Kamis, 28 Februari 2013

Trick to remembering things - Rearrange the items in your pockets


Imagine this situation: Your spouse/significant other/roommate/etc comes into your room while you are wasting time on the computer reading news, or playing a game or something. They ask if you if you will put a letter in the mailbox when you leave for the day. You say "sure" and resume your time wasting activity. A few hours pass and then you need to go to work. You get up, leave the house and go to work. Later that night you go home to an upset person asking why you forgot the letter.


OK; let's change things a bit. This time when you are asked if you put a letter in the mailbox, you say "sure" then immediately remove your phone from your pocket, and place it in your other pocket. Now a couple hours later when you go to work, you feel your pockets to make sure you have your phone and your wallet. When you feel for your phone, you realize it is not there and you think of where you last placed it. At this point, you will remember that you put it in your other pocket to remember the letter. You put the letter in the mailbox, then head off to work. Your phone resumes its position in the normal pocket.

I have been using this method for remember things for many year and it always works. I have not heard or read about it anywhere so I don't know if it has a name; I will henceforth call it the "Disruptive Mnemonic."

Why does this Disruptive Mnemonic work?

Let's think of our minds for a minute. Everyone of us has routines and schedules. Our minds tend to work the hardest when we are doing or learning something new; when we are just doing routine things however, our mind will often go into cruise control. We as human beings are capable of doing some pretty amazing things without really thinking about it. Some people walk and read a book at the same time. How can they do this? Because walking is so routine they no longer need to think about it. What about what people who drive? Even though it is very dangerous, people text, shave, eat food, put on makeup or various other things all while driving. They do this because driving is so routine, we don't really need to think about it (Note: Please don't do these things. They really are dangerous). You would never see someone who is still learning how to drive to send a text message at the same time; this is because they are so focused on driving.


And so things go with our memory. When we are in our routine or schedule our minds tend to relax. It is easy for us to forget things we don't think are very important, because we simple tend not to think or focus on these things. It is that way with taking out the trash or delivering a letter. These are things that we don't usually do on a daily basis so it is not routine. We can easily forget.

How to use a disruptive mnemonic.

The example I gave above was switching pockets with our phone. If you always have your phone in the same pocket, putting it in another pocket will force to think why. This will work with any item you keep consistently in the same pocket; keys, pen, lip gloss, wallet, etc.

This method works well for me because I am a guy and tent to keep a lot in my pockets. What if you are a girl and keep little or nothing in your pockets? If that is the case, you probably use a purse. You could rearrange the items in your purse. Perhaps you could zip up your purse only half way instead of all the way. Anything that will help disrupt your routine will help call your attention to whatever it is you are supposed to remember.

I started doing this when I was in Jr. High school. If I needed to remember something, I would get a scratch piece of paper and write a note on it. I would place it in my pocket and later in the day when I emptied my pockets I would look at the note and remember whatever it was I needed to remember. The thing is, I quickly realized that I never actually needed to read the note. Simply seeing the paper was enough for me to remember. I quickly learned that anything I did to disrupt my schedule would have the same effect.

The disruptive method is nice because you don't need anything fancy. No paper, no writing things down, no calendar. It works best for things you need to remember during the day (probably not a good idea for long term), and it only works well for about one or two items to remember. If you need something that is time or location sensitive, try to do something to disrupt a specific time or place. For example, if you need to remember something for work; place a random object near the things you take to work. If you need to remember something for lunchtime, put something in the fridge or lunchbox (or wallet if you go out to eat).

Any other memory tricks? Write it below in the comments.

exclusive free VPN for 1 year

you are able to have more free days inviting friends
free VPN
you can use your VPN to change your IP and to open forbidden websites and protect you computer from hackers

website link


http://kep.md/Uaq



Senin, 25 Februari 2013

Get Free Recharge With Your Smartphone Using Hike

Dear visitors today we are back with a tip by which you can get free recharge using your smartphone. You will get recharge from a app called hike. With hike you can send free SMS using free hike SMS, you can message friends who don't have hike installed as well. You just have to install the app called hike. When you download and start using the app you will get Rs 10 as joining bonus.

Get Free Recharge With Your Smartphone Using Hike
Now here comes the main part by which you can get free recharge easily.

Get Free Recharge Through Hike

  • First of all go to http://hike.in/rewards/ and download the app (only for android, ios, Nokia).
  •  Now you can earn free talktime for referring New members.
  •  Their Recharge method is quite impressive [see below]:
1.Joining bonus-10rs.
2.Send link to your friends or invite through sms, they give Rs20 for each New join which is far better the services like ultoo because they give only Rs 1 per referral.
3.Minimum balance for recharge is Rs 50 which you can complete by just referring two friends.
reedem recharge from hike

This recharge system is 100% working, don't worry about operator because recharge service is available for all operators. If you have more friends you can earn quite huge recharge amount.

Visit daily for more free stuffs like this and for other tips and tricks. Also like us on facebook and stay updated with latest hacks

Minggu, 24 Februari 2013

Get a cool Facebook style in one minute

Now change your Facebook style in 1 minute this method is fast and safe
this is an example
cool facebook style theme
Now the video
Don't forget to share with your friends ;)
See you.

