IT Technologies

IT technologies and concepts explorer and analyser in the web.

  • RSS
  • Delicious
  • Digg
  • Facebook
  • Twitter
  • Linkedin

New IT Concepts

Share Your Comments

  • Virtualization - The new technology evelution

    Virtualization, in computing, is the creation of a virtual (rather than actual) version of something, such as a hardware platform, operating system, a storage device or network resources.....

  • http://ittechnologies.blogspot.com/2011/04/common-security-vulnerabilities-in-e.html

    Security Vulnerabilities in E-Commerce Systemin

    Most of these attacks have utilized vulnerabilities that have been published in reusable third-party components utilized by websites, such as shopping cart software and poor design of such websites. Other factor is user awareness of security vulnerabilities.

  • VPN - Virtual Private Network

    VPN is a technology which is making secure private network through the public accessible network infrastructure. Virtual Private Network represent by the short name VPN. ...

  • Saas - Cloud Computing

    The cloud computing : is based on this three concepts. IaaS (Infrastructure as a service), PaaS (Platform as a Service) and SaaS (Software as a Service).

How Windows Product Activation (WPA) Works?

Posted by Priyan Fernando - - 0 comments


Windows Product Activation or WPA is a license validation procedure introduced by Microsoft Corporation in all versions of it’s Windows operating system. WPA was first introduced in Windows XP and continues to exist in Windows Server 2003, Windows Vista, Windows Server 2008 and Windows 7 as well. WPA enforces each end user to activate their copy of Windows so as to prevent unauthorized usage beyond the specific period of time until it is verified as genuine by Microsoft. How WPA really works was a closely guarded secret until GmbH analyzed WPA using a copy of Windows XP RC1 and published a paper on their findings.
In this post you will find answers to some of the most frequently asked questions about Windows Product Activation..
Windows Product Activation

Why activation?

Microsoft’s intention behind the activation is to limit the usage of it’s Windows operating system to only one machine for which the retail license is issued. Any other computer which runs on the same license must be disallowed from using the software. Thus WPA demands for activation of the product within 30 days of it’s installation so as to ensure that it is genuine.

What does “Genuine Windows” means?

The copy of Windows is said to be genuine only if the product key used during the installation is genuine. It means that a given product key (retail license) must be used to install Windows only on one computer for which the license was purchased. Thus if the same key is used for the installation on another computer, then it is said to be a pirated copy.

Exactly what information is transmitted during the activation?

When you activate your copy of Windows you are transmitting an Installation ID code to the Microsoft either by phone or Internet depending on the method you choose to activate. Based on this, the Microsoft’s licensing system can determine whether or not the installed OS is genuine. If it is said to be genuine, then the system will receive the Activation ID which completes the activation process. If the activation is done via telephone then the Activation ID needs to be entered manually to complete the activation process.

What information does the Installation ID contain?

This Installation ID is a 50-digit number which is derived from the following two data.
1. Product ID – It is actually derived from the 25-digit product key (the alphanumeric value that is printed on the sticker over the Windows CD/DVD case) that is entered during the installation of the operating system. The Product ID is used to uniquely identify your copy of Windows.
2. Hardware ID – This value is derived based on the hardware configuration of your computer.
The WPA system checks the following 10 categories of the computer hardware to derive the Hardware ID:
  • Display Adapter
  • SCSI Adapter
  • IDE Adapter (effectively the motherboard)
  • Network Adapter (NIC) and its MAC Address
  • RAM Amount Range (i.e., 0-64mb, 64-128mb, etc.)
  • Processor Type
  • Processor Serial Number
  • Hard Drive Device
  • Hard Drive Volume Serial Number (VSN)
  • CD-ROM / CD-RW / DVD-ROM
Thus the Installation ID which is a combination of Product ID and Hardware ID is finally derived and sent to Microsoft during the activation process.

How is the Installation ID validated?

