How to Detect Anonymous IP Addresses

Detect-ProxyAs the fraudsters are now becoming more sophisticated in bypassing the Geo-location controls by using proxies (Anonymous IPs) to spoof their IP address, it has become very much necessary to come up with a means for detecting the proxies so that the authenticity of the users can be verified. Using a proxy (web proxy) is the simplest and easiest way to conceal the IP address of an Internet user and maintain the online privacy. However proxies are more widely used by online fraudsters to engage in cyber crimes since it is the easiest way to hide their actual Geo-location such as city/country through a spoofed IP address. Following are some of the examples where fraudsters use the proxies to hide their actual IP.

1. Credit Card Frauds

For example, say a Nigerian fraudster tries to purchase goods online with a stolen credit card for which the billing address is associated with New York. Most credit card merchants use Geo-location to block orders from countries like Nigeria and other high risk countries. So in order to bypass this restriction the credit card fraudster uses a proxy to spoof his IP address so that it appears to have come from New York. The IP address location appears to be legitimate since it is in the same city as the billing address. A proxy check would be needed to flag this order.

2. Bypass Website Country Restrictions

Some website services are restricted to users form only a selected list of countries. For example, a paid survey may be restricted only to countries like United States and Canada. So a user from say China may use a proxy so as to make his IP appear to have come from U.S. so that he can earn from participating in the paid survey.

Proxy Detection Services

So in order to stop such online frauds, Proxy Detection has become a critical component. Today most companies, credit card merchants and websites that deal with e-commerce transactions make use of Proxy Detection Services like MaxMind andFraudLabs to detect the usage of proxy or spoofed IP from users participating online.

Proxy Detection web services allow instant detection of anonymous IP addresses. Even though the use of proxy address by users is not a direct indication of fraudulent behaviour, it can often indicate the intention of the user to hide his or her real IP. In fact, some of the most used ISPs like AOL and MSN are forms of proxies and are used by both good and bad consumers.

How Proxy Detection Works?

Proxy detection services often rely on IP addresses to determine whether or not the IP is a proxy. Merchants can obtain the IP address of the users from the HTTP header on the order that comes into their website. This IP address is sent to the proxy detecting service in real time to confirm it’s authenticity.

The proxy detection services on the other hand compare this IP against a known list of flagged IPs that belong to proxy services. If the IP is not on the list then it is authenticated and the confirmation is sent back to the merchant. Otherwise it is reported to be a suspected proxy. These proxy detection services work continuously to grab a list or range of IPs that are commonly used for proxy services. With this it is possible to tell whether or not a given IP address is a proxy or spoofed IP.

How to Tell Whether a given IP is Real or a Proxy?

There are a few free sites that help you determine whether or not a given IP is a proxy. You can use free services like WhatisMyIPAddress to detect proxy IPs. Just enter the suspected IP in the field and click on “Lookup IP Address” button to check the IP address. If it is a suspected proxy then you will see the results something as follows.

Detect Anonymous Proxy

So for all those who think that they can escape by using a spoofed IP, this post is the answer. I hope this information helps. Pass your comments.
No comments:

How to Hack Orkut Account

Google uses a 4 Level Orkut login which makes it difficult to hack Orkut using brute force attack. Hence it’s almost impossible to use the brute force approach to hack Orkut account. Before we discuss how to hack Orkut lets take a look into the 4 level secure login feature of Orkut account.

First Level - Security-SSL or 128 bit secured connection.
Second Level - Orkut account checks for cookie in the sytem of user
Third Level - Orkut provides a redirection to the entered User information
Fourth Level - Orkut doesn’t use conventional php/aspx/asp coding. So it is impossible to hack Orkut using input validation attack!!!

It is not an easy task to hack Orkut by breaking this security! However still some people manages to get access to other’s Orkut accounts. The question concerned is How they do it? Many of them just use simple tricks that fool users and then they themself leak out their password. Here are some points you need to take care of, to protect your Orkut account being HACKED.

Ways to Hack Orkut Account

1. Using Keyloggers is one of the Easiest Way to Hack Orkut password. Keylogger programs can spy on what the user types from the keyboard. If you think that you can just uninstall such programs, you are wrong as they are completely hidden.

A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer’s keyboard. Keylogger is the easiest way to hack an Orkut account.

