We are dedicated to provide you most of the informations,tips and tricks on Ethical Hacking and Cyber Security that we will gain from various sources.
The motive behind this section is to provide you all with above mentioned things at one place i.e. at Youth Talent Auzzar.
Our main focus will be at :
1. Ethical Hacking Basics.
2. Hacking News.
3. Security Tips and Tricks.
4. Tutorials.
5. Tools.
---Our studies regarding this section is in continuation, the more we will learn the more we will passionate to share them with all of you. If any one of you have idea on related topic in this section and wish to share them, you are most welcome.---
=============================================================================================================
Hacking News :
Hacking News :
270 government websites hacked in this year till July
INTERESTING FACTS ABOUT ETHICAL HACKING
Ethical hacking enjoys great popularity in the world these days. The notion ethical hacking refers to the usage of programming skills in order to determine vulnerabilities of computer system. Ethical hacking is essentially different from non-ethical hacking in the causes for this penetration. The reasons for non-ethical hacking is mischief, personal gain etc. Meanwhile, the reasons of ethical hacking are evaluation of security system, introduction of changes to the available system with the objective to make computer system less likely to be attacked by non-ethical hackers.
So actually, ethical hacking represents an attack to the security system by a computer and network professional on behalf of its owner. High-Tech Bridge SA is the major Ethical Hacking organization that is founded in the city of Geneva, Switzerland. During short time High-Tech Bridge SA has reached impressive results on the market of IT technologies. Nowadays the company increases equity capital to CHF 2m and announces expansion both on Swiss and International IT Security markets. The target of the High-Tech Bridge SA is explained by Chief Executive Officer Mr. Ilia Kolochenko. According to him, the company's current plan is to accomplish acquisitions during the nearest three years so as to increase the organization's market share, as well as to invest CHF 1m in the company's Security Research laboratory with the objective to create a unique in-house knowledge base.
The Head of Ethical Hacking Department Mr. Frederic Bourla emphasized that the year of 2010 was a significant step in the technological development of the organization. During this year the personnel of Security Research lab was significantly increased, and new penetrating technologies and suitable ways of protection were created. The most popular service of High-Tech Bridge company is now different kinds of penetration tests with application of a unique know-how of the company. The organization also contributes to the social sphere by publishing some secutity advisories for software sellers. The peculiarity of High-Tech Bridge company is that they don't have reselling partnerships and remain absolutely neutral, in this way becoming an ideal security auditor.
09-11-2011
Here we are providing a book of A Great Indian Hacker called Rahul Tyagi....
here is some description about Rahul tyagi ..
Rahul Tyagi is a sovereign Computer Security Consultant and has state-of-the-art familiarity in the field of computer. Tyagi is however, more well recognized for his ETHICAL HACKING website www.ethicalhacking.do.am ranked 244th in the world by www.alexia.com ,and stood first in security websites by www.ucoz.com ,Over 45,000 visits has been incurred on his website and on the increase day by day. Rahul Tyagi a moment ago dialogued to many media channels to awake people from the threats and terror of hacking. He has conducted a number of seminars on hacking in a range of colleges and TV channels. Rahul Tyagi is at this time working as Brand Ambassador of TCIL-IT Chandigarh as Ethical Hacking Trainee and pursuing his studies in Computer Science with area in Masters in Computer Applications from Lovely Professional University.
download it and become a next Rahul tyagi ..all the best !
Book from Mr.Rahul Tyagi Download it from here.
What is a Hacker?
Brian Harvey
University of California, Berkeley
University of California, Berkeley
In one sense it's silly to argue about the ``true'' meaning of a word. A word means whatever people use it to mean. I am not the Academie Française; I can't forceNewsweek to use the word ``hacker'' according to my official definition.
Still, understanding the etymological history of the word ``hacker'' may help in understanding the current social situation.
The concept of hacking entered the computer culture at the Massachusetts Institute of Technology in the 1960s. Popular opinion at MIT posited that there are two kinds of students, tools and hackers. A ``tool'' is someone who attends class regularly, is always to be found in the library when no class is meeting, and gets straight As. A ``hacker'' is the opposite: someone who never goes to class, who in fact sleeps all day, and who spends the night pursuing recreational activities rather than studying. There was thought to be no middle ground.