The Installation ID needs to be validated to confirm the authenticity of the installed copy of Windows. So after the Installation ID is received by Microsoft, it is decoded back so as to obtain the actual product key and the hardware details of the computer involved in the activation process.
The Microsoft’s system will now look to see if this is the first time the product key is being used for the activation. This happens when the user is trying to activate his Windows for the first time after purchase. If this is the case then the Installation ID is validated and the corresponding Activation ID is issued which completes the activation process.
However Microsoft system will now associate this product key with the hardware ID of the computer and stores this information on their servers. In simple words, during the first use of the product key, it is paired together with the Hardware ID and this information is stored up on the Microsoft servers.

What if a computer running a pirated copy of Windows attempts to activate?

The activation fails whenever the copy of Windows installed is not said to be genuine. This usually happens when the product key used for the installation is said to have been used earlier on a different computer. This is determined during the activation process as follows:
During the validation of the Installation ID, the Microsoft’s system checks to see if the same product key was used in any of the previous activation processes. If yes then it looks to see the Hardware ID associated with it. The computer running a pirated copy of Windows will obviously have a different hardware configuration and hence the Hardware ID will mismatch. In this case the activation process will fail.
Thus for a successful activation, either of the following two cases must be satisfied:
  1. The product key must have been used for the first time. ie: The product key should not have been used for earlier activations on any other computer.
  2. If the product key is said to have been used earlier, then the Hardware ID should match. This happens only if the same computer for which the license was genuinely purchased is attempting for subsequent activation.

What about formatting the hard disk?

Each time the hard disk is reformatted and Windows is re-installed, it needs to be re-activated. However the activation process will be completed smoothly since the same computer is attempting for subsequent activation. In this case both the product key and the Hardware ID will match and hence the activation becomes successful.

What if I upgrade or make changes to my hardware?

In the above mentioned 10 categories of hardware, at least 7 should be the same. Thus you are allowed to make changes to not more than 3 categories of hardware. If you make too many changes then your activation will fail. In this case, it is necessary to contact the customer service representative via phone and explain about your problem. If he is convinced he may re-issue a new product key for your computer using which you can re-activate your Windows.

Some things WPA does not do

  • WPA does not send any personal information at all about you to Microsoft. There is still an option to register the product with Microsoft, but that is separate and entirely voluntary.
  • If you prefer to activate via phone, you are not required to give any personal information to Microsoft.
  • WPA does not provide a means for Microsoft to turn off your machine or damage your data/hardware. (Nor do they even have access to your data). This is a common myth that many people have about Microsoft products.
  • WPA is not a “lease” system requiring more payments after two years or any other period. You may use the product as licensed in perpetuity.
I have tried my best to uncover the secret behind the WPA. For further details and more technical information you can read the actual paper by Fully Licensed GmbH at http://www.licenturion.com/xp/fully-licensed-wpa.txt. I hope you like this post. Pass your comments.
[ Read More ]

How Antivirus Software Works

Posted by Priyan Fernando - - 0 comments

How antivirus works

Due to ever increasing threat from virus and other malicious programs, almost every computer today comes with a pre-installed antivirus software on it. In fact, an antivirus has become one of the most essential software package for every computer. Even though every one of us have an antivirus software installed on our computers, only a few really bother to understand how it actually works! Well if you are one among those few who would really bother to understand how an antivirus works, then this article is for you.
 

How Antivirus Works

 
An antivirus software typically uses a variety of strategies in detecting and removing viruses, worms and other malware programs. The following are the two most widely employed identification methods:
 

1. Signature-based dectection (Dictionary approach)

 
This is the most commonly employed method which involves searching for known patterns of virus within a given file. Every antivirus software will have a dictionary of sample malware codes called signatures in it’s database. Whenever a file is examined, the antivirus refers to the dictionary of sample codes present within it’s database and compares the same with the current file. If the piece of code within the file matches with the one in it’s dictionary then it is flagged and proper action is taken immediately so as to stop the virus from further replicating. The antivirus may choose to repair the file, quarantine or delete it permanently based on it’s potential risk. 
As new viruses and malwares are created and released every day, this method of detection cannot defend against new malwares unless their samples are collected and signatures are released by the antivirus software company. Some companies may also encourage the users to upload new viruses or variants, so that the virus can be analyzed and the signature can be added to the dictionary.
Signature based detection can be very effective, but requires frequent updates of the virus signature dictionary. Hence the users must update their antivirus software on a regular basis so as to defend against new threats that are released daily.
 