A keylogger program is widely available on the Internet. Some of the best ones are listed below

Sniper Spy

A detailed information on Keylogger Hack can be found in my post Hacking An Email Account.

2. Phishing Attack is the most popular way of hacking/stealing other’s password. This attact works by using fake login pages to fool innocent Orkut users to enter their Orkut username and password in these fake login pages instead of the real ones. When the users land on these page they enter their Orkut username and password thinking it to be the real page but actually it is other way round. It submits all the entered details to the creator of the fake login page. In this way it’s obvious for many people to lose their Orkut account password.

3. Orkut New Features: Some sites on internet may claim to offer many additional features for Orkut users. Also these sites will offer a login page from their own website and force users to login to their Orkut account from this page itself inorder to gain access to the additional features. In fact these sites are acam and they take away your password when you enter your Orkut username and password on their pages. This is similar to that of phishing attack.

4. Community Links: Many times you are provided with a link to a community in a scrap. Read the link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm=22910233 OKRUT not ORKUT. This is definitely a trap created by the hacker to hack your Orkut password. Clicking on this link will take you to a fake login page and there you loose up your password.

5. Java script: You must have seen the circulating scraps that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it. So be careful, javascripts can even be used to hack Orkut!

6. Primary mail address: If by some means a hacker came to know the password of your Yahoo mail or Gmail, which users normally keeps as their primary mail address in their Orkut account, then hacker can hack Orkut account by simply using USER ID and clicking on ‘forget password’. This way Google will send link to the already hacked primary email ID to change the password of the Orkut account. Hence the email hacker will change your Orkut account’s password. Hence your, Orkut account is hacked too.

So a better thing would be to keep a very unknown or useless email ID of yours as primary email id so that if the hacker clicks on ‘Forgot password’ the password changing link goes to an unknown email id i.e. not known to the hacker. Hence your Orkut account saved.

So, I hope that this post not only teaches you to hack Orkut account but also to hack protect your Orkut account.
No comments:

Know More About Secure Sockets Layer (SSL)

Secure Sockets Layer (SSL) is the most widely used technology for providing a secure communication between the web client and the web server. Most of us are familiar with many sites such as Gmail, Yahoo etc. using https protocol in their login pages. When we see this, we may wonder what’s the difference between http and https. In simple words HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a SECURE communication.

What exactly is Secure Communication ?

Suppose there exists two communication parties A (client) and B (server).

Working of HTTP

When A sends a message to B, the message is sent as a plain text in an unencrypted manner. This is acceptable in normal situations where the messages exchanged are not confidential. But imagine a situation where A sends a PASSWORD to B. In this case, the password is also sent as a plain text. This has a serious security problem because, if an intruder (hacker) can gain unauthorised access to the ongoing communication between Aand B , he can see the PASSWORDS since they remain unencrypted. This scenario is illustrated using the following figure

Now lets see the working of HTTPS

When A sends a PASSWORD (say “mypass“) to B, the message is sent in an encrypted format. The encrypted message is decrypted on B‘s side. So even if the Hacker gains an unauthorised access to the ongoing communication between A and B he gets only the encrypted password (“xz54p6kd“) and not the original password. This is shown below

How is HTTPS implemented ?

HTTPS is implemented using Secure Sockets Layer (SSL). A website can implement HTTPS by purchasing an SSL Certificate. Secure Sockets Layer (SSL) technology protects a Web site and makes it easy for the Web site visitors to trust it. It has the following uses

  1. An SSL Certificate enables encryption of sensitive information during online transactions.
  2. Each SSL Certificate contains unique, authenticated information about the certificate owner.
  3. A Certificate Authority verifies the identity of the certificate owner when it is issued.

How Encryption Works ?

Each SSL Certificate consists of a Public key and a Private key. The public key is used to encrypt the information and the private key is used to decrypt it. When your browser connects to a secure domain, the server sends a Public key to the browser to perform the encryption. The public key is made available to every one but the private key(used for decryption) is kept secret. So during a secure communication, the browser encrypts the message using the public key and sends it to the server. The message is decrypted on the server side using the Private key(Secret key).

How to identify a Secure Connection ?
In Internet Explorer, you will see a lock icon Picture of the Lock icon in the Security Status bar. The Security Status bar is located on the right side of the Address bar. You can click the lock to view the identity of the website.

In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns GREEN when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning and the status bar may turn RED.