What does this have to do with computers? Originally, nothing. But there are standards for success as a hacker, just as grades form a standard for success as a tool. The true hacker can't just sit around all night; he must pursue some hobby with dedication and flair. It can be telephones, or railroads (model, real, or both), or science fiction fandom, or ham radio, or broadcast radio. It can be more than one of these. Or it can be computers. [In 1986, the word ``hacker'' is generally used among MIT students to refer not to computer hackers but to building hackers, people who explore roofs and tunnels where they're not supposed to be.]
A ``computer hacker,'' then, is someone who lives and breathes computers, who knows all about computers, who can get a computer to do anything. Equally important, though, is the hacker's attitude. Computer programming must be a hobby, something done for fun, not out of a sense of duty or for the money. (It's okay to make money, but that can't be the reason for hacking.)
A hacker is an aesthete.
There are specialties within computer hacking. An algorithm hacker knows all about the best algorithm for any problem. A system hacker knows about designing and maintaining operating systems. And a ``password hacker'' knows how to find out someone else's password. That's what Newsweek should be calling them.
Someone who sets out to crack the security of a system for financial gain is not a hacker at all. It's not that a hacker can't be a thief, but a hacker can't be aprofessional thief. A hacker must be fundamentally an amateur, even though hackers can get paid for their expertise. A password hacker whose primary interest is in learning how the system works doesn't therefore necessarily refrain from stealing information or services, but someone whose primary interest is in stealing isn't a hacker. It's a matter of emphasis.
Ethics and Aesthetics
Throughout most of the history of the human race, right and wrong were relatively easy concepts. Each person was born into a particular social role, in a particular society, and what to do in any situation was part of the traditional meaning of the role. This social destiny was backed up by the authority of church or state.
This simple view of ethics was destroyed about 200 years ago, most notably by Immanuel Kant (1724-1804). Kant is in many ways the inventor of the 20th Century. He rejected the ethical force of tradition, and created the modern idea of autonomy. Along with this radical idea, he introduced the centrality of rational thought as both the glory and the obligation of human beings. There is a paradox in Kant: Each person makes free, autonomous choices, unfettered by outside authority, and yet each person is compelled by the demands of rationality to accept Kant's ethical principle, the Categorical Imperative. This principle is based on the idea that what is ethical for an individual must be generalizable to everyone.
Modern cognitive psychology is based on Kant's ideas. Central to the functioning of the mind, most people now believe, is information processing and rational argument. Even emotions, for many psychologists, are a kind of theorem based on reasoning from data. Kohlberg's theory of moral development interprets moral weakness as cognitive weakness, the inability to understand sophisticated moral reasoning, rather than as a failure of will. Disputed questions of ethics, like abortion, are debated as if they were questions of fact, subject to rational proof.
Since Kant, many philosophers have refined his work, and many others have disagreed with it. For our purpose, understanding what a hacker is, we must consider one of the latter, Sören Kierkegaard (1813-1855). A Christian who hated the established churches, Kierkegaard accepted Kant's radical idea of personal autonomy. But he rejected Kant's conclusion that a rational person is necessarily compelled to follow ethical principles. In the book Either-Or he presents a dialogue between two people. One of them accepts Kant's ethical point of view. The other takes an aesthetic point of view: what's important in life is immediate experience.
The choice between the ethical and the aesthetic is not the choice between good and evil, it is the choice whether or not to choose in terms of good and evil. At the heart of the aesthetic way of life, as Kierkegaard characterises it, is the attempt to lose the self in the immediacy of present experience. The paradigm of aesthetic expression is the romantic lover who is immersed in his own passion. By contrast the paradigm of the ethical is marriage, a state of commitment and obligation through time, in which the present is bound by the past and to the future. Each of the two ways of life is informed by different concepts, incompatible attitudes, rival premises. [MacIntyre, p. 39]
Kierkegaard's point is that no rational argument can convince us to follow the ethical path. That decision is a radically free choice. He is not, himself, neutral about it; he wants us to choose the ethical. But he wants us to understand that we do have a real choice to make. The basis of his own choice, of course, was Christian faith. That's why he sees a need for religious conviction even in the post-Kantian world. But the ethical choice can also be based on a secular humanist faith.
