How to make you computer fresh and fast

Remove Useless software and apps : We often install many unnecessary application and later forget to uninstall them These application becomes burden in our computer and eventually slow down our computers So at first you need to delete all this unnecessary application and software To uninstall the software you should go to Control Panel->Add or remove->find and select the software you would like to uninstall.
Utilize your RAM performance : A lot of you may have these setting already set. But If you don’t have then don’t worry. You just have to follow the process. Right click on My computer->Properties->Advanced system settings->Setting(Under Performance)->Advanced->Change(Under Virtual Memory). Now double the number in Maximum size then the number initial size. It will surely help your PC to utilize the most of RAM.
Check for errors : Our computers face errors very oftenly in daily use and some errors stuck to our computer hard disk which makes our computer slow. So its very important to kill those errors to make our computer work better. Go to My computer and press enter .Our main hard disk is usually C: and we need this drive to be free from error So right click on Hard disk C and then click tools Then from the Error-Checking option click You may need to restart the computer to do so It will make your computer Faster.
Desktop-cleaning : We often keep unnecessary file in our desktop but it actually affects the performance of our computer. Delete the useless files or another choice is to move them to Local disk if necessary. You should only keep shortcuts in your Desktop only if you needed. If we keep Wallpapers on our desktop it also effect slightly to slow down our computer a blank screen is always better remove temporary internet files and cache from your web browser Browsing internet slow down our computer You need to clean these temporary files and cookies to make your computer stay clean and faster. There are a no. of software available today in the market which can do the task for you. You can use Ccleaner for this purpose which is a very trusted software. To proceed to the official website to download Click here
Disk Defragmentation : We should defragment our disk to make our PC faster. For deframentation process, just follow the same steps given below. Locate Hard disk C then click properties then click tools and then click defragment Now from the option Disk defragmentation.
Use a Trusted antivirus : he last but not the least tip is to use a reliable trusted antivirus which will protect your PC from harmful antivirus. Kaspersky and AVG are some of the trusted antivirus but you have to pay to use them. If you don’t wish to pay some money then you can also download free Microsoft security essential to save your computer from harmful Malware and spywares. Check the link here

Read More

DNS Hijacking: What it is and How it Works

DNS hijacking (sometimes referred to as DNS redirection) is a type of malicious attack that overrides a computer’s TCP/IP settings to point it at a rogue DNS server, thereby invalidating the default DNS settings. In other words, when an attacker takes control of a computer to alter its DNS settings so that it now points to a rogue DNS server, the process is referred to as DNS hijacking.

As we all know, the “Domain Name System (DNS)” is mainly responsible for translating a user friendly domain name such as “google.com” to its corresponding IP address “74.125.235.46″. Having a clear idea of DNS and its working can help you better understand what DNS hijacking is all about. If you are fairly new to the concept of DNS, I would recommend reading my previous post on How Domain Name System Works.

How DNS Hijacking Works?

As mentioned before, DNS is the one that is responsible for mapping the user friendly domain names to their corresponding IP addresses. This DNS server is owned and maintained by your Internet service provider (ISP) and many other private business organizations. By default, your computer is configured to use the DNS server from the ISP. In some cases, your computer may even be using the DNS services of other reputed organizations such as Google. In this case, you are said to be safe and everything seems to work normally.

But, imagine a situation where a hacker or a malware program gains unauthorized access to your computer and changes the DNS settings, so that your computer now uses one of the rogue DNS servers that is owned and maintained by the hacker. When this happens, the rogue DNS server may translate domain names of desirable websites (such as banks, search engines, social networking sites etc.) to IP addresses of malicious websites. As a result, when you type the URL of a website in the address bar, you may be taken to a fake website instead of the one you are intending for. Sometimes, this can put you in deep trouble!

What are the Dangers of DNS Hijacking?

The dangers of DNS hijacking can vary and depend on the intention behind the attack. Many ISPs such as “OpenDNS” and “Comcast” use DNS hijacking for introducing advertisements or collecting statistics. Even though this can cause no serious damage to the users, it is considered as a violation of RFC standards for DNS responses.

Other dangers of DNS hijacking include the following attacks:

Pharming: This is a kind of attack where a website’s traffic is redirected to another website that is a fake one. For example, when a user tries to visit a social networking website such as Facebook.com he may be redirected to another website that is filled with pop-ups and advertisements. This is often done by hackers in order to generate advertising revenue.

Phishing: This is a kind of attack where users are redirected to a malicious website whose design (look and feel) matches exactly with that of the original one. For example, when a user tries to log in to his bank account, he may be redirected to a malicious website that steals his login details.

How to Prevent DNS Hijacking?

In most cases, attackers make use of malware programs such as a trojan horse to carry out DNS hijacking. These DNS hacking trojans are often distributed as video and audio codecs, video downloaders, YoTube downloaders or as other free utilities. So, in order to stay protected, it is recommended to stay away from untrusted websites that offer free downloads. The DNSChanger trojan is an example of one such malware that hijacked the DNS settings of over 4 million computers to drive a profit of about 14 million USD through fraudulent advertising revenue.

Also, it is necessary to change the default password of your router so that it would not be possible for the attacker to modify your router settings using the default password that came with the factory setting. For more details on this topic you can read my other post on How to hack an Ethernet ADSL Router.

Installing a good antivirus program and keeping it up-to-date can offer a great deal of protection to your computer against any such attacks.

What if you are already a victim of DNS hijacking?

If you suspect that your computer is infected with a malware program such as DNSChanger, you need not panic. It is fairly simple and easy to recover from the damage caused by such programs. All you have to do is, just verify your current DNS settings to make sure that you are not using any of those DNS IPs that are blacklisted. Otherwise re-configure your DNS settings as per the guidelines of your ISP.

Read More

What is HTTP Header Injection Vulnerability

HTTP Header

HTTP Header is the component of HTTP requests and responces. Header fields are transimitted with each request and responce and carry additional data about the requests and responces.

See the typical request and responce headers Here at Web-Sniffer.net

HTTP header injection

HTTP header injection is a kind of web application vulnerability which exists on those web applications that generatd HTTP headers based on the input given by users. If it uses User based input in the headers, it can be used for HTTP response splitting, cross-site scripting (XSS), Session fixation via the Set-Cookie header, and malicious redirects attacks via the location header.

I recently found a similar kind of vulnerability in http://canadaedu.apple.com and for this I was also acknowledged by Apple on its website.

It used apache 1.3.33 that was vulnerable to the HTML and malicious javascript injection through  "Expect" header.

See the responce header of the website:

GET / HTTP/1.0
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)
Host: canadaedu.apple.com
Cookie: PHPSESSID=3b8026225d719c6945155129c5c7335d
Connection: Close
Expect: <script>alert(411731119275)</script>
Pragma: no-cache

The alert box added in the Expect field could be injected for Cross Site Scripting.

Read More