New Post

Rss

How to Hack Protect Facebook Account

How to Hack Protect Facebook Account

Hello Friends, In this Tutorial i will follow the little different procedure to explain the things, First I will explain the methods used by Hackers to hack the Facebook account or passwords and then I will explain the Solution that How To Protect your Facebook account from hackers... So Read On..Its a Pity Interesting topic to discuss and learn...

how hackers hack Facebook account, protect your Facebook profile
Hack Protect Facebook Account Password


How Hackers Hack Facebook Account Password???

In this Tutorial I will Try to Explain All the Methods that any Hacker Can Use To Hack your Facebook account along with their prevention measures.. So Read It Carefully .. Its really a worth article and also very informative .So Enjoy Reading....

Facebook uses a 4 Level Facebook login procedure which makes it difficult to hack Facebook using all other techniques except Social Engineering and Cross Site Scripting.

First Level :Security SSL or 256 bit secured connection

Second Level : Facebook login script checks for cookie in the system of user. If available then it validates the cookie and update the cookie path and timestamps and its expiry interval.

Third Level : Facebook provides a redirection to the entered User information to their profile area.

Fourth Level : Facebook doesn’t use conventional php/aspx/asp coding rather it uses Client side Ajax Scripting with oAuth 2.0 protocol. So it is almost impossible to hack Facebook using input validation attack!!!

It is not an easy task to hack Facebook by breaking its security! But still some hackers manage to get access to other’s Facebook accounts. The question concerned is How they do it? Many of them just use simple tricks that fool users to hack their passwords which is generally called Social Engineering. Here are some points you need to take care of, to protect your Facebook account being hacked.


Common Ways to Hack Facebook
1. Using keyloggers is one of the Easiest Way to Hack an Facebook (or any other email) password. Keylogger programs can spy on what the user types from the keyboard. If you think that you can just uninstall such programs, you are wrong as they are completely hidden.

A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer’s keyboard. Keylogger is the easiest way to hack an Facebook account.

A keylogger program is widely available on the internet. Some of the best ones are listed below

Vicspy Keylogger
KGB Keylogger
Sniper Spy
Armadax Keylogger


PROTECTION : Use the Web Browser Monzilla Firefox and Download the ADD ON called Keyboard Scrambler.

GOTO TOOLS --->ADD ONS ----> Type "Key Scrambler" (without Quotes) in the search box and then click OK. Install It and restart Firefox.

Now all keyloggers are a piece of waste and Keyboard Scrambler Encrypts your Keystrokes....

2. Phishing Attack is the most popular way of hacking/stealing other’s password. By using fake login pages it is possible to hack Facebook. Here the users land on a page where they are asked for their login information and they enter their Facebook username and password thinking it to be a real page but actually it is other way round. It submits all the entered details to the creator of the fake login page.

Protection : Use Any of the Surf Sheilds either by AVG websheild or any other Security toolbar Or any other Antiphising tool.

3. Facebook New Features: I have come across a page(fake page) that looks like they are giving the user a choice of selecting new features for Facebook with your ID and password, of course!! When the user submit’s his/her Facebook login information through this page, there goes his ID and password mailed to the coder.

Protection : If you install a New Application or Joined any Facebook Page on Facebook Or Installed an New Theme and Its Asking For username and Password then its a Fake and Phishing attack. Don't Login if any third party product is asking for login.

4. Facebook Apps: Many times you are provided with a link to a Facebook app in a message. Always read the links carefully, It may be something like http://www.faceb0ok.com/app?p=123abcd Faceb0ok not Facebook or can be some hidden link that i explained in my previous article of clickjacking.

Protection : This is definitely a trap created by the hacker to hack your Facebook password. Clicking on this link will take you to a fake login page and there you loose up your password.

5. Java script: You must have seen the circulating messages that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it. So be careful, javascripts can even be used to hack Facebook!

These type of tricks and hacks are blocked by Facebook as soon as they are detected. So you need not to worry about It. But Try to avoid Use of javascripts as far as possible because no one knows you maybe among the few ones who become prey to that script.

6. Primary mail address: If by some means a hacker came to know the password of your Yahoo mail or Gmail, which users normally keeps as their primary mail address in their Facebook account, then hacker can hack Facebook account by simply using USER ID and clicking on ‘forget password’. This way Facebook will send link to the already hacked primary email ID to change the password of the Facebook account. Hence the email hacker will change your Facebook account’s password. Hence your, Facebook account is hacked too.

So a better thing would be to keep a very unknown or useless email ID of yours as primary email id so that if the hacker clicks on ‘Forgot password’ the password changing link goes to an unknown email id i.e. not known to the hacker. Hence your Facebook account saved.

So, I hope that this post not only teaches you to hack Facebook but also to hack protect your Facebook account.

If you would like to share something, comment here and I will add up here with a credit to your name.
How to maximize or boost android battery life

How to maximize or boost android battery life

Android phones are powerful, useful, cool and very interesting devices which makes you addicted to the phone. Most of the android smartphone users have one big issue: “battery backup”. You don’t need to change the device because it drains out quickly instead we will you tips about how to improve the battery life of your android smartphone?

maximize android battery, boost android battery life
Maximize or boost android phone battery life



Instructions:

1.  Use android’s built in battery usage screen: Check whats exactly eating up your android phone’s battery the most. Go to Settings > About Phone > Battery UseFrom this screen you can understand what to turn off in your phone settings to save battery.

2. Adjust the brightness: Big bright screens are great to look at but they eat up the maximum amount of your android’s battery. To adjust the brightness go to Settings > Display > Brightness. Either you can select the auto brightness option if available or adjust it manually.


3. Disable Wi-Fi: We know browsing on wifi is much faster than browsing on mobile data plan. Make sure you turn off the wifi when you aren’t using it because if the wifi is on your phone will keep on scanning for available networks. Go to Settings > Wireless and network settings> Wifi settings > Turn Off Wifi. (or simply turn off the wifi from the notification area)


4. Disable Bluetooth: Disable Bluetooth whenever you are not using it. It saves a lot of battery as well as keeps your smartphone save too. Go to Settings > Wireless and network settings>Bluetooth settings> Turn of Bluetooth. (or simply turn off the Bluetooth from the notification area)

5. Disable GPS: Disable GPS and Latitude when you are not using it. GPS is a very powerful service but it drains the battery pretty fast. Use GPS only when you need it. Go to Settings> Location and Security Settings> Remove check from “Use GPS Satellites”. (or simply turn off the GPS from the notification area)

Note: You can use the “Power Widget” to easily toggle GPS, Bluetooth, Wifi and Screen Brightness.
 

