Blue Screen Of Death (BSOD)

 A Blue Screen Of Death, or officially known as the STOP Error is a system crash happening due to hardware or driver(software) errors. A STOP Error can also be caused by a critical boot loader error, where the operating system is unable to start from the bootable drive due to the presence of an incorrect disk driver, a damaged file system, or a similar problem.

The Blue Screen of Death

While it may seem odd to think about purposefully causing a Blue Screen Of Death (BSOD), Microsoft includes such a provision in Windows XP (Vista also). This might come in handy for testing and troubleshooting your Startup And Recovery settings, Event logging, and for demonstration purposes.

Here's how to create a BSOD:

Launch the Registry Editor (Regedit.exe).
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters.
Go to Edit, select New | DWORD Value and name the new value CrashOnCtrlScroll.
Double-click the CrashOnCtrlScroll DWORD Value, type 1 in the Value Data textbox, and click OK.
Close the Registry Editor and restart Windows XP.
When you want to cause a BSOD, press and hold down the [Ctrl] key on the right side of your keyboard, and then tap the [ScrollLock] key twice. Now you should see the BSOD.

If your system reboots instead of displaying the BSOD, you'll have to disable the Automatically
Restart setting in the System Properties dialog box. To do so, follow these steps:

Press [Windows]-Break.
Select the Advanced tab.
Click the Settings button in the Startup And Recovery panel.
Clear the Automatically Restart check box in the System Failure panel.
Click OK twice.

Here's how you remove the BSOD configuration:

Launch the Registry Editor (Regedit.exe).
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters.
Select the CrashOnCtrlScroll value, pull down the Edit menu, and select the Delete command.
Close the Registry Editor and restart Windows XP.
Note: Editing the registry is risky, so make sure you have a verified backup before making any changes.

Additional Note on the steps provided to create a BSOD :
Hackers can make use of this trick to crash your computer over and over again by simply creating a .vbs or .bat file which will change the values in the Registry, and then pressing the keys needed automatically.

References:
-http://en.wikipedia.org/wiki/Blue_Screen_of_Death
-http://psacake.com/web/jr.asp

Fixing the BSOD : http://support.microsoft.com/kb/958233


Thank you for reading.
Cyber Frost

Types of Computer Viruses

Bootsector Virus:

A virus which attaches itself to the first part of the hard disk that is read by the computer upon bootup. These are normally spread by floppy disks.

Note: Floppy disks are kind of outdated, so, perhaps, it's spread through portable hard disks or boot CDs.

Macro Virus:

Macro viruses are viruses that use another application's macro programming language to distribute themselves. They infect documents such as MS Word or MS Excel and are typically spread to other similar documents.

This is a nightmare to every office workers. Once your computer is infected, your whole documents will be destroyed. So, always do backups!
 
Memory Resident Viruses:
Memory Resident Viruses reside in a computers volitale memory (RAM). They are initiated from a virus which runs on the computer and they stay in memory after it's initiating program closes.

Rootkit Virus:
A rootkit virus is an undetectable virus which attempts to allow someone to gain control of a computer system. The term rootkit comes from the linux administrator root user. These viruses are usually installed by trojans and are normally disguised as operating system files.

Polymorphic Viruses:
Well, poly means many and morph means form. So, this type of virus will replicate itself into many forms of file. Now, you might see it as a .pdf file. Next time you log in, it might have changed itself into a .dll file. It is extremely difficult to detect manually. Even some antivirus might miss it while scanning for viruses.

Logic Bombs/Time Bombs:
These are viruses which are programmed to initiate at a specific date or when a specific event occurs. Some examples are a virus which deletes your photos on Halloween, or a virus which deletes a database table if a certain employee gets fired.

This is my favorite type of virus, it is completely unpredictable, only the coder of the virus knows what will happen and when it will happen.
DeepFreeze might be able to counter this type of virus.

Important Note:
Knowing that viruses have a very big effect on your computer, you might want to update your firewalls and antivirus for protection. Everyday, hundreds(maybe thousands) of new viruses are made, with even more creative ways of infecting and surviving.

So, always keep your antivirus and firewalls up-to-date. However, do not get trapped by those fake antivirus providers. Only use trusted antivirus brands, such as Avira, Norton, AVG(Grisoft), and NOD32.


Thanks for reading.
Cyber Frost

The Difference Between a Virus, a Worm, and a Trojan Horse

Viruses, worms and Trojan Horses are all malicious programs that can cause damage to your computer, but there are differences among the three.

One common mistake that people make when the topic of a computer virus arises is to refer to a worm or Trojan horse as a virus. While the words Trojan, worm and virus are often used interchangeably, they are not exactly the same thing. Viruses, worms and Trojan Horses are all malicious programs that can cause damage to your computer, but there are differences among the three, and knowing those differences can help you better protect your computer from their often damaging effects.

What Is a Virus?

A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Like a human virus, a computer virus can range in severity: some may cause only mildly annoying effects while others can damage your hardware, software or files. Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without a human action, (such as running an infected program) to keep it going. Because a virus is spread by human action people will unknowingly continue the spread of a computer virus by sharing infecting files or sending emails with viruses as attachments in the email.

What Is a Worm?

A worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided.
The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect. One example would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book, and the manifest continues on down the line.
Due to the copying nature of a worm and its capability to travel across networks the end result in most cases is that the worm consumes too much system memory (or network bandwidth), causing Web servers, network servers and individual computers to stop responding. In recent worm attacks such as the much-talked-about Blaster Worm, the worm has been designed to tunnel into your system and allow malicious users to control your computer remotely.

What Is a Trojan horse?

