Tricks And Tweaks

With hackers becoming to a greater extent than in addition to to a greater extent than sophisticated, most users are worried close the security of their personal data. There are many options available to protect the user’s information but none comes around encryption inwards damage of security offered. This article contains some of the best in addition to slow to role methods that allow yous to password protect in addition to encrypt of import files in addition to folders inwards Windows without spending anything.

Encrypting files inwards Windows using the Encrypting Files System (EFS)

Windows offers an inbuilt encryption method called EFS to protect sensitive information from unwanted users. EFS tin sack last used exclusively on difficult drives formatted equally NTFS in addition to on professional person in addition to premium editions of Windows 10, Windows 8.1, Windows 8, Windows Vista or Windows XP. Home editions of Windows practise non back upward this.

To encrypt files amongst EFS, follow these steps:-

1. Right click on the file or folder yous desire to protect in addition to click on Properties at the bottom of the menu.
2. This volition convey upward the Properties window. In this window nether the General tab, click on Advanced.
3. In the Advanced attributes window, tick on Encrypt contents to secure data option.
4. Click OK in addition to Apply.

If the file is encrypted successfully, its call volition by in addition to large last visible inwards greenish color.

If yous encrypt files in addition to folders amongst EFS, it would non alter how yous access those files in addition to folders. You would all the same last able to read, modify in addition to delete those files equally long equally yous are logged into the user concern human relationship that encrypted those files. However, other users from dissimilar user accounts would non last able to practise this. For example, if yous bear the encrypted file inwards a flash drive, yous would non last able to access it from other computers. To access it from other computers, yous volition demand your encryption key.


Make certain that yous backup your encryption fundamental when Windows prompts yous to practise so. It volition last required inwards instance yous desire to access the encrypted files from a dissimilar user concern human relationship or from a dissimilar computer.

To dorsum upward your encryption key, click on the Back upward now pick inwards the pop upward that comes when yous kickoff encrypt a file or folder. Then, click Next on the window titled Certificate Export Wizard. Enter a password for your certificate (make certain it is tough but also slow to remember), select a location to salve it, give it a call in addition to click Finish.

In instance Windows does non prompt yous to dorsum upward your encryption key, yous tin sack dorsum it upward from the File Encryption Certificates manager. Since, EFS relies on your user concern human relationship to give access to protected files, it is of import to select a rigid password for your Windows user account.

EFS is relatively quick in addition to hassle costless but non totally secure equally Windows stores an unencrypted version of protected files inwards the temporary folder (when yous access them) which tin sack last easily accessed past times whatsoever experienced figurer user. To overcome this weakness, ensure that yous build clean upward your temporary files amongst the Disk Cleanup utility every fourth dimension yous access your protected files.

BitLocker

BitLocker is a Windows utility that allows yous to encrypt difficult drives in addition to removable storage devices. BitLocker also uses EFS mentioned inwards a higher house amongst a shaver difference. It encrypts the entire crusade instead of encrypting private files in addition to folders.

With BitLocker too, yous wouldn’t respect much deviation piece using your figurer but if anyone else tries to access them on a dissimilar computer, he volition last shown a covert call for the password. BitLocker To Go tin sack last used to encrypt removable flash drives equally well. BitLocker also depends on the security of your Windows user concern human relationship to ensure that files stay private. Hence, it is extremely of import to role a rigid Windows password.

BitLocker tin sack last turned on inwards the Control Panel. BitLocker exclusively industrial plant on devices having TPM. In instance your PC does non accept TPM, yous volition larn an fault maxim “This device can’t role a Trusted Platform Module.” TPM is a exceptional circuit that’s built onto the motherboards of BitLocker compatible computers.

BitLocker is exclusively available on Professional editions of Windows.

7ZIP

7Zip is a costless in addition to opened upward beginning compression utility that has the pick of allowing users to create a password protected archive. The encryption offered past times 7Zip is AES-256 (AES stands for Advanced Encryption Standard), which is virtually impossible to cleft in addition to used past times everyone from giant tech companies to your adjacent door information technology expert.

7Zip tin sack also allow yous to encrypt the file names inwards the archive in addition to then that no 1 without the correct password has a clue equally to what is acquaint within the protected archive.

To encrypt files in addition to folders amongst 7Zip, either create a novel password protected archive from the 7Zip file managing director or only correct click on the folder or file yous desire to protect in addition to select “Add to archive” from the 7zip sub-menu.

You tin sack select either 7Zip’s .7z or .zip format. If yous role .zip format, an additional encryption method called ZipCrypto is available, which is also goodness but non equally secure equally AES-256. Also, if yous role a .zip archive, yous cannot encrypt file names.

7Zip supports multiple platforms, is slow to role in addition to also real fast when it comes to creating in addition to extracting archives.

