Archive

Posts Tagged ‘info’

Brute-force and dictionary attack, poor hacking tactics

April 29th, 2011 No comments

Mr. Das noticed that his boss entered a 5-6 digit password in his personal management project. Mr. Das noticed only 1st digit of the password. Next day he made all possible combination with 5-6 digits where the first digit was known. He used brute-force attacker software to generate and apply combination in less time. And he cracked the password.

A brute force attack means trying every possible combination until you find the right one.

Alphabet combination on wallpaper

You are free to customize input characters, password length. For example

For letters 1,3,a,t,u, some possible combinations would be

13atu

13aut

13tau

:

atu31

31tua

:

You can give input characters to limit number of words. You can also limit the length of password like if you keep password length 4 for above example then combination would be;

3au1

3ta1

:

dictionary attack is very similar to Brute-force attack. But it is little bit faster. It doesn’t make combination of input characters but uses dictionary word. This is somewhat like making anagram.

Why do I call it as poor hacking tactics?

A hacker never believes in Hit & Try. They search for a proper method. There is always some logic behind any step they take. I hacked locked folders and locked ZIP files too. But I never used any brute force attacker.

How to protect you from Brute-force and dictionary attack?

Never let anyone enter password many times nor enter password in other’s presence.

You can’t control people to enter password many times. But a programmer can do. Read below mentioned points which would help a programmer and user as well to avoid such attacks.

Programmer’s point of view

  • Lock the account after fixed number of failed login attempts.
  • Block an IP, where you get many failed login attempts from.
  • You may increase interval between two logins.
  • Don’t let user set password less than 6 or 8 length.
  • Ask users to set password containing alphanumeric & special characters.

User’s point of view

  • Password length must be more than 6-8 characters.
  • Your password must not be any dictionary word.
  • You must use alpha numeric & special characters in your password.
  • Don’t use password like your PAN# or mob# or something that can be guessed easily.
  • Change password regularly, once in a month or as per your choice.
These attacks fail breaking lengthy and stronger passwords.

Remember that brute force & dictionary attacks are not only the way to hack your password. The worst technique for users is keylogger and for programmer is SQL injection.

Categories: Discussion & reviews Tags: , ,

Know about OPEN SOURCE licenses

April 26th, 2011 No comments

I was confused to select a license to my open source font amty currency. Below guide helped me out to select appropriate license. It is easier and short to read & understand.



Categories: Interactive knowledge & Tips n Tricks & other reference stuff Tags: , , , ,

Before choosing credit card

January 13th, 2011 No comments

There are some presentations which can help you opting correct credit card as per your need.

Never forget to read faster way to pay off credit card bill.

Categories: How & Why Tags: ,

Disputed region on INDIA map, what Google and McaFee showing about

October 29th, 2010 No comments

Google shows different maps to Indians and Chinese

In the Indian Version, it shows “ Arunachal Pradesh” as a Disputed region(Not even a part of India)
where as in the Chinese version, it shows Arunachal Pradesh as an INTEGRAL PART of CHINA. Don ‘t forget to look Jammu & Kashmir part.

India version


Google india map indian version including disputed area

Chinese version

Google india map Chinese version excluding disputed area

From last 22 months this map is not changed. Might be it is present from a long time

McaFee global virus map

On the other hand, McaFee global virus map is showing Arunachal Pradesh as a part of INDIA. But he has clearly removed disputed region of Jammu & Kashmir from INDIA. This map is not changed at least from last 3 years.


McaFee global virus map india excluding disputed area

Categories: News & Information Tags: , , ,

spectrum of 12 apple flavors

October 16th, 2010 No comments

Before this, I never seen such variety of apples. I hardly seen 3-4 types of apple. And I was not really aware that all the varieties may have a name.

Just see the spectrum of apple flavors


spectrum of 12 apple flavour

*open link in new window in case you are not able to see big size poster.

Categories: Design, Interactive knowledge & Tips n Tricks & other reference stuff, Other Tags: , , , ,

Online calculators for various purposes

September 13th, 2010 No comments

Some online calculators to reduce your work.

Graphic Calculator


graph calc

MD5 Calculator



Algebra Calculator


Algebra Calculator

Math Calculator


Math calc

Rasi Nakshatra Calculator


horoscope calculator

Subnet mask Calculator


subnet mask IP calculator

Categories: Interactive knowledge & Tips n Tricks & other reference stuff, Management Tags: , ,

I had launched mobile version of article-stack.com

September 10th, 2010 No comments
article-stack mobile theme

Hi friends,

I had launched mobile version for my site today. Now you can visit it directly from your mobile. Lite version of the site will be loaded to your mobile. That will let your surf fast. And will not eat your bandwidth.

If you want to visit its mobile version on your PC you need to surf http://article-stack.com/?mobile once. After this you can visit any article on this site as you are surfing on mobile. To visit normal version you will have to delete cache of your browser.

