Firefox Party

Firefox Party

People are celebrating the launch of Firefox 2 on Oct 27th, 2006. This is a world wide event. There is talk about one here in Maldives too.

To join the fun, register for a Firefox Party account, and sign up.

THESE PEOPLE REALLY LOVE MAUMOON I THINK

heheheh

Do you have problem with concentration?

Then try this sort of clothing hehe

Want to be a Super Heroes

Recently have been adicted to a Famous cartoon name as ThunderCats.. watching all the Cartoon episode by episode, so i start watching with my little 6 year old my bro .. and i told him that im the Lino-no (The Greate). the obivos thing that i noticed from him was that he really doesnt want to become evil mombra..wats the secrect behind that , with evil kids and most of time me even , wats to be the super hero.... wats the mind trick........

Simple explanation on arp poisoning

First of all you should understand how Local Area Netowrks (LANs) work. On a hubbed network (or an 802.11 wireless one) when a computer sends data to another one, teh hub sends that data to ALL hosts in the network while only the intended reciecver accepts it while all the others just drop it. Running a sniffer such as ethereal on a hubbed network (which sets your NIC into promiscuous mode) captures all that data that should be discarded and lets you view it. On switched networks though things are more secure. A switch only sends data to the intended reciever . To do this, hosts on a LAN use a protocol caled ARP (Address Reslution Protocol) which translated IP addresses on a LAN to MAC addresses (a supposedly unique address to each NIC, there are ways of spoffing your MAC address though). Let's say teh switch would recieve a piece of data and wants to send it to 192.168.0.2, it has to know which port to send it to (i mean a physical port on the switch, not your virtual ports), in other words on which wire to transmit it. So the host which sends the data broadcasts an ARP request like: "Who has 192.168.0.2 gimme your MAC address" to which 192.168.0.2 would respond "I'm 192.168.0.2, my MAC address in AA:BB:CC:11:22:33" (completely bogus MAC address used there for demonstrtive purposes) and then the host would send that data to the switch(along with the destination MAC address) and the switch to the intended MAC address. One flaw in ARP is that it considers ALL responses valid, so it doesn't need to send a request to get an answer. It just considers ALL answers valid. So if i were to keep sending specially crafted arp responses to a host saying "I'm 192.168.0.2, my mac address is AA:BB:CC:44:55:66" then all packets from that host destined for 192.168.0.2 would be rerouted to me. That's coz as i send these packets continuously and 192.168.0.2 only sends 1 when it's asked for it, the host recieves more packets from me before it gets to send that data so it ends up sending it to the latest MAC address for 192.168.0.2 (this is called arp poisoning). Now MITM stands for Man-In-The-Middle. An attack of this nature means turning your computer into an invisible proxy between to other computers, basically turning:
192.168.0.2<-------->192.168.0.3 into
192.168.0.2<--->my_ip_address<--->192.168.0.3
This can be accomplished by arp poisoning the 2 hosts and forwarding the recieved packets. To do a MITM between 192.168.0.2 and 192.168.0.3 you'd arp poison 192.168.0.2 into thinking you're 192.168.0.3 and 192.168.0.3 into thinking you're 192.168.0.2 and DON'T FORGET to turn on packet forwarding coz if you don't you kill the connection between the 2 hosts. Next up i'm gonna show you how to sniff packets between 2 hosts on teh same LAN using 'arpspoof' and 'ethereal'. Arpspoof is found in the 'dsniff' package and ethereal comes with almost every Linux distro. For this example i used the auditor boot cd which can be found at remote-exploit.org . What i wanted to do was listen in on Yahoo Messenger convos. So i did teh following:
First i turned on ip forwarding 'echo 1 > /proc/sys/net/ipv4/ip_forward'
Then i chose my victim :), at the time i knew 192.168.0.5 was having a YahooMesenger convo so i did:
'arpspoof -t 192.168.0.5 192.168.0.99' which makes 192.168.0.5 believe that i'm 192.168.0.99, sending all packets with destination 192.168.0.99 to me. Now 192.168.0.99 is teh gateway in my LAN so it's our link with the internet therefore all packets for YahooMessenger must pass through it.
Then i did:
'arpspoof -t 192.168.0.99 192.168.0.5' which makes all packets from the internet to 192.168.0.5 pass through me (now if i dind't do this i'd only get half the conversation, what 192.168.0.5 sends,to be exact).
Now i turned on ethereal and started capturing all packets which pass through eth0 (my only NIC) and selected real-time update for the captured packets (coz i want my list of captured packets updated as tehy are captured). The following list should flood with packets (mostly ARP packets coz you send tons of them out), so it was a good idea to select the filter 'YMSG' which only shows you teh yahoo meseneger packets. A good option is to get teh 'ngrep' utility if you wanna sniff out for certain keywords. 'ngrep pass' would show me all packets containing the string 'pass' and the 'dsniff' utility which automatically looks for HTTP, FTP, POP3 etc passwords and displays them in a readable context. Another good utility found on the auditor cd id 'webspy' which redirects your netscape browser to URLs sniffed from captured packets, allowing you to surf in parallel with the victim (a cool party trick ;) ).

..BRONTOK- WHAT A GOODI.........

Its been a while that Brontok - family A-z is out their attacking computers and doing nasty things but this virus is Good money maker to me, voliaaaaaaa....
ZEROGEEK Brontok Removal instruction..........

jst go to this link and download the removal tool...

http://wirusy.antivirenkit.pl/en/szczepionki/

1. Boot ur computer and press F8 to redirect to boot menu
2. Choose Safe mode with command prompt
3. Load the removal tool from where its located
4. Press Ctrl+Shif+Esc and bring up the taskmanger, in the new task type Msconfig ,
and remove all the suspect item from the startup tab,
5.Type of the Regedit goto. Modify the following values in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\NT\CurrentVersion\Winlogon to the following values:
"Userinit" = "C:\WINNT\system32\userinit.exe,"
"Shell" = "Explorer.exe"
(make sure that you enter the correct path to where Windows is installed. For example on NT4.0 it is WINNT) do the same as that .volaa.. now brontok is cleaned.....voliaaaaaaa....


but W32/Brontok.N@mm.family kills the command prompt and the
and the taskmanager
1.So u have to use a ERD COMMANDER OR Something called winnternals. (jst google for the see Wats Winternals. find it for ur self it not my problem)
by using winternal u have to remove some startup items.. and delete some folders that is used by the brontok... voliaaaaaaa.... lolzz.. bye happy virus removing....

Brontok is defined as