A Trojan Horse is full of as much trickery as the mythological Trojan Horse it was named after. The Trojan Horse, at first glance will appear to be useful software but will actually do damage once installed or run on your computer.  Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source.  When a Trojan is activated on your computer, the results can vary. Some Trojans are designed to be more annoying than malicious (like changing your desktop, adding silly active desktop icons) or they can cause serious damage by deleting files and destroying information on your system. Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.



Source: http://www.webopedia.com/

Discrete Mathematics - Unconscious Information Transfer

 

On the top, you can see 4 cards labelled ABCD. Now, pick a whole number ranging from 0-15.

Got it?  Yes.

Is it on card A? Yes.

Is it on card B? No.

Is it on card C? No.

Is it on card D? Yes.

The number you picked is 9.


Now, look back at the cards, try to figure out how I found out your number.

Figured it out yet?
No?

This is how it works:
1. Player picks one number between 0-15.
2. The number is on card A.
3. The number is not on card B.
4. The number is not on card C.
5. The number is on card D.

Okay, now that I have written all the clues I have, how can those clues help??

Clue number 1 : The number is between 0-15 (16 possibilities).
Clue number 2 : The number is on card A (8 possibilities left, since there are only 8 numbers on card A. Zero is also eliminated since it's not on card A).
Clue number 3 : The number is not on card B (Eliminate all numbers on card B[4,5,6,7,12,13,14,15]).
Clue number 4 : The number is not on card C (Eliminate all numbers on card C[2,3,6,7,10,11,14,15]).
Numbers Eliminated : 0,2,3,4,5,6,7,10,11,12,13,14,15
Numbers Left : 1, 8, 9
Clue number 5 : The  number is on card D.

Conclusion : Find the number (from the "numbers left" list) that is on both card A and card D.

It's 9. That's how it actually works.

So, what is the relation between this game and computer security?
As you can see, from 4 simple yes/no answers, we can get so much information, enough to guess(or in the victim's mind, "PREDICT") his number.

Therefore, you should think twice before answering any questions on the internet or elsewhere. It may lead to something harmful or dangerous, such as identity theft.


Note:
There is another method that involves memorizing answers to predict/guess player's number quickly, as soon as he/she gives us his/her fourth answer. However, I will not include this here, since this post mainly focuses on Computer Security, not algorithms.


Thank you for reading.
Cyber Frost

Finding a Website's DNS Address

What is a DNS Address? DNS (Domain Name Service) Address is a unique IP-like numbers which represents a website.

Although it is unique, some websites may share the same DNS Address.

Alright, without wasting more time, let's move on to the steps:

• Open cmd (Command Prompt)
• Type in "ping www.website.com" (without quotes)

Note: www.website.com is meant to be replaced with the web address you wish to find.
For example: ping www.google.com

• Press Enter

It will return something like this:

Click to enlarge picture

Please notice the 74.124.224.51. That is the DNS Address of Google.com.

You can apply this trick to any other website you wish to find the DNS Address of.
Simply change the www.website.com to the address of the website.


Thanks for viewing this post.

Cyber Frost

Phishing - Definition and Prevention

What is Phishing? Well, phishing can be translated into what it is read. Fishing. Yes. Exactly.
Why??
Phishing is an act of stealing usernames, passwords, and other types of personal information by using any method such as social engineering, web forgery, and many other hacking techniques.

One of these tricks, messing with links, traps unaware users that never looks into the url address bar of their browser while browsing. So, the first prevention trick would be : "Looking to your address bar whenever you browse a page."

Looking to your address bar whenever you browse a page

For instance, if your are going to http://www.facebook.com/, make sure that the browser address bar shows exactly the same as what you expect, which is http://www.facebook.com/ and not http://www.facebook.net/ or http://www.facebok.com/.

The easy way to prevent mistyping:
Bookmark the page by pressing Ctrl+D
Whenever you want to access the page, you can select it from the bookmark list to prevent mistyping which could lead to serious problems.

Now, having the first prevention method, you might ask: Is that all?

No way!

Let's see the hacker's second method:

DNS Redirection and Link Faking

DNS redirection, done by editing Windows HOSTS File, is quite dangerous too. Although you have bookmarked the page, it will still redirect you to a page with a specified DNS.

For example, you have bookmarked http://www.facebook.com/. This request will first read through the DNS list inside the Windows HOSTS File. Let's assume the content looks like this:

74.125.224.50 www.facebook.com

You will be redirected to http://www.google.com/ when you try to access your bookmarked Facebook Site.

See? Hackers are creative.

Cleaning the content of Windows HOSTS File

The Windows HOSTS File is commonly located in C:\Windows\system32\drivers\etc\hosts
To clean its content, simply follow this steps:

1. Open cmd
2. Type in "echo clean>C:\Windows\system32\drivers\etc\hosts" (without quotes)
3. Press Enter

Now, you can browse your pages safely. But, I recommend  restarting your computer first before you start browsing again, because the changes might not have taken effect until after a restart is done.

Link Faking
Link Faking is a simple yet tricky way to trap users.
Here is an example: http://www.google.com/

Clicking that link, you expect the browser to navigate to Google. However, it will bring you to Facebook. Imagine if the redirected website has a look exactly the same as your destination website, you will end up having your personal information stolen.
My advice would be : "Always be aware of your browser address bar."


DNS Spoofing
Another method, which is the last I will tell you about, is the "DNS Spoofing". This trick can be done using some programs like Cain and Abel.

It will redirect you to a forged website, which is already prepared by a hacker, without changing your address bar. You won't notice that you are on a fake website.
This trick can't be recognized by normal users. So, simply update your Antivirus program to its latest patch.

There are more ways that I haven't mentioned, hackers are always one step ahead, so be careful and always get updated with the latest information available.

Thanks for reading.

Cyber Frost