2. Heuristic-based detection (Suspicious behaviour approach)

 
Heuristic-based detection involves identifying suspicious behaviour from any given program which might indicate a potential risk. This approach is used by some of the sophisticated antivirus softwares to identify new malware and variants of known malware. Unlike the signature based approach, here the antivirus doesn’t attempt to identify known viruses, but instead monitors the behavior of all programs.
For example, malicious behaviours like a program trying to write data to an executable program is flagged and the user is alerted about this action. This method of detection gives an additional level of security from unidentified threats.
File emulation: This is another type of heuristic-based approach where a given program is executed in a virtual environment and the actions performed by it are logged. Based on the actions logged, the antivirus software can determine if the program is malicious or not and carry out necessary actions in order to clean the infection.
Most commercial antivirus softwares use a combination of both signature-based and heuristic-based approaches to combat malware.
 

Issues of concern

 
Zero-day threats: A zero-day (zero-hour ) threat or attack is where a malware tries to exploit computer application vulnerabilities that are yet unidentified by the antivirus software companies. These attacks are used to cause damage to the computer even before they are identified. Since patches are not yet released for these kind of new threats, they can easily manage to bypass the antivirus software and carry out malicious actions. However most of the threats are identified after a day or two of it’s release, but damage caused by them before identification is quite inevitable.
Daily Updates: Since new viruses and threats are released everyday, it is most essential to update the antivirus software so as to keep the virus definitions up-to-date. Most softwares will have an auto-update feature so that the virus definitions are updated whenever the computer is connected to the Internet.
Effectiveness: Even though an antivirus software can catch almost every malware, it is still not 100% foolproof against all kinds of threats. As explained earlier, a zero-day threat can easily bypass the protective shield of the antivirus software. Also virus authors have tried to stay a step ahead by writing “oligomorphic“, “polymorphic” and, more recently, “metamorphic” virus codes, which will encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match virus signatures in the dictionary.
Thus user education is as important as antivirus software; users must be trained to practice safe surfing habits such as downloading files only from trusted websites and not blindly executing a program that is unknown or obtained from an untrusted source. I hope this article will help you understand the working of an antivirus software.
[ Read More ]

How Firewalls Work

Posted by Priyan Fernando - - 0 comments

How Firewalls WorkIf you have been usin Internet on a regular basis or working in a large company and surf the Internet while you are at work, you must have surely come across the term firewall. You might have also heard of people saying “firewalls protect their computer from web attacks and hackers” or “a certain website has been blocked by firewall in their work place”. If you have ever wondered to know what exactly is this firewall and how it works, here we go. In this post I will try to explain “How firewalls work” in a layman’s terms.

