Ethical Hacking

Icon

Just another WordPress.com weblog

October 29, 2008 • 3:24 pm 0

CMD

CMD

CMD is short for commander.
It is great for a lot of things and it’s also very clean.

———————————————————————————————–
Lets learn how to make the computer shut down everytime it’s booted, shall we?
———————————————————————————————–

First open CMD,

Next open notepad.

If you write "start shutdown -r" in CMD and press enter, your computer will restart. Also if you write the same in "run".
(Change -r to -s to shutdown computer, or write -l to logg off.)

If you write
—————————————
@echo off

cls
start shutdown -r

cls
goto :a
—————————————
in notepad and save it as something.bat (bat is important) and then open it, your computer will restart in the same way.

So, lets get into autostart. Put that bat file in autostart (autostart can be found in start menu) and each time your
computer is booted it will start that file and your computer will restart.
If you write the next script your computer will try to shutdown several times at once. it will freak for about half a minute
and then turn off.

Lets get a better understanding how scripts works. The above script shuts down your computer, but a bat file normaly opens
CMD and does whatever you told it to do.

@echo off – This is where you put commands that shouldn’t be shown as text. For example cls. You don’t want that to be text,
it’s a command.

cls – This one is pretty good, it clears the text in the CMD screen

CMD – This command gives you a new CMD session.

start – this triggers stuff, in this case it’s shutdown.

color – changes the colour in the cmd window, I recommend writing "color 0a", which is a green color thats really cool
on a black window.

title – write "title something" to change title.

goto :a – This one is really, really, really, really cool. It’s used for making loops and some more advanced stuff that I
wont go into. Lets say you write
————————————–
@echo off
:a
cls
start shutdown -r

cls
goto :a
————————————–

The goto :a tells you to go to :a higher up in the script. so it starts the script again, then it does the goto :a command
again and the script reloads. Basicaly a loop. You can change the "a" to whatever you want, for example "error". This is
only to make it easier for you to read your script.

The : infront of "a" must stay where it is.
Bad example:
goto: a

Good example:
goto :a

————————————–

dir – This shows you the files in the directory you are in.

dir /s – This shows you all the files on your computer.

echo – write "echo something" and it will be as a text in cmd.

echo. This is a linebrake.

cd – Write cd followed up with a location, to go there in cmd. For example "cd c:\windows".

cd .. – This goes back one step in the directory. For example if your in c:\windows and write "cd .." you go back to c:\.

So now you know the basics, which we’ll use to make you computer do stuff. In cmd you can write "help" to get a list of most
commands.

Moving away from learning commands now.

———————————————————————————————–
Lets make a spamm script.
———————————————————————————————–

———————————————–
@echo off
cls
:a
start notepad.exe
goto :a

———————————————–
this script will continue to open notepad until you close cmd. Not recommended to run this on a slow computer.
As we said before, "start" triggers things, this script triggers notepad and then the loop (goto :a) is triggered.

———————————————————————————————–
Lets just mess around.
———————————————————————————————–

———————————————–
@echo off
cls
:a
taskkill /im explorer.exe /f
goto :a
———————————————–

This will close the bar where start menu and tasks are shown, for example if you open internet you will see it at the bottom
of the screen on the explorer bar.
Closing this will leave people with little things to do.

Filed under: Uncategorized

October 29, 2008 • 2:41 pm 0

Find ip of mail sender

Finding IP address in Yahoo! Mail

1. Log into your Yahoo! mail with your username and password.

2. Click on Inbox or whichever folder you have stored your mail.

3. Open the mail.

4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers,

* Click on Options on the top-right corner

* In the Mail Options page, click on General Preferences

* Scroll down to Messages where you have the Headers option

* Make sure that Show all headers on incoming messages is selected

* Click on the Save button

* Go back to the mails and open that mail

5. You should see similar headers like this:

Yahoo! headers : name

Look for Received: from followed by the IP address between square brackets [ ]. Here, it is 202.65.138.109.

That is be the IP address of the sender!

6. Track the IP address of the sender



Finding IP address in Hotmail


1. Log into your Hotmail account with your username and password.

2. Click on the Mail tab on the top.

3. Open the mail.

4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers,

* Click on Options on the top-right corner

* In the Mail Options page, click on Mail Display Settings

* In Message Headers, make sure Advanced option is checked

* Click on Ok button

* Go back to the mails and open that mail

5. If you find a header with X-Originating-IP: followed by an IP address, that is the sender’s IP address

Hotmail headers : name ,In this case the IP address of the sender is [68.34.60.59]. Jump to step 9.

6. If you find a header with Received: from followed by a Gmail proxy like this

Hotmail headers : name

Look for Received: from followed by IP address within square brackets[].

In this case, the IP address of the sender is [69.140.7.58]. Jump to step 9.

7. Or else if you have headers like this

Hotmail headers : name

Look for Received: from followed by IP address within square brackets[].

In this case, the IP address of the sender is [61.83.145.129] (Spam mail). Jump to step 9.

8. * If you have multiple Received: from headers, eliminate the ones that have proxy.anyknownserver.com.

9. Track the IP address of the sender

Filed under: Uncategorized

October 29, 2008 • 2:12 pm 0

Prevent Spam in ur Gmail account

Are you worried about spam in your precious gmail account ?
If yes, then you would like to consider making aliases of your gmail id to use when you’re not sure whether you’re signing up for something safe or not.

It is a very simple task to provide an alias of your gmail id. Whenever you sign up on the internet on some site that you think may not be safe (or a site which might send you spam),all you have to do is give out the email address as

For example if your email id is james@gmail.com,you can provide james+21@gmail.com or james+test@gmail.com .You can put anything after the + and all email sent will still go to your gmail account.


In the event that you did give your email to a spammer and you start receiving spam, don’t worry! Just create a filter, and make everything that is sent to username+whateveryouputhere@gmail.com go to the trash. This way all the spam that you might get will automatically be deleted.

Filed under: Uncategorized

October 29, 2008 • 2:10 pm 0

NT password cracking

___________________________________________________________________________

So you got administrator privileges on a NT box and now want to take over the entire Network, but for that you need to get the list of accounts that you would use and their respective passwords. So you got administrator privileges on a NT box and now want to take over the entire Network, but for that you need to get the list of accounts that you would use and their respective passwords. So, what do you do? So, what do you do?

Well, the NT Security Accounts Manager or the SAM holds the key, and this manual explores how exactly you would go about the process of extracting and ‘cracking’ passwords from the Windows NT SAM and other related information. Well, the NT Security Accounts Manager or the SAM holds the key, and this manual explore exactly how you would go about the process of extracting and ‘cracking’ passwords from the Windows NT SAM and other related information.