6. Disable automatic sync: Many applications like Gmail, facebook, twitter and other email apps eat up a lot of battery due to automatic sync features. Background data is also required to get the e-mails and updates at regular intervals. The best settings you can make is to keep the background data on and automatic sync feature turned off. Go to Settings> Accounts and Sync> Remove check mark from “Auto-sync”.


7. Disable or remove the apps that you don’t use:  There are many apps which we have installed and we never use them. Make sure you remove such apps because many of those apps keep running at the background. This will help you in freeing up internal phone memory as well as save battery.

8. Disable home screen widgets and live wallpaper:  Home screen widgets always make the apps running at the background. So make sure you keep only those widgets that you generally use. Live wallpaper is sure an eye candy and makes your smartphone home screen look beautiful, but it makes the battery backup half of what you would normally get if you use an image as wallpaper. So don’t use live wallpaper and use minimum widgets.
 

9. Use a good task killer: I would suggest you to use the inbuilt Task Killer app of your android smartphone because it has been designed according to your phone. If you want you can also grab a good task killer from android market and make sure you use it according to the instructions given. If used properly task killers can do wonders for your smartphone.

10. Use battery saving apps: There are many applications that aim to improve your battery performance. The majority of these restrict internet use and can be customized according to your needs. One of the best app for this purpose is “Juice Defender” available in both paid and free versions in android market.  “Juice Defender” lets you configure a bunch of parameters to govern your phone’s power usage. You could set android to automatically switch off data services during the night, for example, or to only enable synchronization when your screen is actually on.

Different versions of android have different levels of battery performance. Generally with each new version of Android battery life has improved. The latest version of Android, Gingerbread 2.3 has good a good battery backup in comparison with the older versions.
Sources:Enzag
Best Unique Nokia secret Hack codes

Best Unique Nokia secret Hack codes

Hey friends, today i will share with you the best Best Nokia hack codes/ These codes provide some interesting and unique information to Nokia Phone users, some of these codes unlock hidden functions. Secret hacks code are mainly beneficial in knowing your device properly. What else you can do just from calling and messaging from your mobiles. If you wish to unlock your Nokia Phone then read this article: Unlock Nokia Phone.

Note:Not all Nokia phones support all codes, so please don't complain if any of the hack code doesn't work on your mobile device.

Nokia Mobile Secret codes, Nokia Hacking codes, Nokia secret numbers
Nokia Secret Hack Codes

Universal Nokia Hack Codes
These are called universal because these hack codes works on almost all Nokia mobile phones.

*#06#     Displays the IMEI (Standard GSM command, works on all phones)
Information you get from the IMEI-

XXXXXX  XX   XXXXXX   X
    TAC       FAC     SNR      SP
*TAC = Type approval code
*FAC = Final assembly code
*SNR = Serial number
*SP    = Spare

*#0000#      Displays the firmware version and date
Information you get from the Software revision-
V 6.1.0.5
18-12-10
NSE-3

*1ST Line  = Software revision
*2ND Line = The date of the software release
*3RD Line = Phone type


*#92702689# *#war0anty#  Here you can view the S/N and the IMEI as well as the life timer (newer models). The date the phone left the factory and the date it was purchased. If your phone has been repaired the date of the repair is also visible. You will need to turn the phone off to exit this menu. Newer phones simply require you to press ok.

ClockStopping
To check weather your SIM Card supports clock stopping type- *#746025625# (*#SIM0CLOCK#)

 
NOKIA 40 SERIES CODES
The following codes are specific to older series Nokia(40 series)  Mobile phones:
Entering the following codes will restart the phone.

Note: If main code doesn't work try the alternate one given in brackets for each code. As on some devices standard code works and in some alternate only might work.

*4720# (*hra0#) Activates Half Rate, Half Rate is 5.6kbit/s and uses half the bandwidth at the cost of call quality. Network operators often activate half rate on overloaded towers during peak times to save costs.
#4720# (#hra0#) Deactivates Half Rate
*3370# (*efr0#) Activates Enhanced Full Rate, EFT attempts to match wire quality. The calls are 12.2kbit/s and are not supported by all operators. It is compatibale with the hightest AMR mode.
#3370# (#efr0#) Deactivates Enhanced Full Rate
*#746085685# (*#sim0clock#) Display the SIM clock status

Phone Specific Codes: 
The following codes are phone specific or phase related.

*#7220# (*#pca0#) Activate the GPRS PCCCH support (Packet Common Control Channel)
*#7230# (*#pcd0#) Deactivate the GPRS PCCCH support
*#7760# (*#ssn0#) Display the manufacturing serial number

This only works on the 3310 and 3330:

*#67705646# (*#opr0logo#) Clear the operator logo, the logo will be reset to the default network operator logo.

NOKIA 60/80 SERIES CODES
The following codes work on newer series 40 & series 60/80 phones:

*#2820# (*#bta0#) Display the Bluetooth MAC address (Phone must have a built in bluetooth adapter)
*#7370925538# (*#res0wallet#) Reset the mobile wallet (Phone must have the mobile wallet feature)
*#7370# (*#res0#) Soft-format the memory (Symbian)
*#7780# (*#rst0#) Reset to factory defaults, confirmation required (also known has a Hard-format), all phone contents will be wiped clean including contacts and smses if they are stored on the phone.

I hope you all have enjoyed these Secret hack codes. If you have any doubt ask in form of comments.
How to Hide your IP address online

How to Hide your IP address online

Hey friends, today i am going to share a hack tool that will help you to hide your identity online so that you can surf online anonymously without getting monitored. Do you actually know what your IP address means? Are you aware that your IP address is exposed every time you visit a website?  How you will feel when you come to know that some neighbour is monitoring your home every time? Many websites and hackers use IP address to monitor your home address and other personal information. Your IP address is your online identity and could be used by hackers to break into your computer, steal personal information, or commit other crimes against you. Now as hacker you will never wish that somebody monitor you. So i got a tool called Super Hide IP that will not only hide your identity online but also help you to block the monitoring by computer tracing cookies.

Hide your IP address, Hide your Identity Online, Privacy
Super Hide IP - Hack Tool to Hide you Identity Online

Super Hide IP allows users to surf online anonymously, keeping your Identity and IP address hidden from the third party, protect your personal information against hackers and security administrators and provide full encryption of your online activity, all with a simple click of a button. 