So the bottom line is, whenever you perform an online transaction such as Credit card payment, Bank login or Email login always ensure that you have a secure communication. A secure communication is a must in these situations. Otherwise there are chances of Phishing using a Fake Login Page

I Hope this helps. Please pass your comments.
No comments:

How to Hack Email

Hack EmailI know most of you might be wondering to know how tohack email? You as the reader are most likely reading this because you want to hack into someone’s email account or catch a cheating spouse, girl/boy friend by gaining access to their email accounts. So read on to find out the real and working ways to hack any email and expose the truth behind the lies.

Is it Possible to Hack Email?

Yes! As a matter of fact, almost anything can be hacked. But before you learn the real ways to hack email, the following are the things you should be aware of.

1. There is no ready made software that can hack emails and get you the password just with a click of a button. So if you come accross any website that claims to sell such softwares, I would advise you not to trust them.

2. Never trust any email hacking service that claims to hack any email for just $100 or $200. Most of them are no more than a scam.

3. With my experience of over 8 years in the field of Hacking and Security, I can tell you that there exists only 2 foolproof methods for hacking email. All the other methods are simply scam or don’t work.

The following are the only 2 working and foolproof methods to hack any email.

1. HACK ANY EMAIL: EASIEST WAY

The easiest way to hack an email is by using a keylogger (Also known as spy software). A keylogger is a small program that monitors each and every keystroke that a user types on a specific computer’s keyboard. To use it you don’t need to have any special knowledge. Anyone with a basic knowledge of computer can use it. With my experience I recommend the following keylogger as the best for hacking email.

  • SniperSpy – The No.1 Keylogger to Access any Email

Easily Access any Email

Hack Email with SniperSpy

Can I install SniperSpy on a Local Computer?

Yes, you can install SniperSpy on a Local or Remote computer. It supports both Remote and Local installations. So you need not worry whether it is a local or remote PC.

Can I be traced back if I install SniperSpy on a Remote Computer?

No, it is impossible to trace back to you when you install it on a remote computer.

Hacking Email

2. OTHER WAYS TO HACK EMAIL

The other most commonly used trick for hacking email is by using Fake Login Pages. Fake login pages are created by many hackers on their sites which appear exactly as Gmail or Yahoo login pages but the entered details(username & pw) are redirected to remote server and we get redirected to some other page. Many times we ignore this but finally we lose our valuable data. However creating a fake login page and taking it online to successfully hack an email is not an easy job. It demands an in depth technical knowledge of HTML and scripting languages like PHP, JSP etc. So I recommend the usage of keyloggers to hack email since it’s the easiest one.

I hope this info has helped you. Happy Email Hacking!
1 comment:

A Virus Program to Disable USB Ports

Virus to disable USB portsIn this post I will show how to create a simple virus that disables/blocks the USB ports on the computer (PC). As usual I use my favorite C programming language to create this virus. Anyone with a basic knowledge of C language should be able to understand the working of this virus program.

Once this virus is executed it will immediately disable all the USB ports on the computer. As a result the you’ll will not be able to use your pen drive or any other USB peripheral on the computer. The source code for this virus is available for download. You can test this virus on your own computer without any worries since I have also given a program to re-enable all the USB ports.

1. Download the USB_Block.rar file on to your computer.

2. It contains the following 4 files.

  • block_usb.c (source code)
  • unblock_usb.c (source code)

3. You need to compile them before you can run it. A step-by-step procedure to compile C programs is given in my post - How 2 Compile C Programs.

3. Upon compilation of block_usb.c you get block_usb.exe which is a simple virus that will block (disable) all the USB ports on the computer upon execution (double click).

4. To test this virus, just run the block_usb.exe file and insert a USB pen drive (thumb drive). Now you can see that your pen drive will never get detected. To re-enable the USB ports just run the unblock_usb.exe (you need to compile unblock_usb.c) file. Now insert the pen drive and it should get detected.

5. You can also change the icon of this file to make it look like a legitimate program. For more details on this refer my post – How 2 change the Icon of an .EXE file (This step is also optional).

I hope you like this post. Please pass your comments.
No comments:

Denial Of Service Attack

Its Real,On February 6th, 2000, Yahoo portal was shut down for 3 hours. Then retailer Buy.com Inc. (BUYX) was hit the next day, hours after going public. By that evening, eBay (EBAY), Amazon.com (AMZN), and CNN (TWX) had gone dark. And in the morning, the mayhem continued with online broker E*Trade (EGRP) and others having traffic to their sites virtually choked off.

