ALL SYSTEM SECURITY explained !!
Filed under: security, tools, windows | Tags: security, virus . hack
Leave a Comment again a tutorial from me to explain the stuff ! cheers !!!!
-futurbillgate
WHAT MAKES A SYSTEM SECURE?
“The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete bunker, and is surrounded by nerve gas and very highly paid armed guards. Even then I wouldn’t stake my life on it.”
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT WOULD BE IDEAL PROTECTION OF A SYSTEM?
Password Access- Get rid of simple passwords; routinely change all passwords; regular review/monitoring of password files.
Physical Access- Lock up terminals, personal computers, disks when not in use; eliminate unnecessary access lines; disconnect modems when not in use.
Other measures- Know who you are talking to; shred all documents; avoid public domain software; report suspicious activity (especially non-working hours access)
What this all means is that hackers must now rely on the ineptitude and laziness of the users of the system rather than the ignorance of SysOps. The SysOps and SecMans (Security Managers) are getting smarter and keeping up to date. Not only that, but they are monitoring the hack/phreak BBSes and publications. So the bottom line is reveal nothing to overinquisitive newbies…they may be working for the wrong side.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS A FIREWALL?
A (Internet) firewall is a machine which is attached (usually) between your site and a Wide Area Network (WAN). It provides
controllable filtering of network traffic, allowing restricted access to certain Internet port numbers and blocks access to pretty well everything else.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW TO HACK WITHOUT GETTING INTO TROUBLE AND DAMAGING COMPUTERS?
1. Don’t do damage intentionally.
2. Don’t alter files other than than to hide your presence or to remove traces of your intrusion.
3. Don’t leave any real name, handle, or phone number on any system.
4. Be careful who you share info with.
5. Don’t leave your phone number with anyone you don’t know.
6. Do NOT hack government computers.
7. Don’t use codes unless you HAVE too.
8. Be paranoid!
9. Watch what you post on boards, be as general as possible.
10. Ask questions…but do it politely and don’t expect to have everything handed to you.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT DO I DO IF I AM GETTING NOWHERE?
1. Change parity, data length, and stop bits. The system may not respond to 8N1 (most common setting) but may respond to 7E1,8E2, 7S2, etc.
2. Change baud rates.
3. Send a series of carriage returns.
4. Send a hard break followed by a carriage return.
5. Send control characters. Work from ^a to ^z.
6. Change terminal emulation.
7. Type LOGIN, HELLO, LOG, ATTACH, CONNECT, START, RUN, BEGIN, GO, LOGON, JOIN, HELP, or anything else you can think off.
=====================================================================
WHAT ARE COMMON DEFAULT ACCOUNTS ON UNIX?
Common default accounts are root, admin, sysadmin, unix, uucp, rje, guest, demo, daemon, sysbin. These accounts may be unpassworded or the password may possibly be the same (i.e. username uucp has uucp as the passwd).
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW IS THE UNIX PASSWORD FILE SETUP?
The password file is usually called /etc/passwd. Each line of the passwd file of a UNIX system follows the following format:
userid:password:userid#:groupid#:GECOS field:home dir:shell
What each of these fields mean/do—
userid -=> the userid name, entered at login and is what the login searches the file for. Can be a name or a number.
password -=> the password is written here in encrypted form. The encryption is one way only. When a login occurs the password entered is run through the encryption algorithm (along with a salt) and then contrasted to the version in the passwd file that exists for the login name entered. If they match, then the login is allowed. If not, the password is declared invalid.
userid# -=> a unique number assigned to each user, used for permissions
groupid# -=> similar to userid#, but controls the group the user belongs to. To see the names of various groups check /etc/group
GECOS FIELD -=> this field is where information about the user is stored. Usually in the format full name, office number, phone number, home phone. Also a good source of info to try and crack a password.
home dir -=> is the directory where the user goes into the system at (and usually should be brought to when a cd is done)
shell -=> this is the name of the shell which is automatically started for the login
Note that all the fields are separated by colons in the passwd file.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT DO THOSE *s, !s, AND OTHER SYMBOLS MEAN IN THE PASSWD FILE?
Those mean that the password is shadowed in another file. You have to find out what file, where it is and so on. Ask somebody on your system about the specifics of the Yellow Pages system, but discretely!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
WHAT IS A UNIX TRIPWIRE?
Tripwire is a tool for Unix admins to use to detect password cracker activity, by checking for changed files, permissions, etc. Good for looking for trojan horses like password stealing versions of telnet/rlogin/ypcat/uucp/etc, hidden setuid files, and the like.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
USING SUID/GUID PROGS TO FULL ADVANTAGE.
A SUID program is a program that when executed has the privs of the owner.
A GUID has the privs of the group when executed.
Now imagine a few things (which happen often in reality):
1. Someone has a SUID program on their account, it happens to allow a shell to, like @ or jump to a shell. If it does that, after you execute said file and then spawn a shell off of it, all you do in that shell has the privs of that owner.
