Saturday, September 20, 2008

BSNL Broadband - WiFi Disabling

Wifi is a great feature that is going to rule the future generations , WiFi gives us freedom from wires and cables making life easier . But as every thing has advantages and disadvantages even this technology has many disadvantges which can be misused like 

  1. Unauthorized acess to internet throught your account 
  2. Steal vital details from your system.
  3. System's can be hacked if left unprotected 
And many more problems are associated which i haven't listed . Well many people here in INDIA have broadband modem's which are Wi Fi enabled but hardly use them or they leave it open even when not in use .

Well I am using BSNL Broadband connection and recently disabled the WiFi (as currently i dont need it) after knowing its dangers .

Let me take you throught the procedure to disable WiFi connection .
  1. Go to administation site , BSNL administration site for you modem by default is 192.168.1.1  , well this may not work if you have choosen a dynamic IP address for your system .
  2. Go to Advanced Setup 
  3. Click the Wireless (WiFi ) section
  4. Un check the enable check box 
  5. Click the Save Button 
  6. Restart your computer
Well thats it your done , you have successfully disabled the WiFi connection . To make sure you have done so check whether the WLAN light doesn't glows any more .

Feel free to leave comments in case you face any problems ...................

Thursday, September 4, 2008

CHROME : Google's New Browser

Google Chrome has launched a new browser that is going to give tough competition to other browsers like Microsoft's Internet explorer , Mozilla Firefox , Opera , Safari and other browsers . This is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. Chrome is a open source browser which is going to over take all other browsers in no time . Chrome's browser window is streamlined , simple and too fast .Chrome is able to prevent one tab from crashing another tabs in the same window . It also provides improved protection from rogue sites. Google Chrome team also came up with a V8, a more powerful JavaScript engine, to power the next generation of web applications that aren't even possible in today's browsers.


Google Chrome contains many features that can be leveraged by webmasters to deliver a better end-user experience. Well this is just the beginning - Google Chrome is far from done , its still under BETA version. This beta version for Windows takes inputs and feedbacks from the user and comes up with new and improved version with each passing day .Google Chrome is working on building versions for Mac and Linux too, and they are expected to be even faster and more robust.


After knowing so much about Google's past track record and feedback from other chrome users , I decided to give it a try .Installation was simple and faster , in no time Googles Chrome was ready to be used. It has a clear and USER FRIENDLY interface with absence of cluttered buttons and bars on the top, thereby reducing the scrolling task.Other feature that fascinated me was home screen which itelligently stores most frequently visited websites and those sites open up just on a click. Most great news is its safe , secure and adware , malware free .

Well after using it for almost a week now , i would rate it as the best browser among all other browsers.

So go ahead and download you copy of GOOGLE'S CHROME browser.

Friday, August 1, 2008

Prevention from Session Hijacking

Session hijacking is a technique that involves intercepting a TCP session initiated between two machines in order to hijack it.The term session hijacking refers to the exploitation of a valid computer session .The Session's most important part is its session key . A exploiter or hacker usually exploits this session related data to gain unauthorized access to information or services in a computer system. This technique is used steal the cookies from a target system also called as a magic cookie , which is used to authenticate a user to a remote server. Sessions are of great importance to web developers, as the HTTP cookies used to maintain a session on most of the web sites . These cookies can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim's computer.


In this particular mode of hijacking the authentication check is performed only when the session is open, a hijacker who successfully launches this attack is able to take control of the connection throughout the duration of the session.If an attacker is able to steal the session cookie, he can pretend to be the same user, or hijack the session during its lifetime.

There are three primary techniques for hijacking sessions:

  • Brute Force - the attacker tries multiple IDs until successful.
  • Calculate - IDs are generated in a non-random manner and can be calculated.
  • Steal - using different types of techniques, the attacker can steal the Session ID.



Methods to prevent session hijacking: ( To be followed by Developers of Any Website)
  1. Regenerating the session id after a successful login. This prevents session fixation because the hacker/ attacker does not know the session id of the user after he has logged in.
  2. Use a long random number or string as the session key. This reduces the risk that an hacker/ attacker could guess a valid session key through trial and error or brute force attacks.
  3. Encryption of the data passed between the user and the web servers , specially the session key.
  4. A web server could check with each request made matches the IP address of the use from previous sessions.
  5. Can have services which change the value of the cookie with every request received.
  6. Prevent Eavesdropping within the network.
  7. Expire the session as soon as the use logs out .
  8. Reduce the life span of a session or a cookie.