The NT Security Accounts Manager or the NT SAM is to Windows NT what the /etc/passwd file is to Unix systems. The NT Security Accounts Manager or the NT to Windows NT SAM is what the / etc / passwd file is to Unix systems. The SAM stores the list of usernames of all accounts and their respective passwords in encrypted form of all Local Users or all users on that particular domain. The SAM stores the list of usernames of all their respective accounts and passwords in encrypted form of all Local Users or all users on that particular domain. (Varies according to what the system is used for.) Cracking the SAM or in other words cracking the encrypted passwords stored by it is all you need to do in your quest to control the entire Network. (Varies according to what the system is used for.) Cracking the SAM or in other words cracking the encrypted passwords stored by it is all you need to do in your quest to control the entire network.

Although the latest encryption algorithm implemented by Microsoft NT is quite good, there is a flaw or rather a backward compatibility feature, which can easily be exploited to crack the passwords. Although the latest encryption algorithm implemented by Microsoft NT is quite good, there is a flaw or rather a backward compatibility feature, which can easily be exploited to crack the passwords. You see, this new algorithm has been adopted only recently. You see, this new algorithm has been adopted only recently. Earlier, Microsoft used to implement a one-way encryption standard or hashing. Earlier, Microsoft used to implement a one-way encryption or hashing standard. Now even the newer versions of the operating system in order to maintain backward compatibility with Windows 9x etc have to store the old hash along with the new. Now even the newer versions of the operating system in order to maintain backward compatibility with Windows 9x and so have to store the old hash along with the new. Now, the older hash function has already been reverse engineered or cracked and is widely used to crack the NT passwords. Now, the older hash function has already been cracked or reverse engineered and is widely used to crack the NT passwords.

L0phtcrack is the utility, which we will be using in this manual to crack the Windows NT passwords. L0phtcrack is the utility, which we will be using in this manual to crack the Windows NT passwords. It is available at http://www.l0pht.com/l0phtcrack L0phtcrack is probably the most easy to use and the most effective utility available to crack NT passwords. It is available at http://www.l0pht.com/l0phtcrack L0phtcrack is probably the most easy to use and the most effective utility available to crack NT passwords. L0phtCrack can import the required SAM data in many forms. L0phtCrack SAM can import the required data in many forms. It can extract the SAM data from raw SAM files, from compressed backup SAM files (SAM._), from remote systems using administrator access and even by sniffing hashes being transferred over networks. It can extract data from the SAM SAM raw files, compressed backup from files SAM (SAM._), from remote systems using administrator access and even by sniffing hashes being transferred over networks.

Before you actually get down to using L0phtCrack, you need to obtain the SAM file. Before you actually get down to using L0phtCrack, you need to obtain the SAM file. Microsoft uses a file called SAM to store the SAM data on Windows NT. Microsoft uses a file called SAM SAM to store the data on Windows NT. This file can be found at: This file can be found at:

%systemroot%\system32\config % systemroot% \ system32 \ config

This particular directory is locked throughout the time when Windows NT is running. This particular directory is locked throughout the time when Windows NT is running. The information stored by this file has actually been extracted from the Windows NT registry. The information stored by this file has actually been extracted from the Windows NT registry. The original source of the data stored by this file is the following registry key: The original source of the data stored by this file is the following registry key:

HKEY_LOCAL_MACHINE\SAM HKEY_LOCAL_MACHINE \ SAM

This key cannot be accessed by any account. This key can not be accessed by any account. Even the administrator account does not allow access to it. Even the administrator account does not allow access to it. However, like all security features this feature too can be over-ridden. However, like all security features this feature too can be over-ridden. Infact there are several ways of getting the SAM data, and in this manual I will try and elaborate on all of these methods. Infact there are several ways of getting the SAM data, and in this manual I will try and elaborate on all of these methods.

Getting the SAM from the Backup directory Getting the SAM from the backup directory

When you use the NT Repair Utility (rdisk) with the /s argument to backup the important information regarding the system configuration to a floppy disk, then a compressed copy of the SAM data file is created in the %systemroot%\repair directory under the filename: SAM._ When you use the NT Repair Utility (rdisk) with the / s argument to backup the important information regarding the system configuration to a floppy disk, then a compressed copy of the SAM data file is created in the% systemroot% \ repair directory under the filename: SAM._

Although a good system administrator will not forget to delete this file, however, in some cases inexperienced system administrators do tend to forget to delete it. Although a good system administrator will not forget to delete this file, however, in some cases inexperienced system administrators do tended to forget to delete it. As this backup copy of the SAM file is in the compressed form, you need to expand it before you can use it. As this backup copy of the SAM file is in the compressed form, you need to expand it before you can use it. One can expand the compressed back copy of the SAM using the following command: One can expand the back compressed copy of the SAM using the following command:

C:\>expand sam._ sam C: \> expand sam._ sam

NOTE: If you use the latest version of L0phtCrack, you need not go through the process of expanding the compressed backup copy of the SAM, as there is a built in option, which automatically does it for you. NOTE: If you use the latest version of L0phtCrack, you need not go through the process of expanding the compressed backup copy of the SAM, as there is a built in option, which automatically does it for you.

Getting the SAM via another Operating System Getting the SAM via another Operating System

The basis of this section is the fact that the SAM file is locked throughout the time Windows NT is running. The basis of this section is the fact that the SAM file is locked throughout the time is running Windows NT. So in other words, access to the SAM file should not be restricted when Windows NT is not running. So in other words, access to the SAM file should not be restricted when Windows NT is not running. Right? So, all you now need to do is boot into an alternate operating system, the most commonly used for such a purpose would be a DOS running on a floppy which has the COPY utility on it. Right? So, now all you need to do is boot into an alternate operating system, the most commonly used for such a purpose would be to DOS running on a floppy which has the COPY utility on it. So, basically what one needs to do is create a bootable floppy, which has DOS running on it. So, basically what one needs to do is create a bootable floppy, which has DOS running on it. Then you need to change the BIOS settings and enable boot from the floppy disk. Then you need to change the BIOS settings and enable boot from the floppy disk. Once you have booted into DOS, you could use the Copy utility to get the SAM file. Once you have Booted into DOS, you could use the Copy utility to get the SAM file.

