SuYash Security Zone

Saturday, February 06, 2010

Your PC Performance Test - Free!

ZoneAlarm by Check Point Software Technologies LTD.

FREE System Scan

IMPROVE PC Performance, Scan Your System for Glitches and Errors, Scan System Now

Once the scan is complete, click the 'Next' button to see the complete diagnostics, along with recommended solutions to make your PC run faster and smoother, while remaining completely secure from viruses, hackers and other threats.

It is our job to secure the Internet with our #1 Firewall, and slow PC performance should not be affected as a result of being secure.

Run the FREE Scan Now

ZoneAlarm's FREE SCAN will warn you of any of these common PC problems, and offer an easy-to-fix solution.

5 Common PC Problems and how ZoneAlarm can Help:

1) Cluttered Registry
2) Too Many Startup Programs
3) Full Hard Drive
4) Limited Memory
5) Spyware & Malicious Programs

©2003–2010 Check Point Software Technologies Ltd. All rights reserved. Check Point, Check Point logo, DefenseNet, IMsecure, OSFirewall, Safe@Office, SmartDefense, SmartDefense Advisor, TrueVector, ZoneAlarm, ZoneAlarm Anti-Spyware, ZoneAlarm Antivirus, ZoneAlarm ForceField, ZoneAlarm Internet Security Suite, ZoneAlarm Pro, ZoneAlarm Secure Wireless Router, Zone Labs, and the Zone Labs logo are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. ZoneAlarm is a Check Point Software Technologies, Inc. Company. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726, 6,496,935, 6,873,988, and 6,850,943 and may be protected by other U.S. Patents, foreign patents, or pending applications.

Check Point fully supports all efforts to ensure the security, privacy, and peace of mind of everyone on the internet. Our e-mail offers, satisfaction surveys and security communications are sent only to registered users of our software who have expressed an interest in receiving information via e-mail. If you no longer wish to receive e-mails from us, plase use the unsubscribe link below or write to us at: ZoneAlarm; Attn Unsubscribe; 800 Bridge Parkway, Redwood City, CA 94605, USA. To view our privacy policy, click here.


	This message was sent by ZoneAlarm using Responsys Interact. Safely unsubscribe from ZoneAlarm e-mail at any time. View our permission marketing policy.

Wednesday, January 27, 2010

Secureit.in - Multi RBL Check

New Website for Multiple Real Time Black Listing

http://secureit.in/rbl/

For More Security Related Stuff visit http://wiki.secureit.in.A Wiki
Website dedicated to Information Security.

Thursday, January 07, 2010

Schools.khazanaplus.com sitemap

Schools.khazanaplus.com sitemap

Sunday, January 03, 2010

New Website for Schools in INDIA

Hi,

There is an interesting site for schools in INDIA.

http://schools.khazanaplus.com

Visit the site.
--
For More Security Related Stuff visit http://wiki.secureit.in.A Wiki
Website dedicated to Information Security.

Friday, October 23, 2009

US-CERT Cyber Security Tip ST04-014 -- Avoiding Social Engineering and Phishing Attacks

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cyber Security Tip ST04-014
Avoiding Social Engineering and Phishing Attacks

Do not give sensitive information to anyone unless you are sure that
they
are indeed who they claim to be and that they should have access to the
information.

What is a social engineering attack?

In a social engineering attack, an attacker uses human interaction
(social
skills) to obtain or compromise information about an organization or its
computer systems. An attacker may seem unassuming and respectable,
possibly
claiming to be a new employee, repair person, or researcher and even
offering credentials to support that identity. However, by asking
questions,
he or she may be able to piece together enough information to
infiltrate an
organization's network. If an attacker is not able to gather enough
information from one source, he or she may contact another source
within the
same organization and rely on the information from the first source
to add
to his or her credibility.

What is a phishing attack?

Phishing is a form of social engineering. Phishing attacks use email or
malicious websites to solicit personal information by posing as a
trustworthy organization. For example, an attacker may send email
seemingly
from a reputable credit card company or financial institution that
requests
account information, often suggesting that there is a problem. When
users
respond with the requested information, attackers can use it to gain
access
to the accounts.

Phishing attacks may also appear to come from other types of
organizations,
such as charities. Attackers often take advantage of current events and
certain times of the year, such as
* natural disasters (e.g., Hurricane Katrina, Indonesian tsunami)
* epidemics and health scares (e.g., H1N1)
* economic concerns (e.g., IRS scams)
* major political elections
* holidays

How do you avoid being a victim?

* Be suspicious of unsolicited phone calls, visits, or email
messages from
individuals asking about employees or other internal
information. If an
unknown individual claims to be from a legitimate organization,
try to
verify his or her identity directly with the company.
* Do not provide personal information or information about your
organization, including its structure or networks, unless you are
certain of a person's authority to have the information.
* Do not reveal personal or financial information in email, and do not
respond to email solicitations for this information. This includes
following links sent in email.
* Don't send sensitive information over the Internet before checking a
website's security (see Protecting Your Privacy for more
information).
* Pay attention to the URL of a website. Malicious websites may look
identical to a legitimate site, but the URL may use a variation in
spelling or a different domain (e.g., .com vs. .net).
* If you are unsure whether an email request is legitimate, try to
verify
it by contacting the company directly. Do not use contact
information
provided on a website connected to the request; instead, check
previous
statements for contact information. Information about known phishing
attacks is also available online from groups such as the
Anti-Phishing
Working Group (http://www.antiphishing.org).
* Install and maintain anti-virus software, firewalls, and email
filters
to reduce some of this traffic (see Understanding Firewalls,
Understanding Anti-Virus Software, and Reducing Spam for more
information).
* Take advantage of any anti-phishing features offered by your email
client and web browser.