Benefits and Key Features of Super Hide IP 
  • Anonymous Web Surfing Click Hide IP button and you will be assigned fake IP addresses, preventing others from getting your true IP when surfing the Internet. 
  • Protect Your Identity Surf anonymously to prevent hackers or identity thieves from monitoring your web activity or intercepting your personal information such as your financial information. * Choose IP Country You can select to use fake IP from different countries via "Choose IP Country" option and can Check IP directly. 
  • Send Anonymous E-mails Hide your IP in E-mail headers. Be protected while sending e-mails via Yahoo!, Hotmail, GMail. 
  • Un-ban Yourself from Forums and Restricted Websites Use Super Hide IP to change your IP which allows you to access any forums or websites that has ever banned you.
You can download this tool from Google or simply Isoftdl Hackers Portal.

So friends, surf online safely and anonymously without being watched by any third person. As your privacy is yours and no body has any right to violate that. 
How Facebook Clickjacking Spam works

How Facebook Clickjacking Spam works

Hello friends, today i will explain you How you all can prevent or protect your Facebook profile or account from getting Clickjacked by spammers or hackers or unwanted marketers. In last few weeks lot of media has exposed hidden dangers of using Facebook like privacy violation, getting spams or walls flooded by unwanted marketers or Facebook app alerts. But my friends these media people always make hype of small things. They usually blame the main organization in case anything unusual of the above things mentioned. But friends fault not always lies with main Company, sometimes you and other things are responsible for that like you not updating your web browsers, not installing security patches, not regularly updating antiviruses, not using web security toolbar etc. Clickjacking is one of those loophole, which is not because of Facebook, its because of your vulnerable web browsers. So friends lets first learn what is clickjacking and how Facebook Clickjacking spam works..

facebook clickjacking, clickjack hack for facebook
Facebook Clickjacking hack or spam


What is Clickjacking?
Clickjacking is a technique used by hackers or spammers to trick or cheat the users into clicking on links or buttons that are hidden from normal view (usually links color is same as page background). Clickjacking is possible because of a security weakness in web browsers that allows web pages to be layered and hidden from general view. In this situation what happens is that You think that you are clicking on a standard button or link, like the PLAY button or download button on an video or some stuff, but you are really clicking on a hidden link. Since you can’t see the clickjacker’s hidden link, you have no idea what you’re really doing. You could be downloading malware or making all your Facebook information public without realizing it. Some good hackers make ajax keyloggers and put them as javascripts over their fake websites and when you open them they retrieve all your passwords stored in web browser and records whatever you type while the web browser is open and stores this information on their servers.

There are several types of clickjacking but the most common is to hide a LIKE button under a dummy or fake button. This technique is called Likejacking. A scammer or hacker might trick you by saying that you like a product you’ve never heard. At first glance, likejacking sounds more annoying than harmful, but that’s not always true. If you’re scammed for liking Mark Zukenberg​, the world isn’t likely to end. But you may be helping to spread spam or possibly sending Friends somewhere that contains malware.

How can you avoid being Clickjacked by Spammers or Hackers?
There are lot of ways by which you can protect yourself from getting ClickJacked and hence minimize the risk or falling prey to hackers or spammers. But simplest one by using latest web browser or installing latest updates. The browser companies are continually adding updates to shut down vulnerabilities that allow clickjackers and other scammers to operate. 
If you’re using Firefox, also consider installing the NoScript add-on. Beyond that, pay attention to what you’re getting and from whom. Would a college professor really share a post about watching hidden camera videos? If a post from one of your Friends seems suspicious, don’t click on it!
A suspicious post could be a sign that your Friend’s Facebook account has been hijacked or that your Friend has been clickjacked to LIKE or SHARE something without knowing it. If you know your Friends, you’ll know what those Friends really would LIKE or SHARE. That’s why one of your best protections against scams is not confirming Friend requests from people you don’t actually know.
Another great tool to help you avoid clickjacking is Web of Trust (WOT). WOT is a free browser tool that maintains a database of known safe sites as well as malicious sites reported by the WOT community. Attempt to visit a known malicious site and WOT warns you in advance. The WOT download is simple to install.

Some Security Tips:
• Keep your antivirus, anti-spyware, web toolbar, web browser and system upto date by installing all security updates and security patches.
• Don’t click on suspicious links or the links generated by Facebook applications.
• Use available security tools mentioned above to stay safe and protected.

Facebook also has checks in place to detect malicious and spam websites. Adding WOT to the existing Facebook checks gives you one more tool in your arsenal against hackers. The two checks work together to provide a joint warning system if you attempt to visit a site reported to have malware, phishing, or spam.

That's all for today my friends. If you have any queries or issues ask me in form of comments.
Best Free Android Security Software Avast Antivirus

Best Free Android Security Software Avast Antivirus

For you who longing for free Android antivirus, this is an exciting application for you friends. Avast, one of the famous antivirus vendors, now has launched Android Antivirus you can use for free! This Antivirus mobile is named Avast Mobile Security.

best antivirus for free, avast antivirus
Best Free Android antivirus

Avast Free Mobile Security supports a number of features that are usually available only in paid-for Android security software. These include privacy reports, call and SMS filtering, SIM-card change notifications, firewall and application management.

By using Avast Mobile Security in your Android phone, your cell phone will be protected from virus, threat, hacker, even it’s able to minimize your loss if your Android cell phone is stolen. The antivirus component supports real-time protection and automatic updates. Updates can be configured to only be downloaded over certain types of connections and the interface can be protected with a password.

Call and SMS filtering can help device owners block annoying advertising calls or spam text messages. Users can define groups of phone numbers and configure the blocking intervals for them.The firewall component is only available for rooted devices because it requires special system-level access to enforce its rules. Device owners can use it to block individual applications from accessing the Internet over certain types of connections.

If your cell phone Android version is Android 2.1.x, 2.2.x, or 2.3.x, so you can download and install Avast Mobile Security directly from Android Market.
Facebook Hidden Dangers Exposed by CBSNews

Facebook Hidden Dangers Exposed by CBSNews

CMSNews has recently interviewed Joan Goodchild regarding the security and privacy gaffes over the world famous social networking website and you all will be shocked when you will read what she has answered. He has exposed more than 10 loopholes in the Facebook security and its privacy policies. She even insisted to an extent that sharing personal things over Facebook can sometimes even put you into big troubles. So friends, always take care while sharing your personal information on Facebook as it can be dangerous.