However, this process is not as easy as it above, but again not too difficult. However, this process is not as easy as it above, but again not too difficult. You see, more often than not a target system running Windows NT would be running on an NTFS-formatted partition. You see, more often than not a target system running Windows NT would be running on an NTFS-formatted partition. So, while you create the bootable floppy, what you need to keep in mind if the fact that it should be able to read NTFS partitions. So, while you create the bootable floppy, what you need to keep in mind if the fact that it should be able to read NTFS partitions. There is a NTFS file system driver called NTFSDOS, which will do the trick in such scenarios. There is a NTFS file system driver called NTFSDOS, which will do the trick in such scenarios. It basically works by mounting NTFS partitions as logical drives, in effect, making all the files on the target system vulnerable to being read (including the SAM file). It basically works by mounting NTFS partitions as logical drives, in effect, making all the files on the target system vulnerable to being read (including the SAM file).

You can get NTFSDOS from http://www.sysinternals.com/ You can get NTFSDOS from http://www.sysinternals.com/

*********************
HACKING TRUTH: NTFSDOS makes all files on the target system vulnerable to being read. HACKING TRUTH: NTFSDOS makes all files on the target system vulnerable to being read. Now, wouldn’t it be wonderful if you could write to the target system as well. Now, would not it be wonderful if you could write to the target system as well. Well, NTRecover and NTLocksmith again from http://www.sysinternals.com give you limited write capabilities. Well, NTRecover and again from NTLocksmith http://www.sysinternals.com give you limited write capabilities.

*********************

There is yet another way of in which booting into an alternate OS can be helpful. There is yet another way in which of booting into an alternate OS can be helpful. One could also boot into say a Linux boot disk and carry out the same procedure. One could also say boot into a Linux boot disk and carry out the same procedure.

Extracting Hashes from the SAM Extracting from the SAM Hashes

If you have administrator privileges on a Windows NT system, then you could easily dump the password hashes from the SAM hive in the registry into a UNIX password file format. If you have administrator privileges on a Windows NT system, then you could easily dump the password hashes from the SAM Hive in the registry into a UNIX password file format. (The format followed by the /etc/passwd file) (The format followed by the / etc / passwd file)

The most commonly used utility, which can accomplish this task, is pwdump. The most commonly used utility, which can accomplish this task, is pwdump. The newer versions of L0phtCrack again have a built in feature, which extracts hashes directly from the registry. The newer versions of L0phtCrack again have a built in feature, which extracts hashes directly from the registry.

So how can one protect the SAM hive from getting dehashed? (Is that a word?) Until Service Pack 2 was released, Windows NT was using a 40-bit encryption key. So how can one protect the SAM from getting Hive dehashed? (Is that a word?) Until Service Pack 2 was released, Windows NT was using a 40-bit encryption key. However, this was easily and widely cracked. However, this was widely and easily cracked. With the release of Service Pack 2, a nifty feature was introduced which was aimed at enhancing the SAM encryption. With the release of Service Pack 2, a nifty feature was introduced which was aimed at enhancing the SAM encryption. It was called SYSKEY. It was called SysKey. It replaced the original 40-bit encryption key with the 128-bit encryption key. It replaced the original 40-bit encryption key with the 128-bit encryption key. One can run SYSKEY by the following the below process: One can run SysKey by the following the below process:

Click on Start > Run Click on Start> Run

Type ‘syskey’ (without the quotes) in the space provided. Type ‘SysKey’ (without the quotes) in the space provided.

Both pwdump and L0phtCrack fail to surpass the encryption key established by SYSKEY. Both pwdump and L0phtCrack fail to Surpass the encryption key established by SysKey. So is a system with SYSKEY established not vulnerable to being dehashed? So is a system established with SysKey not vulnerable to being dehashed? Well, no. Well, no. Pwdump2, which is a sort of a sequel to pwdump is easily able to surpass SYSKEY’s enhanced encryption key. Pwdump2, which is a sort of a sequel to pwdump is easily able to Surpass SysKey’s enhanced encryption key.

Filed under: Uncategorized

October 29, 2008 • 1:50 pm 0

How do I change my IP address?

How do I change my IP address?

“How do I change my IP address?” and “Can I change my IP address?” are probably the most commonly asked questions. Please attempt the following then, if that does not work, visit the Change IP Address forum.

Before trying any other methods to change your IP address, try turning off (or unplugging the power of) your Cable/DSL modem for five minutes. In many cases this will change your IP address. However, if that does not change your IP address, repeat the process for 8 hours (overnight works well) instead of 5 minutes. Hopefully this will result in an IP change.

If the above does not result in your IP address changing, please look through the below for the situation that best matches yours and attempt to change your IP address that way. Unfortunately you are not able to get your IP address to change in all cases, as it is ultimate determined by your ISP’s DHCP configuration (when you’ve got a dynamically assigned IP address, that is.)

Windows – Computer connected directly to the modem

1. Get to a command prompt. (START, run, cmd).
Start Menu Run Box
2. Type “ipconfig /release” (without the quotes, on the command line by itself).
3. Type “ipconfig /renew” (without the quotes, on the command line by itself).

Windows (second option) – Computer connected directly to the modem

1. Get to a command prompt. (START, run, cmd).
2. Type “ipconfig /release” (without the quotes).
3. Shut down computer.
4. Turn off computer.
5. Turn off all ethernet hubs/switches.
6. Turn off cable/DSL modem.
7. Leave off overnight.
8. Turn everything back on.

Network with Router

1. Log into the router’s admin console. (Often http://192.168.1.1/)
2. Release the IP address. (Method varies by router manufacturer)
3. Turn off router, ethernet hubs/switches, and the cable/DSL modem.
4. Leave off overnight.
5. Turn everything back on.

If you are using a cable/DSL modem and a router, you may wish to connect your computer directly to the cable/DSL modem. Please note that this could significantly impact your system security. This allows your ISP’s DHCP to issue you a new (hopefully changed) IP address based of the (hardware) MAC address of your computer’s ethernet card.

If all the above has not worked to change your IP address and you have a router, check and see if there is a “Clone MAC Address” option. Using it should change your IP address; however, you’ll only be able to do it once (in most cases).

These will not work in all cases. If all else fails contact your internet service provider (ISP) and ask them if they are able to change your IP address or how long your connection needs to be off for your IP address to change.

If you trying to change your IP address because you are just trying to access web based forums you may wish to attempt to configure your internet browser to use a proxy server.