What do you do if you think you are a victim?

* If you believe you might have revealed sensitive information
about your
organization, report it to the appropriate people within the
organization, including network administrators. They can be
alert for
any suspicious or unusual activity.
* If you believe your financial accounts may be compromised,
contact your
financial institution immediately and close any accounts that
may have
been compromised. Watch for any unexplainable charges to your
account.
* Immediately change any passwords you might have revealed. If you
used
the same password for multiple resources, make sure to change it for
each account, and do not use that password in the future.
* Watch for other signs of identity theft (see Preventing and
Responding
to Identity Theft for more information).
* Consider reporting the attack to the police, and file a report
with the
Federal Trade Commission (http://www.ftc.gov/).
_________________________________________________________________

Author: Mindi McDowell
_________________________________________________________________

Produced 2004 by US-CERT, a government organization.

Note: This tip was previously published and is being
re-distributed to increase awareness.

http://www.us-cert.gov/legal.html

This document can also be found at

http://www.us-cert.gov/cas/tips/ST04-014.html

For instructions on subscribing to or unsubscribing from this
mailing list, visit
http://www.us-cert.gov/cas/signup.html.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSuCQUducaIvSvh1ZAQKBWAgAtK4p2dlCr/c+WlfO/t0WnYGXGmOaoXVl
lZTizFdd+vrxPTx5Y//QXMMG8y55mnf34xc2BBOEULTegfDzIrcDa89OCiujeua7
wYHLSCw7eBljl81WR4E1C5xRPB8mI/Jq+p5QwKvLveuAyyeHQXwIo/QrP6YsvQRX
PV/PWE5GMDCWsMojt9UV+JzAl057fBgo5JiruwpsRNowm42RkGawTjNw5EDiK8zm
yfAfD8WUoDQGXabb2mh0g+z7lrzpf74DpgBOgQ81jk94oCvho+D6Xpa4R5sBlMi9
vTjXiR1Jrr2bNCYVg5p8rqjua/eEC4NKVVTbK9z0nT4qy1FCE3vY+g==
=sAm5
-----END PGP SIGNATURE-----

--
For More Security Related Stuff visit http://wiki.secureit.in.A Wiki
Website dedicated to Information Security.

Friday, July 24, 2009

SSH Access Without Password

Latest Versioon of this blog can be obtained from http://wiki.secureit.in/

There are certain situations where you do not want to use password while doing ssh to remote machine.(i.e) running some script which uses ssh to access remote machine.

This can be achieved by generating public/private key.

Example:

"Local Host" is the machine from where we want to access "Remote Machine" by using ssh.

Step1.

Run the following command on "Local Host"

ssh-keygen -t rsa

        ssh-keygen -t rsa   
      Generating public/private rsa key pair.
         Enter file in which to save the key (/root/.ssh/id_rsa): <press enter>        
             Enter passphrase (empty for no passphrase):  <press enter>    
     Enter same passphrase again:  <press enter>  
       Your identification has been saved in /root/.ssh/id_rsa.    
     Your public key has been saved in /root/.ssh/id_rsa.pub.   
      The key fingerprint is:    
     03:78:2e:2c:1f:1a:41:f3:43:6d:7f:47:18:4b:c7:da root@localhost.localdomain

This command will generate public and private key files.

Private Key File : ~/.ssh/id_rsa

Public Key File: ~/.ssh/id_rsa.pub

Create ~/.ssh directory, id does not exist.

This is only what we have to do on "Local Host"

Now copy the content of Public key file(~/.ssh/id_rsa.pub) to Remoote host file ~/.ssh/authorized_keys

if the file and directory does not exist , create it.

That's all... now run the ssh command from local host to remote host.

Sample Public Key Content:

ssh-rsa AAAB3NzaC1yc2EAAAABIwAAAIEAxw2859hwrHT8t2m7LQQAsWNXEo8hBGtCdOcB8qofrMMoNcvyXScQjBMq3sSu8FIGozBeF1vMC4oCOlizx4qK F7oshMV/9SuMCSMwj5S5bFe8uYicuBplkKIU+2a4Ijk6d/w3ynyXtVLAfsoYUQ2TxG0DX8pt8DGGcckzCjqhTlc= root@localhost.localdomain

Welcome To suyashjain.blogspot.com

Saturday, February 06, 2010

Your PC Performance Test - Free!

Wednesday, January 27, 2010

Secureit.in - Multi RBL Check

Thursday, January 07, 2010

Schools.khazanaplus.com sitemap

Schools.khazanaplus.com sitemap

Sunday, January 03, 2010

New Website for Schools in INDIA

Friday, October 23, 2009

US-CERT Cyber Security Tip ST04-014 -- Avoiding Social Engineering and Phishing Attacks

Friday, July 24, 2009

SSH Access Without Password