Facebook claims that it has 400 million users. But are they well-protected from prying eyes, scams, and unwanted marketers?
According to Joan Goodchild, senior editor of CSO (Chief Security Officer) Online answer is simply "NO".
She says your privacy may be at far greater risk of being violated than you know, when you log onto the social-networking site, due to security gaffes or marketing efforts by the company.
Facebook came under fire this past week, when 15 privacy and consumer protection organizations filed a complaint with the Federal Trade Commission, charging that the site, among other things, manipulates privacy settings to make users' personal information available for commercial use. Also, some Facebook users found their private chats accessible to everyone on their contact list, a major security breach that's left a lot of people wondering just how secure the site is.
In two words, asserts Goodchild: not very.


Facebook privacy loopholes, facebook dangers exposed
Facebook Dangers Exposed by CBSNews

On "The Early Show on Saturday Morning," Goodchild spotlighted five dangers she says Facebook users expose themselves to, probably without being aware of them:

  • Your information is being shared with third parties
  • Privacy settings revert to a less safe default mode after each redesign
  • Facebook ads may contain malware
  • Your real friends unknowingly make you vulnerable
  • Scammers are creating fake profiles

Below is an edited transcript of the interview:

Question :Is Facebook a secure platform to communicate with your friends?

Answer: Here's the thing, Facebook is one of the most popular sites in the world. Security holes are being found on a regular basis. It is not as inherently secure as people think it is, when they log on every day.
Certainly, there are growing pains. Facebook is considered a young company, and it has been around a few years now. It is continuing to figure this out. They are so young, they are still trying to figure out how they are going to make money. It is hard to compare this to others; we have never had this phenomenon before in the way [so many] people are communicating with each other--only e-mail comes close.
The potential for crime is real. According to the Internet Crime Complaint Center, victims of Internet-related crimes lost $559 million in 2009. That was up 110 percent from the previous year. If you're not careful using Facebook, you are looking at the potential for identity theft, or possibly even something like assault, if you share information with a dangerous person you think is actually a "friend." One British police agency recently reported that the number of crimes it has responded to in the last year involving Facebook climbed 346 percent. These are real threats.
Lately, it seems a week doesn't go by without some news about a Facebook-related security problem. Earlier this week, TechCrunch discovered a security hole that made it possible for users to read their friends' private chats. Facebook has since patched it, but who knows how long that flaw existed? Some speculate it may have been that way for years.
Last month, researchers at VeriSign's iDefense group discovered that a hacker was selling Facebook usernames and passwords in an underground hacker forum. It was estimated that he had about 1.5 million accounts--and was selling them for between $25 and $45.
And the site is constantly under attack from hackers trying to spam these 400 million users, or harvest their data, or run other scams. Certainly, there is a lot of criticism in the security community of Facebook's handling of security. Perhaps the most frustrating thing is that the company rarely responds to inquiries.

Question: Do people really have privacy on Facebook?

Answer: No. There are all kinds of ways third parties can access information about you. For instance, you may not realize that, when you are playing the popular games on Facebook, such as FarmVille, or take those popular quizzes--every time you do that, you authorize an application to be downloaded to your profile that gives information to third parties about you that you have never signed off on.

Question: Does Facebook share info about users with third parties through things such as Open Graph?

Answer: Open Graph is a new concept for Facebook, which unveiled it last month at its F8 conference. It actually is basically a way to share the information in your profile with all kinds of third parties, such as advertisers, so they can have a better idea of your interests and what you are discussing, so Facebook can--as portrayed--"make it a more personal experience."

Question: The theory behind Open Graph--even if it has not implemented it--is its whole business model, isn't it?

Answer: That is the business model--Facebook is trying to get you to share as much information as possible so it can monetize it by sharing it with advertisers.

Question: Isn't it in Facebook's best interest to get you to share as much info as possible?

Answer: It absolutely is. Facebook's mission is to get you to share as much information as it can so it can share it with advertisers. As it looks now, the more info you share, the more money it is going to make with advertisers.

Question: Isn't there also a security problem every time it redesigns the site?

Answer: Every time Facebook redesigns the site, which [usually] happens a few times a year, it puts your privacy settings back to a default in which, essentially, all of your information is made public. It is up to you, the user, to check the privacy settings and decide what you want to share and what you don't want to share.
Facebook does not [necessarily] notify you of the changes, and your privacy settings are set back to a public default. Many times, you may find out through friends. Facebook is not alerting you to these changes; it is just letting you know the site has been redesigned.

Question: Can your real friends on Facebook also can make you vulnerable?
Answer: Absolutely, Your security is only as good as your friend's security. If someone in your network of friends has a weak password, and his or her profile is hacked, he or she can now send you malware, for example.
There is a common scam called a 419 scam, in which someone hacks your profile and sends messages to your friends asking for money - claiming to be you--saying, "Hey, I was in London, I was mugged, please wire me money." People fall for it. People think their good friend needs help--and end up wiring money to Nigeria.

Question: A lot of Web sites we use display banner ads, but do we have to be wary of them on Facebook?

Answer: Absolutely, Facebook has not been able to screen all of its ads. It hasn't done a great job of vetting which ads are safe and which are not. As a result, you may get an ad in your profile when you are browsing around one day that has malicious code in it. In fact, last month, there was an ad with malware that asked people to download antivirus software that was actually a virus.

Question: Is too big a network of friends dangerous?

Answer: You know people with a lot of friends--500, 1,000 friends on Facebook? What is the likelihood they are all real? There was a study in 2008 that concluded that 40 percent of all Facebook profiles are fake. They have been set up by bots or impostors.
If you have 500 friends, it is likely there is a percentage of people you don't really know, and you are sharing a lot of information with them, such as when you are on vacation, your children's pictures, their names. Is this information you really want to put out there to people you don't even know?


So friends, be careful while sharing your information online specially of social networking websites like Facebook.