Filed under: Uncategorized

October 26, 2008 • 11:33 am 0

Templates

Iphone Template

<!–

–>

''

''

  • ()

()

  • <!– () –>

''

''

''

''

Author:

jackbookDOTCOM_changeDate(”)

''

''

Comment

Comment

Comments

''

{Name}

{Date}

{Time}

[{Label:reply}]

[{Label:delete}]

{Text}

{Label:leaveComment}

{Label:nameLabel}

{Label:ratingLabel}

{Label:emailLabel}

{Label:emailNote}

{Label:commentLabel}

<!–

–>

<!–

–>

Create Links

()

Response

Response

Responses

to “”

Leave a Reply

''

Powered by iPhone Blogger Template Geek Hacks Jack Book

or download from here

Download

Green Light

<

content width, hidden*/

width:658px;

min-height:614px; /*ie6 not support*/

padding: 0px 15px 0px 25px;

background:url(‘http://3.bp.blogspot.com/_h2Z5-se9eC4/SQLJGFXGfkI/AAAAAAAAAMg/SZF1rwzWi60/s1600/content_bg.jpg&#8217;) no-repeat 567px 0px;

}

/***** content *****/

.archivetitle {

color: #000000;

font-size: 14px;

font-variant: normal;

padding: 0px 0px 0px 0px;

margin: 0px 0px 12px 0px;

}

.title, .title a {

color: #000000;

font-size: 20px;

}

.date {

font-size: 10px;

padding: 0px 0px 4px 0px;

border-bottom: 1px solid #73943B;

}

.entry {

color: #000000;

line-height: 1.6em;

text-align: justify;

padding: 8px 0px 0px 0px;

}

.page_entry {

margin: 10px 0px 0px 0px;

padding: 2px 0px 20px 0px;

border-top: 2px solid #73943B;

border-bottom: 1px solid #73943B;

}

.info {

line-height: 1.6em;

font-size: 10px;

text-align: left;

margin: 0px 1px 50px 0px;

padding: 4px 0px 1px 1px;

border-top: 1px solid #73943B;

}

.category {

font-size: 10px;

margin: 0px 0px 0px 0px;

padding: 0px 0px 4Px 20px;

background: url(‘http://1.bp.blogspot.com/_h2Z5-se9eC4/SQLJF-6RH0I/AAAAAAAAAMQ/UdppCcRU3Ro/s1600/category.gif&#8217;) no-repeat top left transparent;

}

.tags {

font-size: 10px;

margin: 0px 0px 0px 0px;

padding: 0px 0px 4px 20px;

background: url(‘http://2.bp.blogspot.com/_h2Z5-se9eC4/SQLJGg_TKUI/AAAAAAAAANA/Vm0z8Z9rlFg/s1600/tags.gif&#8217;) no-repeat top left transparent;

}

.bubble {

font-size: 10px;

margin: 0px 0px 0px 0px;

padding: 0px 0px 4px 20px;

background: url(‘http://3.bp.blogspot.com/_h2Z5-se9eC4/SQLJF9pzJKI/AAAAAAAAAMI/eTTA6kv1-i8/s1600/bubble.gif&#8217;) no-repeat top left transparent;

}

.navigation {

font-size: 11px;

margin: 40px 0px 0px 0px;

padding: 2px 0px 17px 0px;

border-top: 2px solid #73943B;

border-bottom: 1px solid #73943B;

}

.sorry {

font-size: 11px;

font-style: italic;

margin: 8px 0px 0px 0px;

padding: 3px 0px 3px 0px;

border-top: 1px solid #73943B;

border-bottom: 1px solid #73943B;

}

#postmetadata {

font-size: 12px;

margin: 10px 0px 20px 0px;

padding: 5px 15px 5px 15px;

border-top: 1px solid #73943B;

border-bottom: 2px solid #73943B;

}

.nocomments {background: none; color: #000000;}

.commenttitle {

color: #000000;

font-size: 14px;

text-align: left;

font-weight: bold;

margin: 0px 0 20px 0;

padding: 2px 0px 2px 0px;

font-variant: normal;

border-bottom: 1px solid #80b608;

}

.commentlist {list-style: none;}

.commentbody {

color: #000000;

font-size: 11px;

position: relative;

list-style-type: none;

margin: 0px 0px 15px 0px;

padding: 0px 0px 0px 0px;

border-bottom: 1px solid #80b608;

}

.adminbody {

color: #000000;

font-size: 11px;

position: relative;

list-style-type: none;

margin: 0px 0px 20px 25px;

padding: 0px 0px 0px 0px;

border-bottom: 1px solid #80b608;

}

.commenthead {

color: #000000;

padding: 5px 0px 8px 0px;

margin: 0px 0px 10px 0px;

border-bottom: 1px dotted #80b608;

background:#ffffff;

}

.adminhead {

color: #000000;

margin: 0px 0px 10px 0px;

padding: 5px 0px 8px 0px;

border-bottom: 1px dotted #80b608;

background:#ffffff;

}

.avatar {

position:relative;

float: left;

margin: 0px 5px 0px 0px;

padding: 0px;

background: #ffffff;

}

.commentcount {

float: right;

color: #000000;

font-size: 20px;

font-weight: bold;

margin: 0px 0px 0px 0px;

padding: 0px 0px 0px 0px;

font-family: Georgia, Times, ‘Times New Roman’, serif;

}

.authorlink {color: #000000; font-size: 11px; font-weight: bold;}

.authorlink a {color: #000000; font-size: 11px; font-weight: bold;}

.commentlink {font-size: 10px; color: #000000;}

.trackhead {

color: #000000;

margin: 0px 0px 10px 0px;

padding: 7px 0px 8px 41px;

border-bottom: 1px dotted #80b608;

background: url(images/track.jpg) no-repeat top left;

}

.trackbody {

color: #000000;

font-size: 11px;

position: relative;

list-style-type: none;

padding: 0px 0px 0px 0px;

margin: 0px 0px 20px 0px;

border-bottom: 1px solid #80b608;

}

.trackbody p a {color: #000000;}

#commentform {

margin:0;

padding:20px 0 0 0;

}

#email, #author, #url {

color: #000000;

font-size: 12px;

background: none;

padding-left: 2px;

vertical-align: middle;

border: 1px solid #73943B;

font-family: Verdana, Arial, Helvetica, Sans-Serif;

}

#comment {

width: 400px;

color: #000000;

font-size: 12px;

font-family: Verdana, Arial, Helvetica, Sans-Serif;

border: 1px solid #80b608;

padding: 2px 2px 2px 2px;

}

#submit {

width: 80px;

height: 20px;

color: #000000;

font-size: 12px;

background: #ffffff;

margin: 0px 0px 0px 0px;

padding: 0px 10px 2px 10px;

border: 1px solid #80b608;

font-family: Verdana, Arial, Helvetica, Sans-Serif;