Recovering from Suricata Gone Wild

Recently I tried interacting with one of my lab Security Onion sensors running the Suricata IDS. I found the Sguil server was taking a really long time to offer services on port 7734 TCP. Since I hadn't worked with this lab system in a while, I guessed that there might be too many uncategorized events in the Sguil database. I dusted off an old blog post titled More Snort and Sguil Tuning from 2006 and took a look at the system.

First I stopped the NSM applications on the server.


sudo service nsm stop
Stopping: securityonion
* stopping: sguil server [ OK ]
Stopping: HIDS
* stopping: ossec_agent (sguil) [ OK ]
Stopping: Bro
stopping ds61so-eth1-1 ...
stopping proxy ...
stopping manager ...
Stopping: ds61so-eth1
* stopping: netsniff-ng (full packet data) [ OK ]
* stopping: pcap_agent (sguil) [ OK ]
* stopping: snort_agent (sguil) [ OK ]
* stopping: suricata (alert data) [ OK ]
* stopping: barnyard2 (spooler, unified2 format) [ OK ]
* stopping: prads (sessions/assets) [ OK ]
* stopping: sancp_agent (sguil) [ OK ]
* stopping: pads_agent (sguil) [ OK ]
* stopping: argus [ OK ]
* stopping: http_agent (sguil)
Next I ran a query to look for the top uncategorized events.

$ mysql -uroot
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1639
Server version: 5.5.29-0ubuntu0.12.04.1 (Ubuntu)

Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> use securityonion_db;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed

mysql> SELECT COUNT(signature)as count, signature FROM event WHERE status=0 GROUP BY signature ORDER BY count DESC LIMIT 20;
+---------+----------------------------------------------------------------------------------+
| count | signature |
+---------+----------------------------------------------------------------------------------+
| 2299160 | SURICATA STREAM Packet with invalid ack |
| 2298505 | SURICATA STREAM ESTABLISHED invalid ack |
| 1777530 | SURICATA STREAM ESTABLISHED packet out of window |
| 38700 | SURICATA STREAM ESTABLISHED retransmission packet before last ack |
| 24181 | SURICATA STREAM TIMEWAIT ACK with wrong seq |
| 5430 | ET POLICY GNU/Linux APT User-Agent Outbound likely related to package management |
| 3160 | SURICATA STREAM Last ACK with wrong seq |
| 753 | ET POLICY Dropbox.com Offsite File Backup in Use |
| 637 | SURICATA HTTP unknown error |
| 626 | SURICATA STREAM SHUTDOWN RST invalid ack |
| 505 | SURICATA STREAM FIN1 FIN with wrong seq |
| 494 | SURICATA HTTP request field too long |
| 448 | ET POLICY PE EXE or DLL Windows file download |
| 315 | ET RBN Known Malvertiser IP (22) |
| 270 | ET POLICY iTunes User Agent |
| 266 | SURICATA STREAM CLOSEWAIT ACK out of window |
| 237 | ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging) |
| 219 | ET POLICY MOBILE Apple device leaking UDID from SpringBoard |
| 217 | SURICATA STREAM 3way handshake with ack in wrong dir |
| 151 | SURICATA STREAM FIN2 FIN with wrong seq |
+---------+----------------------------------------------------------------------------------+
20 rows in set (15.24 sec)
Wow, that's a lot of SURICATA STREAM events. I need to categorize them as non-issues to recover the Sguil server.


mysql> UPDATE event SET status=1, last_modified='2013-02-24 16:26:00', last_uid='sguil' WHERE event.status=0 and event.signature LIKE 'SURICATA STREAM%';
Query OK, 6443375 rows affected, 65535 warnings (3 min 4.89 sec)
Rows matched: 6443375 Changed: 6443375 Warnings: 6443375
Let's see what the database thinks now.

mysql> SELECT COUNT(signature)as count, signature FROM event WHERE status=0 GROUP BY signature ORDER BY count DESC LIMIT 20;
+------+-----------------------------------------------------------------------------------------+
| cnt | signature |
+------+-----------------------------------------------------------------------------------------+
| 5430 | ET POLICY GNU/Linux APT User-Agent Outbound likely related to package management |
| 753 | ET POLICY Dropbox.com Offsite File Backup in Use |
| 637 | SURICATA HTTP unknown error |
| 494 | SURICATA HTTP request field too long |
| 448 | ET POLICY PE EXE or DLL Windows file download |
| 315 | ET RBN Known Malvertiser IP (22) |
| 270 | ET POLICY iTunes User Agent |
| 237 | ET INFO EXE IsDebuggerPresent (Used in Malware Anti-Debugging) |
| 219 | ET POLICY MOBILE Apple device leaking UDID from SpringBoard |
| 133 | ET INFO PDF Using CCITTFax Filter |
| 106 | ET POLICY Pandora Usage |
| 97 | ET CHAT Facebook Chat (buddy list) |
| 93 | ET POLICY MOBILE Apple device leaking UDID from SpringBoard via GET |
| 58 | ET POLICY Internal Host Retrieving External IP via whatismyip.com - Possible Infection |
| 41 | PADS New Asset - ssl TLS 1.0 Client Hello |
| 39 | SURICATA HTTP response header invalid |
| 39 | ET CURRENT_EVENTS Exploit Kit Delivering Compressed Flash Content to Client |
| 36 | ET POLICY Python-urllib/ Suspicious User Agent |
| 36 | ET MALWARE Possible Windows executable sent when remote host claims to send a Text File |
| 28 | ET POLICY Http Client Body contains pw= in cleartext |
+------+-----------------------------------------------------------------------------------------+
20 rows in set (0.03 sec)
That's much better.