Note:-This interview, "Five Hidden Dangers of Facebook," was originally published on CBSNews

How to hack keyloggers or RAT's server password

How to hack keyloggers or RAT's server password

Keylogger's and RAT's nowadays are everybody's problem across the internet. Hackers use keyloggers to hack the email passwords of the victim which they receive in the form of emails or text files on their respective FTP servers. They spread their keyloggers with the help of cracks, keygen's or patches of popular software's or simply through hack tools. So friends, today i will teach you how to reverse engineer the keylogger or RAT to hack the hackers FTP server or email password. I have already discussed this with the help of bintext tool on my other website ISOFTDL. 

hack the keyloggers, hack the hacker

Most of hackers thinks that they are too smart, so what they do bind their keylogger or Rat servers with popular programs and when user open that their system got infected and hence what ever they type is get recorded and sent to hacker. 
Now all keyloggers sent data to hacker in regular intervals (usually every 5 to 10 minutes) by using below to ways:
1. Using the Emails : where hacker configures his email ID and password while creating the server. Keylogger records the key strokes in a temp file and sends it to the hacker in form of emails. But this has a limit as most free email servers like Gmail or Yahoo or Hotmail has limit of 500 composed and received mails. So most hackers use the second method.
2. FTP server : While creating the keylogger server, hacker configure their FTP server, where they receive the logs of key strokes in the form of text file( usally labeled on the basis of current system time stamp). Hackers keylogger server uploads the files to FTP server after every few minutes interval.

So friends, here the actual trick or loophole in above technique lies. If we monitor the everything coming in and going out of our Ethernet card or Wireless then we can detect that what is going out of our system. Its nothing but just monitoring your your system's traffic, where its going and from where its coming. You can use any of the tool that monitor the packet flow of your Ethernet or wireless card.
ok...ok.. let me tell you my favorite tool for doing the same. I love Wireshark because its simply superb.

Wireshark is a very famous network scanning hack tool which is used by hackers or network forensic experts to monitor the packet flow of their network cards like Ethernet or WLAN. It records the each and every packet coming and going out of your system's Network card. Now you all must be thinking wth is this Packet. Packet is nothing but just a bunch of bits(data in form of 0 & 1) usually 32bit or 64bit. In network terminology, data is termed as packet which can be either TCP or UDP( both contains the header n other stuff accordingly). 

So friends, whenever you feel anything suspicious in your system like your system is compromised or you are infected from a keylogger or RAT or simply you want to test a hack tool and you are not aware that hack tool is safe to use or not. Just follow the below procedure to reverse engineer these noob hacking tools.
Note: Every keylogger or RAT sends the logs to hacker's FTP server or email account after few minutes interval( when you are connected to internet) but some novice keyloggers even tries to send data while you are offline and hence the data sending keep on failing. In some situations it displays warning message and in some situations you PC gets hanged or SVHOST service CPU usage increases. But nothing matters whether it sends logs online or offline, the only thing matter is time period, after what interval it sends data.

Steps to Hack or reverse engineer the Hacker's Keylogger server password:
1. First of all download and install the wireshark. You can easily get this using by Googling it. 
Note: While Wireshark is getting installed, ensure that it installs the Winpcap with it other it won't work properly.
2. Now go to the Capture button in the top menu of the Wireshark as shown below and select the interface( means your network card which can be Ethernet or WLAN).

how to hack keylogger using wireshark


3. Now it will start capturing the packets through that Network card. What you have to do is just keep capturing the records for atleast 20 - 30 minutes for getting the best results. After 20- 30 minutes, again  go to capture and stop capturing the packets.
4. Now you need to filter your results, for this Go to the filter box and type FTP and SMTP one by one. Note: if you get records for FTP then hacker has used FTP server and if you didn't got FTP that means hacker has used SMTP, so give SMTP in Filter box.
5. As you scroll down you will find the “FTP username” and “Password” for victims ftp account in case FTP server is used.  And if hacker has used SMTP then you will find "email address" and its "password" that hacker has used to create keylogger.

6. That's all my friends. Isn't that too easy.

That's all from my side today, If you have any issues or questions you can ask me in form of comments.

How to protect email account getting hacked

How to protect email account getting hacked

"My Email account is hacked" or " Some hacker has hacked my email account", did these quotes sound familiar to you Guys, if not then soon gonna be if you are not aware of latest techniques used by hackers to hack into your email accounts. After reading such comments there are two things that always come to my mind, either hacking email account is to easy for hackers or protecting email account for getting hacked is too difficult. And after thinking about both above points, i starts laughing because both are true for Hackers and both are false for unaware users.
Note: If a Hacker wants to hack you Email or system, he will hack it. The only thing you can do is, just make it harder for him to do the same.

Friends, after spending my precious 5 years in field of Hacking and Cyber security, i reached a very simple conclusion. Email accounts can only be hacked by means of Social Engineering technique, and whoever says that he can hack email account using some other technique then friends he is a liar.

Hack Email account passwords,protect email accounts
Protect Email account from getting hacked

Now what all topics are covered in Social Engineering Technique:
1. Phishing or fake page login technique.
2. Spreading Keyloggers in form of cracks, keygens, or hack tools(RAT's , keyloggers, etc).
3. Shouldering passwords.
4. Guessing Weak Passwords.
5. Compromising Accounts with Friends or team mates
6. Using Accounts from Cyber cafe's or other insecure places like friends PC or college PC's.

So friends let's start from one by one, how you all can protect yourself from hackers.

1. Phishing or Fake Pages Login Technique
In this technique, what hacker does is that, he makes a local(fake) copy of original website which looks absolutely similar to original one and attaches his PHP action scripts to record the passwords and then uploads that local copy to some free web hosting server. After uploading, he shares the links with friends or victims by three different ways:
a. By Sending Emails : Emails can be spoofed and looks like they are coming from genuine sources like Gmail Support or Yahoo Support etc or Simply from your most trusted friends.
Now which type of emails you should not open:
  1. Emails asking for account verification:  These emails ask for you email account username or passwords to verify your details.
  2. Emails showing Prize Money or lotteries: Nowadays, we all receive a lot of email messages like "You have Won Prize Money or Lottery of so and so amount. These emails usually ask your name, age occupation, mobile number, sometimes credit card details. And when you provide all these information they ask you to verify your Mobile number. They usually say you will receive one unique verification code on your mobile and ask you to enter that verification code in some unknown website.  Note: This is mobile phone verification  loophole of all Email services. They all sent verification in below format: " Your Google Verification Code is 123456 or Your Yahoo verification code is 123456 or Your Hotmail verification code is 123456". Means these services doesn't mention that "your Gmail or Yahoo or Hotmail password reset code is 123456" so user is easily get fooled by such offers and become the prey to hackers.
  3. Emails from unsolicited or unknown sources: Never open the emails which comes from unknown sources.
  4. Never access any social networking website link from your email as it can be a Phish Page link.