A lesson on the history of philosophy may seem out of place in a position paper by a computer scientist about a pragmatic problem. But Kierkegaard, who lived a century before the electronic computer, gave us the most profound understanding of what a hacker is. A hacker is an aesthete.
The life of a true hacker is episodic, rather than planned. Hackers create ``hacks.'' A hack can be anything from a practical joke to a brilliant new computer program. (VisiCalc was a great hack. Its imitators are not hacks.) But whatever it is, a good hack must be aesthetically perfect. If it's a joke, it must be a complete one. If you decide to turn someone's dorm room upside-down, it's not enough to epoxy the furniture to the ceiling. You must also epoxy the pieces of paper to the desk.
Steven Levy, in the book Hackers, talks at length about what he calls the ``hacker ethic.'' This phrase is very misleading. What he has discovered is the Hacker Aesthetic, the standards for art criticism of hacks. For example, when Richard Stallman says that information should be given out freely, his opinion is not based on a notion of property as theft, which (right or wrong) would be an ethical position. His argument is that keeping information secret is inefficient; it leads to unaesthetic duplication of effort.
The original hackers at MIT-AI were mostly undergraduates, in their late teens or early twenties. The aesthetic viewpoint is quite appropriate to people of that age. An epic tale of passionate love between 20-year-olds can be very moving. A tale of passionate love between 40-year-olds is more likely to be comic. To embrace the aesthetic life is not to embrace evil; hackers need not be enemies of society. They are young and immature, and should be protected for their own sake as well as ours.
In practical terms, the problem of providing moral education to hackers is the same as the problem of moral education in general. Real people are not wholly ethical or wholly aesthetic; they shift from one viewpoint to another. (They may not recognize the shifts. That's why Levy says ``ethic'' when talking about an aesthetic.) Some tasks in moral education are to raise the self-awareness of the young, to encourage their developing ethical viewpoint, and to point out gently and lovingly the situations in which their aesthetic impulses work against their ethical standards.
Reference
MacIntyre, Alasdair. After Virtue. Notre Dame, Indiana: University of Notre Dame Press, 1981.
Note: This is an appendix to "Computer Hacking and Ethics," a position paper I wrote for the ACM Select Panel on Hacking in 1985.
www.cs.berkeley.edu/~bh
LiNuX
04/11/2011
What is it?
Linux is a free, open-source, UNIX-like operating system. As you continue to learn how to hack, you will realize how important it is to learn how to use the Linux operating system. Need some convincing? Here are a couple facts:
1. Millions of servers on the internet run on the Linux operating system. You must learn the operating system to be able to penetrate these web servers.
2. Some of the best hacking programs only run on Linux.
Choosing a distribution
A Linux distribution is the Linux kernel (- central component of an operating system.) plus a collection of applications. If you are a beginner to Linux, I would suggest starting with Ubuntu as your first Linux distribution. It is simple to install and very user friendly. To see a full list of the most popular distributions can go to http://distrowatch.com .
Running Linux
There are many ways to get Linux up and running. Most specially I will show you how to use linux by virtual machine box…
Live CD
Live CD’s are usually used to test and play around with a Linux distribution. With a Live CD, you do not have to install the OS(operating system) onto your hard drive because it runs off the disc on boot. Because it is running off a disc, you won’t be able to permanently modify any system files. Everything you do will be stored temporarily in your RAM.
Wubi
Wubi is my favorite option. With the Wubi installer you can install and uninstall Ubuntu as any other Windows application. You can use the Live CD version to install Wubi if you followed the steps above and downloaded it. Or you can download the full 5 gigabyte version fromhttp://wubi-installer.org/ .
VirtualBox
This is by far my favorite way to run any Linux distribution if I just want to try it out. With VirtualBox you can run Linux within a Windows or Mac computer.
1. First download VirtualBox athttp://www.virtualbox.org/wiki/Downloads .
2. Install it.
3. Open it up and click New on the top.
4. Hit Next.
5. Name it and choose Ubuntu from the drop-down list.
6. Choose the amount of RAM you would like to dedicate to running Linux. Choose about ¼ to ½ of your total RAM. I have 4 gigs of RAM, so I chose 512 MB.