VeraCrypt

VeraCrypt is a fork of in addition to successor to the extremely pop in addition to discontinued encryption software TrueCrypt. VeraCrypt claims to accept removed the issues that were raised piece security auditing TrueCrypt. It supports Microsoft Windows, Mac OS X in addition to Linux.


Like TrueCrypt, VeraCrypt is completely costless in addition to supports AES, Serpent in addition to TwoFish encryption ciphers. VeraCrypt is unproblematic to role in addition to offers real fast encryption process. VeraCrypt also allows a unmarried hidden book to last created within some other volume. The Windows version of VeraCrypt tin sack last used to create in addition to run a hidden encrypted operating system. The best business office close this software is that its code is available for review in addition to the developers claim an private security audit is existence planned.

Important Tips:

1. It is of import to banker's complaint that at that spot are several tools in addition to utilities available inwards the marketplace position that allow yous to interruption encryption in addition to passwords. The programs mentioned inwards a higher house volition maintain your information rubber from a large bulk of such tools but they, similar all methods of encryption are non infallible.
2. Even if yous encrypt a file, it can all the same last deleted. So, last certain to dorsum upward your encrypted files.
3. Make certain that yous role a memorable password in addition to maintain your encryption fundamental rubber to forestall yous from losing access to your encrypted files.

With the basis going wireless inwards every sphere of technology, the query of safety has oftentimes been raised. The same is truthful for wireless network networks alongside hackers together with Wi-Fi intruders e'er looking for ways to gain access to unsecured networks.

Security aside, at that topographic point are several reasons why yous mightiness desire to protect your Wi-Fi network. Influenza A virus subtype H5N1 secured wireless network volition non exclusively hateful reduced bills but also faster network speeds. This post service contains few uncomplicated techniques yous tin dismiss role to brand for sure that your wireless network is equally secure equally it possible tin dismiss be.

Protect your Wireless Internet Network

1) Encrypt your Wi-Fi Network: When yous role a Wi-Fi network for accessing the internet, every slice of information yous ship together with have over the air tin dismiss live on easily snooped past times anyone alongside the correct laid upward of tools. Packet sniffers tin dismiss live on used past times fifty-fifty the most novice of users to sniff your data. This way that a hacker tin dismiss non exclusively encounter which websites are yous accessing but also larn the login details of your personal together with professional person accounts.

Encryption basically involves scrambling the information that is transmitted together with received past times yous piece using a wireless network. This way that fifty-fifty if a hacker intercepts your information transmission, (s)he volition non live on able to exploit the information contained inside it.

There are 2 encryption standards available that yous tin dismiss use: WEP (Wired Equivalent Privacy) together with WPA (Wireless Protected Access). WEP is the older touchstone of encryption together with tin dismiss straight off live on bypassed inwards a affair of minutes. WPA is relatively newer but it withal has safety holes. AirCrack together with coWPAtty are 2 complimentary tools that allow anyone to easily cleft WEP together with WPA encryption using bruteforce technique. WPA2 is the latest touchstone together with is what yous must role if yous desire the highest degree of protection for your wireless network. The encryption keys used alter each fourth dimension a device accesses the network making WPA to a greater extent than hard to hack.

The encryption used past times all devices inwards the network must live on the same for the network to move properly. Your network will exclusively live on equally secure equally its to the lowest degree secure device. Make for sure all devices yous role back upward WPA2 encryption. Use a rigid encryption key. Make for sure that it is longer than 10 characters together with contains a mixture of majuscule together with pocket-size letters, numbers together with symbols. Do non role mutual words together with materials that people tin dismiss approximate virtually yous equally your password.

2) Replace default passwords on your router alongside rigid passwords: The biggest error most wireless network users brand is non changing default passwords on their routers. Hackers utilize world databases that incorporate default passwords together with usernames from virtually every manufacturer. This enables them to alter the safety settings of your router according to their needs. Using a rigid password for your router ensures that hackers together with miscreants cannot alter your network's safety settings. To alter the password on your router, see Administration settings on your router's settings page. Also, create non shop passwords inwards browsers equally they can live on easily made visible.

3) Change default SSID
Your network's SSID or Service Set Identifier is the mention of your wireless network. Usually, the SSID is the mention of the router's manufacturer along alongside the model give away of the router. Changing it to non display this information prevents yous from giving additional information virtually your router to prospective hackers.

4) Do non broadcast your SSID
Hiding SSID prevents unsophisticated together with inexperienced hackers together with wifi intruders from determining that your network exists. Hiding your SSID is relatively slowly together with the alternative to create hence is commonly nether basic wireless settings on your router's settings page. However, it is of import to annotation that or hence devices, including those running newer versions of Windows, volition present every network fifty-fifty if they cannot position its name. Moreover, your network volition withal incorporate the SSID inwards information packets making unmasking ridiculously slowly alongside tools similar inSSIDer, Kismet together with Commview for WiFi.

