Google: The Art of Googling


Google is God. :). That is what i believe. At least of the information age. I read  Johnny Long's Google Hacking for Penetration Testers and became his instant fan. Is Google so comprehensive that one can write a book on it. Absolutely. And the book is a thriller. You cannot wait to finish it. This is an attempt to familiarize you with Google. However for details go to Google's website ang google it. :) Its Fun...
Just try these tricks and you will find a wonderful horizon and a lot of surprises just like the adjacent picture.


Lets begin then...



General Guidelines


Repetition Matters. Entering a particular search term multiple times will, at the very least, change the order of your results. In general, the term with multiple instances (and therefore more "weight") will be more represented in the search results.Word Order Matters. Put the most pertinent search terms first.
Case does NOT matter. Don't spend extra effort capitalizing; it's ignored by Google completely.
Make use of quotes when searching for phrases. To Google, there is a significant difference between using them and not -- especially when the phrase is not a very common one. You can also use an asterisk "*" as a wildcard wihin a quoted phrase search. This is great for remembering famous quotes and finding song lyrics.
"to be or not to *"
"a * for sore eyes*"
"* doesn't grow on *"
" * dictate our course of action"
Don't bother including words like "a", "to", "or", "are", "the", etc. in your searches. These words are too common to be used by Google in a standard query and they'll be disregarded if you enter them. Directly under the search box at the top of your results page you'll find information on any terms that were omitted.
If you want to make these common words a part of your search, put them inside of quotes when they are used in a phrase, or add a "+" sign in front of it if it's a standalone word.
"cat and the cradle"
music +is nice
You can use the tilda "~" character before terms to include results related to the terms synonyms as well as the term itself.
~stupid laws

Combining Search Items


You can search for one term or the other by joining the two terms with OR (capitals). You can also use the pipe character " | " as a replacement for OR.By default, Google uses the boolean AND operator on all non-quoted, multi-termed queries. In other words, if you enter "cat dog" (without the quotes) into Google, it'll return results that have both terms in them, not just one or the other.
cat OR dog cat | dog
Grouping special features is extremely powerful, and it's done with the parenthesis. Consider a search where you are trying to find out about ilnesses related to cats or dogs and pregnant women. You could get good results with just entering those terms haphazzardly, but you get incredible results with something like this:
"pregnant women" (sick | illness) (cats | dogs)
This query will find anything with "pregnant women", AND the word sick or illness, AND the word cats or dogs. That is utterly powerful. If you actually try that query you'll find that hot dogs are evidently
dangerous to pregnant women too. :) That can be trimmed nicely by appending the following to the search:
-"hot dogs"
That cleans it up nicely and gives us a set of results that are likely to give us precisely what we are looking for. Try applying this the next time you need to do some hardcore research; it's nothing short of godlike.

Special Prefixes


intitle: Google will return results only from the title portion of sites in its database.You can further tweak your searches by using the following prefixes. They can be combined with regular search terms to form queries that return eerily precise results.
intitle:org california
inurl: Google will return results only from the urls of sites in its database.
inurl:amazon
intext: Google will return results only from the body portion of sites in its database.
intext:sleeping disorders
inanchor: Google will return results only from the anchors within sites in its database. An anchor is text that gives information and/or identifies a hyperlink within a page.
inanchor:dog
site: Google will return information on the site or domain given.
site:slashdot.org
link: Google will return results that link to the site given.
link:wired.com
cache: Google will return its cached version of the site given.
cache:cnn.com

filetype: Google will return results that have certain extensions. You can use this to find powerpoints, word documents, or pdfs. It's utterly powerful.
filetype:ppt ipsec
related: Google will return sites that are related to the site you give it.
related:securiteam.com

info: Get all Google related information (cache, stocks, links, related, etc) about a given site.
info:google.com

Phonebook


phonebook: This is the generic lookup for a person or business, and it's a good starting point when searching for either. You can give just the last name and state abbreviation, the last name and first name with state, or you can add the city to it.One lesser-known feature of Google is its ability to find people and businesses. There are other ways to do this online, but as you are probably getting used to - they don't compare to Google. Not only does Google have uncanny abilities when it comes to finding people, but it'll also give you a link to a map of their city as well.

phonebook:jones, ca
phonebook:john smith, ca
Using "phonebook:" gives you both residential and business results. If you want to only search for one or the other, use "rphonebook:" or "bphonebook:".