Before restarting the NSM services, I edit the autocat.conf file to add the following.


none||ANY||ANY||ANY||ANY||ANY||ANY||%%REGEXP%%^SURICATA STREAM||1
This will auto-categorize any SURICATA STREAM alerts as non-issues. I want to keep adding events to the database for testing purposes, but I don't want to see them in the console.

Now I restart the NSM services.


sudo service nsm start
Starting: securityonion
* starting: sguil server [ OK ]
Starting: HIDS
* starting: ossec_agent (sguil) [ OK ]
Starting: Bro
starting manager ...
starting proxy ...
starting ds61so-eth1-1 ...
Starting: ds61so-eth1
* starting: netsniff-ng (full packet data) [ OK ]
* starting: pcap_agent (sguil) [ OK ]
* starting: snort_agent (sguil) [ OK ]
* starting: suricata (alert data) [ OK ]
* starting: barnyard2 (spooler, unified2 format) [ OK ]
* starting: prads (sessions/assets) [ OK ]
* starting: pads_agent (sguil) [ OK ]
* starting: sancp_agent (sguil) [ OK ]
* starting: argus [ OK ]
* starting: http_agent (sguil) [ OK ]
* disk space currently at 22%
I check to see if port 7734 TCP is listening.

sudo netstat -natup | grep 7734
tcp 0 0 0.0.0.0:7734 0.0.0.0:* LISTEN 10729/tclsh
Now the Sguil server is listening. I can connect with a Sguil client, even the 64 bit Windows .exe that I just found this morning. Check it out at sourceforge.net/projects/sguil/

Jumat, 22 Februari 2013

Using Bro to Log SSL Certificates

I remember using an older version of Bro to log SSL certificates extracted from the wire. The version shipped with Security Onion is new and that functionality doesn't appear to be enabled by default. I asked Seth Hall about this capability, and he told me how to get Bro to log all SSL certs that it sees.

Edit /opt/bro/share/bro/site/local.bro to contain the changes as shown below.


diff -u /opt/bro/share/bro/site/local.bro.orig /opt/bro/share/bro/site/local.bro
--- /opt/bro/share/bro/site/local.bro.orig 2013-02-23 01:54:53.291457193 +0000
+++ /opt/bro/share/bro/site/local.bro 2013-02-23 01:55:16.151996423 +0000
@@ -56,6 +56,10 @@
# This script enables SSL/TLS certificate validation.
@load protocols/ssl/validate-certs

+# Log certs per Seth
+@load protocols/ssl/extract-certs-pem
+redef SSL::extract_certs_pem = ALL_HOSTS;
+
# If you have libGeoIP support built in, do some geographic detections and
# logging for SSH traffic.
@load protocols/ssh/geo-data
Restart Bro.

~# broctl

Welcome to BroControl 1.1

Type "help" for help.

[BroControl] > install
removing old policies in /nsm/bro/spool/installed-scripts-do-not-touch/site ... done.
removing old policies in /nsm/bro/spool/installed-scripts-do-not-touch/auto ... done.
creating policy directories ... done.
installing site policies ... done.
generating standalone-layout.bro ... done.
generating local-networks.bro ... done.
generating broctl-config.bro ... done.
updating nodes ... done.
[BroControl] > status
Name Type Host Status Pid Peers Started
bro standalone localhost running 3042 0 17 Feb 13:22:42
[BroControl] > restart
stopping ...
stopping bro ...
starting ...
starting bro ...
[BroControl] > exit

After restarting you will have a new log for all SSL certs:


ls -al certs-remote.pem
-rw-r--r-- 1 root root 31907 Feb 23 02:05 certs-remote.pem

New certs are appended to the file as Bro sees them. A cert looks like this:


-----BEGIN CERTIFICATE-----
MIIGYjCCBUqgAwIBAgIQdyRQbU+ah51Lxm5niPJgyTANBgkqhkiG9w0BAQUFADCB
ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr
VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x
MjAyMjkwMDAwMDBaFw0xMzAyMjgyMzU5NTlaMIIBJjETMBEGCysGAQQBgjc8AgED
EwJVUzEZMBcGCysGAQQBgjc8AgECEwhEZWxhd2FyZTEdMBsGA1UEDxMUUHJpdmF0
ZSBPcmdhbml6YXRpb24xEDAOBgNVBAUTBzI5Mjc0NDIxCzAJBgNVBAYTAlVTMQ4w
DAYDVQQRFAU2MDYwMzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcUB0NoaWNh
Z28xGjAYBgNVBAkUETEzNSBTIExhIFNhbGxlIFN0MSQwIgYDVQQKFBtCYW5rIG9m
IEFtZXJpY2EgQ29ycG9yYXRpb24xHzAdBgNVBAsUFk5ldHdvcmsgSW5mcmFzdHJ1
Y3R1cmUxHjAcBgNVBAMUFXd3dy5iYW5rb2ZhbWVyaWNhLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAL3mUutqncWzNlwQNaM6IJdaadkQtUBvVnyp
obSS69GgKykAiQlx8QZQGbPCpJmHxmd7gz1JRnDntjp7N6Pg/cC47RvH2GOEgBdP
oGjaqMIprDXWSOgsBg7sBG0Qu9jPdAwHKhl0pv+wbkIBY2hn2XAxM2EWmqakjbp7
ArUkrYV1/qI1LIUPoO5oGsGXYBLTafAy4fO8auz/gqYxfciUj9mWi09PAqhnB5eU
jPYqu4yF6SA1V46AhC4cmaSZdH18ZmO6onp344tvjyJOn86Erb0VPmFfc8EgbLfK
paheO7GropabCr/TKV6fhSuwcp7sDs1SC2PJhV+w6/0ZUqpp9B8CAwEAAaOCAfMw
ggHvMAkGA1UdEwQCMAAwHQYDVR0OBBYEFK333BMwfBgnezSDatzj3Y2KbimNMAsG
A1UdDwQEAwIFoDBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vRVZTZWN1cmUtY3Js
LnZlcmlzaWduLmNvbS9FVlNlY3VyZTIwMDYuY3JsMEQGA1UdIAQ9MDswOQYLYIZI
AYb4RQEHFwYwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
L3JwYTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU
/IpQup65JVp7VYVPlQBjj+lYa0MwfAYIKwYBBQUHAQEEcDBuMC0GCCsGAQUFBzAB
hiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5jb20wPQYIKwYBBQUHMAKG
MWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5j
ZXIwbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJaW1hZ2UvZ2lmMCEwHzAHBgUr
DgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYkaHR0cDovL2xvZ28udmVyaXNp
Z24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEBBQUAA4IBAQB31shk3CQ/jMfz
O1h6qCm+OeWUqgCvmAf26JoBx9hiHx+sWj1/z11rLp3oEt7fiqFsj76zWXAdhyH0
bp/sPGxAD7VQJEiAvtUR7015OUyNo+qnwJk2rZNlvwZydtsEmnYywVEgLQuFm962
csbbjmAqE+ODT9wk6jbIplfqhnSj2AL4xTNS2Rj3+jKsXlZvzCBdXs8Ewq9IwocL
UpaWV6ObhXsxkgFon/KX0fS9TAams4RaPwIJzvr5ExE+NSyaufs1utdKoEwUaoS1
2Z1QVtxiueNgdFKoTATfODowb1C+IDEPJmY0urBzEhdrsMECtYxJVYBDAhbhocG6
yYpg3ayS
-----END CERTIFICATE-----
OpenSSL can read them one at a time, e.g.:

openssl x509 -in certs-remote.pem -text -noout
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:24:50:6d:4f:9a:87:9d:4b:c6:6e:67:88:f2:60:c9
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)06, CN=VeriSign Class 3 Extended Validation SSL CA
Validity
Not Before: Feb 29 00:00:00 2012 GMT
Not After : Feb 28 23:59:59 2013 GMT
Subject: 1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/businessCategory=Private Organization/serialNumber=2927442, C=US/postalCode=60603, ST=Illinois, L=Chicago/street=135 S La Salle St, O=Bank of America Corporation, OU=Network Infrastructure, CN=www.bankofamerica.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:bd:e6:52:eb:6a:9d:c5:b3:36:5c:10:35:a3:3a:
20:97:5a:69:d9:10:b5:40:6f:56:7c:a9:a1:b4:92:
eb:d1:a0:2b:29:00:89:09:71:f1:06:50:19:b3:c2:
a4:99:87:c6:67:7b:83:3d:49:46:70:e7:b6:3a:7b:
37:a3:e0:fd:c0:b8:ed:1b:c7:d8:63:84:80:17:4f:
a0:68:da:a8:c2:29:ac:35:d6:48:e8:2c:06:0e:ec:
04:6d:10:bb:d8:cf:74:0c:07:2a:19:74:a6:ff:b0:
6e:42:01:63:68:67:d9:70:31:33:61:16:9a:a6:a4:
8d:ba:7b:02:b5:24:ad:85:75:fe:a2:35:2c:85:0f:
a0:ee:68:1a:c1:97:60:12:d3:69:f0:32:e1:f3:bc:
6a:ec:ff:82:a6:31:7d:c8:94:8f:d9:96:8b:4f:4f:
02:a8:67:07:97:94:8c:f6:2a:bb:8c:85:e9:20:35:
57:8e:80:84:2e:1c:99:a4:99:74:7d:7c:66:63:ba:
a2:7a:77:e3:8b:6f:8f:22:4e:9f:ce:84:ad:bd:15:
3e:61:5f:73:c1:20:6c:b7:ca:a5:a8:5e:3b:b1:ab:
a2:96:9b:0a:bf:d3:29:5e:9f:85:2b:b0:72:9e:ec:
0e:cd:52:0b:63:c9:85:5f:b0:eb:fd:19:52:aa:69:
f4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Key Identifier:
AD:F7:DC:13:30:7C:18:27:7B:34:83:6A:DC:E3:DD:8D:8A:6E:29:8D
X509v3 Key Usage:
Digital Signature, Key Encipherment
X509v3 CRL Distribution Points:

Full Name:
URI:http://EVSecure-crl.verisign.com/EVSecure2006.crl

X509v3 Certificate Policies:
Policy: 2.16.840.1.113733.1.7.23.6
CPS: https://www.verisign.com/rpa

X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Authority Key Identifier:
keyid:FC:8A:50:BA:9E:B9:25:5A:7B:55:85:4F:95:00:63:8F:E9:58:6B:43