Methods to prevent session hijacking: ( To be followed by USERS of Any Website)
  1. Do not click on the links forwarded to you through mails or IM's.
  2. Make sure you flush out cookies and session from your browser after every confidential and sensitive transactions.
  3. Do not simply close the browser , make sure that you click the log out button before closing the browser.
  4. Use Firewalls
  5. Restricts cookies to the maximum extend possible using the browser and firewall settings.
  6. Clear History and offline content for every few days.
  7. Prefer https rather than http for sensitive and confidential transactions.
  8. Make sure that the website is certified by the certifying authorities.

Feel free to write your comments and queries

Friday, June 27, 2008

Apple iPhone Specifications

Technical Specifications

Screen size
3.5 inches

Screen resolution
320 by 480 at 160 ppi

Input method
Multi-touch


Operating system
OS X


Storage
4GB or 8GB


GSM
Quad-band (MHz: 850, 900, 1800, 1900)


Wireless data
Wi-Fi (802.11b/g) + EDGE + Bluetooth 2.0


Camera
2.0 megapixels


Battery
Up to 5 hours Talk / Video / Browsing
Up to 16 hours Audio playback


Dimensions
4.5 x 2.4 x 0.46 inches / 115 x 61 x 11.6mm


Weight
4.8 ounces / 135 grams





Are you Apple iPhone user ????????? Do write your reviews

Computer Port

Most of the people assumes that port are present physical which needs to connected physically . Well ports are logical number assigned in a hardware , which is assigned a specific task. Ip Addresses are branched into ports, so that one ip address can be used by multiple programs to send and receive data at the same time. Ports make it possible for you to check your email and browse the web at the same time. This is possible because browsing the web uses port 80, and getting your email uses port number 110.

You can think of a port as a path for data. When a program is using a port to send or receive data, think of the port as blocked. Meaning that no other program can use a port when it is already in use by a program.In both TCP (Transmission Control Protocol) and UDP, each packet header will specify a source port and a destination port, each of which is a 16-bit unsigned integer (i. e. ranging from 0 to 65535), as well as specifying the source and destination network addresses (IP-numbers) among other things.

A process may "bind" to a particular port to send and receive data, meaning that it will listen for incoming packets whose destination port matches that port number, and/or send outgoing packets whose source port is set to that port number. Processes may also bind to multiple ports.

Do post your comments

Thursday, June 12, 2008

What is SSL ?

Secure Sockets Layer (SSL), are cryptographic protocols that provides secure communications on the Internet for web browsing, e-mail, Internet faxing, instant messaging(IM) and other data transfers.Specially those who run important part of their business on internet must be aware that the Internet is your gateway to millions of potential new customers. Moving your business online provides the convenience and accessibility your customers and partners demand, helping you to stand out from the competition.

As organizations provide more services and transactions online, security becomes a necessity. Customers need to be confident that sensitive information such as a credit / debit card number is going to a legitimate online business. Organizations need to keep customer information private and secure.

Do leave your comments ...........

Script Injection

As technology progresses hackers look for techniques to hack your servers . Most common technique is Script injection attack, which occur when a hacker takes a few lines of malicious programming code and enters it in to a form on your Website and then submits the form. If your Website is data driven then chances and you have forms on your Website. Hackers will often inject scripts in to your forms and try to do the following :


Mislead the system in to thinking they are a authorized or legitimate registered user
Try and modify your data on the data server
Try and generate reports from your database without your consent
Try and generate reports about your file structure or security



There are a million things a hacker can do if he can get access through script injection attacks. Most Web servers now combat this method of hacking automatically. Anything that looks like a script is rejected by the server and by default. Microsoft is dealing with it on the .NET framework.

So the most important thing to prevent script injection attacks:


1.Programming languages contain many characters and certain otherl keywords that are not conventional to the English language. For example, no one has a name that has the characters "*", or "%", or "@", or "!" or "<" or ">" in it. All of which are common place in all programming languages. These types of characters should be rejected by your forms whenever possible. This is the most simple way to tackle this problem.

2.Validate the data before submitting Eg: If you are asking the user for a name then make sure it does not contain numbers.

3.Limit the amount of characters a user can type in to each form.