Specialized Searches


Images - The single largest image archive in the world.Local - This new feature allows you to search for things in your local area. If your results have a location associated with them, Google will put them on a map and label them for you!
local.google.com
images.google.com
News - The news aggregator of doom. An absolute must for the avid news junkie.
news.google.com
Directory - A different way to search the web, the Directory version of Google focuses on categories of information.
directory.google.com
Catalogs - This feature allows you to peruse thousands of regularly updated catalogs as if they were right in front of you.
catalogs.google.com
Google Maps - This is what Yahoo Maps and MapQuest wish they were. Try it out next time you need to go somewhere; it's excellent.
maps.google.com
Froogle - Froogle lets you do price comparisons between millions of products in a blink of an eye. This is a must-use tool for die-hard Internet shoppers.
froogle.google.com


Subject Focussed


GovernmentGoogle also has specific sites set up for pre-focused results pertaining to the following areas:
google.com/unclesam
Linux
google.com/linux
Mac
google.com/mac
BSD
google.com/bsd
Microsoft
google.com/microsoft


Languages

It'll come as no suprise that you can search Google using dozens of languages, but what few people know is that they have a few languages that you probably wouldn't expect.. :)
Here is the amazon link for Johnny long's book: http://www.amazon.com/Google-Hacking-Penetration-Testers-1/dp/1931836361

Just google the book title and see the beauty. It spares Nobody.

Keep Googling.
ADD COMMENTS
Read More

Microsoft Security Essentials


Microsoft Security Essentials (MSE) (previously codenamed Morro) is an antivirus software created by Microsoft that provides protection against viruses, spyware, rootkits, and trojans for Windows XP (x86), Windows Vista (x86 and x64), and Windows 7 (both x86 and x64), free of charge. MSE replaces Windows Live OneCare, a commercial subscription-based antivirus service and the free Windows Defender, which only protected users from adware and spyware. It is geared for consumer use, unlike Microsoft's upcoming enterprise-oriented product Microsoft Forefront.

ADD COMMENTS
Read More

Orkut Safety



People all around the world have been using social networking sites. However the very popularity of these have made it prone to attack from the "bad guys". Please Please Please do not click on those scripts!!!
Please have a look at the safety guidelines.  http://en.wikipedia.org/wiki/Orkut#Security_and_safety
ADD COMMENTS
Read More

10 Firefox extensions that enhance security

The Internet has become a dangerous place of Convergence. With sophisticated attacks being developed and launched everyday the life is not very easy for us.


Compromising Web sites has become cybercriminals’ favorite method of getting malware installed on computers. Here are 10 ways to beef-up Firefox, making it more difficult for the bad guys. 





ADD COMMENTS
Read More

Norton Safe Web


This application helps you identify potentially dangerous websites. Norton Safe Web (NSW), is a service developed by Symantec Corporation, designed to help users discern safe Web sites from unsafe ones. It relies on user reports and Norton Community participants.Unlike McAfee's SiteAdvisor application, NSW does not crawl and analyze websites. Instead, it relies on Norton Community participants. If one of those users experience a drive-by download at a site, then the site is marked as malicious. NSW looks at a site's history to determine how quickly it should be re-analyzed. Websites with a known reputation are not analyzed as frequently compared to websites that are frequently attacked. To ensure accuracy, the top 30,000 web sites in terms of page views are analyzed by humans. User reviews are also accepted, with contributors ranked by reputation. Symantec has dispute resolution process for site owners whose sites were erroneously flagged.


Follow this link to use this application: http://safeweb.norton.com/




ADD COMMENTS
Read More

Some Information Security Certifications...



