Sunday, April 26, 2009

Windows 7 @ 30th April 2009

Friends,firstly i am happy to announce that i am at my 200th blog post,started my blog career somewhere way in 2006,i am really come a long way. It feels proud to make so many friends online who blog and also sharing and learning loads of things from blogs.



Thank you one and all for all the support and i wish that our team really rocks the blog world..!!


Cheerrrs....!!!


Well now coming to some techie..!!


I know why people hated winodws vista but personally i was really happy to use windows vista(well agreed so many times it created huge problems).Leaving apart this fact,i still love vista.



But i guess soon the unsucessive run of Vista will come to slow down stage as world's largest software company is in the final stages of completing the operating system, the successor to the unpopular Windows Vista.

Microsoft Corp officials disclosed the fact of its RC('release candidate') on 30th April 2009

Saturday, April 25, 2009

Detect the "Undetected"..."ALARM..ALARM"

Hi folks..!! Its been days i havenot feed in some security relates articles and so,here i come with a security post...!!



Most of you must be aware of the terms like virus,trojan,spyware,adware and worms..!!
How about a RootKit??

1.What is A RootKit??

A rootkit is a software system that consists of a program, or combination of several programs, designed to hide or obscure the fact that a system has been compromised.

A rootkit also allows someone, either legitimate or malicious, to maintain control over a computer system, without the computer user(Admin/Non Admin) knowing about it. Rootkits are the toughest malware to detect because they often fools the users to believe they are safe and install themselves as drivers or kernel modules.



Rootkits may have originated as regular applications, intended to take control of a failing or unresponsive system, but in recent years have been largely malware to help intruders gain access to systems while avoiding detection.

Rootkits find their existance on operating systems, such as Microsoft Windows, Linux, Mac OS, and Solaris. Rootkits often can modify parts of the operating system or install themselves as drivers or kernel modules, depending on the internal details of an operating system's mechanisms


2.Types of RootKits??

[A}Hardware/Firmware Level

A firmware rootkit uses device or platform firmware to create a persistent malware image. The rootkit can successfully hide in the firmware, because firmware is not often inspected for code integrity.

[B] Persistent/Hypervisor level

These rootkits work by modifying the boot sequence of the machine to load themselves as a hypervisor under the original operating system creating huge booting problems.

[C] Kernel level (**** Most Reactive****)

Kernel-level rootkits add additional code and/or replace portions of an operating system, including both the kernel and associated device drivers. Most operating systems support kernel-mode device drivers, that execute with the same privileges as the operating system itself

Kernel rootkits can be especially difficult to detect and remove, because they operate at the same level as the operating system itself, and are thus able to intercept or subvert any operation made by the operating system.

I would personally rate this type as the most reactive one.

[D] Library level

Library rootkits commonly patch, hook, or replace system calls with versions that hide information about the attacker. They can be found, at least theoretically, by examining code Libraries;The DLL's for changes or against the originally distributed library package; this approach may not succeed however if the code is patched in memory only.

[E] Application level

Application level rootkits may replace regular application/programs binaries with Trojan fakes, or they may modify the behavior of existing applications using hooks, patches, injected code, or other means.


3.How to tackle this problems??

[A] RootKit Hunter

Rootkit Hunter is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files

Rootkit Hunter is released as GPL licensed project and free for everyone to use.

I would Rate this RootKit Hunter as 7.5/10


[B] GMER

I would sugguest this following Application for RootKit Problem Solution.




It scans for:

1.hidden processes
2.hidden threads
3.hidden modules
4.hidden services
5.hidden files
6.hidden Alternate Data Streams
7.hidden registry keys
8.drivers hooking SSDT
9.drivers hooking IDT
10.drivers hooking IRP calls
11.inline hooks
12.Unwanted Processess,Modules,Services,Files
13.Registry changes(It has Built in registry Editor)

Thursday, April 16, 2009

It's No "PING" Time

Well..if we face any problem in connecting to any computer in a network,first thing we try to do is PING the comouter. Ping is a computer network tool used to test whether a particular host is reachable across an IP network. It is also used to self test the network interface card of the computer, or as a speed test.