7. choose virtualbox disk image and hit enter.
8. Here we choose whether we would like to create a dynamic or fixed hard disk image. If you have lots of space on your hard disk, I would go with a dynamic image so if you choose to download lots of programs it won’t be a problem. If you have limited drive space, you should go with a fixed-size image so that you don’t have to worry about going over too much.
9. Choose the amount of gigabytes you would like to dedicate to running Linux. I would go with 4 GB at the least.
10. Simply hit Finish.
11. to select the isoimage file go to settings and then storage as in figure.
12. You’re almost done! Hit ok. And then press start and enjoy LiNuX(ubuntu).
if you like this post then pass your comments ... :-)
The Ethical Hacker
04/11/2011
04/11/2011
The most common thought among general people about hackers is that hackers are computer criminals or corrupt personals.But they fail to recognise the fact that criminals and hackers in comparison are totally two different bank of the same river(in sense related to cyber world).Actually its not the fault of the common people but in major way Media is responsible for this. Hackers in reality are actually good and extremely intelligent people who by using their knowledge in a constructive manner help organisations, companies, goverment, etc. to secure documents and secret information on the internet.
Most of the time, certain things are misunderstood in this world and so is the case of our hackers.Hope you understand what is the message of this post.
How to use Google for Hacking???
01/11/2011
Google serves almost 80 percent of all search queries on the Internet, proving itself as the most popular search engine. However Google makes it possible to reach not only the publicly available information resources, but also gives access to some of the most confidential information that should never have been revealed. In this post I will show how to use Google for exploiting security vulnerabilities within websites. The following are some of the hacks that can be accomplished using Google.
1. Hacking Security Cameras
There exists many security cameras used for monitoring places like parking lots, college campus, road traffic etc. which can be hacked using Google so that you can view the images captured by those cameras in real time. All you have to do is use the following search query in Google. Type in Google search box exactly as follows and hit enter
inurl:”viewerframe?mode=motion”
Click on any of the search results (Top 5 recommended) and you will gain access to the live camera which has full controls. You will see something as follows
As you can see in the above screenshot, you now have access to the Live cameras which work in real-time. You can also move the cameras in all the four directions, perform actions such as zoom in and zoom out. This camera has really a less refresh rate. But there are other search queries through which you can gain access to other cameras which have faster refresh rates. So to access them just use the following search query.
intitle:”Live View / – AXIS”
Click on any of the search results to access a different set of live cameras. Thus you have hacked Security Cameras using Google.
2. Hacking Personal and Confidential Documents
Using Google it is possible to gain access to an email repository containing CV of hundreds of people which were created when applying for their jobs. The documents containing their Address, Phone, DOB, Education, Work experience etc. can be found just in seconds.
intitle:”curriculum vitae” “phone * * *” “address *” “e-mail”
You can gain access to a list of .xls (excel documents) which contain contact details including email addresses of large group of people. To do so type the following search query and hit enter.
filetype:xls inurl:”email.xls”
Also it’s possible to gain access to documents potentially containing information on bank accounts, financial summaries and credit card numbers using the following search query
intitle:index.of finances.xls
3. Hacking Google to gain access to Free Stuffs
Ever wondered how to hack Google for free music or ebooks. Well here is a way to do that. To download free music just enter the following query on google search box and hit enter.
“?intitle:index.of?mp3 eminem“
Now you’ll gain access to the whole index of eminem album where in you can download the songs of your choice. Instead of eminem you can subtitute the name of your favorite album. To search for the ebooks all you have to do is replace “eminem” with your favorite book name. Also replace “mp3″ with “pdf” or “zip” or “rar”.
I hope you enjoy this post. Pass your comments.
Cheers!
Wanna become Ethical Hacker ???
30/10/2011
If you are looking to become a cool Ethical Hacker then we are going to help you as much as we can. Fiirst to become an Ethical Hacker following terms should LOAD in your mind ;)
- Know about the pros and cons ! of different types of hackers, such as White Hat, Grey Hat and Black Hat hackers.
