Download the collection of world's most famous hacker
Ankit Fadia's hacking books.
Ankit Fadia's hacking books.
Download it from here.
Monday, 20 May 2013
how to hack adsense
material required
- Firefox Browser
- Refcontrol Auto Refresh Script
- Auto Clicker
- IP Hiding Software
- Web Page with High Paying Adsense Keywords
HACKING ADSENSE
IP Hider must be running. Open the web page with firebox and click on your adsense advertisement. Now change your IP Address from IP hider and delete your cookies then once gain click on your adsense advertisement. Click as much you want. After this run the addon refcontrol. Now it’s time to get some page impression open the adsense advertisement page run Autoclicker and set above 1000 as clicks per second then press start and quickly click on the url of adsense advertisement page then wait a little. After sometimes go and check your adsense earning. Note: We do not take any responsibility. This article is for educational purpose onlySaturday, 18 May 2013
wordpress defacing
Wordpress Defacing without uploading Shell
usually after gaining admin acess on wordpress website we upload shell on website, its takes some extra time, even you can deface wordpress's index page without uploading shell !
Goto wordpress dashboard than theme editor and you'll see 2-3 thmes there like twenty ten and twenly eleven.
Look there for active Theme on That website and edit index.php of that theme. and you'll see your deface pages on website's home Page.
Bypassing Permission Denided for index.php in wordpress
sometimes after upload shell on wordpress website when you'll try to replace index.php's socurce code in public_html/ directory with you deface page, it will show error like permission denided, can't write in file etc, and sometimes permission change dones't work, then follow the same method whic is give above, change active theme's index.php file and home will chnage with your deface page.
usually after gaining admin acess on wordpress website we upload shell on website, its takes some extra time, even you can deface wordpress's index page without uploading shell !
Goto wordpress dashboard than theme editor and you'll see 2-3 thmes there like twenty ten and twenly eleven.
Look there for active Theme on That website and edit index.php of that theme. and you'll see your deface pages on website's home Page.
Bypassing Permission Denided for index.php in wordpress
sometimes after upload shell on wordpress website when you'll try to replace index.php's socurce code in public_html/ directory with you deface page, it will show error like permission denided, can't write in file etc, and sometimes permission change dones't work, then follow the same method whic is give above, change active theme's index.php file and home will chnage with your deface page.
how to find admin panel of any website
so first of all Go to Google and search this words : www.websitename.com/robots.txt
Robots.txt is a text file which is add by admin on the site to tell search robots which pages that admin would like them not to visit while.
so as you can see above , there are many secret pages are hidden from search engines .like :administrator,images,templates,tmp etc ...
so by typing www.websitename.com/administrator you will find the admin panel of that site !
now,
let's see the 2nd way to find admin panel ,
so lets talk about cPanel , so cPanel is a graphical user interface to control the whole website.
to get into cpanel it's very Easy , just type www.websitename.com:2082
you can replace the port numbers after the ":"
Port 2082 Cpanel default port
Port 2083 Cpanel over SSL
Port 2086 Cpanel Webhost Manager (default)
Port 2087 Cpanel Webhost Manager (with https)
Port 2095 Cpanel Webmail
Port 2096 Cpanel secure webmail over SSL
okay, so now third way
Download the ADMIN FINDER tool from below link
here
increase internate browsing speed
By changing your DNS you can increase your internet browsing speed by optimally yes this is genuine truth.
So Lets Begin...
To do this First of all you have to do is download this small program
NAME BENCH
Fire it up and choose your settings. Keep the top two boxes checked. If you're concerned about network censorship, check the third box, check the last box.
Click Start Benchmark and wait while Namebench runs its tests. It should take several minutes. A browser tab should pop open when
Namebench is done and give you a list of DNS servers and how much faster they are than the one you're currently using, unless yours are already the fastest possible.
Now Just Change your DNS in Preferred DNS server in your Ipv4 settings ...use the best DNS and get maximum internet speed.
Namebench does not change your settings, but it's generally pretty easy to do it yourself. Check with the instructions you got from your ISP to set up your modem and/or router and just substitute the DNS addresses you received from Namebench for the addresses given by your ISP. It's best to do this with your router, as it will assign that DNS address for all the devices attached to it.
That's it! This can dramatically improve your browsing speed, and it's fairly easy to work through.
So Lets Begin...
To do this First of all you have to do is download this small program
NAME BENCH
Fire it up and choose your settings. Keep the top two boxes checked. If you're concerned about network censorship, check the third box, check the last box.
