Posts

Honeyd is a small daemon for Linux (now also available for Windows) to simulate multiple virtual hosts on a single machine. It is a kind of an interactive honeypot. The latest release can be downloaded from Honeyd release page. For my project, I have been working with honeypots, and Honeyd is one of them. During the initial stage, I faced some problems while starting the basic setup of some personalities with Honeyd. Here I recall those problems and some misconfigurations which can result in errors (mainly: config file parse error) and can be a problem for first time users. ...

Hello! One more post for the day. Until now, I have been using the 3G internet by Tata Docomo. They were generous and gave me IP addresses without any kind of conversion. Means whatever IP I get on my ppp0 interface with ipconfig, is the same IP I get by the Google search ‘whats my ip’. Though they were dynamic IPs, they reached me without any translations. Last week I switched to a new provider, Vodafone 3G. I don’t know what kind of addressing scheme they are using, but definitely they gave me something more with the IP. Here on my laptop, on the ppp0 interface I have private IP address of 10.119.69.xx, which is further translated by NAT at their side and converted to 1.38.29.123. Mostly we (here ‘we’ refers to the whole group of people whose NAT address is converted to the specified IP, and you can consider the number of people in a class-A scheme) are given that IP address on the outside, while the inside address keeps changing. ...

After developing a tiny game of Rock Paper Scissors Lizard Spock based on python, during the free time today I made a module for getting the hash of a user provided string. This hash function makes use of the built-in ‘hashlib’ in Python, and provides options for using any of the hash function among md5 (128 bits), sha1 (160 bits), sha256 (256 bits) and sha512 (512 bits). It is kind of interactive, and can take any of the two inputs – either a file or a string. Unless specified, the program continues to give the hash through the chosen function. ...

Phishtank is a project by OpenDNS community. OpenDNS is a company which provides its services for safe and fast browsing to the Internet. While Phishtank is a community where anyone can share or check phishing data. Phishtank is not a technology to filter phishing/spam or to protect against phishing attacks, but a platform to submit, verify, check or share phishing details so it provides as a repository of phishing data. How to support Phishtank? You can support Phishtank in either ways: ...

There are great moments – we have birthday parties, weddings, or any memorable moment on a normal day. To cherish these moments, we capture them visually as photographs and videos. Even after years, these moments excite us, bringing back the memories and feelings. Now, even some aromas have the same effect. Some scents make us nostalgic. The smell of a particular food, miles away from our home can bring the memories of mom’s food. While some smells stimulate us in other ways. I always had a feeling that if we can store these scents with us in any form and retrieve them back when we want to smell them, that would be great. Once I had a soap, which had a very nice aroma but I had only one piece of the soap. So I wished that the soap never gets finished (because of the aroma). ...

print "Hello World!" These days I was busy with college work and exams. I learnt Python some months back, and found it very interesting to work with. My sources of learning Python were Head First Python (O’Reilly) and Beginning Python (Wiley Publishing), plus some online tutorials. While my first and favourite source was Python exercises on CodeAcademy. Hence, afterwards I made an exercise on that website for playing Rock Paper Scissors. You know that the coding of such program is too easy, but the backside validation for the user inputs was much tricky. Willing to make some more exercises at an advanced level. ...

Apparatus: Distributed botnet, around tens of thousands of bots with their respective IP addresses A pass file of around 1000 entries with some normal passwords Default username: ‘admin’ Steps: WordPress 3.0 release before 3 years, users going on with ‘admin’ as their default username, and some usual password A brute-force with username: ‘admin’ and password from the above mentioned file The botnet, tries this attack on each and every wordpress portal available over Internet Objective: A well-planned distributed attack (just like itsoknoproblembro shook the banking world) against some hot-spot over the Internet. ...

Last month, it was asked on quora – What does [-4^(1/4)"] mean and why is it connected to porn? Still today, if you search for that equation on Google, it returns results with xxx titles. Some more contradictory search equations which return same type of results are " " 1 1 2 2 " " - - 1 2 The explanation of the equation -4^(1/4)" is given as – we are asking Google to return pages containing a 1 next to a 4, but which do not contain a 4. ...

Back here, writing after a long time! Let me point down some of the major incidents during that time – Attended the High Performance Computing workshop by CDAC-ACTS The workshop on High Performance Computing was really a nice arrangement by CDAC for the students to learn and be familiar with the parallel processing. They offered the supercomputer access to perform the OpenMP and MPI programs, along with nice practical teaching from the HPC experts. ...

Apart from the normal reasons for keeping our email accounts secure, there are many more which we try to ignore, or are not aware of the possibilities. Take this scenario – why to keep the work-related and social email accounts seperate and confidential (if possible): If someone knows the basic information about you, your social networking account can be hacked. The main ingredient is – your email id. Its better to keep the id secure which you are using for networking. If the work and social email ids are the same, there are more chances of people guessing-knowing your basic informations, providing more chance for your account to get compromised. ...