don’t over do it!
    Too many tools to manage ? Then use professional solutions like Avira Premium even Norton 360 will do (ya, ya, i know lol.., Symantec has improved its not a drag as much and i like its firewall) manage most of these from one console free alternatives are just as strong just as good but don't over do it remember security is essential but only to give u a pleasant experience not to give a stuck and drag experience.

Most of the security essentials are enabled by default in your operating system to prevent infections just download the rest or update/upgrade them to better..

Bottom line! (quite literally lol..)
Follow these to prevent infections i dont want any executables downloaded into my temp folder and run no matter who what, how they browse! do you ???

K9 Web Protection - Free Internet Filtering and Parental Controls Software

logo

I came across K9 Web Protection from Blue Coat Systems in one of my researches and was very impressed by its simplicity, its has a strong online community that not only reports hacks and methods that bypass the filter but also helps update its filters and categories. you can easily configure to block the selected categories or simply monitor the system. I love the feature where you can set the search engines to result safe searches only!

Its Clean has a neat administration interface via browser (http://127.0.0.1:2372) and easy to configure filters, Best of its Free has both Windows and Mac versions !!!

k9-startup-page custom-list

I tested the system and its simplicity gave it away lol.., it not that difficult to bypass if you understand how it works ;) To be fair its wasn’t a flaw in the software that let me do this but the operating systems transparency. Anyways set it up with a limited account and should work great!

Great software for parents to keep their children safe!

Wednesday, February 27, 2008

Must Have Security Solutions (for free)

The Question ! New PC How to Secure ? Here’s the Answer some must have security solutions that don't have any performance drag and memory use even when all of them are running at the same time oh and did i mention they are all free. Remember Security for PC is to give you good computing experience, being paranoid and installing many security solutions just causes system drag doesn't help!

Avira Antivir
Top Rated AntiVirus, over 30 million users, Free for Personal Use.
http://www.free-av.com/

Threat Fire
Fills in the gap where conventional AntiVirus fails! Ideal protection against 0-day attacks
http://www.threatfire.com/

Windows Defender
Kool Antispyware from Microsoft Free (Preinstalled in Vista)
http://www.microsoft.com/athome/security/spyware/software/default.mspx

SpyBot S&D Resident or WinPatrol (AntiSpyware)
Both do little or more the same thing has good features a must have!
http://www.safer-networking.org/en/index.html
http://www.winpatrol.com/

Sunbelt Personal Firewall (Previously known as Kerio Personal Firewall)
Just like Windows Firewall this too doesn't slow your connection or speed but gives more features and options.
http://www.sunbelt-software.com/Home-Home-Office/Sunbelt-Personal-Firewall/

Comodo Memory Firewall
Buffer Overflow Protection for all the programs running on your Memory.
http://www.memoryfirewall.comodo.com/

Sandboxie (Run in a Sandbox) or BufferZone Free Protection (Run in a  Virtualized Environment)
Run Isolated to System, Restrict Access to System Processes and Environment or Run in a virtual Environment good where Sandboxing fails if the application requires System Services or if you think the sandbox is slowing the operations.
http://www.sandboxie.com/
http://www.trustware.com/virtualization/free.html

Happy & Safe Computing..

Thursday, February 21, 2008

Goolag Scanner Released!

Is this Good or Bad ??? much to debate and surprise, think this would be a good thing. Yep! good thing for everyone who own's a website that's pretty much everyone i know, lol.. "how can this be a good thing ?" use this tool to audit your websites and fix stuff before that information is used to bring the site down.

Released by CULT OF THE DEAD COW (cDc), one of the world's largest hacker group, Goolag Scanner is a web auditing tool. Goolag Scanner enables everyone to audit his or her own website via Google. The scanner technology is based on "Google hacking," a form of vulnerability research developed by Johnny I Hack Stuff. You will be surprised what all could be found about a website via google.

Google Hacking Database [ http://johnny.ihackstuff.com/ghdb.php ]

Goolag Scanner [ http://www.goolag.org/download.html ]

This database has long helped Admin's to better secure their websites. similar books from publishers resulted in best sellers, hoping this scanner would run on similar tracks helping even the end user with little knowledge to better manage their websites.

Review: First off an interesting installation voice supported, I scanned a few of  my Websites and found no problems, Yappy!! (All those installations and customizations and tweaks did help lol..) The scanner scans for over a 1400 issues including starting from vulnerabilities, installations to error message listings, be warned if you select to run all the tests at once the extensive use of google can result google detecting your activity as that of a bot, not much of a problem you just need to prove Google that you are not a bot enter a few letters from a pic to unblock and continue but at the end of all this you rest assured that your website is safe from almost 1400+ hacks methods and vulnerabilities. or you know what to fix atleast. funny i expected this tool to have an update feature still in beta may be in future versions.