Click Start Benchmark and wait while Namebench runs its tests. It should take several minutes. A browser tab should pop open when
Namebench is done and give you a list of DNS servers and how much faster they are than the one you're currently using, unless yours are already the fastest possible.
Now Just Change your DNS in Preferred DNS server in your Ipv4 settings ...use the best DNS and get maximum internet speed.
Namebench does not change your settings, but it's generally pretty easy to do it yourself. Check with the instructions you got from your ISP to set up your modem and/or router and just substitute the DNS addresses you received from Namebench for the addresses given by your ISP. It's best to do this with your router, as it will assign that DNS address for all the devices attached to it.
That's it! This can dramatically improve your browsing speed, and it's fairly easy to work through.
how to get full version of any software
Just write the name of the software in the Google search box and then write FBR94
then you download any one of them
get free fan page like on fb
FaceBook FanPage ClickJack Script
For blogger users
First Go To Blogger and Backup your Blog XML File and the go to template then html editor for other Simply go to your html editor of your home page
Paste the Following piece of script above
After Doing this Goto next apart that is body
Paste this script just above
From This you can get 100 likes daily, no need to send promotion links to your friends and pages!
Replace Your facebook fanpageurl With Your fan Page Url :- http://www.facebook.com/yourpage
wifi hacking using cmd
Here are few commands that will help you in wifi /wireless hacking.
To know/acquire list of available Wireless Networks
Go to command prompt
Click Start, click Run, type cmd, and then click OK, to open a command prompt.
At the command prompt, type
netsh wlan show networks mode=bssid
How to Connects to a Wireless Network
netsh wlan connect name=mostofblog
Replace mostofblog with your own profile name (Available Network )
How to disconnect to a Wireless Network
netsh wlan disconnect
How to show available Wireless Network profiles your PC
netsh wlan show profile
How to Saves wlan profiles as XML files to the specified location
netsh wlan export profile name=mostofblog
How to Block a Wireless Connection
netsh wlan add filter permission=block ssid=netgear networktype=mostofblog
If you want to block this computer from accessing all wireless network use denyall option in the command.
netsh wlan add filter permission=denyall networktype=adhoc
How to show the blocked network
netsh wlan show blockednetworks
How to show the installed Wireless drivers
netsh wlan show drivers
SO Friends these are few commands that will help you in wifi hacking via windows operating System next time i will put some more interesting commands thank you enjoy :).
To know/acquire list of available Wireless Networks
Go to command prompt
Click Start, click Run, type cmd, and then click OK, to open a command prompt.
At the command prompt, type
netsh wlan show networks mode=bssid
How to Connects to a Wireless Network
netsh wlan connect name=mostofblog
Replace mostofblog with your own profile name (Available Network )
How to disconnect to a Wireless Network
netsh wlan disconnect
How to show available Wireless Network profiles your PC
netsh wlan show profile
How to Saves wlan profiles as XML files to the specified location
netsh wlan export profile name=mostofblog
How to Block a Wireless Connection
netsh wlan add filter permission=block ssid=netgear networktype=mostofblog
If you want to block this computer from accessing all wireless network use denyall option in the command.
netsh wlan add filter permission=denyall networktype=adhoc
How to show the blocked network
netsh wlan show blockednetworks
How to show the installed Wireless drivers
netsh wlan show drivers
SO Friends these are few commands that will help you in wifi hacking via windows operating System next time i will put some more interesting commands thank you enjoy :).
Tuesday, 14 May 2013
Download Swipe and Share App
- No need to open & close bluetooth again & again.
- No Need of any kind data charge to transfer files over internet.
- No need of wifi anymore.
Click Here To Download Swipe_And Share.apk
How To Bypass Sony Xperia Z Lock Screen
1) Goto Your Lockscreen
2) Click on Emergency Call Option.
3) Dial *#*#7378423#*#*
4) Now you will be in service menu
5) Click on Service Tests
6) Scroll Down & Select NFC
7) Now Screen Will Loads up after Few Sec.
8) Click On the Home Button
2) Click on Emergency Call Option.
3) Dial *#*#7378423#*#*
4) Now you will be in service menu
5) Click on Service Tests
6) Scroll Down & Select NFC
7) Now Screen Will Loads up after Few Sec.
8) Click On the Home Button
Your Are Now At Sony Xperia Z Home Screen
download hacking book
Attack Basics
Password Basics
Account Basics
Denial of Service Basics (DOS)
Logging Basics
Spyware
Port Scanning
Unix remote attack
SQL injection
Spoofing and Hijacking
Social Engineering
How to become hacker in 15 minutes
Making money as Hacker
Download book
How to COMPRESS 1GB Data into 10MB
It is a compression tool called KGB Archiver.