}

#sidebar{ /*width=190px*/

float:right;

display:inline;

overflow:hidden;

width: 174px;

margin:0 0 0 0;

padding: 0px 8px 0px 8px;

color:#ffffff;

}

/***** sidebar *****/

#sidebar a{color:#ffffff;}

#sidebar a:hover {color:#73943B;}

#sidebar ul {

color: #c8c8c8;

line-height: 1.6em;

list-style-type: none;

font-size:12px;

margin: 0px 0px 0px 0px;

padding: 0px 0px 2px 13px;

border-bottom: 1px dotted #73943B;

}

#sidebar li {

list-style-type: none;

margin: 0px 0px 0px 0px;

padding: 0px 0px 2px 13px;

background:url(‘http://4.bp.blogspot.com/_h2Z5-se9eC4/SQLJF4HM9SI/AAAAAAAAAMA/gHxMkDqTtZg/s1600/arrow.gif&#8217;) no-repeat 0px 5px;

}

#sidebar h2 {

color: #ffffff;

font-size: 12px;

font-weight: bold;

letter-spacing: 0px;

font-variant: normal;

margin: 0px 0px 0px 0px;

padding: 3px 20px 3px 0px;

border-top: 3px solid #73943B;

border-bottom: 1px solid #73943B;

background:url(‘http://2.bp.blogspot.com/_h2Z5-se9eC4/SQLJGvcvL3I/AAAAAAAAAM4/bs6IVSXmyDs/s1600/sidetitle.gif&#8217;) no-repeat right;

}

#sidebar select{

margin:5px 0px 2px 2px;

font-size:11px;

width:170px;

overflow:hidden;

}

#footer {

clear:both;

margin:0px;

color: #ffffff;

font-size: 11px;

padding:35px 190px 14px 20px;

}

#footer a {color: #ffffff; font-weight:bold;}

/***** search *****/

#searchform{

margin:0 0 15px 0;

padding:0 0 0 0;

}

.searchbox {

position:relative;

margin:0 0 0 0;

padding:0 0 0 0;

width:170px;

height:28px;

}

.search-field input {

position:relative;

float:left;

top:8px;

left:8px;

width:117px;

height:13px;

font-family:Verdana;

font-size:11px;

font-weight:bold;

color:#999999;

padding:2px 3px 1px 3px;

border:0px;

background:#f0f0f0;

}

.search-but input {

float:right;

position:relative;

top:5px;

right:10px;

width:25px;

height:22px;

}

#blog-pager-newer-link{padding-left:20px;float:left}

#blog-pager-older-link{padding-right:20px;float:right}

#blog-pager{text-align:center}

]]>

Author:

,

(1) ()

This entry was posted on and is filed under

,

. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

()

© Design by Template Lite


Converted to Blogger by Falcon Hive.com

/textarea>

or download from here

Laptop in Blue

for preview visit here

skip to main

skip to sidebar

  • ()

()

  • ()

Template by:

'Free

google.load(“annotations”, “1”, {“locale”: “”});

function initialize() {

google.annotations.setApplicationId();

google.annotations.createAll();

google.annotations.fetch();

}

google.setOnLoadCallback(initialize);

,

''

()

© 2008. Template by:

SkinCorner

or download from here

Nissan

for preview visit

skip to main

skip to sidebar

Template by:

'Free

google.load(“annotations”, “1”, {“locale”: “”});

function initialize() {

google.annotations.setApplicationId();

google.annotations.createAll();

google.annotations.fetch();

}

google.setOnLoadCallback(initialize);

,

''

()

© 2008. Template by:

SkinCorner

or download from here

Filed under: Uncategorized

October 25, 2008 • 2:42 pm 0

Tracing a Hacker

Tracing a Hacker

   Sometimes, it's just not enough to simply know that there's a Trojan or Virus onboard. Sometimes you need to know exactly why that file is onboard, how it got there - but most importantly, who put it there.   By enumerating the attacker in the same way that they have enumerated the victim, you will be able to see the bigger picture and establish what you're up against. But how can you do this? Read on...   ## Connections make the world go round ##   The computer world, at any rate. Every single time you open up a website, send an email or upload your webpages into cyberspace, you are connecting to another machine in order to get the job done. This, of course, presents a major problem, because this simple act is what allows malicious users to target a machine in the first place. 

 # How do these people find their victim?
Well, first of all, they need to get hold of the victim's IP Address. Your IP (Internet Protocol) address reveals your point of entry to the Internet and can be used in many ways to cause your online activities many, many problems. It may not reveal you by name, but it may be uniquely identifiable and it represents your digital ID while you are online (especially so if you're on a fixed IP / DSL etc).

With an IP address, a Hacker can find out all sorts of weird and wonderful things about their victim (as well as causing all kinds of other trouble, the biggest two being Portnukes/Trojans and the dreaded DoS ((Denial of Service)) attack). Some Hackers like to collect IP Addresses like badges, and like to go back to old targets, messing them around every so often. An IP address is incredibly easy to obtain - until recently, many realtime chat applications (such as MSN) were goldmines of information. Your IP Address is contained as part of the Header Code on all emails that you send and webpages that you visit can store all kinds of information about you. A common trick is for the Hacker to go into a Chatroom, paste his supposed website address all over the place, and when the unsuspecting victim visits, everything about your computer from the operating system to the screen resolution can be logged...and, of course, the all important IP address. In addition, a simple network-wide port scan will reveal vulnerable target machines, and a war-dialler will scan thousands of lines for exposed modems that the hacker can exploit.
So now that you know some of the basic dangers, you're probably wondering how these people connect to a victim's machine?

## Virtual and Physical Ports ##

Everything that you recieve over the Internet comes as a result of other machines connecting to your computer's ports. You have two types; Physical are the holes in the back of your machine, but the important ones are Virtual. These allow transfer of data between your computer and the outside world, some with allocated functions, some without, but knowing how these work is the first step to discovering who is attacking you; you simply MUST have a basic knowledge of this, or you won't get much further.