How Firewalls Work

 
Firewalls are basically a barrier between your computer (or a network) and the Internet (outside world). A firewall can be simply compared to a security guard who stands at the entrance of your house and filters the visitors coming to your place. He may allow some visitors to enter while denying others whom he suspects of being intruders. Similarly a firewall is a software program or a hardware device that filters the information (packets) coming through the Internet to your personal computer or a computer network.
How Firewalls Work
Firewalls may decide to allow or block network traffic between devices based on the rules that are pre-configured or set by the firewall administrator. Most personal firewalls such as Windows firewall operate on a set of pre-configured rules that are most suitable under normal circumstances so that the user need not worry much about configuring the firewall.
Personal firewalls are easy to install and use and hence preferred by end-users for use on their personal computers.  However large networks and companies prefer those firewalls that have plenty of options to configure so as to meet their customized needs. For example, a company may set up different firewall rules for FTP servers, Telnet servers and Web servers. In addition the company can even control how the employees connect to the Internet by blocking access to certain websites or restricting the transfer of files to other networks. Thus in addition to security, a firewall can give the company a tremendous control over how people use the network.
Firewalls use one or more of the following methods to control the incoming and outgoing traffic in a network:
1. Packet Filtering: In this method packets (small chunks of data) are analyzed against a set of filters. Packet filters has a set of rules that come with accept and deny actions which are pre-configured or can be configured manually by the firewall administrator. If the packet manages to make it through these filters then it is allowed to reach the destination; otherwise it is discarded.
2. Stateful Inspection: This is a newer method that doesn’t analyze the contents of the packets. Instead it compares certain key aspects of each packet to a database of trusted source. Both incoming and outgoing packets are compared against this database and if the comparison yields a reasonable match, then the packets are allowed to travel further. Otherwise they are discarded.
 

Firewall Configuration

 
Firewalls can be configured by adding one or more filters based on several conditions as mentioned below:
1. IP addresses: In any case if an IP address outside the network is said to be unfavorable, then it is possible to set  filter to block all the traffic to and from that IP address. For example, if a cetain IP address is found to be making too many connections to a server, the administrator may decide to block traffic from this IP using the firewall.
2. Domain names: Since it is difficult to remember the IP addresses, it is an easier and smarter way to configure the firewalls by adding filters based on domain names. By setting up a domain filter, a company may decide to block all access to certain domain names, or may provide access only to a list of selected domain names.
3. Ports/Protocols: Every service running on a server is made available to the Internet using numbered ports, one for each service. In simple words, ports can be compared to virtual doors of the server through which services are made available. For example, if a server is running a Web (HTTP) service then it will be typically available on port 80. In order to avail this service, the client needs to connect to the server via port 80. Similarly different services such as Telnet (Port 23), FTP (port 21) and SMTP (port 25) services may be running on the server. If the services are intended for the public, they are usually kept open. Otherwise they are blocked using the firewall so as to prevent intruders from using the open ports for making unauthorized connections.
4. Specific words or phrases: A firewall can be configured to filter one or more specific words or phrases so that, both the incoming and outgoing packets are scanned for the words in the filter. For example, you may set up a firewall rule to filter any packet that contains an offensive term or a phrase that you may decide to block from entering or leaving your network.
 

Hardware vs. Software Firewall

 
Hardware firewalls provide higher level of security and hence preferred for servers where security has the top most priority whereas, the software firewalls are less expensive and are most preferred in home computers and laptops. Hardware firewalls usually come as an in-built unit of a router and provide maximum security as it filters each packet in the hardware level itself even before it manages to enter your computer. A good example is the Linksys Cable/DSL router.
 

Why Firewall?

 
Firewalls provide security over a number of online threats such as Remote login, Trojan backdoors, Session hijacking, DOS & DDOS attacks, viruses, cookie stealing and many more. The effectiveness of the security depends on the way you configure the firewall and how you set up the filter rules. However major threats such as DOS and DDOS attacks may sometimes manage to bypass the firewalls and do the damage to the server. Even though firewall is not a complete answer to online threats, it can most effectively handle the attacks and provide security to the computer up to the maximum possible extent.
[ Read More ]

