Most Populer Cyber Forensics Tools

http://resources.infosecinstitute.com/computer-forensics-tools/

Computer forensics is a very important branch of computer science in relation to computer and Internet related crimes. Earlier, computers were only used to produce data but now it has expanded to all devices related to digital data. The goal of Computer forensics is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime.

For better research and investigation, developers have created many computer forensics tools. Police departments and investigation agencies select the tools based on various factors including budget and available experts on the team.

These computer forensics tools can also be classified into various categories:

• Disk and data capture tools
• File viewers
• File analysis tools
• Registry analysis tools
• Internet analysis tools
• Email analysis tools
• Mobile devices analysis tools
• Mac OS analysis tools
• Network forensics tools
• Database forensics tools

In this post, we are listing a few important and popular data forensics tools. Before proceeding further, I want to make it clear that tools are added in random order. So,please do not try to consider it as a ranking of the tools.

Advertisement

Tricks To Fight Back Against DDoS Attacks

Distributed Denial of Services

Since 2011, denial-of-service (DDoS) attacks, have started expanding its limits and they have reached the mainstream. Now if we think who is responsible for such attacks then we may get no answer to it. According to a new report by security vendor Radware we have to blame Anonymous for these attacks.

DDOS is a type of DOS attack where multiple compromised systems — which are usually infected with a Trojan — are used to target a single system causing a Denial of Service (DoS) attack.

The report says that by distributing easy-to-use DDoS tools, like low-orbit ion canon, DDoS attacks have been made popular by Anonymous. But government bodies and businesses should think more seriously about these attcaks. They can also adopt multiple steps to minimise the effects of the DDoS attacks on websites, servers, databases and so on. So let’s discuss some of those steps which need to be taken in case of these attacks:

#1 First of all you should know your level of vulnerability. You should know you are always at risk and it’s not to create any panic but just a simple acknowledgement of the fact that hackers’ always love to pick random victims. After Anonymous came into action, the Radware report says, “the financial sector, which had not really considered itself as a prime target, was hit and urgently forced to confront threatening situations.” The report also said, “Government sites had been targeted before, but 2011 saw a dramatic increase in frequency, and neutral governments that felt themselves exempt, like New Zealand, were attacked.” So it’s better adopt prevention measures rather than falling victim to Anonymous and its malicious attacks.

#2 DDoS attacks don’t require much activities to get launched but it’s really tough to get stopped. Anonymous recently boasted on Twitter that hackers from their team can easily crowdsource “5,600 DDoS zealots blasting at once”. Anonymous is highly capable of taking down a website of anyone, be it FBI or the Justice Department to the Motion Picture Association of America and Recording Industry Association of America. Rob Rachwald, director of security strategy of Imperva, has said through an email to Information Week, “DDoS is to the Internet what the billy club is to gang warfare: simple, cheap, unsophisticated, and effective.” So it’s better that you know to stop these attacks from the very beginning

#3 Now you need full-proof preparation to stop these DDoS attacks. As Asia Pacific solutions architect for Arbor Networks Roland Dobbins said in a conversation, that if attacked “folks that don’t take active measures to ensure the resilience of their networks are going to get knocked over. They need to do everything they can to increase resiliency and availability.” Roland also made a recommendation that implementing “all of the industry best and current practices for their network infrastructure, as well as applications, critical supporting services, including DNS.” It means proper planning can only lead to success in stopping these harmful attacks.

#4 You need to identify which part of your corporate network can become a bottleneck or the weakest link for the DDoS attack. Radware conducted a survey of 135 people who posses information security expertise. The participants of this survey include IT managers, CIOs and CISOs. This survey concluded that if bottle necks are identified then 30 per cent of server attacks are done from these points, 27 per cent Internet pipes get attacked through these channels and there are several other similar instances too which prove that bottlenecks are the most vulnerable sections of any network. So first identify them and then ensure their security.

#5 You have to remain very careful about the going-on across your network. This is the main way to prevent attacks which will also secure the infrastructure and you can keep a check on the hackers. Actively monitor your network and as Dobbins says, “If the enterprise doesn’t have visibility into their network traffic so they can exert control over the traffic, then they have a problem.” Watch out for any malicious possibility without any idleness.

