Computer Virus

Computer Virus

---

Computer VIRUS i.e Vital Information Resource Under Seize are considered as very first form of computer threats. Computer VIRUS usually replicate themselves, damage your files and are also able to distribute themselves on network. Virus is usually a executable file. It may be different or same for different Operating system.

LDAP Enumeration Tools And Counter Measures

LDAP Enumeration Tools And Counter Measures

---

When we covered LDAP enumeration we left tools part for discusing later. Now its time to have a look on every tool one by one. Lets start with LDAPminer, a free command line tool

10000 Pluss And Beyond

Two days before my blog completed 10,000 visitors its good to see that number after so many ups and downs since last year. Now onwards I’ll be blogging regularly without taking long pauses. I thank all my readers to help me attain that number even after so many breaks last year. Following is statistics after attaining 10,000

Two Tips To Speed Up Your Bandwidth By 30%

Two Tips To Speed Up Your Bandwidth By 30%

---

Tip Number-1

By default all Windows systems reserves 20% of your bandwidth speed. This is done so that any specific application should not overpower other applications for bandwidth. Though this setting is done for good purpose it limits connection speed even though only one application is using bandwidth. By the way even though this setting is disabled no application will conflict with each other on bandwidth. So turning it off can give you boost of 20% in your bandwidth speed.

Password Hacking

Password Hacking

---

Password Hacking is a process of retrieving or stealing password from data in system or data that is transmitted via system. The most common way of password hacking is guessing password. In this tutorial we will try to cover most commonly used methods used by hackers to hack your passwords

LDAP Enumeration

LDAP Enumeration

---

The Lightweight Directory Access Protocol(LDAP) is used to access directory listings within an active directory or from other services. A directory is compiled in hierarchical or logical form. It is suitable to attach with the Domain Name System(DNS) to allow quick lookup and fast resolution of queries. It generally runs on the port 389 and other similar

DNS Zone Transfer

DNS Zone Transfer

---

In this post we will learn about DNS zone transfer in windows 2000 server. Before we continue to zone transfer, lets clear some of our doubts about zone transfer. In windows 2000 server clients use service records known as (SRV) to locate domain name services. The service records may include services like Active Directory*. This means every windows 2000 domain must have a DNS server for its network to operate.

Countermeasures Against SNMP Enumeration

Countermeasures Against SNMP Enumeration

---

In last section we saw how we can enumerate SNMP. Since SNMP can reveal plenty of information that can be used for hacking, it is quite necessary to prevent SNMP enumeration. In this post we will learn how we can create a strong defense against SNMP enumeration.

The best way to avoid SNMP enumeration is to remove SNMP agent from target system or turn off the SNMP service. If that is not possible then follow the following steps.

Enable the option in Group Policy Security option called Additional restrictions for anonymous connections. Also restrict access to null session pipes, null session shares and IPSec filtering.Additionally block access to TCP/UDP ports 161.

SNMP Enumeration

SNMP Enumeration

---

I know SNMP enumeration is not really a hot topic as per today but still I think we must cover it for educational purpose. So before we proceed lets have our look on some basic terminologies related to SNMP.

Malware

Malware

---

Malware, the word itself is derived from two words malicious software. Thus a malware actually represents a malicious code. A malware can be defined as a software or firmware that is intended to perform unauthorized and unwanted process that will result in confidentiality, integrity and availability of information. A malware code can be written in any language and for any device including computers, PDA’s, mobile phones etc.

Restrict Anonymous On NetBIOS

Restrict Anonymous On NetBIOS

---

In previous posts we saw how we can enumerate NetBIOS manually then by using tools. Here we will have our look on how we can counter NetBIOS Enumeration and null session attacks on system. Null session attacks can be avoided by restricting anonymous connections over NetBIOS. It can be done in following manner.

Press “Win+R”, a “Run Window” will come up, type “regedit” in it and open registry editor, alternatively you can type “regedit” on command prompt and access registry editor.

For Windows XP/2000 create following registry key:

HKLM/System/CurrentControlSet/Control/LSA/RestrictAnonymous=2

Now reboot your system.

For Windows XP Professional and Windows 2003:

HKLM/System/CurrentControlSet/Control/LSA/RestrictAnonymous=1

HKLM/System/CurrentControlSet/Control/LSA/RestrictAnonymousSAM=1

Now reboot your system.

For Windows NT 4.0 or further:

HKLM/System/CurrentControlSet/Control/LSA/RestrictAnonymous=1

Now reboot system.

Further remove hidden share IPC$, stop SMB services, to perform these tasks open command prompt and type,

C:\>net share IPC$/delete

C:\>net stop SMB

Now configure your firewall to disallow services asking for connection over NetBIOS by blocking ports 135, 137, 138, 139.

NetBIOS Enumeration Tools

NetBIOS Enumeration Tools

---

In our last section we covered how to enumerate NetBIOS manually. Now we will have our look on tools that can be used for NetBIOS Enumeration . There are several Graphical User Interface (GUI) tools as well as Command Line Interface (CLI) tools available, here I will list only some of them and tell you about my personal preferences.

NetBIOS Enumeration And Null Session

NetBIOS Enumeration And Null Session

---

Net BIOS null Sessions occurs when you connect any remote system without user-name and password. It is usually found in systems with Common Internet File System (CIFS) or Server Message Block (SMB) depending on operating system. Once attacker is in with null session he/she can explore information about groups, shares, permissions, policies and even password hashes.

Nessus On Linux

Nessus On Linux

---

In last tutorial we saw how to use nessus on Windows. But as told earlier nessus is multi-platform vulnerability scanning/assessment tool. In this section we will cover how we can use nessus on Linux platform. The installation process in Linux is not as straight forward as in Windows. So lets cover it first.