2. If there is no way to get a shell, BUT they leave the file writable, just write over it a script that spawns a shell, and you got their privs again.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I HACK INTO AN AIX MACHINE?
If you can get access to the ‘console’ AIX machines have a security hole where you can kill the X server and get a shell with ctrl-alt-bkspce. Also by starting an xterm up from one you are not logged in the utmp for that session because the xterms don’t do utmp logging as a default in AIX. Or try the usual UNIX tricks:
ftping /etc/passwd, tftping /etc/passwd, doing a finger and then trying each of the usernames with that username as a password.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I INCREASE MY DISK QUOTA ON UNIX?
A UNIX disk quota may be increased by finding a directory on another partition and using that. Find another user who wants more quota and create a directory for the other to use, one that is world writable.
Once they’ve put their subdirectory in it, change the perms on the directory to only read-execute. The reason this works is that
usually accounts are distributed across a couple of filesystems, and admins are usually too lazy to give users the same quotas on each filesystem. If the users are all on one filesystem, you may be able to snag some space from one of the /usr/spool directories by creating a ‘hidden’ subdirectory like .debug there, and using that.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I FOOL AROUND ON XTERM / XWINDOWS?
Most x commands have a -display option which allows you to pick a terminal to send to. So if you use bitmap to create a bitmap, or download one, etc then:
xsetroot -bitmap bitmapname
[display the bitmap on your screen]
xsetroot -bitmap bitmapname -display xt2500:0
[display the bitmap on another xterm]
Other uses, try xterm -display xt??:0 will give someone else one of your login windows to play with. They are then logged in as you though, and can erase your filespace, etc. Beware!
Slightly irritating:
xclock -geom 1200×1200 -display xt??:0
[fills the entire screen with a clock]
Slightly more irritating:
Use a shell script with xsetroot to flash people’s screens different colors.
On the nastier side:
Use a shell script with xsetroot to kill a person’s window manager.
Downright nasty:
Consult the man pages on xkill. It is possible to kill windows on any display. So to log someone off an xterm you merely have to xkill their login window.
Protect yourself:
If you use xhost – this will disable other people from being able to log you out or generally access your terminal.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I TAKE ADVANTAGE OF THE DECODE DAEMON?
First, you need to make sure that the decode daemon is active.
Check this by telnetting to the smtp port (usually port 25), and expanding user Decode. If it gives you something, you can use it.
If it tells you that the user doesn’t exist, or whatever, you can’t.
If the daemon is active, this is how to exploit the decode daemon:
1) uuencode an echo to .rhosts
2) pipe that into mail, to be sent to the decode daemon (What happens: the decode daemon (1st) decodes the process, but
leaves the bin priveleges resident. (2nd) the echo command is executed, because now the decoded message assumes the bin priveleges [which are *still* active, even though the daemon didn't issue the command]).
3) If this is done right, you will be able to rlogin to the sysem.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW CAN I GET THE PASSWORD FILE IF IT IS SHADOWED?
If your system has Yellow Pages file managment:
ypcat /etc/passwd > whatever.filename
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
HOW IS A PASSWORD ENCRYPTED IN UNIX?
Password encryption on UNIX is based on a modified version of the DES [Data Encryption Standard]. Contrary to popular belief, the typed password is not encrypted. Rather the password is used as the key to encrypt a block of zero-valued bytes.
To begin the encryption, the first seven bits of each character in the password are extracted to form the 56-bit key. This implies
that no more than eight characters are significant in a password.
Next, the E table is modified using the salt, which is the first two characters of the encrypted password (stored in the passwd file).
The purpose of the salt is to makae it difficult to use hardware DES chips or a precomputed list of encrypted passwords to attack the algorithm. The DES algorithm (with the modified E table) is then invoked for 25 iterations on the block of zeros. The output of this encryption, which is 64 bits long, is then coerced into a 64-character alphabet (A-Z, a-z, 0-9, “.” and “/”). Because this
coersion involves translations in which several different values are represented by the same character, password encryption is essentially one-way; the result cannot be decrypted.
- futurbillgate
Resolving virus problems
here i explained some very basic method of removing viruses ….
for more stay tunned with me 
FUTURBILLGATE
..:~Description~:..
Enable registry editor
copy the following code, paste in notepd and save with .inf extension
[Version]
Signature=”$Chicago{:content:}quot;
Provider=Symantec
[DefaultInstall]
AddReg=UnhookRegKey
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”"”%1″” %*”
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0×00000020,0
now right click the file and select install.
if it doesnt work then log-in through a virtual admin account as explained below, and then install this .inf file.
________________________________________________________________________________
________________________
virtual admin account
you can create a new virtual admin account and edit registry etc that r not allowed due to a virus.