How to Hack an Ethernet ADSL Router

Posted by Priyan Fernando - - 0 comments

ADSL-RoutersAlmost half of the Internet users across the globe use ADSL routers/modems to connect to the Internet however, most of them are unaware of the fact that it has a serious vulnerability which can easily be exploited even by a noob hacker just like you. In this post I will show you how to exploit a common vulnerability that lies in most ADSL routers so as to gain complete access to the router settings and ISP login details.
Every router comes with a username and password using which it is possible to gain access to the router settings and configure the device. The vulnerability actually lies in the Default username and password that comes with the factory settings. Usually the routers come preconfigured from the Internet Service provider and hence the users do not bother to change the password later. This makes it possible for the attackers to gain unauthorized access and modify the router settings using a common set of default usernames and passwords. Here is how you can do it.
Before you proceed, you need the following tool in the process
Angry IP Scanner
Here is a detailed information on how to exploit the vulnerability of an ADSL router.
Step-1: Go to www.whatismyipaddress.com. Once the page is loaded you will find your IP address. Note it down.
Step-2: Open Angry IP Scanner, here you will see an option called IP Range: where you need to enter the range of IP address to scan for.
Suppose your IP is 117.192.195.101, you can set the range something as 117.192.194.0 to 117.192.200.255 so that there exists atleast 200-300 IP addresses in the range.
 
Step-3: Go to Tools->Preferences and select the Ports tab. Under Port selection enter 80 (we need to scan for port 80). Now switch to the Display tab, select the option “Hosts with open ports only” and click on OK.
IP Scanner
I have used Angry IP Scanner v3.0 beta-4. If you are using a different version, you need to Go to Options instead of Tools
 
Step-4: Now click on Start. After a few minutes, the IP scanner will show a list of IPs with Port 80 open as shown in the below image.
IP Scanner
 
Step-5: Now copy any of the IP from the list, paste it in your browser’s address bar and hit enter. A window will popup asking for username and password. Since most users do not change the passwords, it should most likely work with the default username and password. For most routers the default username-password pair will be admin-admin or admin-password.
Just enter the username-password as specified above and hit enter. If you are lucky you should gain access to the router settings page where you can modify any of the router settings. The settings page can vary from router to router. A sample router settings page is shown below.
Router Settings Page
 
If you do not succeed to gain access, select another IP from the list and repeat the step-5. Atleast 1 out of 5 IPs will have a default password and hence you will surely be able to gain access.
 

What can an Attacker do by Gaining Access to the Router Settings?

By gaining access to the router settings, it is possible for an attacker to modify any of the router settings which results in the malfunction of the router. As a result the target user’s computer will be disconnected from the Internet. In the worst case the attacker can copy the ISP login details from the router to steal the Internet connection or play any kind of prank with the router settings. So the victim has to reconfigure the router in order to bring it back to action.
 

The Verdict:

If you are using an ADSL router to connect to the Internet, it is highly recommended that you immediately change your password to prevent any such attacks in the future. Who knows, you may be the next victim of such an attack. 
Since the configuration varies from router to router, you need to contact your ISP for details on how to change the password for your model.

Warning


All the information provided in this post are for educational purposes only. Please do not use this information for illegal purposes.
[ Read More ]

How to Protect Your Computer from Keyloggers

Posted by Priyan Fernando - - 0 comments

Protect from Keyloggers
Keyloggers have been a major problem today as it does not require any prior knowledge of computers to use it. So hackers mainly use keyloggers to steal your passwords, credit card numbers and other confidential data. Below are some methods through which you can protect your computer from keyloggers:
 

Use a Good Antivirus

This is the first and basic step that you need to take in order to protect your computer from keyloggers. Use a Good antivirus such as Kaspersky, Norton or Mcafee and update it regularly.
 

Use a Good Antispyware

Since keyloggers are basically spywares, if you are a frequent user of Internet then you could be exposed to thousands of keyloggers and spywares. So you should use a good antispyware such as NoAdware.
 