- Seek out job opportunities for ethical hackers. There are lucrative jobs available in government organizations, banks, financial institutions, military establishments and private companies.(don't worry about job actually :P)
- Analyze the basic requirements to become an ethical hacker. Try to find out the areas where will you need to work really hard.
- Decide the area where you would prefer to work primarily with hardware or software. Do not think of specializing in both the areas. Though knowledge of both is required but the decision will help you to know where to begin. You must be aware of every function, every component of computer on which you will have to work on.
- Evaluate your strengths and interests and gain some programming knowledge such as C, or Java. These programming languages can be learned by taking formal programming courses and reading books. It will help you to read and write code.
- Learn the UNIX operating system as it is regarded as the original operating system built by hackers. Also learn about Windows and Mac OS.
- Take a professional course. There are a wide variety of courses available for IT security professionals in "Ethical Hacking” or “Internet Security” which would help you to expand your knowledge in ethical hacking.
- Do the experiments on your own to know the actual happening of a situation.
- Start experimenting with hardware and software to learn how to take control of the situations and how to prevent a computer from getting hacked.
- Read on your own to know what are the areas where you need to improve and what need to be learned to refine your focus. Technology changes rapidly, and a good ethical hacker must be willing and eager to keep up with the new technological developments.
- Get certified as it would help you to succeed in the vanguard of your profession.
- Stay connected to the hacker community by sharing technical information and ideas.
Thank you
Admin
Why is Cyber Security a Problem?
30/10/2011
You've heard the news stories about credit card numbers being stolen and email viruses spreading. Maybe you've even been a victim yourself. One of the best defenses is understanding the risks, what some of the basic terms mean, and what you can do to protect yourself against them.
What is cyber security?
It seems that everything relies on computers and the internet now — communication (email, cellphones), entertainment (digital cable, mp3s), transportation (car engine systems, airplane navigation), shopping (online stores, credit cards), medicine (equipment, medical records), and the list goes on. How much of your daily life relies on computers? How much of your personal information is stored either on your own computer or on someone else's system?Cyber security involves protecting that information by preventing, detecting, and responding to attacks.What are the risks?
There are many risks, some more serious than others. Among these dangers are viruses erasing your entire system, someone breaking into your system and altering files, someone using your computer to attack others, or someone stealing your credit card information and making unauthorized purchases. Unfortunately, there's no 100% guarantee that even with the best precautions some of these things won't happen to you, but there are steps you can take to minimize the chances.What can you do?
The first step in protecting yourself is to recognize the risks and become familiar with some of the terminology associated with them.- Hacker, attacker, or intruder - These terms are applied to the people who seek to exploit weaknesses in software and computer systems for their own gain. Although their intentions are sometimes fairly benign and motivated solely by curiosity, their actions are typically in violation of the intended use of the systems they are exploiting. The results can range from mere mischief (creating a virus with no intentionally negative impact) to malicious activity (stealing or altering information).
- Malicious code - Malicious code, sometimes called malware, is a broad category that includes any code that could be used to attack your computer. Malicious code can have the following characteristics:
- It might require you to actually do something before it infects your computer. This action could be opening an email attachment or going to a particular web page.
- Some forms propagate without user intervention and typically start by exploiting a software vulnerability. Once the victim computer has been infected, the malicious code will attempt to find and infect other computers. This code can also propagate via email, websites, or network-based software.
- Some malicious code claims to be one thing while in fact doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending confidential information to a remote intruder.
- Vulnerability - In most cases, vulnerabilities are caused by programming errors in software. Attackers might be able to take advantage of these errors to infect your computer, so it is important to apply updates or patches that address known vulnerabilities.
Ethical hacking, often performed by white hats or skilled computer experts, is the use of programming skills to determine vulnerabilities in computer systems. While the non-ethicalhacker or black hat exploits these vulnerabilities for mischief, personal gain or other reasons, the ethical hacker evaluates them, points them out, and may suggest changes to systems that make them less likely to be penetrated by black hats. White hats can work in a variety of ways. Many companies utilize ethical hacking services from consultants or full-time employees to keep their systems and information as secure as possible.