Mentioned below is an useful list of InfoSec certifications along with their respective url's.

   Brainbench Internet Security (BIS) Certification.This credential identifies individuals with a good working knowledge of Internet security practices, principles, and technologies. (Source: Brainbench) For more information, see www.brainbench.com/xml/bb/common/testcenter/taketest.xml?testId=110
    *

      Brainbench Network Security (BNS) Certification. This program identifies individuals with a good working knowledge of network security practices, principles, and technologies. (Source: Brainbench) For more information, see www.brainbench.com/xml/bb/common/testcenter/taketest.xml?testId=30
    *

      CCO—Certified Confidentiality Officer. This credential identifies individuals who possess management-level expertise in information security, individuals who can direct security implementations and deployments, and security professionals who perform such tasks. (Source: Business Espionage Controls Countermeasures Association [BECCA]) For more information, see www.BECCA-online.org
    *

      CCSA—Certification in Control Self-Assessment. This credential identifies individuals with knowledge of internal control and related security self-assessment procedures. (Source: Institute of Internal Auditors) For more information, see http://www.theiia.org/ecm/certification.cfm?doc_id=12
    *

      Certified Network Security Associate (CNSA). This program is an entry-level credential designed as a "stepping-stones to GIAC and CISSP" training and cert programs. It aims to certify general IT security knowledge and ability. This certification also serves as the first rung on a well-defined ladder of CCTI certifications. (Source: Colorado Computer Training Institute [CCTI]) For more information, see www.ccti.com/certifications/security/securityoverview.asp
    *

      Certified Network Security Expert (CNSE). This credential identifies competent, practicing security professionals with strong technical knowledge and specific industry experience. It's also the top rung in the CCTI security certification ladder. This path requires CNSP and CNSM, plus two elective exams, and written and hands-on lab exams. (Source: Colorado Computer Training Institute [CCTI]) For more information, see www.ccti.com/certifications/security/securityoverview.asp
    *

      Certified Network Security Manager (CNSM). This credential identifies individuals who manage security professionals, with an understanding of technical security fundamentals and related topics in security forensics, law, or incident response handling. This is the middle (management) rung in the CCTI security certification ladder. (Source: Colorado Computer Training Institute [CCTI]). For more information, see www.ccti.com/certifications/security/securityoverview.asp
    *

      Certified Network Security Professional (CNSP). This credential identifies individuals who have moved from security fundamentals to coverage of advanced, complex security topics and technologies. It is the middle (technical) rung in the CCTI security certification ladder. (Source: Colorado Computer Training Institute [CCTI]) For more information, see www.ccti.com/certifications/security/securityoverview.asp
    *

      CFE—Certified Fraud Examiner. This credential identifies individuals who are able to detect financial fraud and other security-related white-collar crimes. (Source: Association of Certified Fraud Examiners) For more information, see www.cfenet.com/
    *

      CIA—Certified Internal Auditor. This credential identifies individuals with working knowledge of professional financial auditing practices, including related security practices, procedures, and auditing techniques. (Source: Institute of Internal Auditors) For more information, see http://www.theiia.org/ecm/certification.cfm?doc_id=12
    *

      CISA—Certified Information Systems Auditor. This credential identifies individuals who can perform IS audits for control and security purposes. (Source: Information Systems Audit and Control Association) For more information, see www.isaca.org/cert1.htm
    *

      CISSP—Certified Information Systems Security Professional. This senior-level security certification identifies individuals with knowledge of network and system security principles, safeguards and practices. (Source: International Information Systems Security Certifications Consortium [a.k.a. (ICS)2, pronounced "ICS-squared"]) For more information, see www.isc2.org/
    *

      Certified Internet Webmaster–Security Professional Exam (CIW-SP). Passing this exam demonstrates a working knowledge of Web- and e-commerce–related security principles and practices. (Source: Prosoft Training, Inc.) For more information, see www.ciwcertified.com/exams/1d0470.asp
    *