# What the phrases TCP/UDP actually mean

TCP/IP stands for Transmission Control Protocol and Internet Protocol, a TCP/IP packet is a block of data which is compressed, then a header is put on it and it is sent to another computer (UDP stands for User Datagram Protocol). This is how ALL internet transfers occur, by sending packets. The header in a packet contains the IP address of the one who originally sent you it. Now, your computer comes with an excellent (and free) tool that allows you to see anything that is connected (or is attempting to connect) to you, although bear in mind that it offers no blocking protection; it simply tells you what is going on, and that tool is NETSTAT.
## Netstat: Your first line of defence ##
Netstat is a very fast and reliable method of seeing exactly who or what is connected (or connecting) to your computer. Open up DOS (Start/Programs/MS-DOS Prompt on most systems), and in the MSDOS Prompt, type:
netstat -a
(make sure you include the space inbetween the "t" and the "a").
If you're connected to the Internet when you do this, you should see something like:  Quote:  Active Connections
Proto Local Address Foreign Address State  TCP macintosh: 20034 modem-123.tun.dialup.co.uk: 50505 ESTABLISHED  TCP macintosh: 80 proxy.webcache.eng.sq: 30101 TIME_WAIT  TCP macintosh MACINTOSH: 0 LISTENING  TCP macintosh MACINTOSH: 0 LISTENING  TCP macintosh MACINTOSH: 0 LISTENING 
Now, "Proto(col)" simply means what kind of data transmission is taking place (TCP or UDP), "Local address" is your computer (and the number next to it tells you what port you're connected on), "Foreign Address" is the machine that is connected to you (and what port they're using), and finally "State" is simply whether or not a connection is actually established, or whether the machine in question is waiting for a transmission, or timing out etc.
Now, you need to know all of Netstat's various commands, so type:
netstat ?
You will get something like this:  Quote: 
Displays protocol statistics and current TCP/IP network connections.
NETSTAT [-a] [-e] [-n] [-s] [-p proto] [-r] [interval]
-a Displays all connections and listening ports.  -e Displays Ethernet statistics. This may be combined with the -s option.  -n Displays addresses and port numbers in numerical form.  -p proto Shows connections for the protocol specified by proto; proto may be TCP or UDP. If used with the -s option to display per-protocol statistics, proto may be TCP, UDP, or IP.  -r Displays the routing table.  -s Displays per-protocol statistics. By default, statistics are shown for TCP, UDP and IP; the -p option may be used to specify a subset of the default.   
  Have a play around with the various options, but the most important use of these methods is when you combine them. The best command to use is
netstat -an
because this will list all connections in Numerical Form, which makes it a lot easier to trace malicious users....Hostnames can be a little confusing if you don't know what you're doing (although they're easily understandable, as we shall see later). Also, by doing this, you can also find out what your own IP address is, which is always useful.
Also,
netstat -b
will tell you what ports are open and what programs are connecting to the internet.
## Types of Port ##
It would be impossible to find out who was attacking you if computers could just access any old port to perform an important function; how could you tell a mail transfer from a Trojan Attack? Well, good news, because your regular, normal connections are assigned to low, commonly used ports, and in general, the higher the number used, the more you should be suspicious. Here are the three main types of port:
# Well Known PortsThese run from 0 to 1023, and are bound to the common services that run on them (for example, mail runs on channel 25 tcp/udp, which is smtp (Simple Mail Transfer Protocol) so if you find one of these ports open (and you usually will), it's usually because of an essential function.
# Registered PortsThese run on 1024 to 49151. Although not bound to a particular service, these are normally used by networking utilities like FTP software, Email client and so on, and they do this by opening on a random port within this range before communicating with the remote server, so don't panic (just be wary, perhaps) if you see any of these open, because they usually close automatically when the system that's running on them terminates (for example, type in a common website name in your browser with netstat open, and watch as it opens up a port at random to act as a buffer for the remote servers). Services like MSN Messenger and ICQ usually run on these Ports.
# Dynamic/Private PortsRanging from 49152 to 65535, these things are rarely used except with certain programs, and even then not very often. This is indeed the usual range of the Trojan, so if you find any of these open, be very suspicious. So, just to recap:  Quote:  Well Known Ports 0 to 1023 Commonly used, little danger.  Registered Ports 1024 to 49151 Not as common, just be careful.  Dynamic/Private Ports 49152 to 65535 Be extremely suspicious. 
## The hunt is on ##
Now, it is essential that you know what you're looking for, and the most common way someone will attack your machine is with a Trojan. This is a program that is sent to you in an email, or attempts to bind itself to one of your ports, and when activated, it can give the user your passwords, access to your hard drive...they can even make your CD Tray pop open and shut. At the end of this Document, you will find a list of the most commonly used Trojans and the ports they operate on. For now, let's take another look at that first example of Netstat....  Quote:  Active Connections   Proto Local Address Foreign Address State  TCP macintosh: 27374 modem-123.tun.dialup.co.uk: 50505 ESTABLISHED  TCP macintosh: 80 proxy.webcache.eng.sq: 30101 TIME_WAIT  TCP macintosh MACINTOSH: 0 LISTENING  TCP macintosh MACINTOSH: 0 LISTENING  TCP macintosh MACINTOSH: 0 LISTENING 
Now, straight away, this should make more sense to you. Your computer is connected on two ports, 80 and 27374. Port 80 is used for http/www transmissions (ie for all intents and purposes, its how you connect to the net, although of course it's a lot more complicated than that). Port 27374, however, is distinctly suspicious; first of all, it is in the registered port range, and although other services (like MSN) use these, let's assume that you have nothing at all running like instant messengers, webpages etc....you're simply connected to the net through proxy. So, now this connection is looking even more troublesome, and when you realise that 27374 is a common port for Netbus (a potentially destructive Trojan), you can see that something is untoward here. So, what you would do is:  Quote:  1) run Netstat , and use:   Netstat -a   then   Netstat -an   So you have both Hostnames AND IP addresses.    ## Tracerouting ##   Having the attacker's IP is all well and good, but what can you do with it? The answer is, a lot more! It's not enough to have the address, you also need to know where the attacker's connections are coming from. You may have used automated tracerouting tools before, but do you jknow how they work?   