It is an open source compression tool like zip and winrar but the compression rate is much better then any other compression tool. It uses AES-256
encryption to encrypt archives . The disappointing thing with KGB
Archiver is due to its high compression rate its minimum hardware
requirements is high (Recommend processor with 1.5 GHz and 1GB RAM) and
compression and decompression process is time consuming.
encryption to encrypt archives . The disappointing thing with KGB
Archiver is due to its high compression rate its minimum hardware
requirements is high (Recommend processor with 1.5 GHz and 1GB RAM) and
compression and decompression process is time consuming.Strength: Very high compression power with very accurate result and no loss of data.Weakness: -Due to high compression rate, the time requires to compress and decompress the file is high.Download Link- www.sourceforge.net/projects/kgbarchiverincrease internal memory of android phone
Requirements
1) Rooted Device
2) Clock work mod(cwm) Installed
3) Link2Sd
Steps To Increase The Internal Memory
1) First of all make a backup of your sdcard.
2) Now connect sdcard with your device & boot in recovery mode. (cwm recovery)
3) Now use your volume key or menu keys to choose the “Advanced” option from there & select it.
4) Now Select “Partition SD Card“.
5)Now enter the ext size you want( like:128M, 256M, 512M, 1024M, 2048M or 4096M- depend on your sdcard size, if you have any problem ask in comment)
6) Now select 0M (zero) as the Swap Size.
7) Done , now it will take some time to format your sdcard & partition it.
8) After its done, restart your cell
9) Now intall the Link2sd.apk.10)Now open the link2sd and a popup menu will appear.
(Check this picture for reference)
(Select the ext2 partition)
11) Select the Ext2 partion & click Ok.
12)Now Restart your phone.
13) Now open the link2sd again, & now you will be able to see all the apps installed in your device, so now tap on any of the app you want to move & select the option “Create Link”
(Check this picture for reference)
14) Now after clicking on Create Link , you will get another menu.
15)In that menu tick all the option then click Ok.
(Like this below picture)
insert image in facebook chat
- Just Go to your profile or any other profile or any official page you want to use as an emotion ot want to use the image in Facebook chat.
- See the url and copy the username or if there is no username specified then copy the profile id. For example http://www.facebook.com/mostofblog. From this url you need to copy mostofblog
- Just paste this in chat window within double brackets such as [[mostofblog]] and send it to your friend then the profile id associated with the username or profile id will show in chat box
how to hide text file behind any image
1) Create a new folder named test in any drive (say C: Drive)
2) In the test folderCreate a text file in it named – hi.txt
3) Copy any default windows picture from my pictures say – desert.jpg in the test folder
Now the game begins.
Type anything you want to in the Text file and make its font big so that its easily readable
1) Open command prompt
2) Open the test folder.
You may use the following commands to do that
2.1) C:
2.2) cd test
3) Now use the following command
COPY /B desert.jpg+hi.txt new.jpg
ie… the syntax is
Copy /B name of file in which you want to embedded the content+ name of file which you want to embedded name of new file
And that’s it. You are done.
Open the test folder and you will see a new image named new.jpg.
When you preview it you will see the normal image but now right click it and open the image with notepad. At the end of the file you can see the text that you wrote in the document.
Well this was just the beginning.
Now the more interesting use of it.
If you want to bind rar files to images. You can do that as well.
(You may put anything you want in the rar file)..
now u send this your target
Monday, 13 May 2013
SEND FAKE SMS TO ANY OF NUMBER
Step 1:
First of all you need to sign up herehttp://smsglobal.com/signup/signup_page.php
step 2:
After signing in, you will receive your username and password on your phone.
Now login in your SMS global Account with your provided Username and Password.
After loging in, you will see the welcome screen, just click on Send SMS to Number
Step 3:
Then remove the sender ID while sending to send a spoofed SMS after that enter the mobile number of both the victim and now you can send a spoofed SMS/send sms anynomously
First of all you need to sign up herehttp://smsglobal.com/signup/signup_page.php
step 2:
After signing in, you will receive your username and password on your phone.
Now login in your SMS global Account with your provided Username and Password.
After loging in, you will see the welcome screen, just click on Send SMS to Number
Step 3:
Then remove the sender ID while sending to send a spoofed SMS after that enter the mobile number of both the victim and now you can send a spoofed SMS/send sms anynomously
HOW TO BLOCK OR UNBLOCK ANY SITE
Procedure to block an unblock internet sites
Example
www.sifymall.com
To know ip of the sifymail.com goto cmd promt (window key +R)and type
ping www.sifymail.com
For window7 seven users you have to open the hosts file with administrative permissions (which can be easily achieve using right click on hosts file and choosing administrative permissions to open it )
and then follow that simple steps and yeh ..you have successfully block the site.