Some useful and handy guidelines to identify Phish Pages:
1. Always check the URL in the address bar ( both source and destination). Never login in the URL which has website URL other than the original one.
2. Most important: Always use web security toolbar(avg,avira or crawler etc), most of them are available for free. They will detect the fake pages and warn you from opening them.

b. Using Chat services
Never open the links that are being posted in chat rooms, there are lots of Ajax and java scripts available in market that can retrieve all your stored passwords from your web browser.

c. Sharing Content on some website and that website is asking for registration with is followed by email verification. Hackers share their links on famous forums or torrents, when user open these link either of the above two things happen or a key logger or RAT is attached with them that will record you email address and password and send the information to hackers email account or FTP mail.


2. Spreading Keyloggers in form of cracks, keygens, or hack tools(RAT's , keyloggers, etc).
This is the most used hacking technique used by almost every hacker to hack the users email accounts. In this technique, hackers attach their keylogger or RAT servers with the crack or keygen or patch or hack tools and whenever user executes that it got installed automatically. 
In this case hackers use the below loophole: Whenever you open a keygen or patch or crack or hack tool, your antivirus shows you are warning message but users always ignore these as hackers or cracks provider has already instructed the users that turn off the antivirus before running patch or keygen.

So friends 4 things to note here:
a. Never use cracked or patched software's as they already contains Trojan's which are controlled on basis of timestamp. 
Solution: Look for any freeware providing the same features. If you request i will give you the list for freeware alternatives for all paid software's.
b. Never turn off your antiviruses or anti-spywares or web security toolbar.
c. Regularly update your antivirus and anti spyware programs.
d. If you wanna try any hacking software or hack tool, then always use sandbox browser or use Deep Freeze. 

3. Shouldering passwords
Seeing or watching the user, while he/she is typing his password is called shouldering. Most of time we types our passwords in front of our friends or colleagues. Nowadays what usually friends or classmates do is that, they stand in back of you and keep a eye on you while you are typing passwords. This technique is also used at ATM machines, thieves or malicious people watch people while they were entering the ATM pin and then misuse that online.
Solution: Always take care that nobody is watching you while you are typing passwords. If not possible to do so try to avoid logging into your accounts when your friends are near you.
Note: Never store passwords in your web browsers. Otherwise, friends like me ask you to bring water for me and when you go out, i will see you all saved passwords :P..

4. Guessing Weak Passwords
Its not a new thing, i have told people more than hundreds of time not to use weak or very common passwords but they will never learn. Few basic passwords that unaware or novice IT people use:
a. 6 to 8 consecutive character on the keyboard or alphabets like qwerty, 1234567, abcdefgh etc.
b. Atleast 30% of people keep their current or previous mobile numbers as their passwords.
c. More than 10% keep their girlfriend name or her mobile number as password.
d. But nowadays password policy are quite good, so novice people also became smart as most of websites ask atleast one Capital letter, one number and one special character in password. Now friends, guess what will be their passwords:
1. Suppose its december then their password will be like: Dec@2011 or Dec123! or Dec2011@.
2. How can they forget keyboards consequite keys like qwert123!, qwerty123$, abc123! etc.
3. Offcourse, none can forget his girlfriend name : girlfrindfirstname123! or more smart people GFNAME1!.
Hahaha.... thats really foolish.

Some tips for strong passwords:
1. Always keep your password atleast 8 chars long.
2. Use special characters and number and small n upper case combination in your password.
3. Verify your mobile numbers if available.
4. Keep changing your passwords at-least once a month.


5. Compromising Accounts with Friends or team mates
Its one of the most common problem with team mates and friends. "Today i am not coming to office or college, please use my login ID and password and forward the details or some files" or "Your friend went to your home and suppose you are away from your house, now what you will do, hey use my username and password and take your files or documents". What the hell is this? You call yourself professional, and every time you yourself violating the password and account policy norms.
Never share your account information with anyone. People like me are very dangerous, if you share your pass with me then you are done :P..
Solution: Never tell your account information to anyone. If its urgent, you can share it but you need to change your details as soon as possible.

6. Using Accounts from Cyber cafe's or other insecure places like friends PC or college PC's. 
Most of cyber cafe's or college computers have keyloggers or rats installed on them. Whenever you login into your account through cybercafe, none can give you assurance that your account is safe or hacked. So always play it safe. If you login into your account through cyber cafe's, always change them as soon as possible. 

Now friends, if you follow all the above steps told by me, then your account can never be hacked and for sure you will never get a chance to say "My EMail account is hacked" or "Someone has hacked my email".

So play safe to live n enjoy safe. That's all for today, hope you all have enjoyed my tutorial on how to protect your email account from getting hacked.

If you have any queries ask me in form of comments. 

How to Create your own Run Command

How to Create your own Run Command

All of us know that windows operating system is the most used operating system in the world. Its not because of its Easy and Simple Graphical user Interface but because of its intense features that it incorporates to make the user day to day life simpler. Today's trick is also related to that fact only, today we will learn how we can create our own RUN command's that can directly execute your program and other applications.  It is a simple and easy method of accessing programs quickly. If you happen to want to make a shortcut to an application your own way, guess what, you can make easy 7 steps. Just follow the instructions and you are through...

Latest windows XP | Windows 7 tricks
Windows Tips n Tricks

How to Create your own RUN command in Windows?

Stepwise creation of RUN commands:
Step 1: Go to “Start,” “Run,” (told you we use it a lot) and type regedit.

Step 2: Navigate to the following:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Apps Path
Step 3: Create a new folder/key under Apps Path. (Right-Click Apps Path and click “New,” “Key.”)

Step 4: Title the new folder/key the name of the application, e.g. firefox.exe.

Step 5: Right-Click the default string value (the thing automatically created in your new folder) and click Modify.

Step 6: Change the value to the path of the executable you are attempting to run. E.g. C:\Program Files\Mozilla Firefox\firefox.exe.

Step 7: Create a new “String Value” by right-clicking under the default value (the thing we just edited) and select “New,” “String Value.” Name it Path and enter the value as the same path you previously entered.

create your own run command

Step 8: Done! Now, all you need to do is go to “Start,” “Run,” and type the name of your command.

That's all my friends, if you have any queries ask me in form of comments.


