In my article I will try to point out certain pitfalls, which makes us vulnerable to being hacked! And measures you can take to protect yourself from falling prey to some hacker. What makes me qualified to give you this information is because I have hacked sites and people’s passwords myself !
A firewall and a anti virus is a must..just don’t log on to Internet without them,these are your force shields,protecting you from Trojans,viruses and the other remote exploits…the ones i use are
Firewall : Comodo Firewall – its the best and is free too
Antivirus : NOD32 Antivirus
if someone was wandering!!
- MYTH 1 >> Firewall is useless it just blocks the software already there on my computer
-> There’s a common myth among us that a firewall is something which makes sure that no application connects to Internet without our permission!!..but its not ,that’s just an extra feature and not a firewall’s basic function..a firewall is something which blocks all the inbound connections..that is the ping requests which hackers use to check which computers are alive!! or make inbound remote desktop connections, which can be brute forced and full access to your computer can be gained or other attack vectors!! - MYTH 2 >> I have a Firewall and an Antivirus so now I am safe
-> No, you are not safe!!…there are other attack vectors…and that’s you!
here comes the world of social engineering..you are the one who let those attackers get their Trojans and other sniffers or some other stuff on your computer..
you receive a mail titled “hii, lets be friends” OR “i love you” OR “You Won” OR something else…you eagerly download the attached ppt and some mp3..boo u have a Trojan on your computer..may your antivirus detect it as a Trojan but u are too eager and desperate to see whats inside..firewall says trying to connect to net ..you ignore it and the hacker is notified that “another fool in trap”.
Or take the case which i have observed used by some pakistani hackers to get Indian communities on orkut..
they posted topics in the community..became kinda net friends..and then asked the community owner if he would like to hack his friends yahoo..unsurprisingly, he said yes and the hacker sent him the Trojan,Community Owner downloaded it..he was notified by his anti virus and firewall but he disabled them and fell into the trap..now his activities were logged and all the passwords he typed that day were mailed to the hacker!!so the moral of the story is self deducing..don’t be fooled and don’t be over smart like those Community Owners..
and one more possibility is there, if someone you trust is hacked..then also you are in deep shit. - MYTH 3 >> I don’t trust people on net, i have a Firewall , I have an Antivirus so now i am safe…
-> I like saying no..hehe..but yes..you still aren’t safe..and the reason is because we are very techno freako people..we like trying new software..by new i mean beta and alpha software and the other not so tested software…because they are not tested they have bugs and exploits in them like the beta firewalls..if someone smart is able to figure out those exploits then you are boomed..consider the case where a bug in MS Internet Explorer 7 was found and was sold for $$grand money to a advertisement site ..with the help of which they were able to deploy Trojans on thousands of computers visiting there site and personal information was stolen…so use some genuinely tested stuff..and use a software like Spybot – Search & Destroy..it will block all the bad sites and by bad i only mean phishing and the malware containing sites, and no other sites!!and the bad sites list is updated frequently!! - MYTH 4 >> I have tested software, i don’t trust people on net, i have a Firewall and an antivirus..so now i am safe..
-> nopes, you aren’t..with the fast growing technology and features, other attack vectors have surfaced.
Here i would like to point out to a attack – CSS which is not cascade style sheets but cross site scripting or XSS. Now with increasing use of javascript in web applications(Web 2.0), this attack is increasing.
This attack has been used in myspace ,meebo and many many other popular and trusted sites like even Gmail. A vulnerable website can be injected with any html or javascript code like in some one’s scrapbook or email or comment boxes , shout boxes or something other now when the victim will visit that page containing this injected code, the code will execute and your cookie may be sent to attacker or redirect you to some other fake site or something else..
so to protect ourselves from this attack disable the javascript and trust your senses, like when you see some unusual link on the site or a flash file or something other… - MYTH 5>> So nowww i am safe!!
-> Probably yes for now until some new attack surfaces!!
So the first and last point is “Trust Is A Weakness”, be paranoid and keep exploring.
I hope this little piece of info will help some one out there!!enjoy surfing and downloading but don’t trust anyone!!
And please feel free to comment and add your suggestions or other info to keep us protected!
Keshav Gupta is a technology enthusiast. He is always on the verge of remaining updated with new technologies. By education he is a computer software engineer, and left his job in November 2009 to venture in his own interests. Now he blogs at Techgeekguy about Technology,Mobile, Computers, Software...
{ 4 comments… read them below or add one }
bravo!!! very nice info..
great post, thanks for sharing
SqQgVn Hi! I’m just wondering if i can get in touch with you, since you have amazing content, and i’m thinking of running a couple co- projects! email me pls
Hello,
You seem to have a great understanding of strengths and weaknesses of our Modern Age. I’m impressed.
I’d like to contact you via email if possible?
Thank you for your time