5) Use scary names to discourage Wi-Fi theft: If your wireless network has a mention similar C:\virus.exe, most people who mightiness otherwise access your network volition non for the fright of getting their devices infected. You tin dismiss role your inventiveness to discover to a greater extent than unsafe names for your wireless network.

6) See Connected Devices List: Almost every novel router volition guide keep a page which displays the listing of every device that is connected to the network. You should cheque this page at regular intervals to encounter that unknown devices are non leeching your network. When yous encounter an unknown device, yous tin dismiss live on for sure that someone has breached your network. You tin dismiss endeavour AirSnare, a complimentary utility which scans your network for unexpected MAC addresses together with also looks into DHCP requests.

7) Turn off Guest networking: While most routers volition guide keep invitee networking disabled past times default, it e'er pays to encounter that yous may non guide keep accidentally enabled it. Guest networking allows others to access your network.

8) Enable MAC address based filtering: Media Access Control or MAC address identifies each device connected to your network. MAC address is an alphanumeric fundamental separated past times colons. Enabling MAC address based filtering allows exclusively devices having exceptional MAC addresses to access your network. You demand to move into the MAC address of every device yous want to allow to connect to your network on your router's settings page. This prevents unknown devices from connecting to your network fifty-fifty if they know your password. To discover the MAC address of your computer, opened upward command prompt together with execute “ipconfig /all” without quotes inwards Windows based computers.

While it may preclude inexperienced users from getting access to your network, experienced hackers together with advanced users tin dismiss role a wireless network analyzer similar Nmap together with and then alter the MAC address of their computer.

9) Keep your firmware upward to date: Router vendors regularly loose firmware updates together with post service them on their websites. You should occasionally cheque the manufacturer's website to encounter if a novel firmware update has been released. Newer routers volition automatically inform yous when novel firmware is available.

10) Reduce wireless indicate range: If yous trim the attain of your wireless network, mutual feel tells that it volition preclude hackers located at a distance from detecting your network. This has the wages that if hackers create non know that a wireless network exists, they volition non endeavour to interruption into it. You tin dismiss house your router at places which would block the Wi-Fi signals. While this technique is advantageous, a hacker groovy on hacking into your network volition simply guide keep to role a larger antenna to pick upward your router's signals. Moreover, reducing the attain of your wireless network mightiness motility troubles for genuine users.

11) When non using your network network, plough it off: This is self explanatory. If yous are non using your network, turning it off saves yous from giving extra fourth dimension to hackers to endeavour together with hack into your wireless network. While it may live on impractical to plough off your network every fourth dimension yous are non using it, it withal is advisable to create hence during extended periods of non use.

If yous follow all these techniques, your Wi-Fi network volition live on a lot to a greater extent than protected together with hackers volition guide keep a tough fourth dimension breaking into it.

Windows automatically creates an Administrator concern human relationship amongst elevated privileges during the installation process. We generally demand to access it to perform tasks express entirely to arrangement Administrators. These are tasks performing which lawsuit inwards the UAC scream for for confirmation fifty-fifty if y'all are using an concern human relationship amongst administrative privileges. The elevated Administrator concern human relationship is disabled past times default inwards Windows 7, Windows 8, Windows 8.1, Windows 10 together with Windows Vista.

To activate it, y'all demand to utilisation whatever i of the the next elementary methods.

Important: It is recommended to entirely utilisation this concern human relationship for troubleshooting purposes together with disable it i time the chore is complete. Even if y'all create move out it enabled, protect it amongst a rigid password to foreclose unauthorized access.

Enable/ Disable the Administrator Account Using the Elevated Command Prompt

Command Prompt together with guide Run every bit Administrator. Windows eight together with 8.1 users, search for CMD on the Start enshroud together with inwards the results returned, correct click on Command Prompt together with guide Run every bit Administrator. Windows 10 users, search for CMD inwards the showtime bill of fare together with press Ctrl+Shift+Enter.

2. In the Elevated Command Prompt, type together with execute the next command.

net user administrator /active:yes

3. You should encounter a message indicating that the ascendance was completed successfully.

4. Upon logging out, y'all volition encounter the Administrator concern human relationship available on the login screen.

Disable the built-in Administrator account

To disable the Administrator account, type execute the next ascendance inwards Step 2.

net user administrator /active:no

This volition disable the Administrator concern human relationship together with it volition no longer seem on the login screen.

Enable the Administrator concern human relationship using the Local Users together with Groups Manager

1. Press Windows key+R to opened upward the Run dialog box.

2. In it, type lusrmgr.msc together with press Enter. This volition showtime the Local Users together with Groups Manager.