Advanced Port Scanning techniques tutorial

Advanced Port Scanning techniques tutorial

Hello friends, in yesterday's tutorial i have explained Port scanning basics, today i will teach you different types of port scanning and their analysis, drawbacks etc. Lets start with a brief overview of yesterday's tutorial.
In simple words, Port Scanning is a series of attempts by a hacker or network administrator to examine which ports on a network are open/closed/filtered by attempting to connect to a range of ports and then gathering information from responding open ports to detect what applications or which service is associated or running on those ports. Port Scanning is accomplished by running port scanner against the host to scan 0 to 65536 potentially available ports on computer.
Now you all will be thinking why the hell, i am explaining different types of scans when we can simply do a normal port scan using any port scanning tool like NMAP or Free port scanner etc. Friends i am explaining this to you because different type of Port scan technique will result into different information gathering and scenerio will be different for each type. First of all we must need to choose which Port scanning technique we gonna use to scan the victim. Most elite hackers opt for Stealth Scan as its run in background without the knowledge of the user. So lets focus more on different scanning techniques..



port scanning, port scan, types of port scanning, advanced port scanning
Different type of port scanning




Different types of port scanning techniques:

1. Open Scan : Also known as vanilla scan. In this type of scan hacker try to connect to all the ports of the victim. This scan uses a normal TCP connection to determine port availability and utilizes a TCP 3-way handshake connection that typically every other TCP application will use on a network . Because of this fact this technique has a drawback that it can be easily detected and blocked.  
How open scan works? 
When the port is open, the client sends a SYN flag, the server replies a SYN+ACK flag, which is acknowledged back with an ACK flag by client. Once the handshaking is completed, the connection is terminated by the client. This confirm an open port. When the port is closed or "not listening" the server response a RST+ACK flag, which is acknowledged back with an RST flag by client, and then the connection is closed.
The disadvantage of this scan technique is that the attacker cannot spoof his identity as spoofing would require sending a correct sequence number as well as setting the appropriate return flags to setup data connection. Moreover, most stately IDS and firewall detect and log this scan, exposing both the attempt and the attacker's IP. The advantage is fast accurate scan that require no additional privilege.

2. Half Open Scan : Half open scan is similar to Open or vanilla scan. The only difference is that it does not establishes a complete connection with the host so it becomes little bit typical for victim firewall to detect it but it still detectable as for receiving ICMP echos a connection has to be established between your PC and victim. 
How Half Open Scan works?
In half-open scan, a complete TCP connection is not established. Instead as soon as the server acknowledge with a SYN+ACK response, the client tears down the connection by sending RST flag. This way, the attacker detect an open port and not establish full connection.
However, some good IDS and firewall like zone alarm can detect a SYN packet from the void and prevent half open scan. Besides, this scan require attacker to make a customer IP packet, which in turn requires the access to SOCK_RAW (getprotbyname('raw') under most system) or /dev/bpf (Berkeley packet filter), /dev/nit (Sun network interface tap). This requires admin privilege access.

3. Strobe Scan – In strobe scan, hackers try to scan only a selected number of port connections.(usually under 20) and rest of the working is similar to open scan. The only difference is that its light weight scan where hackers scan specific ports on the host and analyze the results. A strobe does a narrower scan, only looking for those services the attacker knows how to exploit. Almost 90% of crackers uses this technique as its fastest and accurate.
Drawback: Limited scan may not produce expected results but its too fast. Free Port scanner works on strobe scan technique only. It only scan the internet and web application services ports.

4. Stealth Scan – In this type of scanning technique, scanning is done in stealth manner, which aims to prevent the “request for connection” being logged.
Initially half open scans were considered stealth, however as IDS software evolved, these scan were easily logged. Now, stealth scan refers to the type of scan where packets are flagged with a particular set of flags other than SYN, or a combination of flags, no flag set, with all flag set, appearing as normal traffic, using fragmented packet or avoiding filtering devices by any other means. All these techniques resort to inverse mapping to determine open ports.
Different type of Stealth scans:
  • SYN|ACK Scan
    Client sends a SYN+ACK flag to the target. For a closed port, server will reply a RST response while an open port will not reply. This is because the TCP protocol requires a SYN flag to initiate the connection. This scan may generate certain amount of false positives. For instance, packets dropped by filtering devices, network traffic, timeouts etc can give a wrong inference of an open port while the port may or may not be open. However this is a fast scan that avoid three-way handshake.
  • FIN Scan
    Similar to SNY|ACK scan, instead a FIN flag is sent to the target. The closed ports are required to reply to the probe packet with RST, while open ports must ignore the packet in question. This scan attempt to exploit vulnerabilities in BSD code. Since most OS are based on BSD or derived from BSD, this was a scan that can return good result. However, most OS applied patches to correct the problem, still there remains a possibility that the attacker may come across one where these patches have not be applied.
  • ACK Scan
    The scan take advantage of the IP routing function to deduce the state of the port from the TTL value. This is based on the fact that IP function is a routing function. Therefore TTL value will be decremented by on by an interface when the IP packet passes through it.
  • NULL Scan
    In NULL scan, the packet is sent without any flag set. This takes advantage of RFC 793 as the RFC does not specify how the system should respond. Most UNIX and UNIX related system respond with a RST (if the port is open) to close the connection. However, Microsoft's implementation does not abide with this standard and reacts differently to such scan. An attacker can use this to differentiate between a Windows machine and others by collaborating with other scan results. For example, if -sF, -sX or -sN scan shows all ports are closed, but a SYN (-sS) scan shows ports are opened, the attacker can infer that he is scanning a windows machine. This is not an exclusive property though, as this behavior is also shown by Cisco, BSDI, HP/UX, MVS and IRIX. Also note that the reserved bits (RES1, RES2) do not affect the result of any scan. Therefore this scan will work only with UNIX and related systems.
  • Xmas Scan
    In Xmas scan, all flags are set. All the available flags in the TCP header are set (ACK, FIN, RST, SYN, URG, PSH) to give the scan an ornamental look. This scan will work on UNIX and related systems and cause the kernel to drop the packet if the receiving port is open.