Go back to MSDOS and type  Quote:  tracert *type IP address/Hostname here*    Now, what happens is, the Traceroute will show you all the computers inbetween you and the target machine, including blockages, firewalls etc. More often than not, the hostname address listed before the final one will belong to the Hacker's ISP Company. It'll either say who the ISP is somewhere in there, or else you run a second trace on the new IP/hostname address to see who the ISP Company in question is. If the Hostname that you get back doesn't actually seem to mention an actual geographical location within its text, you may think all is lost. But fear not! Suppose you get a hostname such as   http://www.haha.com   Well, that tells us nothing, right? Wrong....simply enter the hostname in your browser, and though many times you will get nothing back, sometimes it will resolve to an ISP, and from there you can easily find out its location and in what areas they operate. This at least gives you a firm geographical location to carry out your investigations in.   If you STILL have nothing, as a last resort you COULD try connecting to your target's ISP's port 13 by Telnet, which will tell you how many hours ahead or behind this ISP is of GMT, thus giving you a geographical trace based on the time mentioned (although bear in mind, the ISP may be doing something stupid like not having their clocks set correctly, giving you a misleading trace. Similarly, a common tactic of Hackers is to deliberately have their computer's clock set to a totally wrong time, so as to throw you off the scent). Also, unless you know what you're doing, I wouldn't advise using Telnet (which is outside the parameters of this tutorial).   ## Reverse DNS Query ##   This is probably the most effective way of running a trace on somebody. If ever you're in a chatroom and you see someone saying that they've "hacked into a satellite orbiting the Earth, and are taking pictures of your house right now", ignore them because that's just bad movie nonsense. THIS method is the way to go, with regard to finding out what country (even maybe what State/City etc) someone resides, although it's actually almost impossible to find an EXACT geographical location without actually breaking into your ISP's Head Office and running off with the safe.   To run an rDNS query, simply go back to MS-DOS and type   netstat   and hit return. Any active connections will resolve to hostnames rather than a numerical format.   # DNS   DNS stands for Domain Name Server. These are machines connected to the Internet whose job it is to keep track of the IP Addresses and Domain Names of other machines. When called upon, they take the ASCII Domain Name and convert it to the relevant numeric IP Address. A DNS search translates a hostname into an IP address....which is why we can enter "www.Hotmail.com" and get the website to come up, instead of having to actually remember Hotmail's IP address and enter that instead. Well, Reverse DNS, of course, translates the IP Address into a Hostname (ie - in letters and words instead of numbers, because sometimes the Hacker will employ various methods to stop Netstat from picking up a correct Hostname).   So, for example,   298.12.87.32 is NOT a Hostname.  mail6.bol.net.au IS a Hostname.   Anyway, see the section at the end? (au) means the target lives in Australia. Most (if not all) hostnames end in a specific Country Code, thus narrowing down your search even further. If you know your target's Email Address (ie they foolishly sent you a hate mail, but were silly enough to use a valid email address) but nothing else, then you can use the Country codes to deduce where they're from as well. You can also deduce the IP address of the sender by looking at the emails header (a "hidden" line of code which contains information on the sender)...on Hotmail for example, go to Preferences, and select the "Full Header's Visible" option. Alternatively, you can run a "Finger" Trace on the email address, at:   www.samspade.org   Plus, some ISP's include their name in your Email Address with them too (ie Wanadoo, Supanet etc), and your Hacker may be using an email account that's been provided by a Website hosting company, meaning this would probably have the website host's name in the email address (ie Webspawners). So, you could use the information gleaned to maybe even hunt down their website (then you could run a website check as mentioned previously) or report abuse of that Website Provider's Email account (and thus, the Website that it goes with) to   abuse@companynamegoeshere.com   If your Hacker happens to reside in the USA, go to:   www.usps.gov/ncsc/lookups/abbr_state.txt   for a complete list of US State abbreviatons.   ## List of Ports commonly used by Trojans ##   Please note that this isn't a complete list by any means, but it will give you an idea of what to look out for in Netstat. Be aware that some of the lower Ports may well be running valid services.   UDP: 1349 Back Ofrice DLL  31337 BackOfrice 1.20  31338 DeepBO  54321 BackOfrice 2000    TCP: 21 Blade Runner, Doly Trojan, Fore, Invisible FTP, WebEx, WinCrash  23 Tiny Telnet Server  25 Antigen, Email Password Sender, Haebu Coceda, Shtrilitz Stealth, Terminator, WinPC, WinSpy, Kuang2 0.17A-0.30  31 Hackers Paradise  80 Executor  456 Hackers Paradise  555 Ini-Killer, Phase Zero, Stealth Spy  666 Satanz Backdoor  1001 Silencer, WebEx  1011 Doly Trojan  1170 Psyber Stream Server, Voice  1234 Ultors Trojan  1243 SubSeven 1.0 - 1.8  1245 VooDoo Doll  1492 FTP99CMP  1600 Shivka-Burka  1807 SpySender  1981 Shockrave  1999 BackDoor 1.00-1.03  2001 Trojan Cow  2023 Ripper  2115 Bugs  2140 Deep Throat, The Invasor  2801 Phineas Phucker  3024 WinCrash  3129 Masters Paradise  3150 Deep Throat, The Invasor  3700 Portal of Doom  4092 WinCrash  4567 File Nail 1  4590 ICQTrojan  5000 Bubbel  5000 Sockets de Troie  5001 Sockets de Troie  5321 Firehotcker  5400 Blade Runner 0.80 Alpha  5401 Blade Runner 0.80 Alpha  5402 Blade Runner 0.80 Alpha  5400 Blade Runner  5401 Blade Runner  5402 Blade Runner  5569 Robo-Hack  5742 WinCrash  6670 DeepThroat  6771 DeepThroat  6969 GateCrasher, Priority  7000 Remote Grab  7300 NetMonitor  7301 NetMonitor  7306 NetMonitor  7307 NetMonitor  7308 NetMonitor  7789 ICKiller  8787 BackOfrice 2000  9872 Portal of Doom  9873 Portal of Doom  9874 Portal of Doom  9875 Portal of Doom  9989 iNi-Killer  10067 Portal of Doom  10167 Portal of Doom  10607 Coma 1.0.9  11000 Senna Spy  11223 Progenic trojan  12223 Hack´99 KeyLogger  12345 GabanBus, NetBus  12346 GabanBus, NetBus  12361 Whack-a-mole  12362 Whack-a-mole  16969 Priority  20001 Millennium  20034 NetBus 2.0, Beta-NetBus 2.01  21544 GirlFriend 1.0, Beta-1.35  22222 Prosiak  23456 Evil FTP, Ugly FTP  26274 Delta  30100 NetSphere 1.27a  30101 NetSphere 1.27a  30102 NetSphere 1.27a  31337 Back Orifice  31338 Back Orifice, DeepBO  31339 NetSpy DK  31666 BOWhack  33333 Prosiak  34324 BigGluck, TN  40412 The Spy  40421 Masters Paradise  40422 Masters Paradise  40423 Masters Paradise  40426 Masters Paradise  47262 Delta  50505 Sockets de Troie  50766 Fore  53001 Remote Windows Shutdown  54321 SchoolBus .69-1.11  61466 Telecommando  65000 Devil    ## Summary ##   I hope this tutorial is useful in showing you both how to secure yourself against unwanted connections, and also how to determine an attacker's identity. The Internet is by no means as anonymous as some people think it is, and although this is to the detriment of people's security online, this also works both ways....it IS possible to find and stop even the most determined of attackers, you just have to be patient and keep hunting for clues which will help you put an end to their exploits.