Authority Information Access:
OCSP - URI:http://EVSecure-ocsp.verisign.com
CA Issuers - URI:http://EVSecure-aia.verisign.com/EVSecure2006.cer

1.3.6.1.5.5.7.1.12:
0`.^.\0Z0X0V..image/gif0!0.0...+......Kk.(.....R8.).K..!..0&.$http://logo.verisign.com/vslogo1.gif
Signature Algorithm: sha1WithRSAEncryption
77:d6:c8:64:dc:24:3f:8c:c7:f3:3b:58:7a:a8:29:be:39:e5:
94:aa:00:af:98:07:f6:e8:9a:01:c7:d8:62:1f:1f:ac:5a:3d:
7f:cf:5d:6b:2e:9d:e8:12:de:df:8a:a1:6c:8f:be:b3:59:70:
1d:87:21:f4:6e:9f:ec:3c:6c:40:0f:b5:50:24:48:80:be:d5:
11:ef:4d:79:39:4c:8d:a3:ea:a7:c0:99:36:ad:93:65:bf:06:
72:76:db:04:9a:76:32:c1:51:20:2d:0b:85:9b:de:b6:72:c6:
db:8e:60:2a:13:e3:83:4f:dc:24:ea:36:c8:a6:57:ea:86:74:
a3:d8:02:f8:c5:33:52:d9:18:f7:fa:32:ac:5e:56:6f:cc:20:
5d:5e:cf:04:c2:af:48:c2:87:0b:52:96:96:57:a3:9b:85:7b:
31:92:01:68:9f:f2:97:d1:f4:bd:4c:06:a6:b3:84:5a:3f:02:
09:ce:fa:f9:13:11:3e:35:2c:9a:b9:fb:35:ba:d7:4a:a0:4c:
14:6a:84:b5:d9:9d:50:56:dc:62:b9:e3:60:74:52:a8:4c:04:
df:38:3a:30:6f:50:be:20:31:0f:26:66:34:ba:b0:73:12:17:
6b:b0:c1:02:b5:8c:49:55:80:43:02:16:e1:a1:c1:ba:c9:8a:
60:dd:ac:92
Since each cert has a standard header and footer, I bet someone could write a parser to extract each cert from the certs-remote.pem file to separate files. Thanks a lot Seth!

Rabu, 20 Februari 2013

Aircel 3G Free For 30 Days - Feb 2013

Yes! it's true Aircel is giving free usage of 3G for 30 days. They have launched a new promo in which they are giving free usage of unlimited 3G till 30 days between 6:00am to9:00am. Where Airtel, Vodafone and other service providers having there speed capped while you use VPN tricks, here is a great chance for all of us to enjoy free unlimited 3G from Aircel.


It is quite simple to activate this free 3G service. Lets see how to activate Aircel 3G for free 30 days

How To Activate Aircel 3G Free For 30 days

  • First Dial *122*5*1# or *122*456# or *122*5#
  • Now you'll receive a confirmation msg as below mentioned.
  • Dear Customer thank you for subscribing to 3G Mornings. Now enjoy unlimited 3G from 6AM to 9AM for the next 30 days
  • Done! now enjoy free unlimited 3G.
Well it was quite simple to activate this free 3G service from Aircel.
Visit daily for more such freebies also like us on facebook and stay updated with latest tricks and hacks.

Blender no bake cheesecake recipe (quick and easy cheesecake)



This is a recipe for making a no bake cheesecake. The recipe is only simple ingredients and can be made almost entirely in a blender.
Read article »

One of the internet's biggest secrets : The Darknet

In this video we ll discover the darknet which is much bigger than the popular internet that most of us use
The Darknet
the darknet is used by anonymous and for black markets and for many other purposes because governments have no chance to pursue these websites

there is more details in the video
enjoy

Use a blender to make a cheesecake crust



Recently I have been making a few cheesecakes (I am in China where decent cheesecakes don't seem to exist, when I found a place to cream cheese I decided to make my own). I always make a no-bake cheesecake that uses an easy to make crust from crushed up crackers. Usually I just crush the crackers while I watch a TV show, but then I thought to do it in a blender and had wonderful results. Now instead of taking about 15+ minutes, it takes me no more than 30 seconds.

Read article »

Whipping cream using a blender




I have always been a fan of doing things the quick and easy (lazy) way. I will show you how to whip cream using a blender.

Read article »

Sabtu, 16 Februari 2013

Simple Tips For Safe Online Shopping

Online purchasing by consumers is increasing day by day as broadband access grows and more e-commerce portals are setup. Presently billions of dollars are spent by internet surfers all over world in online shopping. More and more people are excited to do online shopping as it is convenient. Lot of frauds or scams can happen when you buy online. This article aim is to help you purchase online stuff diligently so that you can have secure internet shopping and thus avoid getting cheated online.

Simple Tips For Safe Online Shopping

If you purchase goods online, consider these tips which will prevent you more getting cheated online while doing shopping.

 Tips for Safe Online Shopping

1. Be wary of unsolicited offers by sellers that are sent by email. If in doubt of the authenticity of email, contact the company directly to verify before doing any online shopping for those unsolicited offers.

2. Use only reputed e-commerce websites that list their complete physical address, email address and contact number(s). This will help you later in case you need to contact them directly for any issues with the purchased stuff.