Antilogger can be Handy

Antiloggers are programs that detect the presence of keyloggers on a given computer. Over past few years, I have tested a lot of anti-logging programs and have found Zemana Antilogger as the best antilogger.
Zemana
Normally a keylogger can be easily detected by a Good Antivirus program, but hackers use some methods such as hexing, binding, crypting and similar techniques to make it harder to be detected by antivirus programs. In this case Zemana Antilogger comes handy as the program is specially developed to protect your system against harmful keyloggers.
Zemana Antilogger
 

Online Scanning

When ever you receive a suspicious file, you scan it with online scanners such as Multi engine antivirus scanner which scans your file with 24 antivirus engines and reports it back to you if the file is recognized as a virus or spyware. This ensures that none of the malicious programs can escape from being detected as there are 24 different antivirus engines are involved in the scanning process.
 

Sandboxie

Sandboxie is another great program to help you protect your computer against harmful keyloggers and spywares. Sandboxie runs your computer in an isolated space which prevents your program from making permanent changes to other programs in your computer.
When ever you receive a file that looks suspicious, just run the program with Sandboxie so even if it is a keylogger or any other virus it will not make permanent changes to your computer system.
Sandboxie
To run a program in Sandboxie follow the steps as mentioned below:
1. Open sandboxie and click on sandbox menu on the top
2. Now goto Default sandbox
3. Then click on run any program
4. Now select the file you wish to run in sandboxie and click open
 

Keyscrambler

Keyscrambler is one of the best protection against keyloggers that you can have, Keyscrambler is a small program which encrypts your typed keystrokes so even if the victim has installed a keylogger on your system, he or she will get encrypted keys. Keyscrambler currently supports Firefox, Internet explorer and other applications, however its premium version supports more than 160 applications.
Hope you liked my post! Pass the comments.
This is a guest post by Rafay baloch who is an 18 year Computer engineering student, Ethical hacker, Tech blogger and an Internet marketer, He blogs at his blog Learn How to Hack and he is the writer of the book “A Beginners Guide To Ethical Hacking
[ Read More ]

Hack Facebook Password – Facebook Hacking

Posted by Priyan Fernando - - 0 comments

How to get face book Hack






 Wondering to know how to hack Facebook password? Well, before you can do that, it is very much necessary to understand the real ways of hacking that actually work and also those that are simply scam and do not work. So in this post, we’ll look at some of the possible ways to hack Facebook password!
Every day I get a lot of emails from people requesting me to hack Facebook passwords of their spouse, girlfriend or boyfriend so as to reveal their secret relationships (if any). Most of them are even willing to pay for the service. However, I strongly deny any such requests since I do not provide any paid hacking service. But anyhow, I have decided to write down this post so that you can learn the tricks for yourself and implement everything at your own risk.
With my experience of over 7 years in the field of ethical hacking and security, all I can tell you is that there are only two ways to successfully hack Facebook password.

Possible Ways to Hack Facebook Password


1. Keylogging – The Easiest Way!

Keylogging refers to simply recording each and every keystroke that is  typed on a specific computer’s keyboard. This is possible with the use of a small computer program called keylogger (also known as spy software). Once installed, this program will automatically load from the start-up, runs in the invisible mode and start capturing each and every keystroke that was typed on the computer. 
Some keyloggers with advanced features can also capture screenshots and monitor every activity of the computer. One doesn’t need to have any special knowledge in order to install and use a keylogger. That means, anyone with a basic knowledge of computer can install and use this software with ease. Hence for a novice computer user this method is the easiest way to hack Facebook password. I recommend the following keylogger as the best for gaining access to Facebook account.
Easily Access any Email
SniperSpy (TESTED) is a revolutionary product that will allow you to easily access *ANY* online account or password protected material such as MySpace, Facebook, Yahoo, Gmail or Hotmail. There are absolutely *NO* limitations to what accounts or websites this software can access!
Why SniperSpy is the best?
Today there exists hundreds of keyloggers on the market but most of them are no more than a crap. However, there are only a few that stand out of the crowd and SniperSpy is the best among them. I personally like SniperSpy for it’s REMOTE INSTALLATION FEATURE. With this, you can install it on a remote computer without the need for having physical access to it. It operates in a complete stealth mode so that it remains undetected.
Here is a summary of benefits that you will receive with Sniperspy software:
1. Access ANY Password
With SniperSpy you can hack any password and gain access to Facebook or any other online account.
2. Monitor Every Activity
You can monitor every activity of the target computer, take screenshots and record chats & IM conversations.
3. Never Get Caught!
SniperSpy operates in a total stealth mode and thus remains undetectable. Therefore you need not have the fear of being traced or getting caught.
4. Remote Installation Feature
With the Remote Install feature, it is possible to install it even on computers for which you do not have physical access. However, it can also be installed on a local computer.
5. Extremely Easy to Use
Installing and using SniperSpy is simple and needs no extra skill to manage.
6. Completely Safe to Use
This software is 100% safe to use since it does not collect any personal information from your computer. SniperSpy is a reputed, trustworthy and reliable company which offers 100% privacy for it’s users.
7. Works on both Windows and Mac
Fully compatible with Windows 2000/XP/Vista/7 and Mac.
So what are you waiting for? If you are really serious to hack Facebook password then SniperSpy is for you. Go grab it now and expose the truth!