It works by sending ICMP “echo request” packets to the target host and listening for ICMP “echo response” replies.

1.What is the problem??

Can you imagine that this same technique can be used by hackers too?? Computer hackers can ping to find the potentially weak victims on the internet.By pinging onto one system,hackers can determine if they have any sort of interest on that.

2.How can You Block this??

so many methods can be followed but i would be posting in here,one of the simplest tool that does "safegurding" job.

If you can configure your computer to block ping response, it should heightens the level of security for your computer.



Plax Network Suite is an easy to use collection of network tools which give you full control over the internet activity of your computer.

Designed for quick access, the Windows Firewall button provides an instant ON/OFF switch for Windows XP Firewall. Designed to integrate with Windows, and be powerful but simple to use, Windows Firewall operates deep under cover, without bothering you at all.



It can help stop viruses and worms reaching your computer, ask for permission to block or unblock certain connection requests from applications and software, and create a security log if required. It's an automatic first line of defense for those who don't have any other software installed.



Note:I wont say it to be the best amongst the antivirus tools,but yeah,as far as the security upfront is concerned,its preety fine with it.For me,Kaspersky is still the best,so far.

Tuesday, April 14, 2009

ADSL V/s ADSL 2+

Before I comment anything about ADSL 2+,i would like to share some information regarding ADSL.

1.What is ADSL?

Asymmetric Digital Subscriber Line (ADSL) is a form of DSL, a data communications technology that enables faster data transmission over copper telephone lines than a conventional voiceband modem can provide. It does this by utilizing frequencies that are not used by a voice telephone call.ADSL can generally only be distributed over short distances from the central office, typically less than 4 kilometres.

2.Frequency of ADSL:



The public switched telephone network (PSTN) is the network of the world's public circuit-switched telephone networks.

3.ADSl Standards:




4.What is ADSl 2+?

As shown in the standards of ADSl,ADSL 2+ is the new format which is been used,not widely though.

ITU G.992.5 is an ITU (International Telecommunication Union) standard, also referred to as ADSL2+ or ADSL2Plus.
Commercially it is notable for its maximum theoretical download speed of 24 Mbit/s.

ADSL2+ extends the capability of basic ADSL by doubling the number of downstream bits. The data rates can be as high as 24 Mbit/s downstream and 1.4 Mbit/s upstream depending on the distance from the DSLAM to the customer's home.

ADSL2+ is capable of doubling the frequency band of typical ADSL connections from 1.1 MHz to 2.2 MHz. This doubles the downstream data rates of the previous ADSL2 standard of up to 12 Mbit/s, but like the previous standards will degrade from its peak bitrate after a certain distance.

Wednesday, April 8, 2009

AIRTEL INTRODUCES 16 Mbps BROADBAND..!! Go AirTel

Bharti Airtel has introduced 16 Mbps wireline broadband on DSL in the country.Well it really sounds interesting.Even when i read it,i was stunned..!!

This service, powered by Airtel's Carrier Ethernet Network, will be initially available in the cities of Delhi NCR, Chennai and Bangalore with phased roll-out to additional cities of Hyderabad, Pune, Mumbai and Kolkata.



Note:Picture Shared From :http://www.topnews.in


Airtel's 16 Mbps broadband service can be availed via choosing from the following 2 Tariff Plans -

1. Speed Combo 2999 - receive 16 Mbps broadband speed with monthly data transfer limit of 20 GB along with a fixed line connection at Rs. 2999 per month.

2. Speed Combo 4999 - receive 16 Mbps broadband speed with monthly data transfer limit of 50 GB along with a fixed line connection at Rs. 4999 per month.

I wish I could try it in pune,but due to the fact that i already run youtele Connection for internet,my wish wont come true so soon..!!

actually the main reason to try this out is just to find who is more superior of both..BSNL V/s Air tel@16MBPS

Airtel delivers its broadband service to customers through a fibre backbone of Carrier Ethernet Network with last mile delivery on copper using ADSL2+ technology.

Well..i will add in the details of ADSL 2+ technology tomorrow as i don't wanna mix-in two different posts into same post ;yet the concept being dependent..!!