Wednesday, April 09, 2014
SECURITY TIPS AND COUNTERMEASURES AGAINST MOST OF THE HACKING TECHNIQUES [DIGI]
SECURITY TIPS AND COUNTERMEASURES AGAINST MOST OF THE HACKING TECHNIQUES
Hello friends, Well as you all know that this page is for Ethical hacking purpose too and most of our viewers are also good CEH
But If any one hurts someone by hacking them for their enjoyment and to show their power , then it totally **WRONG**
| HACKERS ALWAYS KEEP AN EYE ON YOU (VICTIM) |
Well My this post is for those who are not aware of hacking and sometime get trapped in hacking..,
Today I will give some Security Tips against various hacking techniques by which you can protect your self from bad -black hats....
Password Hacking
- Guessing the password
To avoid password guessing attack do not keep your password such as your date of
birth, your fathers name etc.
- Guessing the Secret answer
Don’t keep your secret answer too simple.
For example if your secret question is
“What's your Mother's birth place?” Now if the has some information about you
he can easily guess it. I recommend you keep the your secret answer as complicated
as possible.
- Social Engineering
Social Engineering attacks are really difficult to avoid, but however there are several
methods to avoid it.
1. Never give your password or your personal information to any company
representative unless and until your are sure about his/her identity.
2. Employees from companies from like Google , youtube, Hotmail etc will never ask
for your password.
3. Never assume that Phone call which appears to come from an organization is
original
4. If you are unsure that Email is original verify it by contacting the company.
- Phishing
Almost 80% of email accounts are hacked by this method the below steps
will help you to successfully avoid being victim of Phishing attack.
1. If you are an Internet explorer use I recommend you to use a Phishing filter it will
alert you every time you come across a Fake login page or Phisher site.
2. If you are a firefox user I recommend you using a firefox addon Secure login
What secure login does is it automatically skips the fake pages and hence securing
you from all kinds of Phishing Attacks.
3. Remember If on a secure page, look for “https” at the beginning of the URL and
the padlock icon in the browser.
4. Sites like paypal, Alertpay, Money Bookers will always call you with name instead
of “Dear Paypal user”, “Dear Valued customer” or other names like that.
Here are a few phrases to look for if you think an e-mail message is a phishing scam
1. Verify or update your account.
2. You have won a lottery.
3. If you don’t respond or update your information your account will be
closed in 24 hours.
- Link Manipulation
To avoid being a victim of a Link manipulation attack always check the url of the
page before logging.
For example if you are logging into a Facebook account firstly check the url of the
phisher site may look like www.facebok.com or www.facebuk.com or something
like that.
Alternatively you can use Phishing filter or Secure logging to protect your
self from a Link manipulation attack.
- Desktop Phishing
To protect your self from being a victim of Desktop Phishing I recommend you using
the a program called Macros.
As you know that In desktop Phishing the hackers
replace your Windows/System32/drivers/etc/hosts
What Macros does is it protects your host files, which prevents the desktop
phishing attack.
Tab Nabbing
The easiest way to avoid a tabnabbing attack is using firefox or chrome secure login and
Phishing filter.
Keylogging
Keylogging is a easy to avoid if you have a good antivirus program installed.
However some skilled hackers use some methods like Crypting, Hexing,
Filepumping etc to make it hard for antivirus programs to detect it.
So Antivirus alone
wont protect you from keylogging you need a good antispyware program such as
Spyware cease or Noadware. You can also use some anti logging programs such as
For Firefox users I recommend you using Keyscrambler.
Keyscrambler is a unique antilogging program which scrambles your keystrokes so
the attacker will get the wrong keystrokes.
Password Cracking
- Brute force and Rainbow tables
Brute force attacks and Rainbow tables attacks can be avoided by keeping a very long
and strong password. A strong password contains both lower case and upper case
alphabets also numbers and special characters.
However there is a website
www.strongpasswordgenerator.com which automatically generates a strong
password for you.
- Dictionary Attacks
In order to avoid a Dictionary attacks avoid keeping passwords which are already
present in dictionary such as immortal, cash, book etc.
Windows Hacking
- Netbios Hacking
To keep your computer safe from Netbios attacks make sure that File and Printer
sharing is disabled. In windows vista and latest versions the File and Printer sharing is disabled by
default, but in windows xp you need to disable it manually.
Follow the below steps to protect your computer from Netbios attacks:
1. Goto Start → Control panel → Network Connections
2. Double Click on the active connection
3. Click on Properties
4. Uncheck the “File and Printer sharing sharing for Microsoft
Networks” option.
Wireless(Wi-Fi) Hacking
- ARP Poisoning Attack
Arpon (Arp Handler Inspection) is a portable handler daemon which protects that
makes ARP secure to avoid ARP Poisoning attacks.
You also need to you a strong
firewall such as zonealaram and commodo I personally recommend you using
commodo firewall because it works best with ARP attacks by default ARP protection
is disabled in commodo firewall you need to enable it, to enable it:-
Click on Firewall at
the top bar and then
Click Advanced button at the left pane.
Go to Attack Detection Settings and
check “Protect the ARP Cache”
- Packet Sniffing
To prevent packet sniffing attack make sure that the sites important to you use SSL
Encryption. If SSL encryption is enabled the url will begin with https:// instead of
http://.
Website Hacking
- SQL Injection
SQL Injection occurs when your web form accept special characters.
The best way to
avoid SQL Injection attack is to disallow spaces and special characters.
- Cross Site Scripting
A Cross Site scripting attack can be prevented by following the steps below:-
1. Encode output based on input parameters.
2. Filter input parameters for special characters.
3. Filter output based on input parameters for special characters.
Remote File Inclusion
A Remote File Inclusion attack can be avoided by disabling register_globals and
allow_url_open in your sever php.ini file.
Local File Inclusion
Local File Inclusion attacks can be avoided by good coding practices and also by
disallowing any scripts to be uploaded on your server.
DDOS Attacks
Its truly very difficult to avoid a DDOS attacks web giants like Google , Yahoo and
Twitter have also been the victim of this attack.
I suggest you to look for some
services which could help you fight with this attack.
Malware and Rats
The easiest way to avoid getting infected with Malware you need to install a good
Antivirus and a good firewou all.
For PC's with low configuration I recommend you
using Avira or AVG antivirus and for computers with high configuration I
recommend you using Avast , Norton, kaspersky or Mcafee Antivirus.
So Friends , Hope you liked this post and thank you for reading this
BE COOL
BE SAFE!!
BE SAFE!!
Subscribe to:
Post Comments (Atom)
0 Responses to “SECURITY TIPS AND COUNTERMEASURES AGAINST MOST OF THE HACKING TECHNIQUES [DIGI]”
Post a Comment