      CPP—Certified Protection Professional. This credential identifies individuals with a thorough understanding of physical, human, and information security principles and practices. (Source: American Society for Industrial Security [ASIS]) For more information, see www.asisonline.org/cpp.html
    *

      GIAC—Global Information Assurance Certification. This credential identifies individuals who possess a thorough knowledge of and the ability to manage and protect important information systems and networks. (Source: The System Administration, Networking, and Security [SANS] Institute) For more information, see www.sans.org/giactc.htm
    *

      ICSA—ICSA Certified Security Associate. This credential, to be released in Q3, 2001, identifies individuals who possess basic familiarity with vendor-neutral system and network security principles, practices, and technologies. (Source: TruSecure Corporation) For more information, see www.trusecure.com/html/secsol/peoplecert01.shtml
    *

      ICSE—ICSA Certified Security Engineer. This credential, expected to be released in Q4, 2001, identifies individuals who possess a deep and serious knowledge of vendor-neutral system and network security principles, practices, and technologies. ICSA is a prerequisite. (Source: TruSecure Corporation) For more information, see www.trusecure.com/html/secsol/practitioner.shtml
    *

      ICSP—ICSA Certified Security Professional Trainer. Obtaining this senior-level certification enables qualified individuals to teach ICSA and ICSE classes. (Source: TruSecure Corporation) For more information, see www.trusecure.com/html/secsol/practitioner.shtml
    *

      SSCP—Systems Security Certified Professional Administrator. This is an entry-level certification that identifies individuals who can implement and maintain system and network security, but not necessarily someone who can be made responsible for designing and deploying security policies and procedures. (Source: [ICS]2]) For more information, see https://www.isc2.org/cgi-bin/request_studyguide.cgi
    *

      System and Network Security Certified Professional (SNSCP). This credential identifies individuals who can design and implement organizational security strategies and secure the network perimeter and component systems. (Source: Learning Tree International) For more information, see www.learningtree.com
ADD COMMENTS
Read More

Job Roles for Information Security Pros





There are various profiles available for Infosec Professionals, both in India and abroad.With the various incidents  the need for information security has increased exponentially over the past decade. SANS has compiled a list of roles and responsibilties for various infosec positions...

ADD COMMENTS
Read More

Twitter Hacked, Defaced By “Iranian Cyber Army”



Twitter was hacked and defaced with the message below. The site was offline for a while.


The message read:


Iranian Cyber Army

THIS SITE HAS BEEN HACKED BY IRANIAN CYBER ARMY
iRANiAN.CYBER.ARMY@GMAIL.COM
U.S.A. Think They Controlling And Managing Internet By Their Access, But THey Don’t, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To….
NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA?
WE PUSH THEM IN EMBARGO LIST ;)
Take Care.


ADD COMMENTS
Read More

CAT online test crash blamed on virus attack

The CAT 2009 exam faced a lot of problems as Servers went haywire. This again is an example how critical the issue of Information Security is. It is no longer that the geeks that are affected now. Everybody is connected so everyone is at Risk too. The crash has been blamed on a virus.

Read the full article here.  CAT online test crash
ADD COMMENTS
Read More

Information Security as a Career

People often ask me how is information security as a career? Let me tell you my view: InfoSec rocks full time. Have a look at the Salary Survey and hold your breath. I promise your eyes will be wide open.
Hope to see a lot of you in the Information Security Domain.
Cheers!

Salary Survey Link:

http://www.sans.org/security-resources/salary_survey_2008.pdf
ADD COMMENTS
Read More

This is why I Love Information Security!!!

We have all heard about the global meltdown in IT. Follow the link below and see why Info Security rocks full time.

http://www.theregister.co.uk/2009/04/29/security_salary_survey/

Cheers to Info Sec!!!
ADD COMMENTS
Read More

VTC – Using Security Tools Tutorials


Whether you are a new security professional or a seasoned security engineer, you’ll need experience in working with the most commonly used security tools available. Veteran VTC author Bobby Rogers will show you how to use basic security tools that every security professional should be familiar with, such as Netcat, Nikto, Nessus, Nmap, and many others. You will learn how to use tools covering a wide range of security disciplines, such as penetration testing, computer forensics, and network security. Demonstrations include both Windows and Linux tools, and show how these tools are actually used in the daily jobs of security professionals everywhere.