3. In the Local Users together with Groups Manager, click on Users inwards the left manus pane.

4. Then, inwards the move expanse on the correct side, double click on Administrator.

5. In the next dialog box, uncheck the Account is disabled pick together with click OK.

6. Administrator concern human relationship volition endure at nowadays available on the login screen.

To disable the Administrator account, cheque the "Account is disabled" pick inwards pace 5.

This method volition entirely move if y'all are using Professional or Enterprise editions of Windows 7, Windows 8(.1) together with Windows 10. If y'all are using habitation together with basic versions of these operating systems, this method volition non move for y'all every bit Local Users together with Groups director is non available on them.

Enable or Disable the Administrator concern human relationship using the Local Security Policy Editor

1. Press Windows key+R to opened upward the Run dialog box.
2. Type secpol.msc together with press Enter. This volition showtime the Local Security Policy Editor.

3. In the Local Security Policy Editor, navigate to Local Policies\Security Options.

4. In the move expanse on the correct side, double click "Accounts: Administrator concern human relationship status."

5. In the next dialog box, encircle Enable or Disable to respectively enable together with disable the Administrator account.

6. Press OK. Log off to the login enshroud to encounter the Administrator account.

Local Security Policy Editor is non available on habitation editions of Windows.

SQL Injection attacks with Havij

This is a fictional adventure with fictional characters that have fictional (non)skills based on true events. This post was created for informational purposes only and no admins lost their job during the writing of this story. It was inspired by Troy Hunt's "Hacking is child's play" article.

Bob, a 20-something year old boy, never considered himself a computer “guru”. He started using computers around the age of 18, late compared to his friends. What he lacked in experience, he gathered through patience.

Saturday morning news, July 2012: Yahoo voices was breached, half a million emails and passwords were leaked. The attack was made possible due to a SQL injection flaw on their servers.

 

SQL injection? Sound like a medical term. Bob moves to his computer and starts typing:

He goes through the results, reads various topics and his eyes fall on: 

He was never very tech-savvy so this might be what he was looking for. Another search follows:

Bam, first results, his beloved piratebay. The torrent is small in its size so it should be ready soon enough. In the meantime he'll grab a coffee, smoke a cigarette or two and wait.

Minutes later when he returns, the download session is complete. He registers – by using the all-too-easy provided steps - and fires-up the application. 

But, he remembers that he needs some websites to test it on. Opens Firefox again, set's the homepage to google.uk and enters:

This is the google “dork” he choose from a list. It's an example of “advanced search string operators” - termed by some people as “dorking”. Since Bob is inexperienced, he doesn't really care what these are or why they're named “dorks”. 

He starts copying and pasting the available results into Havij. First site doesn't work, Havij returns:

MySQL error based injection method cant be used!

MySQL time based injection method can't be used!

He moves on to the other results. Finally, one site seems to be vulnerable, he pressed “Analyze” and in less than 5 seconds:

This is getting interesting. From all the tables, only one seems to have the data he's looking for: labeled_user. He selects the table and clicks on “Get columns”. The important columns are there:

He selects three of them: email, username and password, then presses on “Get data”. Finally, he has access to the admins usernames and passwords. But the passwords are encrypted so he needs to dig-on.

Havij has an MD5 decryption option available, let's try that one. He tries with the first encrypted password - Havij is using online resources to decrypt passwords.

Success! The results came in seconds and the password has been revealed: johnC1980 – it's a combination between the name of the web admin and his birthday dates - common password combination. Bob moves to the “Find admin” tab and clicks on start. The program found something like nameofthesite.co.uk/admin . He pastes the link into his browser and tries the username and password combination:

admin

John121980

 

He's in. It was easier than he thought and now he has access to admin panels of this recruitment agency from the UK. He'll dig more into it tomorrow but for now he's done. He wants to celebrate his script-kiddie success.

VLC is a video thespian amongst a lot of tricks. While you lot definitely would last aware almost converting videos amongst it, the characteristic of converting whatsoever video to ASCII is 1 that is slightly less known. As ASCII version of movies similar Star wars are real pop online, I intend this characteristic of this amazing media thespian tin last used to convey lots of fun.

An event of a video inward ASCII form

All you lot postulate to create is opened upwardly whatsoever video as well as VLC volition automatically display its converted form. To convert whatsoever video inward ASCII, simply follow the steps given below:-

1) Open VLC Media Player.
2) Click on the Tools carte du jour as well as inward the drib downward list, click on Preferences at the bottom of the list.
3) Click on Video paradigm inward the left sidebar.
4) Click on the drib downward box side past times side to Output.
5) Select "Color ASCII fine art video output" from the drib downward list.
6) Click Save and restart VLC.

Older versions of VLC mightiness require you lot to modification these settings nether the Advance tab or All Settings tab. As VLC runs on a multifariousness of OSs, this fob volition operate on whatsoever PC capable of running this media player. However, it is interesting to request out that older PCs having miserable hardware volition irksome downward as well as orbit a stuttered output.