4.Input encoding

5.Output encoding

Other type of injection is SQL injection , which will be discussed in the coming post

Feel free to add more information or comments using the comment feature present below

Thursday, February 7, 2008

SQL SERVER : INDEX

How do we Create INDEX in SQL SERVER ?

Indices are created in an existing table to locate rows more efficiently and quickly. It is possible to create an index on one or more columns of a table, and each index is given a name. The users cannot see the indexes, they are just used to speed up queries.

Why do we Create INDEX in SQL SERVER ?

Updating a table containing indexes takes more time than updating a table without, this is because the indexes also need an update. So, it is a good idea to create indexes only on columns that are often used for a search. Index are going to boost the performance when applied on large databases but you may not see much performance difference when applied on small databases.

What are various types of INDICES in SQL SERVER ?

  1. Unique Index
  2. Simple Index


How do we create UNIQUE INDEX ?

SYNTAX:
CREATE UNIQUE INDEX index_name
ON table_name (column_name)


A unique index means that two rows cannot have the same index value.


How do we create SIMPLE INDEX ?

SYNTAX:
CREATE INDEX index_name
ON table_name (column_name)


When the UNIQUE keyword is omitted, duplicate values are allowed.

Wednesday, January 9, 2008

What is IIS ?

The acronym IIS stands for Internet Information Services which can turn a computer into a Web server that can provide folowing services

  • World Wide Web publishing
  • File Transfer Protocol (also known as FTP)
  • Network News Transfer Protocol (also known as NNTP)
  • Simple Mail Transport Protocol (also known as SMTP)

You can use IIS to host and manage Web sites and other Internet content once you obtain an IP address, then register your domain on a DNS server, and configure your network .

The various versions of IIS are as follows as on 01/01/2008
  • IIS 1.0, Windows NT 3.51 available as a free add-on
  • IIS 2.0, Windows NT 4.0
  • IIS 3.0, Windows NT 4.0 Service Pack 3
  • IIS 4.0, Windows NT 4.0 Option Pack
  • IIS 5.0, Windows 2000
  • IIS 5.1, Windows XP Professional
  • IIS 6.0, Windows Server 2003 and Windows XP Professional x64 Edition
  • IIS 7.0, Windows Vista and Windows Server 2008

IIS 5.0 and higher versions support the following authentication mechanisms:
  1. Basic access authentication
  2. Digest access authentication
  3. Integrated Windows Authentication
  4. .NET Passport Authentication

Friday, January 4, 2008

RSS

RSS was developed by Dave Winer in the year 1997.It is an acronym for Really Simple Syndication which allows you to syndicate your site content. It provides an easy way to share and view of headlines and content .Moreover what u want to view, it can be personalized.RSS is a method that uses XML to distribute web content to other web sites.

Without RSS, users will have to check your favourite site daily for updates. This may be too time-consuming for many users. Many sites use RSS and many people are understanding its usefulness with each passing day.With the help RSS, information on the internet is becoming easily visible and web developers can spread their information more easily and swiftly to special interest groups.

Wednesday, January 2, 2008

Symbian Operating System

Symbian is an advanced operating system basically meant for mobile phones and other small hand held devices. It is designed for specific requirements of the latest 2.5G and 3G mobile phones. Symbian OS combines the power of an integrated applications environment with mobile telephony, bringing advanced data services to the mass market.

Latest version of Symbian OS as on 01/01/2008 is version 9.5, this latest evolution of Symbian OS, delivers over 70 new features for high-performance, more powerful smartphones at mass market costs. Many NOKIA and other leading mobile phone brands have symbian operating system in them.

In simpler terms , what windows does for your computer ; symbian does for your mobile phones.

Google's GTALK

Google Talk is Google's instant communications service. It very simple hence faster with almost no bugs. More over if you want to do voice chat , it gives better quality with almost no breaks when compared to yahoo messenger or msn messenger .
Important facts of Google Talk Client:

* Quick Download
* Make free PC-to-PC voice calls
* Send and receive voicemail
* Transfer unlimited files and folders
* Receive chat and email notifications
* Archive your chats in Gmail
* Cost: Free

Click here to Visit GTalk Website

It will take a few seconds over a broadband connection or about three minutes over a typical modem. Google Talk requires Windows Vista/XP/2000 with a minimum 56k connection speed