3. Go through the privacy policy of the website before doing an online purchase through it. Some websites may reserve the right to sell/give away your information to a third party. Check the document to see if they allow an opportunity to “opt-out” of receiving special offers from third-party vendors or for permission to share your personal information.
Avoid those online shopping companies that declare that can give away your personal information to other companies.

lock symbol
4. Check for a lock symbol in the your web browser window which is a sign that your PC and the online shopping site in question will have secure communication (s for secure in https). Also, do not provide your personal information if the website address does not start with “https” (a sign that the site is using a secure server).

5. Choose only those online sellers which are authentic. This can be done to find out if the vendor is a verified member of a well known third party such as the Better Business Bureau (BBB), Guardian eCommerce or Verisign. These third-party websites assist in ensuring that online customers will be protected when shopping or doing e-commerce transactions.

6. Ensure that the product delivery date posted at the seller site is reasonable. If you have not dealt with the vendor on a regular basis, be cautious of any website that states the shipment will be delayed by twenty or more days. The more common product delivery dates are of 7-10 days.

7. Keep a paper record as well as computer record (soft copy) of all online shopping transactions. Print out a hard copy of the shopping transactions and keep it safely in a file for future reference. This will help you in fighting the dispute if needed.

8. Be wary of online money earning offers through any type of product – software, membership (MLM type) and getting your own website etc. that just sound too good to be true.  Example: Push button instant money program that helps you earn hundred of dollars per day just for clicking or using software for 15 minutes a day. The Internet is filled with useless get rich quick scams and false advertising claims. Research and search the stuff for reviews before proceeding to buy it.

9. If you do not receive the item what you paid for online, and the vendor will not attend your emails or calls, get in touch with your state’s Department of Consumer Affairs or Cyber Crime Cell immediately for further assistance.

10. If you purchased an item online using credit card and you are not satisfied due to any valid reason and the vendor is not helping you in sorting the problem, contact your credit card company to file a dispute. But, you have to do it within two months of purchase of the item for which you are disputing a charge back.

I am sure that these tips will surely help you from not getting cheated while shopping online!
If you like this post then kindly share it with your friends. Visit daily for more Tips and Tricks. Also like us on facebook and stay updated.

How to fix the popup flash on your camera (Canon DSLR)



Here is the problem:

You are trying to take a photo with your Canon DSLR camera. The lighting is a bit dark, so the flash should pop up, but instead of the flash popping up, you just hear a clicking sound until your camera gives your an error (Err 05 The built-in flash could not be raised. Turn the camera off and on again).

Solution:

Your flash is stuck and needs to be cleaned. Use WD-40 (Warning: don't do something stupid. This blog is not to be held accountable for other people's negligence, haste, stupidity, or lack of research).

Read article »

Kamis, 14 Februari 2013

Airtel Free Callertune Trick - Feb 2013

After so many 3G tricks for airtel we are back with new airtel trick by which you can get free callertune from airtel for 3 months. To be honest it is a service from Airtel they are giving callertune service free for 3 months in new SIM. In new SIM you get it pre-activated. But you can also get in your old SIM, just follow below steps and enjoy free callertune.

Steps To Get Free Callertune In Airtel SIM

  • First Dial 543211888, it will activate callertune for 1 month. 
  • Then Dial 5787881 and activate a new song for 3 months. 
  • If you like to deactivate callertune, dial 543211808 Or *678#
Note: Although there is not balance deduction issue with this trick, still try at low balance :-)

This trick is 100% working and very simple you can easily get free callertune.
Visit daily for more Airtel tricks also like us on facebook and stay updated.

Get Chrome Like Tab And Bookmark Bar In Windows Explorer

Dear Visitors today we have came with an awesome tool that makes your windows explorer very professional looking and easy to navigate just like Chrome browser. We all know that Google Chrome  is best browser, it is best because of its awesome features which lack in other browser. Some features of Chrome browser like easy tab functionality which improves performances because of its easy tab switching. This tab feature makes navigation faster and helps to handle the opened windows right from the working tab.

Well we can get all this features of chrome in windows explorew with a small utility known as Clover. It gets integrated into the Windows explorer to provide  the functionality of  the Google chrome browser or for the tabbed windows explorer experience. Clover introduces a powerful and easy-to-use Browser Helper Object for the Windows Xp/Vista/7/8. Clover doesn't replace or modify the Windows Explorer.exe, it just works with/beside the Windows explorer. Lets have a look on how to use Clover and download link.

How To Use Clover

  • First of all download clover from below link
  • Download Clover
  • Now install the Clover on your PC.
  • After installing it will look like Chrome browser's tab, where you can open a new tab with a single click, Clover also opens tab or window inside windows explorer.
Look of windows explore after installation of clover
  • Right clicking on any tab, the context menu will show some options whose are almost the same as Chrome browser tab's context menu.
Chrome browser like tab's context menu
  1. Reopen closed tab
  2. Close tabs to the right
  3. Close other tabs
  4. Bookmark all tabs
  5. Duplicate
  6. Close tab
  7. New tab
  • You can also bookmark any address for accessing most used/accessed locations. To bookmark any tab, which contains an address of a location, first tick on show bookmark bar by clicking on the wrench button and going to Bookmark, then mark on the Show Bookmark Bar.
Bookmark any address

  • Bookmark Bar will appear under the tab. Now whenever it needs to bookmark, just drag and drop the file or folder to the Bookmark Bar
Bookmark Bar Under Tab

That's it enjoy using this utility and visit daily for more tricks. Like us on facebook and stay updated. If you have any doubt do comment below you will get a reply as soon as time allows

Rabu, 13 Februari 2013

Cheesy Valentines - The History




Another Valentines day (or "single awareness day" as many people like to call it. It is this time of year that I make cheesy Valentines and hand them out to whoever will accept them. Each year (I would like to think) I get better and better at making Valentines, so I thought I would like to document my progress and give a little history of my Valentine making.