What is a Denial Of Service Attack?

  • A denial of service attack (DOS) is an attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the resources, so that no one can access it.
  • If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine to accomplish a denial of service attack.

Types of denial of service attacks

There are several general categories of DoS attacks.Popularly, the attacks are divided into three classes:

  • bandwidth attacks,
  • protocol attacks, and
  • logic attacks

What is Distributed Denial of Service Attack?

  • An attacker launches the attack using several machines. In this case, an attacker breaks into several machines, or coordinates with several zombies to launch an attack against a target or network at the same time.
  • This makes it difficult to detect because attacks originate from several IP addresses.
  • If a single IP address is attacking a company, it can block that address at its firewall. If it is 30000 this is extremely difficult.
No comments:

Port Scanning

Port Scanning is one of the most popular techniques used by hackers to discover services that can be compromised.

  • A potential target computer runs many ’services’ that listen at ‘well-known’ ‘ports’.
  • By scanning which ports are available on the victim, the hacker finds potential vulnerabilities that can be exploited.
  • Scan techniques can be differentiated broadly into Vanilla, Strobe, Stealth, FTP Bounce, Fragmented Packets, Sweep and UDP Scans.

Port Scanning Techniques


Port Scanning Techniques can be broadly classified into:

  • Open scan
  • Half- open scan
  • Stealth scan
  • Sweeps
  • Misc

Commonly used tools for port scanning

1. Tool: SuperScan 3.0

2. Tool: NMap (Network Mapper)

3. Tool: NetScan Tools Pro 2003

4. Tool: ipEye, IPSecScan
No comments:

Proxy Servers and Anonymizers

Proxy is a network computer that can serve as an intermediate for connection with other computers. They are usually used for the following purposes:

  • As firewall, a proxy protects the local network from outside access.
  • As IP-addresses multiplexer, a proxy allows to connect a number of computers to Internet when having only one IP-address.
  • Proxy servers can be used (to some extent) to anonymize web surfing.
  • Specialized proxy servers can filter out unwanted content, such as ads or ‘unsuitable’ material.
  • Proxy servers can afford some protection against hacking attacks.

Anonymizers

  • Anonymizers are services that help make your own web surfing anonymous.
  • The first anonymizer developed was Anonymizer.com, created in 1997 by Lance Cottrell.
  • An anonymizer removes all the identifying information from a user’s computers while the user surfs the Internet, thereby ensuring the privacy of the user.
No comments:

Tips to Find Unauthorized Activity on Your Email Account

Do you suspect that your email account is under attack? Do you want to maintain total security of your email account and make it 100% hack proof? Well, Some times our email account might have got hacked and we may not be aware of that. We may believe that our email account is safe, but in reality our private and confidential information may be falling into the hands of a third person.

Here are some signs of unauthorized activity on an email account.

1. Your new emails are marked as Read even if you’ve not read them.

2. Your emails are moved to Trash or even permanently deleted without your notice.

3. Your emails are being forwarded to a third party email address (check your settings->forwarding).

4. Your secondary email address is changed.

If you come across any of the above activities on your email account, then it is a clear indication that your email account is hacked.

Additional Security Features in Gmail to ensure the Safety of your Account

Gmail provides an additional security feature to protect your email account through the means of IP address logging. That is, Gmail records your IP address every time you login to your Gmail account. So, if a third party gets access to your account then even his/her IP is also recorded. To see a list of recorded IP address, scroll down to the bottom of your Gmail account and you’ll see something like this.

Gmail - Last account activity

You can see from the above figure that Gmail shows the IP address of last login (last account activity). You can click on Details to see the IP address of your last 5 activities. If you find that the IP listed in the logs doesn’t belong to you, then you can suspect unauthorized activity.

Steps to be carried out to stop unauthorized activity on your email account

If you feel/suspect that your account is hacked then you must immediately take the actions mentioned below

1. Change your Password

2. Change your security question.

2. Remove any third party email address (if any) to which your account is set to forward emails.

3. Make sure that you can access the email account of your secondary email address.

4. Also change you secondary email password and security question.

This ensures that your account is safe from future attacks. But I strongly recommend that you read the following post to protect your email account from being hacked.

Please pass your comments and express your opinions.
No comments:
Subscribe to: Posts (Atom)