How do wireless networks work?

As the name suggests, wireless networks,
sometimes called Wi-Fi, allow you to connect
to the internet without relying on wires. If
your home, office, airport or even local
coffee shop has a wireless connection, you
can access the network from anywhere that
is within the wireless area.
Wireless networks rely on radio waves rather
than wires to connect computers to the
internet. A transmitter, known as a wireless
access point or gateway, is wired into an
internet connection. This provides a "hot
spot" that transmits the connectivity over
radio waves.
Hotspots have identifying information,
including an item called an SSID, that allows
computers to locate them. Computers that
have a wireless card and have permission to
access the wireless frequency can take
advantage of the network connection. Some
computers may automatically identify open
wireless networks in a given area, while
others may require that you locate and
manually enter information such as the SSID.
What security threats are associated with
wireless networks?
Because wireless networks don't require a
wire between a computer and the internet
connection, it's possible for attackers who
are within range to hijack or intercept an
unprotected connection. A practice known as
war driving involoves individuals equipped
with a computer, wireless card and a GPS
device driving through areas in search of
wireless networks and identifying the specific
coordinates of a network location. This
information is then usually posted online.
What can you do to minimize the risks to
your wireless network?
Change default passwords.
Restrict access. Only allow authorized users
to access your network.
Encrypt data on your network. WEP (Wired
Equivalent Privacy) and WPA (Wi-Fi Protected
Access) both encrypt information on wireless
devices. Encrypting data prevents anyone
who might be able to access your network
from viewing your data.
Protect your SSID. To avoid outsiders easily
accessing your network, avoid publicizing
your SSID. Consult your user documentation
to see if you can change the default SSID to
make it more difficult to guess.
Install a firewall. While it's good practice to
install a firewall on your network, you
should also install a firewall directly on your
wireless devices. Attackers who can directly
tap into your wireless network may be able
to circumvent your network firewall- a host-
based firewall will add an extra layer of
protection.
Maintain your anti-virus software.

What Is Encryption

Encryption is a method or a technique used
to encode a message so that it can’t be read
by a normal user/person. Its an art of secret
writing, It can also be defined as converting
information from plain text using an
algorithm or a cipher to make it unreadable,
So that the converted information can only
be read by the person who is having the
special knowledge. The process of encoding
is known as Encryption and its reverse
process i.e. decoding it is known as
Decryption. Encryption is very useful when it
comes to protecting your confidential data
from being stolen. It is helpful when data is
transmitted over the network, it safe guards
you data from sniffers. When data is needed
to be encrypted over a network, SSL
Protocol is used for encryption purpose. SSL
stands for Secure Socket Layer.
Types of Encryption
Symmetrical Key : This type of encryption is
also know as Shared Key Secret. In
symmetrical encryption, the key which is
used in the process of encryption, that same
key is also used in the process of decryption.
If two parties want to exchange the
encrypted data securely, both of them
should have the same copy of symmetric
key.
Asymmetrical Key : This type of encryption is
also know as Public Key. In this type of
encryption, keys are generated in pairs,
public key and private key. In asymmetrical
encryption key used to encipher is different
from the key used to decipher. Therefore the
two partners have two different keys, one is
made public and other one is made private.
Let’s take up an example to understand the
concept in an easy way.
Suppose, John wants to send a message to
Mike, he just ciphers the message with the
public key and sends it to Mike. Since Mike
is having the secret key, he can and decipher
the message and read its content.

Phishing For Beginners :

1] The act of sending an Email to a
user falsely claiming to be an
established legitimate enterprise in an
attempt to scam the user into
surrendering private information that
will be used for identity theft.
2] The Email directs the user to visit a
Web site where they are asked to
update personal information, such as
passwords and credit card, social
security, and bank account numbers,
that the legitimate organization already
has. The Web site, however, is Bogus
and set up only to steal the User’s
information.
Phishing scams could be
1] Emails inviting you to join a Social
Group, asking you to Login using your
Username and Password.
2] Email saying that Your Bank Account
is locked and Sign in to Your Account
to Unlock IT.
3] Emails containing some Information
of your Interest and asking you to
Login to Your Account.
4] Any Email carrying a Link to Click and
asking you to Login.
Prevention against Phishing
1] Read all the Email Carefully and
Check if the Sender is Original
2] Watch the Link Carefully before
Clicking
3] Always check the URL in the Browser
before Signing IN to your Account
4] Always Login to Your Accounts after
opening the Trusted Websites, not by
Clicking in any other Website or Email

