PORT FORWARDING

What is Port Forwarding

In General Sense:

I'll first explain port forwarding in a general sense. Imagine your computer is a human and imagine one port as the mouth, and the data is the food. You can close or open your mouth (port) to eat that food (data) and transfer that food into another location in your body. Same goes for your ear (another port) where it recieves sound, and so on.

The use of port forwarding is to be able to transmit data from an outside world to your computer. This allows an external user to communicate with your computer via a specified port number. Normally you do not want to do this because it can leave your computer vulnerable to attacks but in special cases that you do need this, it will prove very useful.

In Technical sense:

Port forwarding or Port Mapping commonly refers to the change of destination address and/or port on the packet with subsequent regular routing in a network address translator gateway to reach a host within a masqueraded, typically private, network based on the port number on which it was received from the originating host. It may also refer to replaying the packet or stream through a secondary socket (e.g. like rinetd) to reach its intended destination.

The technique is used to permit communications by external hosts with services provided within a private local area network (LAN).

Purposes:

Port forwarding allows remote computers (e.g., public machines on the Internet) to connect to a specific computer within a private LAN.

Port forwarding can also be used within a single machine.

Port forwarding is necessary for a standalone computer if any of the following conditions are true:

*   The computer is using a shared IP address.

*   Internet Connection Sharing is enabled.

*   A router is being used with network address translation (NAT) enabled.

 

How is Port Forwarding Configured

 

Simple Port Forwarding

 

 

 

Simple Port Forwarding is a tool that makes it easier to manage the port forwarding settings in your router. You can add new port configurations manually or select from a range of pre-configured ports for many popular applications and apply the settings directly to your router configuration. The program interfaces with the web interface of your router and basically automates the process of navigating to the correct page and entering the values. It is compatible with a wide range of routers, including most Netgear, D-Link and Linksys models as well as some other manufacturers. Simple Port Forwarding also includes additional features that allows you to set a static IP address, test your port forwarding settings, manage Windows Firewall port exceptions and access to online help and guides.

 

 

You can Download SIMPLE PORT FORWARDING Tool from Here

 

 

Continue Reading...

MALTEGO { Forensics and Intelligence Application & Information Gathering Tool }

Maltego is an open source intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. Coupled with its graphing libraries, Maltego, allows you to identify key relationships between information and identify previously unknown relationships between them. It is a must-have tool in the forensics, security and intelligence fields!

What does MALTEGO do?
Maltego is a program that can be used to determine the relationships and real world links between :


* People
* Groups of people (social networks)
* Companies
* Organizations
* Web sites
* Internet infrastructure such as: Domains, DNS Names, Netblocks and IP Addresses
* Phrases
* Affiliations
* Documents and files

These entities are linked using open source intelligence.

* Maltego is easy and quick to install – it uses Java, so it runs on Windows, Mac and Linux.
* Maltego provides you with a graphical interface that makes seeing these relationships instant and accurate – making it possible to see hidden connections.
* Using the graphical user interface (GUI) you can see relationships easily – even if they are three or four degrees of separation away.
* Maltego is unique because it uses a powerful, flexible framework that makes customizing possible -As such, Maltego can be adapted to your own, unique requirements.

Limitations
The Community Edition is limited in the following ways :
* A 15second nag screen
* Save and Export has been disabled
* Limited zoom levels
* Can only run transforms on a single entity at a time
* Cannot copy and paste text from detailed view
* Transforms limited to 75 per day
* Throttled client to TAS communication

You can download Maltego Community Edition here:

Maltego Community Edition For LINUX
Maltego Community Edition For WINDOWS

Continue Reading...

METASPLOIT: Penetration Testing Resources

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for Penetration Testing, Exploit Development, and Vulnerability Research.

The Framework was written in the Perl scripting language and includes various components written in C, assembler, and Python. The widespread support for the Perl language allows the Framework to run on almost any Unix-like system under its default configuration. A customized Cygwin environment is provided for users of Windows-based operating systems.

What is Metasploit Framework ?

Metasploit provides useful information and tools for penetration testers, security researchers, and IDS signature developers. This project was created to provide information on exploit techniques and to create a functional knowledgebase for exploit developers and security professionals.
The Metasploit Framework is both a penetration testing system and a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

What does "Metasploit Framework" do ?

The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload. Hundreds of exploits and dozens of payload options are available.

How To Use Metasploit Framework ?

Step 1:

You can Download Metasploit Framework from Here , as per your desired O.S.

Step 2:

Open Msf Console and type show exploits

Step 3:

Choose any exploits and Type use exploit name

Note: exploit name is choosen by you

Step 4:

Now you enter in exploit now type show payloads

Step 5:

Choose any payloads as per your Target and Type set PAYLOADS payload name

Note: payload name is choosen by you

Step 6:

Now you enter in payload now Type show options

Step 7:

Set all options one by one.and after that Type exploit to perform exploit.

