Saturday, August 29, 2009

Can a computer Game help fight the Swine Flu..!!

In todays world Gaming has almost reached the state where u can compare it with reality.
this was not the case some 10 years back, and this has led to uncover a lot more which gaming can provide todays society. We find a lot of teenagers who are addicted to gaming. It takes some great ideas or concept, skilled programing, high level of graphics, Dolby sound. the XBox marked a success story in the field of gaming.
Coming to the point,
A Game to tackle Swine Flu ...!!

i don't know how to treat this statement, stating that people are making use of this pandemic situation to make money out of it or a way by which they can educate the audience about the flu and ways to fight it. just to get deep into it i played an online game called
The Great Flu
which declares that its a way to let the world know about the flu and fight against it. It says - The clock is ticking, people are dying and a flu virus is sweeping the globe -- that is the scenario of a new computer game designed to make people think about how to respond to the swine flu pandemic. The scenario as the game defines involves the player who is given a limited Virtual Fund to fight the flu. Players face tough choices with limited funds -- and taking decisions such as closing major airports do not come cheap. And just to concentrate minds, a map of the world shows the spread of the virus.

"If the money is well invested, the pandemic can be stopped," said Albert Osterhaus, head of virology at Rotterdam's Erasmus Medical Centre, who is credited as the game's scientific editor.

"The game is very realistic and has an educational value," he told AFP. "It informs people how the virus spreads, what the flu is and on the ways to fight the pandemic."

Sunday, August 23, 2009

Going Anti - Antivirus !!

The Question always kept wondering me !! can I run my system without using antivirus and not jeopardize my security , and in search of answer I went over a lot of articles and finally found the answer to be yes. The reason y not using Antivirus is simple , when we fall sick we are given some disgusting medicines which hardly goes down our throat same is the case with the PC , difference is only that even if the PC is not sick the medicine has to be taken or rather given. Antivirus programs hog on to our system resource making them slow, there are lot of people who hate this including me !! also the pain of cracking the antivirus every day updating them, renewing their signatures yearly some times by paying just adds to the Crap !!! so how do we go about “Anti – Antivirus” ?? the answer is quite simple .

Using the very uncommon thing called Common sense and following some of these mentioned tips.

* Remember to use legitimate and clean software for your pc, think twice before downloading any software over internet. Remember that being without an antivirus program often means living without on-demand scanning, so a file you download online isn't as easy to check for viruses as it would be if you had an antivirus program installed. Still, plenty of people can and do assemble systems solely with commercial, off-the-shelf applications, and you can, too.

* If you have a network of PC, you can very well share the drives of a Non Antivirus PC with a Pc running Antivirus and run a remote scan. Also there are lots of sites which provide an online scan of your PC like “Trend Micro’s House Call” or ESET’s site. But ya, the limitation are that these online scanning tools won’t clean the virus but they will definitely tell you the status of your PC.

* Another way is when your windows boots up, it launches the code found in your system's BIOS (basic input-output system), which initiates the hardware in your PC and enables your operating system to identify the components you have. Within the BIOS of most PCs -- accessible by pressing F2 or Del during bootup -- is an optional boot sector protection mechanism. Enable this, and you'll protect against boot sector viruses without ever installing a single antivirus tool.

* Moreover the browsers of modern era are well loaded with threat alerts system, analyzing the unsecured Scripts, anti phishing tools, and provide the list of websites which carry virus and malware programs. Using these features won’t slow down your system.

* Free tools like windows bit defender which comes with Vista and free for download for windows XP can be used against spywares and malwares. Common sense will go a long way toward keeping your computer safe if you don't use antivirus software. Stay away from sites that are frequent carriers of spyware. These include, ironically, many sites that purportedly sell anti-spyware software.

* One of the main sources of trouble is the Email messages from unknown users. The large majority of viruses are contracted from unsolicited e-mail, so use an e-mail application with a built-in spam checker, if at all possible.

* Another Common way for entrances of virus is the usb. Now without any real-time scanner it becomes difficult to deal with USB drives. This USB drive generally contains a file names Autorun.inf which initiates the virus on the drive. And it will be triggered as soon as u plug the drive. So the solution is to disable the autorun option on windows by registry options.