Introduction
Course Introduction (05:40)
General Utilities
Secure Shell (ssh) (05:03)
VNC (05:31)
NX Client (06:01)
VMware pt. 1 (07:55)
VMware pt. 2 (08:32)
Host Security
Anti-Virus pt. 1 (03:28)
Anti-Virus pt. 2 (06:15)
Anti-Malware (06:33)
Linux Host Lockdown Tools (07:01)
Windows Host Lockdown Tools (SCAT) pt. 1 (08:21)
Windows Host Lockdown Tools (SCAT) pt. 2 (07:35)
Windows Utilities
Windows Command-Line Tools pt. 1 (06:51)
Windows Command-Line Tools pt. 2 (04:07)
Windows Firewall pt. 1 (05:05)
Windows Firewall pt. 2 (04:06)
MBSA (07:00)
MSConfig (06:07)
Linux Tools
User Tools pt. 1 (05:15)
User Tools pt. 2 (03:28)
tcpdump (05:51)
Inetd/TCP Wrappers & Xinetd pt. 1 (03:59)
Inetd/TCP Wrappers & Xinetd pt. 2 (04:50)
md5sum (05:51)
File Security Tools (07:41)
su & sudo (08:13)
Scanning & Reconnaisance Tools
Nmap pt. 1 (02:06)
Nmap pt. 2 (07:10)
Nessus pt. 1 (05:46)
Nessus pt. 2 (06:22)
Hping3 (07:19)
Look-at-Lan (06:06)
nslookup & dig (05:21)
Ping & Traceroute pt. 1 (04:56)
Ping & Traceroute pt. 2 (04:03)
Superscan pt. 1 (04:04)
Superscan pt. 2 (06:27)
Fing (04:57)
Network Security Tools
SmoothWall Firewall pt. 1 (08:28)
SmoothWall Firewall pt. 2 (07:22)
SmoothWall Firewall pt. 3 (07:21)
SmoothWall Firewall pt. 4 (05:39)
Linux Firewalls pt. 1 (02:14)
Linux Firewalls pt. 2 (07:20)
3rd Party Windows Firewalls pt. 1 (06:18)
3rd Party Windows Firewalls pt. 2 (08:38)
Wireshark pt. 1 (02:20)
Wireshark pt. 2 (07:43)
Wireless Security
Net Stumbler (05:20)
inSSIDer (04:43)
Wireless Capture Tools pt. 1 (03:44)
Wireless Capture Tools pt. 2 (03:56)
Web Tools
Google Hacking Techniques pt. 1 (03:55)
Google Hacking Techniques pt. 2 (07:36)
Nikto/Wikto (07:10)
NetCraft (04:02)
whois (06:02)
Paros Proxy (06:41)
Encryption Tools
TrueCrypt (07:55)
Encrypting Files in Linux pt. 1 (04:56)
Encrypting Files in Linux pt. 2 (03:53)
Microsoft Windows EFS (06:15)
Using Encrypted Email – PGP pt. 1 (06:30)
Using Encrypted Email – PGP pt. 2 (05:24)
Penetration Testing tools
Metasploit Framework pt. 1 (08:05)
Metasploit Framework pt. 2 (07:21)
Netcat (05:24)
John the Ripper pt. 1 (06:48)
John the Ripper pt. 2 (05:33)
Cain & Abel pt. 1 (04:01)
Cain & Abel pt. 2 (05:05)
Colasoft Packet Builder (08:13)
Computer Forensics Tools
Adepto (02:50)
Adepto Demonstration (05:53)
Ghost (06:34)
Autopsy (09:32)
Forensics Tool Kit pt. 1 (06:09)
Forensics Tool Kit pt. 2 (06:01)
Live Linux Distros
Backtrack 4 (05:46)
Helix (05:30)
Damn Vulnerable Linux (04:46)
Building a Security Toolbox
Creating a Security Toolbox (04:30)
Dual-Booting a Security Laptop pt. 1 (06:17)
Dual-Booting a Security Laptop pt. 2 (03:59)
Creating a Security USB Stick pt. 1 (06:03)
Creating a Security USB Stick pt. 2 (04:20)
Creating Your Own Live Security CD pt. 1 (04:59)
Creating Your Own Live Security CD pt. 2 (05:24)
Conclusion
Using Security Tools – Conclusion (05:50)
Resources (04:54)
Credits
About this Author (01:02)