Filed under: Uncategorized

October 25, 2008 • 2:14 pm 0

Biography of Ankit Fadia

Ankit Fadia is an Indian computer security consultant based in Silicon Valley, USA. He has authored several books on computer security. Fadia is currently pursuing his Bachelors in Management Science & Engineering at Stanford University.

Fadia was educated at Delhi Public School. He started a website called “HackingTruths”, which he claims was judged as the “second best hacking site in the world by the FBI”. He claims that when he was 14, he trashed the front page of an Indian magazine’s website. He then sent an e-mail to the editor confessing to the hack, suggesting counter measures. At 15, his book on Ethical Hacking made him the youngest author to be published by Macmillan India. He claims that in 2001, he discovered links between the Chinese government and the China Eagle Union, a cracker group responsible for defacing many U.S. web sites. He stated that the “long-term goal of the Chinese government is actually to take over the internet and control all parts of the internet”. However none of these claims have been proved by substantial evidence so far.

As per his claims, in November 2001, Fadia was consulted by a classified intelligence agency for breaking an encrypted message which was believed to have been sent by one of Osama Bin Laden’s men. No evidence has ever been found to support this claim too. Many publications wrongly reported that Fadia is associated with FBI or CIA, however, he himself denied this.

In April 2002, Rediff.com published an interview with Ankit Fadia. Anti-India Crew (AIC), a Pakistani hacker group noted for defacing Indian Government websites, rubbished the claims that Fadia had made in the interview. Fadia had claimed that his alert to a U.S. spy agency had prevented an attack by Pakistani hackers. However, he never divulged the name of the agency, citing security reasons. AIC and another Pakistani hacker group WFD defaced an Indian Government site, epfindia.gov.in, and “dedicated” it to Fadia in mock deference to his capabilities to hack or prevent hacking. AIC also said that it would be defacing the website of the Central Board of Excise and Customs (CBEC), http://www.cbec.gov.in, within two days and challenged Fadia to prevent the attack by patching the vulnerable website. AIC maintained that Fadia should stop calling himself a hacker, if it succeeded in hacking the CBEC website. AICkept its promise and defaced the CBEC website after two days. At another defaced website (bhelhyd.co.in), AIC termed the claims of Indian media about Ankit Fadia as “Bullshit”.

Fadia’s earlier site, Ankitfadia.com, was attacked in 2003, by a cracker who self-identified as SkriptKiddie. Fadia explained that he was using a private web server for hosting his website and they were responsible for the lack of security.

Fadia has also claimed that he works closely with the Government of Singapore. He has also conducted many lectures and workshops for companies, college students and several law enforcement agencies.


Future plans

In 2005, Fadia said that he is going to write a thriller on the lines of Dan Brown’s Digital Fortress, which he hopes to make into a movie. He claimed that a production company has approached him with a blanket offer. He said that he was also planning a restaurant in Pune or Ahmedabad.


Recognition

Ankit Fadia has been honored with numerous awards, including the IT Leader Award 2005 and the Indo-American Society Young Achiever Award 2005. In 2002, the Limca Book of Records declared him among the “People of The Year”. Ankit Fadia has also sponsored the “Ankit Fadia Information Security Award”, which is given annually by The Singapore Management University, to an outstanding student in the Information Security and Trust Course under the Bachelor of Science (Information System Management) degree programme.


Criticism

In 2006, questions were raised about authenticity of Fadia’s various claims at many discussion groups, forums, and mailing lists. This was triggered by a post titled “Ankit Fadia : The real picture”. His critics claim that he is overhyped and point out that he is that he has never developed any hacking technique, tool, or algorithm, and none of his tutorials or books had original content.

Many experts in India have dismissed him as just another fad. Many reviewers at Amazon.com said that he had copied outdated hacking tutorials from the Internet and compiled them into a book.

Ankit Fadia is listed on attrition.org’s Security Scene Errata: Charlatans webpage alongside individuals such as Steve Gibson and Carolyn Meinel. This page seeks to “point out a few cases of fakes walking among us”. Elsewhere on the Errata section of the attrition site, Fadia’s claims in interview are treated with extreme skepticism and subjected to criticism.

Filed under: Uncategorized

October 17, 2008 • 4:12 pm 0

Home

Custom Search

Filed under: Uncategorized

October 17, 2008 • 2:52 pm 0

TweakVista 0.90

TweakVista icon

TweakVista 0.90

Optimization tool for windows Vista


TweakVista combines effective optimization tools and innovative measures to customize your system settings to enhance the performance of your Vista operating system. With every new release of Windows, Microsoft increases the power as well as the complexity of its market dominating operating system. Hence, TweakVista is worth being installed to your PC so as to enhance your work productivity as the configuration can be tailored to match your personal needs. The best part of Stardock’s TweakVista is that it automatically prompts enhancement recommendations, and they are easily implemented with an easy “one click” update rather than complex configuration change measures. TweakVista requires PC with at least 512MB of system memory for optimum operation

Pros
TweakVista is an all-in-one control panel for your Vista computer. You can set a user profile according to what use you will make of your PC, for example playing games extensively. The program also allows you to tweak Internet and power performances, depending on your habits. TweakVista’s impressive assessment tools benchmarks your PCs capabilities so that you can take informed corrective decisions. It utilizes the inbuilt startup monitor to analyze problems, and all slow processes that take longer to start / shutdown are highlighted.

Cons
TweakVista’s cluttered interface – especially the welcome screen and its news lists and recommendations – is annoying. Stuck with a fixed size, its program window cannot be resized and you cannot scroll down its list of programs either. When utilizing its system profile tool, if you set your PC to a very aggressive mode, it might crash.

Conclusion
Awarded Microsoft’s prestigious “Certified for Windows Vista”, Stardock’s TweakVista software is setting new performance standards for Windows Vista. TweakVista enhances the Vista experience in a most favourable way. People use their computer for various purposes – for work, as a media interface, and for gaming. By choosing an appropriate user profile from those included within TweakVista, you can easily change settings to optimize the PC for your individual usage at a specific time. This greatly enhances PC performance.

. Follow the link and free download TweakVista now. 

Filed under: Uncategorized

Meta

Blogroll