Modifying the Registry is not for the inexperienced user, be VERY careful.

The modifications made in this case use Hex not Decimal numbers. If you are unfamiliar with the Registry or the characteristics of base numbering and Hex, studying these topics prior to making these modifications is advisable.

To modify these Registry Settings, Use Regedit and navigate to the following Key:

HKEY_CURRENT_USER -> Software -> Microsoft -> Windows -> CurrentVersion -> Policies -> Explorer -> "NoDriveTypeAutoRun"

The default value for the setting is 95 0 0 0. Change the first byte to 91. Restart the computer to make the new setting take effect.

So Guys these ways and of course Common sense will help u to get rid of ANTIVIRUS…. !!

Friday, August 21, 2009

INJECTIONS .... Can Be Devastating !! SQL Injections..!!

SQL injection is a type of security exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data. An SQL query is a request for some action to be performed on a database. Typically, on a Web form for user authentication, when a user enters their name and password into the text boxes provided for them, those values are inserted into a SELECT query. If the values entered are found as expected, the user is allowed access; if they aren't found, access is denied. However, most Web forms have no mechanisms in place to block input other than names and passwords. Unless such precautions are taken, an attacker can use the input boxes to send their own request to the database, which could allow them to download the entire database or interact with it in other destructive ways.

This technology being publicly released by some black hat will give script-kiddies the ability to pick up a freeware tool, point it at a Web site and automatically download a database without any knowledge whatsoever. I think that makes things a lot more critical and severe. The automation of SQL injection gives rise to the possibility of a SQL injection worm, which is very possible, estimates that about 60% of Web applications that use dynamic content are vulnerable to SQL injection.

According to security experts, the reason that SQL injection and many other exploits, such as cross-site scripting, are possible is that security is not sufficiently emphasized in development. To protect the integrity of Web sites and applications, it is recommended simple precautions during development such as controlling the types and numbers of characters accepted by input boxes via proper validations.

One of the simple method of injection is Authorization Bypass, which involves in bypassing the logon forms… the following example will make things clear!!

SQLQuery = "SELECT Username FROM Users WHERE Username = ‘" & strUsername & "‘ AND Password = ‘" & strPassword & "‘" strAuthCheck = GetQueryResult(SQLQuery) If strAuthCheck = "" Then boolAuthenticated = False Else boolAuthenticated = True End If

Here’s what happens when a user submits a username and password. The query will go through the Users table to see if there is a row where the username and password in the row match those supplied by the user. If such a row is found, the username is stored in the variable strAuthCheck, which indicates that the user should be authenticated. If there is no row that the user-supplied data matches, strAuthCheck will be empty and the user will not be authenticated. If strUsername and strPassword can contain any characters that you want, you can modify the actual SQL query structure so that a valid name will be returned by the query even if you do not know a valid username or a password. How? Let’s say a user fills out the logon form like this:

Login: ‘ OR ‘‘=‘ Password: ‘ OR ‘‘=‘

This will give SQLQuery the following value:

SELECT Username FROM Users WHERE Username = ‘‘ OR ‘‘=‘‘ AND Password = ‘‘ OR ‘‘=‘‘

Instead of comparing the user-supplied data with that present in the Users table, the query compares a quotation mark (nothing) to another quotation mark (nothing). This, of course, will always return true. (Please note that nothing is different from null.) Since all of the qualifying conditions in the WHERE clause are now met, the application will select the username from the first row in the table that is searched. It will pass this username to strAuthCheck, which will ensure our validation. It is also possible to use another row’s data, using single result cycling techniques.

Sunday, August 16, 2009

Forgot your XP login password !!??

Lost your Windows login password, cant get in ??? well the solution is real simple,
a lot of ppl do forget their login passwrd for their windows and end up formatting or reinstalling their xp. a simple trick can reset their password.
for cracking windows login passward ,boot from ur xp bootable cd and press r when ur prompted to
to do.........

now u will encounter a cmd prompt, and at the prompt type in these simple lines
1) 'cd repair'
2) 'copy sam c:\windows\system32\config'
3) press enter and restart

remember i hv considered you hv ur OS in c drive.
if u hv ur os in other drive replace c with it........

now the login passward is removed and u can set a new password to forget it once again