Download Links:



Cheers!!! 

ADD COMMENTS
Read More

Spybot : Search & Destroy.

Botnet is a jargon term for a collection of software robots, or bots, that run autonomously and automatically. The term is often associated with malicious software, but it can also refer to the network of computers using distributed computing software. While botnets are often named after their malicious software name, there are typically multiple botnets in operation using the same malicious software families, but operated by different criminal entities.Botnets have created enough havoc over the past decade. They can not compromise your systems but also make you an unknown participant in a crime.                                            Spybot is a cool and free software for removing Bots on your systems and may more functions.
Spybot-S&D is maintained by a team of people very dedicated to privacy issues, many of which are working fulltime on analyzing masses of new threats each week, and the response time from our support team is better than that of many a commercial vendor.

Download Link:
http://download.cnet.com/Spybot-Search-amp-Destroy/3000-8022_4-10122137.html
ADD COMMENTS
Read More

Yes I am a criminal and my crime is that of curiosity!!!

This is the Hacker Manifesto written by a group of hackers in the mid 80's. Do read it. Its Awesome...


I am a hacker, enter my world...

Mine is a world that begins with school... I'm smarter than most of the other kids, this crap they teach us bores me...

Damn underachiever. They're all alike.

I'm in junior high or high school. I've listened to teachers explain for the fifteenth time how to reduce a fraction. I understand it. "No, Ms. Smith, I didn't show my work. I did it in my head..."

Damn kid. Probably copied it. They're all alike.

I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. Or doesn't like teaching and shouldn't be here...

Damn kid. All he does is play games. They're all alike.

And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. "This is it... this is where I belong..." I know everyone here... even if I've never met them, never talked to them, may never hear from them again... I know you all...

Damn kid. Tying up the phone line again. They're all alike...

You bet your ass we're all alike... we've been spoon-fed baby food at school when we hungered for steak... the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert.

This is our world now... the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.

I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike.

Bravo! Bravo! Bravo!
Cheers...
ADD COMMENTS
Read More

Link of the Day: Eset NOD 32 Smart Security Antivirus

I am posting a link of a very good antivirus. Do download and use it. Moreover keep a track of this section for more exciting downloads.

Here are some features of the product:-

Smarter Scanner – Threats don't always enter your network in ways you expect. ESET NOD32 Antivirus inspects ~ Phisher ~encrypted communication channels like HTTPS and POP3S and intelligently scans compressed files to find hidden threats other products miss. Proactive protection begins at the earliest point in system startup to ensure your computer is always secure.

Clean and Safe Email – Email scanning for Microsoft Outlook, Outlook Express, Mozilla Thunderbird, Windows Live Mail, Windows Mail, and other POP3/IMAP mail clients, ensuring your email is free of viruses and other threats.

Removable Media Security – Threats can enter your PC from removable media such as USB thumb drives. For self-running media, ESET NOD32 Antivirus scans autorun.inf and associated files when the medium is inserted, in addition to scanning any file on any removable device when it is accessed, or during a full-scan of the media. Power users can adjust ESET NOD32 Antivirus to perform additional levels of scanning on removable media.

System Tools – ESET SysInspector and ESET SysRescue simplify diagnosing and cleaning of infected systems by allowing deep scans of system processes to find hidden threats, and creating bootable rescue CD/DVD or USB drives to help you repair an infected computer.