Since the site loads with minimal contents, less size of images so you might not feel high quality surfing while you are surfing its mobile version on your PC.

Moreover, since many plugins & widgets are not loaded to keep mobile version liter, so you might face appearance problem while reading an article.

I’ll try to fix all issues soon.

Categories: Other Tags: , ,

Twitter custom background on low resolution

September 8th, 2010 No comments

Have you ever changed background image of your twitter background? You can do it from its setting page.

Now see what problem may arise when someone looks your twitter profile on low resolution screen. I found it while designing theme for my site.


Twitter custom background bug

If you are building a site with big background don’t forget to read fix for web page background position.

Categories: Interactive knowledge & Tips n Tricks & other reference stuff Tags: , , , , , ,

What is captcha?

September 2nd, 2010 No comments

Many sites use CAPTCHA security. You can see CAPTCHA when you

1. register on any site
2. are booking train or flight ticket
3. change password
4. put some link in scrap on orkut etc.

How does it look..

captcha

CAPTCHA is nothing but an image drawn in a style so only human can understand it. No software like handwriting recognition or pattern matching software, must be able to recognize them. As per their complexity you can find many types of CAPTCHA. Sometimes CAPTCHA is not an image. It might be a mathematics calculation. And you are supposed to enter its result.

CAPTCHA ensures human presence.

Why human presences need to be checked? Can animal download the files or can do any registration process? ha ha ha.

No but some good programmers can build application called virus which can download multiple files from a site or a single file multiple times. It may be used to increase number of hits to that file or with any other purpose. These scripts can be used to make a server down or with many other harmful purposes. So CAPTCHA is needful.

CAPTCHA saves you from brute force or dictionary attacks as well.

Categories: Interactive knowledge & Tips n Tricks & other reference stuff Tags: , , ,

Ganesha Symbolism

August 21st, 2010 No comments

This is an image i found over the net. I find many students who ever search for this image. So i am sharing it here.

lord ganesha symbolism

Categories: Design, Entertainment, Other Tags: , ,

when Yatra failed

August 4th, 2010 1 comment

On date 2nd Aug, I found Yatra.com, a popular site for traveling, in trouble. I can’t say whether there was a problem in their database or they were cheating with their customers. As you can see in below screen shots, you’ll found some coding related issues. These issues are expected while web pages are changed frequently. Or it runs across various platforms. I run YATRA on IE7 on windows machine.

1
I entered FROM station name then i moved to next text box. Suddenly i found that i filled a wrong entry. But i was unable to move to any text box. Neither using key board nor using mouse. I was supposed to refresh page. Or to continue search with wrong entries.

yatra locked


2
Even though the page was not showing any error in loading java script, I found that their AJAX based search was not working properly It was not giving any station name” suggestion.

yatra suggestion failed

We also found many errors that time. But as per our assumption, some back end activities must going on. They must launch site in their testing servers first.

3
Well Now see what happen when my one colleague tried to book a ticket. YATRA was giving an offer that “Book any one rail ticket and get one airline ticket free” (domestic traveling). He found that most of the trains were canceled. We were surprised that how could it be happen with many trains while no one is seasonal train. We found same train on railway’s site. You can see it screen shot.

yatra fake entries

Categories: Discussion & reviews Tags: , ,

Why does robots.txt is important?

August 1st, 2010 2 comments
robots.txt

What is robots.txt ?
When a search engine crawler comes to your site, it will look for a special file on your site. That file is called robots.txt and it tells the search engine spider, which Web pages of your site should be indexed and which Web pages should be ignored.

Where to place it?
The robots.txt file is a simple text file (no HTML), that must be placed in your root directory, for example:

http://www.yourwebsite.com/robots.txt


How to create it?
This is simple text file. There are basically 2 parts;
1
User-agent
The User-agent line specifies the robot. For example:
User-agent: googlebot

You may also use the wildcard character “*” to specify all robots:
User-agent: *

You can find user agent names in your own logs by checking for requests to robots.txt. Most major search engines have short names for their spiders.

1
Disallow
The second part of a record consists of Disallow: directive lines. These lines specify files and/or directories. For example, the following line instructs spiders that it can not download adminlogin.amty:
Disallow: adminlogin.amty

You may also specify directories:
Disallow: /cgi-bin/
Which would block spiders from your cgi-bin directory.

There is a wildcard nature to the Disallow directive. The standard dictates that /bob would disallow /bob.html and /bob/indes.html (both the file bob and files in the bob directory will not be indexed).

If you leave the Disallow line blank, it indicates that ALL files may be retrieved. At least one disallow line must be present for each User-agent directive to be correct. A completely empty Robots.txt file is the same as if it were not present.