127.0.0.1 localhost
210.210.19.82 www.sifymall.com
MAKE A FREE CALL
Steps to make Free call
Enjoy the free calling time :)
Saturday, 11 May 2013
hack website without using software
Steps For IIS Hacking:
STEP 1: Click on Start button and open "RUN".(windows+R)STEP 2: Now Type this in RUN
%WINDIR%\EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}\::{BDEADF00-C265-11d0-BCED-00A0C90AB50F}
Now A Folder named "Web Folders" will open.
STEP 3: Now "Right-Click" in the folder and Goto "New" and then "Web Folder".
STEP 4: Now type the name of the Vulnerable site in this case i have taken e.g." http://autoqingdao.com/ " and click "Next".
STEP 5: Now Click on "Finish"
STEP 6: Now the folder will appear. You can open it and put any deface page or anything.
STEP 7: I put text file in that folder. Named "securityalert.txt" (you can put a shell or HTML file also). If the file appear in the folder then the Hack is successful but if it don't then the site is not Vulnerable.
Now to view the uploaded site i will go to "http://autoqingdao.com/securityalert.txt"
In your case it will be " www.[sitename].com/[file name that you uploaded] "
Some IIS Exploit Websites For Practise
http://www.huayujt.com/
http://www.dns860.com/
http://www.hnhaoji.com/
http://www.dlzq158.com/
http://www.kia.com.np/
http://www.dz365.com
http://www.dy1905.net/
http://www.dycit.com/
use facebook in hacker's language
1. log in your facebook account
2. go to privacy setting
3. change language with1337
2. go to privacy setting
3. change language with1337
stop unwanted photo tags in facebook
step 1: Go to your Facebook Privacy Settings
step 2: Simple go to “Privacy Settings > Timeline and Tagging > Review posts friends tag you in before they appear on your Timeline” and Set “On” This option.
step 3:Below mentioned screen shots will help you in enabling this feature:
Click on Edit settings of Timeline and Tagging Option
step 4: You will see an option “Review posts friends tag you in before they appear on your Timeline”, Now click on “Off” and set it to “On” to enable this feature for you.
Step 5:And Now Finally Enable this Feature.
After saving the changes if someone tag you on facebook then you will get Options to either Approve or Disapprove the posts. These posts will not visible on your Timeline until you manually approve them.I think for girls it would be very much helpful .
step 2: Simple go to “Privacy Settings > Timeline and Tagging > Review posts friends tag you in before they appear on your Timeline” and Set “On” This option.
step 3:Below mentioned screen shots will help you in enabling this feature:
Click on Edit settings of Timeline and Tagging Option
step 4: You will see an option “Review posts friends tag you in before they appear on your Timeline”, Now click on “Off” and set it to “On” to enable this feature for you.
Step 5:And Now Finally Enable this Feature.
After saving the changes if someone tag you on facebook then you will get Options to either Approve or Disapprove the posts. These posts will not visible on your Timeline until you manually approve them.I think for girls it would be very much helpful .
hack facebook using firesheep
1. First of all download "Firesheep" from the above link and use the "openwith" option in the firefox browser.
Remember Few Points
how do i unlock window xp using SAM file
Windows XP’ password stored in Windows \ System32 \
Config under the SAM file
.Ok,the you may know how to do.
Step 1:Login to a Computer that has Windows XP system.
Step 2:Copy the SAM file to a floppy disk.
Step 3: Then turn to your locked pc and insert the floppy disk Reboot the PC and enter into MS-DOS.
Step 4:In dos,type : del c: windows\system32\config\sam ,then you will delete the SAM file.
Step 5: type : Copy a:\sam c:\ windows\system32\config,copy the other’s SAM file to your PC.
.Ok,the you may know how to do.
Step 1:Login to a Computer that has Windows XP system.
Step 2:Copy the SAM file to a floppy disk.
Step 3: Then turn to your locked pc and insert the floppy disk Reboot the PC and enter into MS-DOS.
Step 4:In dos,type : del c: windows\system32\config\sam ,then you will delete the SAM file.
Step 5: type : Copy a:\sam c:\ windows\system32\config,copy the other’s SAM file to your PC.
how to open SAM file
1) Well, the easiest way to do this is to boot your target machine to an
alternate OS like NTFSDOS or Linux
and just copy the SAM from the %systemroot%system32config folder.
