Build your own Web Proxy in 10 Easy Steps

October 23rd, 2009   •   12 Comments   

With the emergence of World Wide Web threats of Identity theft is greatly increased, now people instead of using traditional mail started using Electronic mail as default mode of communication, instead of using cash to buy needed stuffs they started using Credit Card online to buy whatever they wish. This made everything vulnerable to theft of data as well as identity. To get rid of these threats Internet geeks already started using the web proxy to safeguard there Online Security, but using Public Proxy server is still risky as you can not trust people you don’t know.

Here, today I’m going to discuss free and easiest way to build your own Windows based web Proxy Server in simple and easy steps that anyone with basic knowledge of networking & Administrative privilege can use it to increase the label of there Security.

Software Requirements:
OpenSSH
Putty
Privoxy
PortableFirefox
Steps involved in Installation & Configuration:
  1. Install OpenSSH on your PC
  2. Install Privoxy on your PC/Server
  3. Now install Putty/PortaPutty and PortableFirefox on your thumbdrive.
  4. Now as you have already installed OpenSSH just run it once and make sure SSHD service is running as system account and server is configured to respond on port/socket 443, also make sure you are able to SSH into your server from another machine on the same network.
  5. Configure Privoxy to run as a service and make sure port number is set to communicate on default port 8112.
  6. Now double click Putty to open its basic configuration window and specify the following:
    • Hostaname(or IP address) : ip_address_of_server
    • Port : 443
    • Protocol : SSH
  7. Now Go to SSH>Tunnels, and make the following entry within specified field:
    • Source Port : 8118
    • Destination : 127.0.0.1:8118
    • Click on radio button to select Local, Auto
  8. Now Go back to the Session section where you specified Hostname(IPAddress), and Save this whole session with a new name.
  9. Now finally Open Firefox and Go to Tools>Option>General tab>Connection Settings and select Manual Proxy Configuration:
    • HTTP Proxy : 127.0.0.1
    • Port : 8118
    • SOCKS v5
  10. Save this configuration and you are done.

Now all your web traffic is set to walk through the Proxy Server’s path which is configured in Putty, here in Putty it is configured to reroute all your web traffic to the server you are connecting through port 8118.

Here Thumdrive is used for your mobility and it is optional. For those who want to configure it on there system they can repeat the same with there favorite browser either Opera or IExplorer

Microsoft’s released six security updates

October 29th, 2007   •   No Comments   

Microsoft’s released six security updates and re-released one for this month.

MS07-055 – addresses a vulnerability in Windows (KB 923810)
Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution

Severity Rating: Critical

MS07-056 – addresses a vulnerability in Windows (KB 941202)
Security Update for Outlook Express and Windows Mail

Severity Rating: Critical

MS07-057 – addresses a vulnerability in Windows (KB 939653)
Cumulative Security Update for Internet Explorer

Severity Rating: Critical

MS07-058 – addresses a vulnerability in Windows (KB 933729)
Vulnerability in RPC Could Allow Denial of Service

Severity Rating: Important

MS07-059 – addresses a vulnerability in Windows (KB 942017)
Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007 Could Result in Elevation of Privilege Within the SharePoint Site

Severity Rating: Important

MS07-060 – addresses a vulnerability in Microsoft Office (KB 942695)
Vulnerability in Microsoft Word Could Allow Remote Code Execution

Severity Rating: Critical

Re-released

MS05-004 – addresses vulnerabilities in Windows and Windows Server (KB 887219)
ASP.NET Path Validation Vulnerability (887219)

Severity Rating: Critical

You can Download these updates for your PC from the Microsoft Update Web site .

XSS Attack Technique used by attackers

October 28th, 2007   •   4 Comments   

XSS attacks can be perform in two different ways, non-persistent and persistent. Non-persistent attacks require a user to visit a specially crafted link laced with malicious code. Upon visiting the link, the code embedded in the URL will be echoed and executed within the user’s web browser. Persistent attacks occur when the malicious code is submitted to a web site where it’s stored for a period of time. Examples of an attacker’s favorite targets often include message board posts, web mail messages, and web chat software. The unsuspecting user is not required to click on any link, just simply view the web page containing the code.
Here’s how?

Persistent Attack

Most of the web sites host bulletin boards where registered users may post messages. A registered user is commonly tracked using a session ID cookie authorizing them to post. If an attacker were to post a message containing a specially crafted JavaScript, a user reading this message could have their cookies and their account compromised.
Cookie Stealing Code Snippet:

Non-Persistent Attack

Most web portals offer a personalized view of a web site and greet a logged in user with “Welcome, “. Sometimes the data referencing a logged in user are stored within the query string of a URL and echoed to the screen.
Portal URL example:

In the example above we see that the username “Joe” is stored in the URL. The resulting web page displays a “Welcome, Joe” message. If an attacker were to modify the username field in the URL, inserting a cookie-stealing JavaScript, it would possible to gain control of the user’s account.

A large percentage of people will be suspicious if they see JavaScript embedded in a URL, so most of the time an attacker will URL Encode their malicious payload similar to the example below.

URL Encoded example of Cookie Stealing URL:
c1

Decoded example of Cookie Stealing URL:
c2

SpyShredder : Manual Removal Instruction

October 27th, 2007   •   5 Comments   

Today someone asked me if I could remove Spy-Shredder, as it becomes challenge for him to remove it completely. He said that he dumped AVG Anti Spyware free version on the system and find SpyShredder, and removed it. Although after every restart it reappears again n again.

Tech details:

Spy-Shredder, is the successor to the rogue anti-spyware program called SpySheriff. SpyShredder get installed on your computer without your permission through the use of some Trojans program and other malware. Once installed, the Trojans will display message boxes on your screen stating the following:

NOTICE: If your computer has been running slower than normal, it may be infected with Viruses, Adware or Spyware. Spy-Shredder will perform a quick and completely FREE scan of your system for malicious programs.