2. Phishing – The Difficult Way

The other common way to hack passwords or online accounts is via Phishing. This is the most widely used technique by many hackers to gain access to Facebook and other social networking websites. This method will make use of a fake login page (often called as spoofeed webpage) which will exactly resemble the original one. Say for example, a spoofed webpage of Facebook looks exactly same as that of the original page. This page is actually created by the hacker and is hosted on his own server. Once the victim enters his/her password in such a fake login page, the login details are stolen away by the hacker.
Most Internet users would easily fall prey to such online phishing scams. Thus phishing scams trick users in such a way that, they themselves give away their passwords. But phishing requires specialized knowledge and high level skills to implement. Hence it would not be possible for a noob user (perhaps like you) to attempt this trick. It is a punishable offense too. So, I would recommend that you stay away from phishing and make use of the keyloggers to hack Facebook password since it is the easiest and the safest way.

Facebook Hacking Methods that Do Not Work! 


Today, there are hundreds of scam websites out there that are waiting to rip off your pockets by making false promises. These websites claim to be the experts in the field of hacking and boast to instantly obtain any password for you. Most people fall victim to these websites and lose their hard earned money. Thus the idea behind this post is to expose the truth behind hacking the Facebook (or any email password) so that you can learn how to do it for yourself and stay away from all those scam websites. The following are some of the hacking methods that actually do not work:
1. Many scam websites claim to exploit a certain vulnerability of Facebook website as a means to crack the password. Unfortunately, there is no such vulnerability in Facebook (or any other online account) that can be exploited to crack the password. I advise you to stay away from such scam websites.
2. There is no ready-made software program that is available to hack Facebook password except the keylogger (spy software). In fact, keyloggers are pretty generic and meant to record the keystrokes of a computer which obviously includes the password also. Keep in mind that apart from the keylogger, there is no such program that is specifically designed to gain access to Facebook accounts. Stay away from any website that claim to sell such program.
3. Beware! On many websites and Internet forums you will often see fake articles about Facebook hacking. Most of them will tell you something like this: “you need to send an email to passwordretrieve@facebook.com along with your username and password” (or something similar). Never give away your password to anyone nor send it to any email address. If you do so, you will lose your password itself in attempt to hack somebody else’s password.
I hope this post will help you avoid scams and choose the right approach to accomplish your goal.
[ Read More ]

what is trojan virus?

Posted by Priyan Fernando - - 0 comments

In computers, a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus.


The term comes from Greek mythology about the Trojan War, as told in the Aeneid by Virgil and mentioned in the Odyssey by Homer. According to legend, the Greek



presented the citizens of Troy with a large wooden horse in which they had ecretly hidden their warriors. During the night, the warriors emerged from the wooden horse and overran the city.