It's quick,
it's easy, and it's effective. You can get a copy of NTFSDOS from
Sysinternals(http://www.sysinternals.com) The regular version of NTFSDOS is
freeware, which is always nice, but only allows for Read-Only access. This
should be fine for what you want to do, however, if you're the kind of person
that just has to have total control and has some money to burn. NTFSDOS Pro,
which is also by Sysinternals has read/write access but it'll cost you $299.
2) You can also get password hashes by using pwdump2 (Google It to get
software ~ Search at openwall.com). pwdump uses .DLL injection in order to use
the system account to view and get the password hashes stored in the registry.
It then obtains the hashes from the registry and stores them in a handy little
text file that you can then paste them into a password cracking utility like
l0phtcrack or John the ripper (Linux Based works well) also cain and abel can
be used.
3) Import Hashes directly from l0phtcrack, and let them open to you by
cracking.
Monday, 6 May 2013
run turbo c++ full screen in window 7
best tricks
Trick 1:-
Log on to windows7 in safe mode. In safe mode the application running
capabilities of an operating system is low and this mode is used as
trouble fixing for OS. But this method is much simpler and you only
need to log on to safe mode by pressing F8 on start up.
By summarizing the steps:
1. Install turbo C++
2. Start windows7 in safe mode.
3.Execute turbo C++
Trick 2:-
By Disabling your graphics adapter. This trick is done by just uninstalling the graphics driver. To do that
1. Right click on My Computer, click Properties
2. Select Device manager->Display Adapters
3. Identify the display adapter of your computer, and uninstall.
You should try this trick only if you do not use your computer for
Graphic related operations like playing multimedia games.By this trick
graphics would look vulgar but you can run C++ in full screen.
Trick 3:-
By using DOSBox software. It is an open source DOS emulator for BeOS,
Linux, Mac OS X, OS/2, and Windows. This tool is primarily intended to
play DOS games on windows7 but here we can use it run turbo C++ in Full
screen mode.
1. Download DOSBox (for windows)
2. Install and run the DOSBox.
3. Now a command prompt type window will appear. We need to mount TC folder.
Just type “mount c: c:/tc” and press enter.
Assumed that Turbo C++ is installed in C drive and TC folders located at C:\TC
You may get a message that 'Drive C is mounted as local directory C:/TC\'
Change the directory to C/BIN/tc.exe. To do that, please follow the steps as shown in the below screen shot.
Now the Turbo C++ will open in DOSBox. Press ALT+ENTER to toggle between full screen and mini screen.
By applying the above 3 tricks, you can run C compiler on full screen mode in windows 7.
best security tips for android
With the amount of information we keep on our smartphones, it's
increasingly vital that we protect them and the data they house. I
don't want to sound like a fear-monger, but the fact is your phone can
be lost or stolen, it can be destroyed, or its contents can be hacked
via malware. Here are a few basic and advanced tips to consider to
protect everything from your work files to contact information.
The Basics: Keep Your Phone Locked
It's extremely easy and effective to lock down access to your Android phone using built-in tools. Simply tap your way to the "Location and Security" setting. There you can create either a standard password or a screen lock pattern. If you use the screen lock pattern tool, be sure not to make an extremely easy and obvious pattern.
For Added Security: Hidden Lock adds an extra layer of security that is easy to implement but hard for would-be thieves to crack. After you have unlocked your phone using a password, Hidden Locks requires you to tap a hidden button before you can use the phone.
Avoiding Malicious Apps
Viruses and other malware are increasingly targeting the Android platform, so it's important to take a few precautions to avoid infecting your own phone or tablet.
For the ultimate in security, I recommend only downloading apps from the official Google Play store, where they have been vetted. Scammers have been known to create fake versions of popular apps, which are loaded with malware and only available at third-party websites.
However, some apps may simply not be available on the app store. If you see an intriguing app, you can verify its reputation by searching for it on Google and seeing if it has been written about, positively or negatively. Be wary of totally obscure apps.
Note App Permissions
Take the time to learn what permissions an app wishes to access, from making phone calls to using your system tools. While it makes sense that a social networking app may wish to access your contacts, it doesn't make sense that a "dancing dog" app would. Be wary when apps ask for more than seems to make sense.
Consider an Anti-Virus
Finally, you can consider an anti-virus program for Android. Savvy users may not need these programs, but apps like Lookout Security & Antivirus do offer powerful features for added protection.
Find Your Lost Phone and Erase Data Remotely
Thanks to GPS and wireless Internet, you can locate a missing Android phone using one of the several apps available. I recommend Android Lost (free). Even with your speakers turned off, you can use this app to play a sound, which is handy when you simply lose the phone in your house. Furthermore, this app also enables you to erase all the phone's data, saving your contact information and files from prying eyes.