Self Defense – ESET NOD32 Antivirus has built-in technology to prevent malicious software from corrupting or disabling it, so you can rest assured your system is always protected.
links:
http://hotfile.com/dl/17706417/cf13420/ESET_Smart_Security_4.0.437_Business_Edition-x86.rar.html
ADD COMMENTS
Read More

How safe are you?



Since we will be talking a lot about security i would like to suggest a checklist to ensure your security in the digital world.
Follow these steps:

1.Install anti-virus software and update regularly.

2.Install a firewall.

3.Keep your operating system up to date.

4.Spy ware scanners.

5.Secure wireless network.

6.Use unique passwords that you can remember.

7.Be cautious with e-mail. Don't open e-mails and attachments from an unknown source. Make sure your e-mail program isn't set to automatically download attachments. Report spam to your internet service provider.

8.Scan downloaded files. Even if you've made sure that the file is from a trusted source, always scan for viruses before opening it.

9.Watch for unsecured shares: Turn off software features you don't use such as printer sharing and file sharing. These are available for easy access between computers on a network. This ability to share files can be used to infect your computer with a virus or allow an intruder to look at the files on your computer.

10.Secure your browser. Turn off features that allow automatic downloads, and turn on your browser's built-in security features. Get a blocker to stop those pop-up banners, and don't click on links in those pop-ups.

11.Make backups of important files onto separate disks. If your computer does become infected, you'll have a clean copy of your files.

12.Turn your computer off or disconnect from the network between uses. Disconnecting your computer from the internet when you're not online, or shutting down the computer, lessens the chance that an intruder will be able to access your system.
ADD COMMENTS
Read More

Information Security: What is it?

Information Security is a broader term than IT Security or Internet Security or Enterprise Data Security.
Information Security encompasses data stored in digital fashion (electronic format), trade secrets, know-how, intellectual property rights, historical data, information on data access, policies and procedures laid down, compliance & standards established within the organization, plans and budgets, financial & management data, brochures, images, logo and designs, employee information and so on and so forth.
Information Security includes the organization's policy on IT Security, Internet Security, Enterprise Data Security, etc.,. To put it in other words, it looks at protecting / safeguarding information and information systems from anyone including employees, consultants, suppliers, customers and of course, malicious hackers.
However, people often confuse information security with IT Security. IT Security is a term which is more concerned with the protection of hardware, software and a network of an organization, from the perils of disaster and external attacks (through virus, hacking, etc.,). It is more to do with the electronic data and is covered in the IT Policy of an organization, whereas Information Security Policy goes beyond the network and applies to the organization as a whole.
Internet Security on the other side, is more concerned with the internet architecture and covers the protection required during communication between two computers over the internet / intranet.

source: Wikipedia
ADD COMMENTS
Read More

This Data and Information has grown heck of a lot!


"Bytes have replaced Bullets in the crime world." This is worth a quote. Yes as we see the world around us evolve we can see that the advent of modern computing have made us all connected but it has changed the way the life is lived. Now we dont have to go to a store to buy something, the endless queues are history and one does not have to keep waiting outside offices to pay bills. The internet has for sure made our life easy.

But two things happen once we connect over the web. We connect to the world, but more importantly the world connects to us. A world whom we do not know. All happy,fun loving people,frustrated and what not. All ready to use the web as a means of showing their feelings. So the threat is both implicit and explicit. The growth of a community called Hackers is also a offshoot of this tech boom.

The rate at which data is growing every year, now even the experts are worried where will it be disposed off. Somebody rightly said that "the data is a waste of the information age." And now this is getting over us: With a lot of data available its now hard for us to choose. But this is not a problem of the beginning, this is just the beginning of the problems...
ADD COMMENTS
Read More

Welcome

Dear Friends.

This is Swatantra Kumar Gupta. A student of information security from the past 3 years. I welcome you all to my blog. The motive of this blog is to share my experiences in Information Security. A variety of tools, tutorials,demos andd much more will be available to you. I welcome all constructive suggestions r the improvement of the blog.

Cheers
Swatantra
ADD COMMENTS
Read More