#6 Don’t think that always large attacks will take place. The most popular type of DDoS attack which is frequently used by Anonymous is a packet flood. What is does is it directs lot of packets at a website and the servers get under enormous pressure.What you need to remember is it’s not necessary that the attacks will be always done in conventional ways only.

#7 You need to be extra cautious about application layer-attacks. If attacks are done on a switch or any application through the packet system then it’s not easy to diagnose. Radware’s report says in this case, “it is much easier to detect and block a network flood attack–which is about sending a large volume of irrelevant traffic such as UDP floods, SYN floods, and TCP floods, typically spoofed–rather than an application flood attack where the attackers are using real IP addresses from real machines and running complete application transactions.” So it means your application layers can be under threat anytime and requires your attention everytime.

#8 There are a blend of attacks sometimes and you need to be extra careful for that.Detection of these kinds of attacks are tougher as more than one application become target at a time. Even with a packet flood all the applications can be attacked together. Radware report comments thus, “Attackers are often likely to combine both packet flooding attacks with application-layer DDoS, to increase their odds of success. The majority of organizations, which are targeted by sub-1-Gbps attacks, are targeted with a mix of network and application flood attacks.” So blended attacks add to the clause of your security now.

#9 You need excellent communication power and networking skills to prevent these attacks. Large attacks are capable of turning the largest enterprise network upside down. Dobbins solution is, “Work very closely with [your] Internet service provider–or for multinationals, providers–to successfully deal with these attacks. At 4 a.m., if there is a DDoS attack, it’s not the time you want to be scrambling around trying to reconfigure your infrastructure, and finding who call at your ISP.” So build god relationships and communication lines before the attack even happens.

#10 Don’t always follow a single measure, adopt several ones. Radware says that if you want countermeasures then a network gear may be able to mitigate suspected DDoS attacks automatically. As per the report, “Legitimate clients generally respect this and will suspend their communication for the time being. It seems that some attackers also honor this message and suspend the attack until a new, larger window size is advertised, which of course the site being attacked has no intention of doing.” So expand your considerations and countermeasures can help you far better.

Thanks… !!!

How To Unlock Private Profile Picture on Facebook

GET STARTED RIGHT AWAY

• Long back, security experts and hackers found a serious security flaw on Facebook which allowed them to view private photos on Facebook with a small tweak. Facebook security flawed in that. Developers started to develop browser scripts which allowed people to see locked private profile pictures. A locked profile picture refers to a one which cannot be viewed in theater view or enlarged view. People even can’t comment on it. This privacy holds good when a person doesn’t wants to share a high resolution photo what he upload.
• People want to have privacy on their photos. There are people who keep pictures as their profile picture that does not contain pictures of them. That may be purely due to privacy of their own self. But still if they think that they want people to find them easily, then they should have their own picture as their profile picture. It is lucky for such people that Facebook provides a privacy feature to make a profile picture private.
• As Facebook have common type of URLs everywhere for photos, it made me to guess the public URL of the enlarged URL of the locked profile picture. By changing some parts in URL, we can view the picture in enlarged form. All you need is to, learn the structure of two URLs. One is the short 160 x 160 px image which you will see this on people’s timeline. The other is, the public URL of the same image which is enlarged. This enlarged image will be in the full resolution what the profile owner has uploaded.

• The below is the structure of an enlarged profile URL.

Enlarge Profile URL

The last part of the profile picture determines some property of your picture. The letter n which is defined before the extension of the image determines the size of the picture whether the public URL refers to a thumbnail or full size image. The n can be replaced with the letter t to view the thumbnail sized image. Each picture on Facebook is determined by a unique ID by Facebook.

Step 1: Go to your friend’s timeline whose profile picture cannot be enlarged. That is, one who have kept their Privacy Settings to “Only Me”.

Step 2: Right click on their profile picture and click on Copy image URL.

Step 3: Copy the image URL and paste in a text editor like Notepad.

Link to Copy Image URL

Step 4: Remove the following part of the URL in the image URL you have copied.