Here I’m posting a quick n successful guide to remove it manually.

1. First Open Task Manager (Ctrl+Alt+Del/Esc)

2. Now Go to the processes tab, and end the following three processes (if its thr)
SpyShredder.exe
avp.exe
mgrs.exe

3. Unregister the following files one by one. (By clicking start -> Run -> and typing regsvr32 /u ***)
where i have typed ***, replace with the following file names (do 1 at a time)
SpyShredder.exe
avp.exe
mgrs.exe

4. Go to My computer and browse to C:\Program Files. Look for a folder named SpyShredder. Delete this folder (when you delete the folder hold the Shift key on your keyboard to perminantly delete it)

5. Restart the PC.

Hackers claim zero-day flaw in Firefox

October 26th, 2007   •   8 Comments   

firefox-lock

Originally posted By Joris Evers, News.com

SAN DIEGO, The open-source Firefox Web browser is critically flawed in the way it handles JavaScript, two hackers said Saturday afternoon.

An attacker could commandeer a computer running the browser simply by crafting a Web page that contains some malicious JavaScript code, Mischa Spiegelmock and Andrew Wbeelsoi said in a presentation at the ToorCon hacker conference here. The flaw affects Firefox on Windows, Apple Computer’s Mac OS X and Linux, they said.

“Internet Explorer, everybody knows, is not very secure. But Firefox is also fairly insecure,” said Spiegelmock, who in everyday life works at blog company SixApart. He detailed the flaw, showing a slide that displayed key parts of the attack code needed to exploit it.

Video: Hackers claim Firefox zero-day flaw
Is the browser more vulnerable than thought?

Video: Hackers vs. Firefox
Mozilla antsy about expolited Firefox flaws.

Visit http://news.zdnet.com/2100-1009_22-6121608.html for more information on this issue.

Firefox Update Plugs 8 Security Holes

October 25th, 2007   •   No Comments   

firefox

Mozilla has recently announced update to its Mozilla Firefox Web browser that corrects at least eight separate security flaws, including two that Mozilla flagged as especially serious. Firefox users should have already received an update that brings the browser to version 2.0.0.8.
Mozilla also says that these update may create some problem for MAC user. If u want to learn more about these updates or if u r looking for diagnose any glitches with updates or other browser related question then u can visit this Forum http://forums.mozillazine.org/viewforum.php?f=38

More Link:-
Firefox essential Plug-ins
Firefox recommended Add-ons

Twick your Firefox to make it more Faster

October 24th, 2007   •   No Comments   

Just follow these simple Steps to Boost your Firefox to make it work much more faster then evr.

Type “about:config” into the address bar of ur Firefox & hit enter.

>Scroll down and look for the following entries:

network.http. pipelining
network.http. pipelining. maxrequests
network.http. proxy.pipelining

>Alter the entries as follows:

Set “network.http. pipelining” to “true”
Set “network.http. proxy.pipelining ” to “true”
Set “network.http. pipelining. maxrequests” to some number like 30.

Now right-click anywhere and select New-> Integer. Name it “nglayout.initialpa int.delay” n set its value to “0″. & You r done.

[Here this value is the amount of time the browser waits before it acts on information it receives.]

Make Your Internet Explorer As Fast As FireFox

October 23rd, 2007   •   No Comments   
Do u know that it is possible to make your Internet Explorer as fast as Firefox, if not then follow these simple steps:

Just Go to Start>Run n type regedit to open your registry editor, Once it open, navigate to key HKEY_CURRENT_ USER\Software\ microsoft\ Windows\Current Version\Internet Settings. Now in right side pane Right click > New > DWORD. type MaxConnectionsPerServer > You can set value (higher the value, the higher
speed u get, Exmpl : 99). Create another DWORD >type MaxConnectionsPer1_0Server. Now put same high value as mentioned above. Finally Restart Internet Explorer. And u r done.

The Ghost In The Browser

October 22nd, 2007   •   No Comments   

Today I found an interesting link on the Analysis of Web-based Malware produced by Google to present the state of malware on the Web and emphasize the importance of this rising threat. This whitepaper is really awesome where they discussed different mechanisms used to inject malicious content on popular web sites: web server security, user contributed content, advertising and third-party widgets, here they also point out large number of the exploits found having to do with website vulnerabilities, including those found within ASP and PHP and additionally a big chunk was delivered through holes in the site that allowed XSS.

All about threats and Vulnerabilities: As we know this thing very well that more users are connected to the Internet and conduct their daily activities electronically, computer users have become the target of an underground economy that infects hosts with malware or adware for financial gain. Unfortunately, even a single visit to an infected web site enables the attacker to detect vulnerabilities in the user’s applications and force the download a multitude of malware binaries. Frequently, this malware allows the adversary to gain full control of the compromised systems leading to the ex-filtration of sensitive information or installation of utilities that facilitate remote control of the host.

Test your Antivirus with EICAR file

October 19th, 2007   •   No Comments   

eicar

 EICAR Antivirus Testing Standard
(E
uropean Institute for Computer Antivirus Research)

To Test Just Copy & Paste the following line in Notepad n save it as EICAR.COM

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

When done, the resulting file will have either 68 or 70 bytes.
When u scans this file with any anti virus, it will report finding EICAR Test-¬NOT virus!!.
It is really very important to know that this is not a Virus n will not infect your Computer anyway, actually The Eicar Standard AntiVirus Test File is a combined effort by antivirus vendors throughout the world and EICAR organisation to come up with one standard by which customers can verify their antivirus installations