Useful Hacking Tools you might not know

1. Maltrieve:
Maltrieve retrieves malware directly from the
location where the bad guys serve it. This
allows researchers to acquire fresh samples,
verify detection systems, and research
infrastructure. Maltrieve includes proxy
support, multi-threading, Cuckoo submission,
and categorization. The tool is community-
developed and available under the terms of
the GNU General Public License. Website:
https://github.com/technoskald/maltrieve
2. ShinoBOT Suite:
The new tool, ShinoBOT Suite, is a total
malware package which contains the RAT
simulator, downloader, dropper, encryptor,
CandC server, decoy files, etc. All of them
are customizable.
You can create your own malware by
ShinoBOT suite and it can be used to
simulate the recent targeted attack. The new
ShinoBOT works also on the standalone /
offline environment. You might find out
more about it here:
http://www.slideshare.net/Sh1n0g1/
introduction-of-shinobot-black-hat-
usa-2013-arsenal
3. Viproy Voip Pen-Test Kit:
It is developed to improve the quality of
VoIP Penetration Tests. First version of
Viproy had SIP trust hacking, SIP proxy
bounce scan and advanced SIP attacks.
Viproy 2.0 will provide improved SIP
penetration testing features such as TCP, TLS,
vendor (Cisco, Microsoft Lync) supports and
multi-thread fixes. Furthermore, the new
version will have Cisco Skinny protocol and
Cisco HCS (VOSS) server supports to initiate
unauthorised call redirection attacks, speed
dial manipulation, unauthorised calls using
Skinny and information gathering attacks.
Website: http://www.viproy.com/

If You Truly want to become a true hacker:-

1) Never trust sites that ask you for money
in return of Hacking Softwares or who claim
to Hack Email Id’s in return of money. All
such things are Scam . Nothing Works.
2) There is NO DIRECT SOFTWARE to Hack
Facebook , Google , Yahoo or any other big
website. All the softwares that claim to do so
are scam. They are just meant to take your
money and in worse cases, those softwares
have trojans or keyloggers in them. As a
result your account gets hacked trying to
hack others.
3) NEVER EVER use the keyloggers or trojans
you find as freeware on internet. Hackers are
not fools. They compile keyloggers and
trojans almost with any such software and
when you install them , you are already
hacked before even trying to hack others.
4) You are never going to be a good hacker
without the knowledge of programming and
scripting languages. When you are going to
use only ready made softwares and would
depend on them for hacking anything then
your functionality would be limited upto the
functionality of the software. When you are
not going to use your brain , just doing the
copy paste thing, then how can you even
think of being a good hacker.
5) If you are a good Hacker, you already
become a good programmer , a good script
writer , a good web developer and an
excellent security expert. Well any good
Hacker will/should have good knowledge of
various aspects and programming languages.
to do XSS (Cross Site Scripting ) , PHP
INJECTION , SQL INJECTION , PHISHING ,
FOOTPRINTING etc… you will have to be
good at programing and scripting. And when
you know the Various loop holes ,
vulnerabilities and security tips, you already
become a Computer Security Expert.
So Never Ever Under estimate the term
Hacker. A Hacker Is Not a person who just
hacks email id’s or servers but a True Hacker
is a Computer Genius who the knowledge of
computers more than anyone.

How you can hack website using sql injection havij

Just Follow these easy steps :-
1. First download havij from
here
http://itsecteam.com/
2. Run Havij SQL Injection
software and copy and paste
vulnerable website link
3. Now click in the “Analyze”
Button
4. Then It shows some
messages there. Be alert on it
and be show patience for
sometime to find it’s
vulernable and type of
injection and if db server is
mysql and it will find database
name.Then after get it’s
database is name like
xxxx_xxxx
5. Then Move to another
operation to find tables by
clicking “tables” as figure
shown. Now click “Get tables”
Then wait some time if needed
6. After founded the
tables ,you can see there will
be “users” Put mark on it and
click in the ” get columns ” tab
7. In that Just put mark
username and password and
click “Get data”
8. Finally you got now
username and password of the
admin…