If you would like to attempt to make your own Valentine similar to mine, I have created a tutorial. It is a bit outdated, but the concepts are still basically the same:

Making Valentines day by swapping your face on the face of a celebrity

Read article »

Selasa, 12 Februari 2013

Soon Tabnabbing phishing step by step

i'm preparing a new hacking tutorial
it will be about Tabnabbing phishing
Stay Tuned
Tabnabbing phishing
Add caption

Make Free Calls From Mobile For 14 Days

Hello visitors we are back with a new trick by which you can call your friends for free directly from your mobile. Actually it is not a trick it is a service from fuzebox they are giving 14 days free trial. FuzeBox is a simple and sexy cloud-based, audio, video conferencing solution that makes it easy for anyone, anywhere, across any platform, on any mobile device to quickly and conveniently collaborate face-to-face.

Make Free Calls From Mobile For Free

Fuzebox is used by companies with big name for their commercial work but fuzebox is giving a free trial so take a benefit of it. Lets see how to make free call using Fuzebox

Steps To Make Free Call Using Fuzebox

  • First go to https://www.fuzebox.com/freetrial
  • Signup for free trial by filling the form
  • After signing up verifying your email
  • Note down the two pins you received via email first one is moderator's pin and second one is attendee pin
  • Now dial 0008000016688 (toll free)
  • After call is connected put the first code (moderator) using phone's key pad followed by hash (#)
  • Now wait (don't disconnect)
  • Tell your friend to dial 0008000016688(toll free)
  • Tell him to dial the second pin (attendee) once call is connected followed by hash (#)
  • Done! your call will be connected
  • Have fun with this free calling service for 14 days!
Visit daily for more Freebies and other tricks. Like us on facebook and stay updated with Latest tricks.

Senin, 11 Februari 2013

Practical Network Security Monitoring Book on Schedule

First the good news: my new book Practical Network Security Monitoring is on track, and you can pre-order with a 30% discount using code NSM101.

I'm about 1/3 of the way through writing the book. Since I announced the project last month, I've submitted chapters 1, 2, and 3. They are in various stages of review by No Starch editors and my technical editors. I seem to be writing more than I expected, despite trying to keep the book at an introductory level. I find that I want to communicate the topic sufficiently to make my point, but I try to avoid going too deeply into related areas.

I'm also encountering situations where I have to promise to explain some concepts later, rather than explain everything immediately. I believe once I get the first chapter ironed out with the editor, the rest will be easier to digest. I'm taking a fairly methodical approach (imagine that), so once the foundation in chapter 1 is done the rest is more straightforward.

I'm keeping a fairly aggressive schedule. Basically I have to write a chapter each week, get it to my technical editors, and then spend additional time working with No Starch to get the text legible and ready for print. All of this is happening in parallel in order to have the books in print by Black Hat. That means the text must done by the first week in April. My family is helping me stay on track by giving me time and space to write, especially on the weekends. Thank you!

When working on the examples, I've been very pleased with the performance of VMWare Workstation 9. I have one copy installed on Windows 7, where I write with Word. I have a second copy installed on Ubuntu Server, where it acts like a "VMWare Server." I used to run a real ESXi server on server-class hardware. Now, to save electricity and to more tailor my computer power to my requirements, I run a Shuttle DS61 with a Core i5-3450S 2.80GHz CPU, 16 GB RAM, 750 GB HDD, and two onboard NICs. The two NICs are really awesome in a device this small -- 190(L) x 165(W) x 43(H) mm. With two NICs, I can devote one for management and one for network traffic collection and interpretation. I use a Net Optics Dual Port Aggregator Tap for access to the wire.

I use VMWare Workstation this way. I run a Linux VM on Workstation on my Windows 7 laptop. I connect via Workstation to the Workstation instance on Ubuntu on the DS61. Then I create whatever VMs I need on the DS61. For example, I created a Security Onion server and sensor to test that setup. With 16 GB RAM, I have plenty of RAM for both, plus another VM that I'm running as my "production" Security Onion sensor for the lab network.

Writing is going well, despite the fact that I last wrote a book in 2005. I promised my youngest daughter, who wasn't born until 2006, that this new book is for her. If you have any questions on the writing process, please post them here or ask me on Twitter.

Minggu, 10 Februari 2013

New Airtel 3G VPN Trick For Blocked Sim - Feb 2013

If you are using Airtel tricks based on hosts and proxies and increasing the limit of usage then your Airtel SIM card might have been blocked. It is always frustrating if your SIM gets blocked but don't worry as the post title itself describe that we are back with trick which will work even with blocked SIM. This trick is confirmed working and do not fear from getting your host blocked, as this trick is also working with the blocked SIM


Features Of Airtel 3G VPN Trick

  • No SIM blocking
  • Works with default APN : airtelgprs.com
  • No registration required.
  • HTTPS protocols supported
  • Resume supported Downloading.