And, replace them with the following:

http://sphotos-c.ak.fbcdn.net/hphotos-ak-prn1/

If the above URL string doesn’t work, try with the below.

https://fbcdn-sphotos-b-a.akamaihd.net/hphotos-ak-cryptlife/

Step 5: The last part of the picture URL will be always the same. Now, just copy and paste the whole code in the URL which you have made changes.

Copy This Link to URL Bar

You will be getting the full size of the image that is locked or made private.

I don’t know why Facebook should provide a public URL for all picture but it will be nice if this flaw is fixed.

Share your thoughts here. If you have any comments or queries, please comment below. Do not forget to share this URL.

About Me :

https://www.about.me/prabhu490730

https://www.prabhurockstar.wordpress.com

And you’re done. Nice work!

7 Places That Beginner Hackers Will Find Very Useful !

1. How to Make a Computer Virus
http://www.newhackingtricks.com/2014/02/how-to-make-computer-virus.html
Every newbie hacker wants to know how to make a virus or worm. So, we though this would be the best thing to start this article off with.

2. Hack Windows 7 Password Using Ophcrack
http://www.newhackingtricks.com/2014/02/hack-windows-7-password-using-ophcrack.html
Opcrack is an open source windows password cracker based on rainbow tables. It comes with Graphical user interface(GUI) and runs on multiple platform such windows, linux and mac. It allows you to recover or hack windows password.

3. Hacking Ebook For Beginners ,Basic of Hacking
http://www.newhackingtricks.com/2014/02/hacking-ebook-for-beginners-basic-of.html
Every beginner hacker has to refer to good books in order to increase their knowledge. When it comes to a good hacking read, a hacker would prefer an ebook usually. These are easy to find and many of them are completely free.

4. 1000 Hacking Tutorials Ebook
http://www.newhackingtricks.com/2014/02/1000-hacking-tutorials-ebook.html
This is a book from 2008, which delivers exacty what the title of the book says. For a beginner, there is a lot to learn in this book. Of course, you’ll probably not remember all of them, but it’s a very good book to practice with.

5. Gmail Hacking Ebook ,Hack Gmail accounts
http://www.newhackingtricks.com/2014/02/gmail-hacking-ebook-hack-gmail-accounts.html
Hacking a Google service is like a rite of passage for many hackers. So, here’s a book that helps you in learning how to hack Gmail accounts. We aren’t endorsing this, but it could be a good skill to learn for any budding hacker.

6. How to Hack a website
http://www.newhackingtricks.com/2014/02/how-to-hack-website.html
Well, the name expains pretty much everything about this one. Beginner hackers would enjoy this and find that there is a lot to learn here.

7. Cookie Stealing Attack: Hack Any Account like Facebook ,Twitter , Gmail ,Hotmail ,Skype and Yahoo
http://www.newhackingtricks.com/2014/02/cookie-stealing-attack-hack-any-account.html
Using this method you can hack Any Account like Facebook ,Twitter , Gmail ,Hotmail ,Skype and Yahoo. So, are you ready to learn?

Here Are 8 Wild Android Hacks !

http://www.efytimes.com/e1/fullnews.asp?edid=139295

Go beyond conventions and have some fun with your Android device!

Here’s How You Can Bypass/Reset Password On Any/Every OS!

http://efytimes.com/e1/fullnews.asp?edid=145516
Don’t have a password, no worries, you’ll still get through!

How To Dual-Boot Your Device With Both Android And Ubuntu Touch

Canonical has announced their dual-boot tool for Android devices but it is a developer preview version.

Useful Linux How Tos For Beginners And Advanced Users

10 Super  Alike!

http://www.efytimes.com/e1/fullnews.asp?edid=139326

Linux how to guides are the best ways to learn.

Bootable Data Recovery Tools For Your Linux Systems

5 

http://efytimes.com/e1/fullnews.asp?edid=144155

Make sure you have these tools always close at hand.

Build Your Personal Cloud

Looking To Build Your Personal Cloud? Try Using These 8 Free Tools!

http://efytimes.com/e1/fullnews.asp?edid=139636

Personal cloud is new, but is catching up faster that anyone would have imagined.