You can also take pictures from your camera to know who is using your phone. And better yet: This app can be installed remotely, so you can install it after you have lost your phone. (However, I strongly recommend installing it right away.)
And Don't Forget Physical Mishaps
All the security measures in the world won't matter if your phone breaks from a simple drop. Be sure to invest in a quality case.
The Basics: Keep Your Phone Locked
It's extremely easy and effective to lock down access to your Android phone using built-in tools. Simply tap your way to the "Location and Security" setting. There you can create either a standard password or a screen lock pattern. If you use the screen lock pattern tool, be sure not to make an extremely easy and obvious pattern.
For Added Security: Hidden Lock adds an extra layer of security that is easy to implement but hard for would-be thieves to crack. After you have unlocked your phone using a password, Hidden Locks requires you to tap a hidden button before you can use the phone.
Avoiding Malicious Apps
Viruses and other malware are increasingly targeting the Android platform, so it's important to take a few precautions to avoid infecting your own phone or tablet.
For the ultimate in security, I recommend only downloading apps from the official Google Play store, where they have been vetted. Scammers have been known to create fake versions of popular apps, which are loaded with malware and only available at third-party websites.
However, some apps may simply not be available on the app store. If you see an intriguing app, you can verify its reputation by searching for it on Google and seeing if it has been written about, positively or negatively. Be wary of totally obscure apps.
Note App Permissions
Take the time to learn what permissions an app wishes to access, from making phone calls to using your system tools. While it makes sense that a social networking app may wish to access your contacts, it doesn't make sense that a "dancing dog" app would. Be wary when apps ask for more than seems to make sense.
Consider an Anti-Virus
Finally, you can consider an anti-virus program for Android. Savvy users may not need these programs, but apps like Lookout Security & Antivirus do offer powerful features for added protection.
Find Your Lost Phone and Erase Data Remotely
Thanks to GPS and wireless Internet, you can locate a missing Android phone using one of the several apps available. I recommend Android Lost (free). Even with your speakers turned off, you can use this app to play a sound, which is handy when you simply lose the phone in your house. Furthermore, this app also enables you to erase all the phone's data, saving your contact information and files from prying eyes.
You can also take pictures from your camera to know who is using your phone. And better yet: This app can be installed remotely, so you can install it after you have lost your phone. (However, I strongly recommend installing it right away.)
And Don't Forget Physical Mishaps
All the security measures in the world won't matter if your phone breaks from a simple drop. Be sure to invest in a quality case.
best computer security tips
- Use "anti-virus software" and keep it up to date.
- Don't open e-mails or attachments from unknown sources. Be suspicious of any unexpected e-mail attachments even if it appears to be from someone you know.
- Protect your computer from Internet intruders - use "firewalls."
- Regularly download security updates and "patches" for operating systems and other software.
- Use hard-to-guess passwords. Mix upper case, lower case, numbers, or other characters not easy to find in a dictionary, and make sure they are at least eight characters long.
- Back-up your computer data on disks or CDs regularly.
- Don't share access to your computers with strangers. Learn about file sharing risks.
- Disconnect from the Internet when not in use.
- Check your security on a regular basis. When you change your clocks for daylight-savings time, reevaluate your computer security.
- Make sure your family members and/or your employees know what to do if your computer becomes infected.
best internet security tips
Split your emails
Rather than linking Facebook, Twitter, newsgroups, forums, shopping and banking sites to one email address, use multiple addresses. As a minimum, use one for social activities and one for financial business.
Your social address will rightly draw more attention than your business one – that's the way you want it to be. If the former is hacked, it won't be as nightmarish as losing control of your financial address.
Take care on public networks
Never, under any circumstances, use a public network for financial transactions. Only send your personal and financial details over a network you've set up yourself, or one you know to be secure. Who knows what horrors are lurking on the hard disk of that internet cafe machine, or somewhere between it and its internet access point?
Hackers have also been known to set up laptops to broadcast networks with names such as 'Free Internet Access' in hotels. They'll let you pass internet traffic through them and harvest any juicy details as you type. Virtualise
The truly paranoid should virtualise. The idea is simple: create a virtual PC, use it to surf the internet and, when you've done, destroy it, along with any viruses that may have infected it while you were online.
Running a virtual version of Ubuntu from within Ubuntu is likely to be the easiest way of achieving this style of computing, and it's likely to be very safe too.
Anatomy of an iffy shop
By making online shops look slick, official and safe, online criminals hope to dupe us into disclosing credit card details. Fake shopping sites, like much online criminality, rely on social engineering.