Steps To Setup Airtel 3G VPN Trick

  1. First Download NMD VPN.
  2. Now Download airtel Config file from below link.
  3. Download highspeed Airtel Config.
  4. Now extract downloaded Config files and paste it in NMD VPN Config folder.
  5. Run NMD VPN as Administrator and connect with given Config.
  6. Connection will be established instantly.
  7. Enjoy free 3G!! :)

Screenshot Of Airtel 3G VPN Trick

Screenshot Of Airtel 3G VPN Trick

Visit daily for more Airtel tricks. Like us on facebook and stay updated with Latest tricks. If you face any problem regarding this trick do comment below. You will get a reply as soon as time allows!

Jumat, 08 Februari 2013

how to disable seen / vu in facebook chat

this new function in facebook is the cause for many problems between friends but you can disable seen / vu in  simple steps

disaboe seen youtube

Kamis, 07 Februari 2013

Best Way To Get Back a Stolen/lost Computer/phone

i thaught that this methode is useless intill a friend tell me he got back his stolen laptop in the same way hope it helps you.

protect computer from stealing

Rabu, 06 Februari 2013

after you format your computer sometimes you find that sound does not work videos ... games
to solve that you need this program to make a backup for your drivers


drivers backup program

Desktop phishing


Desktop phishing


nowadays, your chances to find a vulnerability to hack any account ( facebook - email - paypall ..) is so tight. Moreover searching for vulnerability and using it is complicated.
So toda i suggest a new way of hacking which is much easier and even more practical.


In this video i tried clarify all the points. However if you have any issue just leave a comment in my blog my youtube channel and my facebook page
so our lesson today is creating a desktop phishing step by step


programs you need

xampp: http://www.apachefriends.org/en/xampp-windows.html
fake page of the website that you want to hack
 Here is the facebook fake page i used in this video
http://www.mediafire.com/?5pkym23hainb8nc
(if you need any other one leave a comment and tell me the fake page that you want and i will provide you)


Tabnabbing phishing

if you want to hide your hosts file in a fake program don't search away i already made a tutorial about that from here
here
and if you want to chage your hosts icon i also made a tutorials about that
here


Selasa, 05 Februari 2013

now forget about youtube loading screen


Windows 8 Activator 100% Working - The Best One

Dear Visitors today we are back with a new tool which will help you to make your Windows 8 Activate permanently. Nowadays many Peoples are using Window 8 in Their PC but always getting Problem in Activation,So this post is for all those who want to use Window 8 in their PC without any issue of Activation. This activator is an offline windows 8 activator. This is the 100% working and best windows 8 activator, I considered it best because it also enables the personalization feature.
Windows 8 Activator 100% Working - The Best One

Steps To Activate Windows 8 Using This Activator

  • First download the Activator from below link
Download Windows 8 Activator
  • Now extract the file and run the Activator
  • You will see a command screen., just let it complete its task.
  • Windows will reboot automatically.
  • After reboot, you will see a notification that "Machine is running Activated windows 8" or something similar to it.
  • Check personalize option, Now you would be able to use the Personalize feature as well.

Screenshot After Activation Of Windows 8

Screenshot After Activation Of Windows 8
Finally your windows will be activated. If you face any problem regarding this Activator do comment below, you will a reply as soon as time allows!

Note : Before extracting this Activator please disable ANTIVIRUS of your system as many Antivirus report this activator as Virus, But it is not harmful at all. Antiviruses detects it as virus because it is not an authorized software. Please believe on us, We have never provided anything which can damage your computer system. If your anivirus is creating problem or deleting this file after extraction then just disable it for sometime and activate it after activation of windows 8.

Minggu, 03 Februari 2013

Vodafone 3G VLIVE VPN Trick - 100% Working

Today we are back with new Vodafone 3G Trick which is working in many States. This VPN trick is based on TCP Port. Using this VPN trick you will get around 100-150 kbps speed. This trick was working earlier also but it was blocked by Vodafone but now it is working again. So take the benefit of it before it gets blocked. This trick is based on the portalnmms APN, and for few states it is working with www APN too. If you are the user from the North side then, try the portalnmms APN


Let not waste the time and have a look on Features of Vodafone VLIVE trick. And how to configure it.

Features Of Voadfone VLIVE VPN Trick

  • Connects with zero balance.
  • Works with default both APN www or Portalnmms
  • No registration required.
  • HTTPS protocols supported
  • Resume supported Downloading.

Steps To Configure Voadfone VLIVE VPN Trick

  • To use this trick you need to have NMD VPN installed on your PC.
  • If you don't have NMD VPN download it from here.
  • Now Download highspeed Vodafone TCP config.
  • Now Extract Downloaded Config files and paste it into C:> Program Files > NMD VPN > Config.
  • Run NMD VPN as Administrator and connect with given Config.
  • If it fails to connect try 3-5 times it will be connected.

Screenshot Of Voadfone VLIVE VPN Trick


Visit daily for more Vodafone tricks. Like us on facebook and stay updated with Latest tricks. If you face any problem regarding this trick do comment below. You will get a reply as soon as time allows!

refresh your computer without restarting windows and without


all windows yousers have this problem but you can solve it in 1 click enjoy ...

Sabtu, 02 Februari 2013

discover who is stealing your wireless / wifi

in the first tutorial about security and protection we ll learn how to discover who is connected through your wireless / wifi
enjoy.