5. FTP Bounce ScanThe ability to hide their tracks is important task for hackers. And in port scanning this is achieved using FTP bounce scan technique.
FTP bounce scanning takes advantage of a vulnerability of the FTP protocol itself. This scan takes advantage of the FTP servers with read/write access. The advantage of this scan can be both anonymity and accessibility. Suppose the target network allows FTP data transfer from only its recognized partners. An attacker might discover a service business partner who has a FTP service running with a world-writable directory that any anonymous user can drop files into and read them back from. It could even be the ISP hosting services on its FTP server. The attacker, who has a FTP server and able to run in passive mode, logs in anonymously to the legitimate server and issues instructions for scanning or accessing the target server through a series of FTP commands. He may choose to make this into a batch file and execute it from the legitimate server to avoid detection.
If a connection is established as a means of active data transfer processing (DTP), the client knows a port is open, with a 150 and 226 response issued by the server. If the transfer fails a 425 error will be generated with a refused build data message. The PASV listener connection can be opened on any machine that grants a file write access to the attacker and used to bounce the scan attack for anonymity. It does not even have to be an FTP server, any utility that will listen on a known TCP port and read raw data from it into a file will do.
Often these scan are executed as batch files padded with junk so that the TCP windows are full and the connection stay alive long enough for the attacker to execute this commands. Fingerprinting the OS scan help determine the TCP window size and allow the attacker to pad this commands for further access accordingly.
This scan is hard to trace, permits access to local network and evades firewalls. However, most FTP servers have patched this vulnerability by adopting countermeasures such as preventing third party connection and disallowing listing of restricted ports. Another measure adopted has been restrict write access.


6. Fragmented Packets Scans : FPS is an attempt to bypass rules in some routers. This approach is evolved from the need to avoid false positive arising from other scans due to packet filtering device. For any transmission, a minimally allowable fragmented TCP header must contain a destination and source port for the first packet (8 octet, 64 bit), the initialized flags in the next, which allows the remote host to reassemble the packet upon receipt through an internet protocol module that identifies the fragmented packets by the field equivalent values of source, destination, protocol and identification.
The scan works by splitting the TCP header into small fragments and transmitting it over the network. However, there is a possibility that IP reassembly on the server-side may result in unpredictable and abnormal results - such as fragmentation of the data in the IP header. Some hosts may be incapable of parsing and reassembling the fragmented packets and thus may cause crashes, reboots or even network device monitoring dumps.
Some firewalls may have rulesets that block IP fragmentation queues in the kernel (like the CONFIG_IP_ALWAYS_DEFRAG option in the Linux kernel) - though this is not widely implemented due to the adverse affect on performance. Since several intrusion detection systems use signature-based mechanisms to signify scanning attempts based on IP and/or the TCP header, fragmentation is often able to evade this type of packet filtering and detection. There is a high possibility of causing network problems on the target network.

7. UDP Scan : As the name suggest its a one way scan as UDP is a FIRE AND GO portocol. Port scanning usually means scanning for TCP ports, which are connection-oriented and therefore give good feedback to the attacker. UDP responds in a different manner. In order to find UDP ports, the attacker generally sends empty UDP datagrams. If the port is listening, the service should send back an error message or ignore the incoming datagram. If the port is closed, then most operating systems send back an “ICMP Port Unreachable” message. Thus, you can find out if a port is NOT open, and by exclusion determine which ports are open. Neither UDP packets, nor the ICMP errors are guaranteed to arrive, so UDP scanners of this sort must also implement retransmission of packets that appear to be lost (or you will get a bunch of false positives).

Also, this scanning technique is slow because of compensation for machines that implement the suggestions of RFC 1812 and limit ICMP error message rate. For example, a kernal may limit destination unreachable message generation to 80 per 4 seconds, with a 1/4 second penalty if that is exceeded.

Some people think UDP scanning is pointless – not so. Sometimes for example, Rpcbind can be found hiding on an undocumented UDP port somewhere above 32770. So it doesn’t matter that port 111 is blocked by the firewall. But can you find which of the more than 30,000 high ports it is listening on? With a UDP scanner you can. 
The disadvantage to the attacker is that UDP is a connectionless protocol and unlike TCP does not retransmit packet if they are lost or dropped on the network. Moreover, it is easily detected and unreliable (false positive). Linux kernel limit ICMP error message rates with destination unreachable set to 80 per 4 seconds, thereafter implmenting a 1/4 second penalty if the count is exceeded. This makes the scan slow and moreover the scan requires root access. However it avoids TCP based IDS and can scan non-TCP ports.

Some more advanced techniques:
1. TCP SCTP Scan: SCTP is a relatively new alternative to the TCP and UDP protocols, combining most characteristics of TCP and UDP, and also adding new features like multi-homing and multi-streaming. It is mostly being used for SS7/SIGTRAN related services but has the potential to be used for other applications as well. SCTP INIT scan is the SCTP equivalent of a TCP SYN scan. It can be performed quickly, scanning thousands of ports per second on a fast network not hampered by restrictive firewalls. Like SYN scan, INIT scan is relatively unobtrusive and stealthy, since it never completes SCTP associations. It also allows clear, reliable differentiation between the open, closed, and filtered states.

2. SCTP COOKIE ECHO scan : It is more advanced SCTP scan. It takes advantage of the fact that SCTP implementations should silently drop packets containing COOKIE ECHO chunks on open ports, but send an ABORT if the port is closed. The advantage of this scan type is that it is not as obvious a port scan than an INIT scan. Also, there may be non-stateful firewall rulesets blocking INIT chunks, but not COOKIE ECHO chunks. Don't be fooled into thinking that this will make a port scan invisible; a good IDS will be able to detect SCTP COOKIE ECHO scans too. The downside is that SCTP COOKIE ECHO scans cannot differentiate between open and filtered ports, leaving you with the state open|filtered in both cases.

That's all for today friends, i hope now you all will be able to understand how scanning actually works and you might have chosen your favorite technique.
Note my point: Lots of features provided doesn't matter, what matters is accuracy and smart results. Now this statement may make you think to change the scan method.

REFERENCES:
1. Wikipedia(Port scanning)
2. NMAP ORG(Port Scanning Techniques & Chapter 15: NMAP reference Guide)
3. Power Security Tools( Chapter 2: Network scanning)
4. Hackers Beware : Defending your Network (Chapter 3: Information Gathering)
5. Examining Port scan methods White paper by Deathy
6. Maximum Security: A hacker's Guide to protect your Internet (chapter 9 Scanners).

I know, this is too advanced article and you all must be having lots of questions and queries regarding each scans. Go ahead and ask in form of comments. I will try to clear all your queries.

Copyright © 2012 Learn How to Hack - Best Online Ethical Hacking Website All Right Reserved
Designed by Hackingloops.