There are, however, some tell-tale signs that should help you spot an iffy shop. First, avoid sites that ask for cash, cheque or virtual cash payments only – only do business with sites that accept credit cards.
Next, ensure that the shop has a physical address, ideally in the UK – shopping abroad throws up more potential problems.
Be wary of Facebook
There are two key areas of social networking security – the technical sphere and the human one. Technical security is about setting up your profile correctly – your favourite site will explain how, so follow its guides. Next is the human aspect of security and our old friend, social engineering.
No quantity of settings and checkboxes can prevent a user from willingly complying with the bad guys, and this is what they depend on. There's one simple rule to follow here: don't do or say anything online that you wouldn't do or say in real life.
Choose your flexible friend
Never be tempted to use or enter details from your debit card – always use a credit card. Section 75 of the Consumer Credit Act (1974) make credit card companies liable to pay if you're the innocent victim of fraud.
Card companies may, however, avoid paying out if you're proved not to have taken 'reasonable' care with your card – doing something like writing down your PIN, for example.
Credit cards themselves also offer different levels of fraud insurance, so shop around before choosing a card and make sure you read the terms and conditions closely.
Pump and dump
Don't be tempted to follow unsolicited dead-cert share tips. The senders will probably hold a lot of them. When you and other victims buy, the price will go up. They'll then sell, leaving you holding the baby.
Just like that
A common online action site scam is to sell goods that are 'like' top brand goods. Your new watch may be like a Rolex insofar as it ticks, but that could be your lot.
We've found a virus
Bogus security experts call unsuspecting PC owners claiming they've found a virus on their hard drive. All you need do is pay a fee and they'll remotely remove the nasty.
In reality, the scammers are just working through phone lists, planting the seeds of fear and then collecting bucketloads of cash.
Ditch IE6
If you're still using Internet Explorer 6, shame on you. Not only are you likely to be getting less from the internet – Google and YouTube have now stopped supporting the ageing browser – but it's also riddled with security flaws. Do yourself a favour and download a newer browser.
Check out Virus Total
If you've received a file and are worried about its provenance, upload it to www.virustotal.com. The site will run the file through a number of virus-scanning engines to find any hidden malware. It'll also send you a handy report document.
Listen to Bruce Schneier
Renowned security expert, blogger and self-styled security guru Bruce Schneier has a thing or two to say about every aspect of the topic, ranging from the virus right up to national security policy. Visit his blog at www.schneier.com and add it to your bookmarks.
Check firewall logs
Firewalls keep logs of traffic they've rebuffed. Check these and look for patterns – maybe a particular IP address is pinging your network or a certain port on your setup is spewing out too much traffic. These sorts of things can suggest a viral infection.
Stop redundant services
The more software and services you're running, the greater the risk you could be compromised. Be ruthless – delete or deactivate applications and services you don't use. This will reduce the number of ways into your machine that are available to hackers.
Be cautious
If you must use file sharing, do so with the utmost paranoia about security. When you've downloaded a file, isolate it and, if possible, execute it from a virtual environment to ensure it's safe before letting it into your true computing environment.
Update software
Windows 7 and most major apps are happy to update themselves automatically, but you should still run their update systems manually to ensure they're working. Smaller apps may need updating manually, so check their makers' sites for updates.
Enter your own URLs
Never follow links to URLs emailed to you and don't Google your bank's address. Google can be tricked into moving spoof sites up its rankings table by criminals looking to entice people to sites designed to harvest logon details. Enter important URLs yourself.
Check site safety
Download McAfee's excellent SiteAdvisor from www.siteadvisor.com. The browser plug-in has a traffic light system that shows dangerous sites in search results. Following its green, yellow and red site rating icons will help you to avoid compromised web locations.
Test your system
Test your antivirus system using the Eicar string. It's a text file that all antivirus engines should pick up, no matter how it's wrapped or compressed. Get it from www.eicar.org. It's completely safe and won't land you in legal hot water.
Rather than linking Facebook, Twitter, newsgroups, forums, shopping and banking sites to one email address, use multiple addresses. As a minimum, use one for social activities and one for financial business.
Your social address will rightly draw more attention than your business one – that's the way you want it to be. If the former is hacked, it won't be as nightmarish as losing control of your financial address.
Take care on public networks
Never, under any circumstances, use a public network for financial transactions. Only send your personal and financial details over a network you've set up yourself, or one you know to be secure. Who knows what horrors are lurking on the hard disk of that internet cafe machine, or somewhere between it and its internet access point?