Self understanding Example;

Sitemap: http://www.yourwebsite.com/sitemap-web.xml
Sitemap: http://www.yourwebsite.com/sitemap-mobile.xml
Sitemap: http://www.yourwebsite.com/sitemap-image.xml
Sitemap: http://www.yourwebsite.com/sitemap-video.xml

User-Agent: *
Disallow: /wp/wp-admin/
Disallow: /wp/wp-includes/
Disallow: /wp/wp-content/
Disallow: /wp/wp-
Disallow: /go/
Disallow: /forums/profile/

1. Hackers might use less popular crawlers to search restricted material over our site. In such a case either you should specify all user-agents or just use wild character.

2. Try to avoid comments in robots.txt


What you can do with robots.txt
You can stop crawlers to look into into your site contents.
You can protect cache folders, private folders from outsiders.

What to hide?
1. Cache folders & files
2. Search results
3. Login page

Never forget to read about how to use robots.txt to hack actual path of wordpress installation directory.

Categories: How & Why, Interactive knowledge & Tips n Tricks & other reference stuff Tags: ,

Powerset vs Google, who is better?

July 30th, 2010 No comments
kangana on google

Database size of powerset search engine is very less than google. So it display limited search results. Still I prefer powerset. Specially when I don’t have exact word to search.
Searching over powerset is based on natural language processing. It can understands your question and arranges the results accordingly.


I searched for “kangana”. Powerset identifies it as people name. And gave little bibliography of the person. Then it displayed the rest results. While google takes it as a word only. Google doesn’t categorized or grouped the result.

kangana on powerset

Even though I prefer google. Why?
I prefer powerset when I am not having exact word to search. I searched over powerset, collects word and prepare new search query for more relevant search through google. I never prefer powerset for recent news or images or any activities. As per my opinion, powerset is very good search engine but for historical search only.
I feel powerset is just a very good replacement of wikipedia. If you are preparing reports or working on some case study then powerset can help you a lot.

What I missed in powerset…

Safe search off
There is no option to enable or disable safe search. Although the contents provided by powerset are filtered in itself.

Real time search
Powerset doesn’t search for current activities or news. It just searched over wikipedia.

Less data base size
Large database provide you better results. It also helps to bring most popular and relevant web pages in front of users. Even though powerset give most relevant search. Still the contents provided them are not sufficient to me.

Why powerset is best?

If you consider powerset and google as two people and whole world as library then I would say that powerset will bring you only the books you really required. On the other hand, google will bring many books which may or may not suite to your searches.

Why google is best?

Powerset searches over limited data. So the results are not rich enough. If you are searching for basic principal then one good book may be sufficient for you. But if you are searching for tips & tricks or some smarter ways to do the same task then you’ll have to refer other books and research papers as well. Google has huge amount of data. So it gives more result. Some of them may suggest you some different and better result which you might not expected. Moreover google scans all web periodically. So the contents provided by google are generally latest.

When to use powerset?

As I already had written above, If you are not having exact word what you are searching for, then you must prefer powerset. Moreover if you are doing some case study or preparing reports then powerset can help you a lot. Besides, google search for words in a statement but powerset can understand a question. So if you are writing a question like “Where is mumbai?”, then powerset can give you more relevant results.
Please note this
There is no comparison between google and powerset. It depends on what you are searching for.
Categories: Discussion & reviews, Other Tags: , , ,

India’s Right to Education 2010, a hope

July 29th, 2010 1 comment
child education


Highlight

  1. Every child between the ages of 6 to 14 years has the right to free and compulsory education. This is stated as per the 86th Constitution Amendment Act added Article 21A. The right to education act seeks to give effect to this amendment
  2. The government schools shall provide free education to all the children and the schools will be managed by school management committees (SMC). Private schools shall admit at least 25% of the children in their schools without any fee.
  3. The National Commission for Elementary Education shall be constituted to monitor all aspects of elementary education including quality.

Our finance department has provided approximately 25,000 crore RS./ For this act.

Categories: News & Information Tags: , ,

Welcome

June 26th, 2010 No comments

Welcome to article-stack!! This is Amit Gupta (amty) returned back with new domain name, new look, new ideas and new contents. Let me tell you about this site and how it helps you. I designed this site is with the aim of sharing knowledge. There is no money matter behind this. Although to run this site healthier i would like to display some ads in some decent way. So they will not disturb your reading. I’ll tell later about how to display ads on this site. I am managing this site with my younger sister’s help. And with support of my family and friends.
About contents

My aim is to provide contents which are suitable to all age of group. You will get lots of charts, snippets, time lines , and muck more which will create and increase your interest to improve your knowledge. Its all about interactive learning. You would get ready to use code, database files to download, reviews over online services or products that i already handed out.

If you want to be updated with article-stack you may get its subscription by providing your email in right side bar.

All the contents on this site whether it is text or image or animation or any stuff for downloading, can be used freely by any for study & learning purpose. But publishing the same contents or stuff with other name is prohibited. You need to take prior permission to display any contents directly taken from this site.

I’ll appreciate if you visit my other site Think Zara Hatke. On the TZH, you can post your own articles with your name and can share on other sites. Only the problem is, your contents must not be common and the title of your article must be attractive.

Categories: Other Tags: ,