The work of ethical hacking is still considered hacking because it uses knowledge of computer systems in an attempt to in some way penetrate them or crash them. This work isethical because it is performed to increase the safety of the computer systems. It’s reasoned that if a white hat can somehow break the security protocols of a system, so can a black hat. Thus, the goal of ethical hacking is to determine how to break in or create mischief with the present programs running, but only at the request of the company that owns the system and specifically to prevent others from attacking it.
People enter the field of ethical hacking in a variety of ways. Many people are very computer savvy and many, but not all, have an educational background in computer science. In some instances, the white hat has gained his or her experience by first being a black hat.
If black hat hacking was at a sufficiently criminal level, the black hat turned white hat may have served jail time before resuming a career in a more productive and positive way as anethical hacker. The computer world is peopled with former black hats, who now hold ethicalhacking jobs. Conversely, some white hats, such as Steve Wozniak, never committed any illegal acts, but simply possess the know-how and skills to analyze problems with any computer system.
With increasing use of the Internet and concerns about its security, especially when it comes to things like consumer information or private medical details, there is considerable need for computer experts to work in ethical hacking. Even sites owned by organizations like the US government have been hacked in the past, and concern about information theft remains incredibly high. Designing impenetrable systems or identifying the current weaknesses of a system are vital parts of keeping the Internet safe and information private, and even with the present legion of ethical hackers that perform this work, there is still more work to do.
Those with interest in the field of ethical hacking often acquire a lot of their skills on their own, and many have particular talent with and affinity for computers. Some knowledge can also be acquired through formal education in computer programming. This work requires creativity, and the ethical hacker must be able to think outside of the box, coming up with as many possible ways as he or she can derive, a system might be encroached upon by black hats.
They are "ethical hackers," computer security experts hired by companies hoping to avoid costly holes in their information networks. While the term "ethical hacker" has been in use at least since the 1980s, it has only been a job description since the mid-to-late 1990s -- and it seems to be an increasingly common one at the moment, as computer security becomes a booming business. Research firm IDC, of Framingham, Mass., estimates worldwide computer security revenues will expand from $19 billion in 2002 to $45 billion in 2007.
That means more opportunities for ethical hackers, especially at major industry players. Take Joshua Lackey, a senior ethical hacker at IBM, who is based in Tucson, Ariz., and can sum up his job in one crisp sentence: "We'll go out and break into your computers."
Like many people in the field, Lackey had a personal interest in the subject before it became his profession.
"I've always been interested in security, always had that bent of mind," says Lackey, who joined IBM in 1999, as he was finishing his Ph.D. in mathematics at the University of Oregon.
"I think the one thing we have in common is that there is a little different approach when you're a security guy," says Lackey. "Somehow breaking things is a little more ingrained than getting things to work."Not that there is one dominant career path for ethical hackers, though; one of Lackey's IBM colleagues is a former CIA agent.
Authorized to Hack
In the world of technology, breaking things, or at least attempting to do so, is also an integral part of getting them to work. Many contracts IBM inks with large clients require a security audit, involving an authorized visit to the firm by a team of hackers using agreed-upon "rules of engagement." For what Lackey calls a "premium hack," an IBM team might take two weeks to do the job.
In the last few years, the surge in use of wireless computer networks has been a particular focus for Lackey and some of his IBM colleagues. Traditional wired local area networks, of the kind probably used in your office, are essentially limited to the computers hooked up to the network. Local wireless networks revolve around access points computers can detect on their own. But since wireless network capabilities are now frequently built into computers, even machines sitting in offices may seek out access points. Lackey and his colleagues will often take access points -- which can be bought in stores -- and set up shop in the parking lot outside a client's headquarters to see how quickly they can penetrate a company's information system.
Employees who telecommute or use a laptop computer at a public wireless access point -- in an airport, coffee shop or another location -- can also put valuable company information at risk. Given the existence of an access point, skilled hackers can monitor the flow of packets of information being sent over wireless networks, and, if a computer is not using encryption technology, potentially view the actual data being sent as well.
"When you're on a wireless network," says Lackey, "you should just sort of assume that everyone around you, given the will and the technical ability, could look at your packets.
VERY NICE POST........
ReplyDelete