Hackers have also been known to set up laptops to broadcast networks with names such as 'Free Internet Access' in hotels. They'll let you pass internet traffic through them and harvest any juicy details as you type. Virtualise
The truly paranoid should virtualise. The idea is simple: create a virtual PC, use it to surf the internet and, when you've done, destroy it, along with any viruses that may have infected it while you were online.
Running a virtual version of Ubuntu from within Ubuntu is likely to be the easiest way of achieving this style of computing, and it's likely to be very safe too.
Anatomy of an iffy shop
By making online shops look slick, official and safe, online criminals hope to dupe us into disclosing credit card details. Fake shopping sites, like much online criminality, rely on social engineering.
There are, however, some tell-tale signs that should help you spot an iffy shop. First, avoid sites that ask for cash, cheque or virtual cash payments only – only do business with sites that accept credit cards.
Next, ensure that the shop has a physical address, ideally in the UK – shopping abroad throws up more potential problems.
Be wary of Facebook
There are two key areas of social networking security – the technical sphere and the human one. Technical security is about setting up your profile correctly – your favourite site will explain how, so follow its guides. Next is the human aspect of security and our old friend, social engineering.
No quantity of settings and checkboxes can prevent a user from willingly complying with the bad guys, and this is what they depend on. There's one simple rule to follow here: don't do or say anything online that you wouldn't do or say in real life.
Choose your flexible friend
Never be tempted to use or enter details from your debit card – always use a credit card. Section 75 of the Consumer Credit Act (1974) make credit card companies liable to pay if you're the innocent victim of fraud.
Card companies may, however, avoid paying out if you're proved not to have taken 'reasonable' care with your card – doing something like writing down your PIN, for example.
Credit cards themselves also offer different levels of fraud insurance, so shop around before choosing a card and make sure you read the terms and conditions closely.
Pump and dump
Don't be tempted to follow unsolicited dead-cert share tips. The senders will probably hold a lot of them. When you and other victims buy, the price will go up. They'll then sell, leaving you holding the baby.
Just like that
A common online action site scam is to sell goods that are 'like' top brand goods. Your new watch may be like a Rolex insofar as it ticks, but that could be your lot.
We've found a virus
Bogus security experts call unsuspecting PC owners claiming they've found a virus on their hard drive. All you need do is pay a fee and they'll remotely remove the nasty.
In reality, the scammers are just working through phone lists, planting the seeds of fear and then collecting bucketloads of cash.
Ditch IE6
If you're still using Internet Explorer 6, shame on you. Not only are you likely to be getting less from the internet – Google and YouTube have now stopped supporting the ageing browser – but it's also riddled with security flaws. Do yourself a favour and download a newer browser.
Check out Virus Total
If you've received a file and are worried about its provenance, upload it to www.virustotal.com. The site will run the file through a number of virus-scanning engines to find any hidden malware. It'll also send you a handy report document.
Listen to Bruce Schneier
Renowned security expert, blogger and self-styled security guru Bruce Schneier has a thing or two to say about every aspect of the topic, ranging from the virus right up to national security policy. Visit his blog at www.schneier.com and add it to your bookmarks.
Check firewall logs
Firewalls keep logs of traffic they've rebuffed. Check these and look for patterns – maybe a particular IP address is pinging your network or a certain port on your setup is spewing out too much traffic. These sorts of things can suggest a viral infection.
Stop redundant services
The more software and services you're running, the greater the risk you could be compromised. Be ruthless – delete or deactivate applications and services you don't use. This will reduce the number of ways into your machine that are available to hackers.
Be cautious
If you must use file sharing, do so with the utmost paranoia about security. When you've downloaded a file, isolate it and, if possible, execute it from a virtual environment to ensure it's safe before letting it into your true computing environment.
Update software
Windows 7 and most major apps are happy to update themselves automatically, but you should still run their update systems manually to ensure they're working. Smaller apps may need updating manually, so check their makers' sites for updates.
Enter your own URLs
Never follow links to URLs emailed to you and don't Google your bank's address. Google can be tricked into moving spoof sites up its rankings table by criminals looking to entice people to sites designed to harvest logon details. Enter important URLs yourself.
Check site safety
Download McAfee's excellent SiteAdvisor from www.siteadvisor.com. The browser plug-in has a traffic light system that shows dangerous sites in search results. Following its green, yellow and red site rating icons will help you to avoid compromised web locations.
Test your system
Test your antivirus system using the Eicar string. It's a text file that all antivirus engines should pick up, no matter how it's wrapped or compressed. Get it from www.eicar.org. It's completely safe and won't land you in legal hot water.
Subscribe to:
Posts (Atom)