IMPORTANT NOTE: YOU CAN SEARCH MORE EXPLOITS SIMPLY OPEN YOUTUBE.COM AND SEARCH FOR METASPLOIT. HERE YOU CAN FIND LOTS OF EXPLOIT IN VIDEO FORMAT.

METASPLOIT FRAMEWORK IS BUILT IN TOOL OF BACKTRACK

METASPLOIT FRAMEWORK IS NOT FOR SCANNING PURPOSE ITS ONLY USE FOR EXPLOIT. YOU CAN USE NMAP FOR SCANING OF REMOTE SYSTEM FOR I.P. ADDRESS AND OPEN PORT.

Continue Reading...

Phishing Tutorial:Step By Step Explained

What is Phishing ?

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites
, auction sites, online payment processors or IT Administrators are commonly used to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake.

How To Do Phishing ?

STEP 1:Firstly U Must Signup For A Free Web Hosting Service Like:
www.freehostia.com
www.ripway.com etc.....

And Register A Domain Or Subdomain.
After Getting Your Signup Done, You Have Your Own Subdomain Like For Instance You Registered With Freehostia,
Then Your Domain Is Like "Www.Yourname.Freehostia.Com"

STEP 2:
Now Login To Your Freehostia Account And Go To "File Manager" In The Freehostia Control Panel.
STEP 3:Now what you have to do is, go to your domain folder like "yourname.freehostia.com" and create a seperate folder in that directory.with the name of the site, for eg. Gmail , if you want to phish a gmail account!

STEP 4:
Now click here to Download and extract the file "phishers created by jafar.rar" to your desktop. And then open your "gmail" folder. You'll find two files there viz. "jafar.php" & "index.htm" (each phisher folder contains same files)

STEP 5:
Now upload "jafar.php" & "index.htm" to the "gmail" folder you created inside "yourname.freehostia.com"

So when you're done with the uploading part, the link to your gmail phisher is "www.yourname.freehostia.com/gmail/index.htm".

STEP 6:
Congrats!! That is your gmail phisher!! Now all you have to do is copy the link to the phisher file i.e. "www.yourname.freehostia.com/gmail/index.htm"
And send it to the victim you want to hack! When he/she'll open that link, it'll be directed to your gmail phisher and when he/she logins that page
He/she'll be redirected to the original "gmail" website and you'll get the password in the "jafar.txt" file which will be created in the gmail folder. You created in your freehostia domain and the path to that file will be "www.yourname.freehostia.com/gmail/jafar.txt" !

IMPORTANT NOTE:
CHANGE YOUR FREEHOSTIA DIRECTORY PERMISSION TO 755 SO THAT NO ONE CAN VIEW YOUR PERSONAL FILES EXCEPT THE PHISHER!!

**HAPPY PHISHING**.

Continue Reading...

Add Copy To/Move To on Win 7/Vista/XP Right-Click Menu

Hello Friends !!!
Today I'm going to tell you How to Add Copy To or Move To on Right Click Menu.
There’s a registry hack for Windows that will let you add a Copy To Folder or Move To Folder to the right-click menu, which can be very useful when you want to move a file but don’t have the other folder open already.


(1)Right-click on a file:







(2)And up pops a nice dialog that you can use to easily drop a file into the right directory.









Install
Just Download, unzip, and double-click on the registry files. You can choose to use the copy to, move to, or both.
Download Registry Tweek


Note: Registry Hack makes work easy & Customised Operating System.
Enjoy With This
Share your Ideas & comments.

Continue Reading...

How To Create CON Folder in Windows

Can you create a folder named "con", "prn", "nul" "com1" "com2" "lpt1" etc. in windows ?


The answer is NO and YES!


NO Because create a new folder and try to rename it to any one of the above specified names, you know what happens! In Windows XP the folder name automatically changes back to “New Folder” no matter you try any number of times.Where as in Windows Vista when you try to rename the file you get an error message “The specified device name is invalid”.



What is the reason for this? Simple, these names represent the internal devices and hence we cannot create folders with the above names.

YES because it is still possible to create these folders using the command prompt.Heres the instructions to create it.
1. Go to command prompt
2. Type in prompt (FOR EG. TO CREATE CON FOLDER IN E: DRIVE)
C:\>md file:///e:/con
3. To delete the folder use the following command
C:\>rd file:///e:/con
NOTE:The folder can only be deleted from the command prompt.You cannot remove it by right-click delete

ANOTHER TRICK

You can also make "con" Folder by this simple trick.

1. Right Click Make New Folder

2. Rename it By using Alt+255 after this you can give con or any name you want.

Enjoy

Post your comments also.

Continue Reading...