The most important difference between a trojan virus/trojan horse and a virus is that trojans don’t spread themselves. Trojan horses disguise themselves as valuable and useful software available for download on the internet. Most people are fooled by this ploy and end up dowloading the virus disguised as some other application. The name comes from the mythical “Trojan Horse” that the Ancient Greeks set upon the city of Troy.
A trojan horse is typically separated into two parts – a server and a client. It’s the client that is cleverly disguised as significant software and positioned in peer-to-peer file sharing networks, or unauthorized download websites. Once the client Trojan executes on your computer, the attacker, i.e. the person running the server, has a high level of control over your computer, which can lead to destructive effects depending on the attacker’s purpose.
Trojan Virus Trojan Virus
A trojan horse virus can spread in a number of ways. The most common means of infection is through email attachments. The developer of the virus usually uses various spamming techniques in order to distribute the virus to unsuspecting users. Another method used by malware developers to spread their trojan horse viruses is via chat software such as Yahoo Messenger and Skype. Another method used by this virus in order to infect other machines is through sending copies of itself to the people in the address book of a user whose computer has already been infected by the virus.

Types of Trojan Horse Viruses

Trojan Horses have developed to a remarkable level of cleverness, which makes each one radically different from each other. For an inclusive understanding, we have classified them into the following:
Remote Access Trojans
Remote Access Trojans are the most frequently available trojans. These give an attacker absolute control over the victim’s computers. The attacker can go through the files and access any personal information about the user that may be stored in the files, such as credit card numbers, passwords, and vital financial documents.
Password Sending Trojans
The intention of a Password Sending Trojan is to copy all the cached passwords and look for other passwords as you key them into your computer, and send them to particular email addresses. These actions are performed without the awareness of the users. Passwords for restricted websites, messaging services, FTP services and email services come under direct threat with this kind of trojan.
Key Loggers
Key Loggers type of Trojans logs victims’ keystrokes and then send the log files to the attacker. It then searches for passwords or other sensitive data in the log files. Most of the Key Loggers come with two functions, such as online and offline recording. Of course, they can be configured to send the log file to a specific email address on a daily basis.
Destructive Trojans
The only purpose of Destructive Trojans is to destroy and delete files from the victims’ computers. They can automatically delete all the core system files of the computer. The destructive trojan could be controlled by the attacker or could be programmed to strike like a logic bomb, starting on a particular day or at specific time.
Denial of Service (DoS) Attack Trojans
The core design intention behind Denial of Service (DoS) Attack Trojan is to produce a lot of internet traffic on the victim’s computer or server, to the point that the Internet connection becomes too congested to let anyone visit a website or download something. An additional variation of DoS Trojan is the Mail-Bomb Trojan, whose key plan is to infect as many computers as possible, concurrently attacking numerous email addresses with haphazard subjects and contents that cannot be filtered.
Proxy/Wingate Trojans
Proxy/Wingate Trojans convert the victim’s computer into a Proxy/Wingate server. That way, the infected computer is accessible to the entire globe to be used for anonymous access to a variety of unsafe Internet services. The attacker can register domains or access pornographic websites with stolen credit cards or do related illegal activities without being traced.
FTP Trojans
FTP Trojans are possibly the most simple, and are outdated. The only action they perform is, open a port numbered 21 – the port for FTP transfers – and let anyone connect to your computer via FTP protocol. Advance versions are password-protected, so only the attacker can connect to your computer.
Software Detection Killers
Software Detection Killers kill popular antivirus/firewall programs that guard your computer to give the attacker access to the victim’s machine.
FTP Trojans
Note: A Trojan could have any one or a combination of the above mentioned functionalities. Some might also come on USB drives, usually as “Autorun.inf” viruses.
The best way to prevent a Trojan Horse Virus from entering and infecting your computer is to never open email attachments or files that have been sent by unknown senders. However, not all files we can receive are guaranteed to be virus-free. With this, a good way of protecting your PC against malicious programs such as this harmful application is to install and update an antivirus program.
[ Read More ]