Things to do:
♦ set a password for the working account (just to stop auto login after booting)
♦ restart
♦ when it will ask for pass after boot, press ++ twice
♦ a pop up window should appear
♦ write “Administrator” in place of username, leave the password space blank
♦ hit “ok”
♦ i t will login into the PC creating a temporary (more precisely virtual) admin account
now you got admin privileges.
________________________________________________________________________________
________________________
Enable Run Command
Open My Computer –> C drive –> Windows –> System32 –> Locate gpedit.msc file and run it.
While you have opened Group Policy look at the left pane and in the User Configuration, expand Administrative Templates, select Start Menu and Taskbar now in the right pane locate Remove Run Menu from Start Menu and double click it.
Select Disabled in the properties dialogue and press apply then OK
Now close all open Windows you will see the Run has been restored in Start Menu.
________________________________________________________________________________
________________________
Enable Folder Options
Go to Start–Run–type Regedit
from the edit tab click find
type Folder Options and search
in the Reg_dword value of folder option change it to 1
OR/AND
->Run -> Type gpedit.msc
Then:
->User Configuration ->Administrative Templates –> Windows Components –> Windows Explorer-> Removes the Folder Options menu item from the Tools menu.
Right click:
-> Properties -> Disable ->Apply
OR/AND
Run-Regedit
flow to HKCU\Software\Microsoft\Windows\Policy
and HKLM\Software\Microsoft\Windows\Policy
Find into this, if there’s any key like that : “disable cmd” or “disable Folder Options” with value=1
Set the value to “0″
________________________________________________________________________________
________________________
Show Hidden Files
1. Go to Start –> Run, then type regedit
2. Navigate to the registry folder HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
3. Find a key called CheckedValue.
4. Double Click CheckedValue key and modify it to 1. This is to show all the hidden files.
OR if it doesnt work then:
copy this code, paste in notepad and save with .reg extension
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
“RegPath”=”Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced”
“Text”=”@shell32.dll,-30500″
“Type”=”radio”
“CheckedValue”=dword:00000001
“ValueName”=”Hidden”
“DefaultValue”=dword:00000002
“HKeyRoot”=dword:80000001
“HelpID”=”shell.hlp#51105″
now right click the file and select merge
________________________________________________________________________________
________________________
Enable Task Manager
copy the following code and paste in notepad, then save with .reg extension. after that right click the file and select merge
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“DisableTaskMgr”=dword:00000000
or, if this doesnt work
. Click Start
. Click Run
. Enter gpedit.msc in the Open box and click OK
. In the Group Policy settings window
. Select User Configuration
. Select Administrative Templates
. Select System
. Select Ctrl+Alt+Delete options
. Select Remove Task Manager
. Double-click the Remove Task Manager option select Disable
OR/AND
Click Start -> Run. Type in regedit and hit Enter.
Search for HKEY_CURRENT_USER -> Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System
Look for: DisableTaskMgr. Click on REG_DWORD. Value: 1=Enable this key (disables TaskManager); Value: 0=Disable (actually enables TaskManager)
Close RegEdit
Reboot
or use this:
its a soft that fixes the Task Manager. just 68kb size
..:~Download Link~:..
http://www.download3000.com/download_19214.html
how to trace a hacker !!
Leave a Commenthow to trace a hacker !!
## Connections make the world go round ##
The computer world, at any rate. Every single time you open up a
website, send an email or upload your webpages into cyberspace, you are
connecting to another machine in order to get the job done. This, of
course, presents a major problem, because this simple act is what
allows malicious users to target a machine in the first place.
# How do these people find their victim?
Well, first of all, they need to get hold of the victim’s IP Address.
Your IP (Internet Protocol) address reveals your point of entry to the
Internet and can be used in many ways to cause your online activities
many, many problems. It may not reveal you by name, but it may be
uniquely identifiable and it represents your digital ID while you are
online (especially so if you’re on a fixed IP / DSL etc).
With an IP address, a Hacker can find out all sorts of weird and
wonderful things about their victim (as well as causing all kinds of
other trouble, the biggest two being Portnukes/Trojans and the dreaded
DoS ((Denial of Service)) attack). Some Hackers like to collect IP
Addresses like badges, and like to go back to old targets, messing them
around every so often. An IP address is incredibly easy to obtain -
until recently, many realtime chat applications (such as MSN) were
goldmines of information. Your IP Address is contained as part of the
Header Code on all emails that you send and webpages that you visit can
store all kinds of information about you. A common trick is for the
Hacker to go into a Chatroom, paste his supposed website address all
over the place, and when the unsuspecting victim visits, everything
about your computer from the operating system to the screen resolution
can be logged…and, of course, the all important IP address. In
addition, a simple network-wide port scan will reveal vulnerable target
machines, and a war-dialler will scan thousands of lines for exposed
modems that the hacker can exploit.
So now that you know some of the basic dangers, you’re probably wondering how these people connect to a victim’s machine?
## Virtual and Physical Ports ##
Everything that you recieve over the Internet comes as a result of
other machines connecting to your computer’s ports. You have two types;
Physical are the holes in the back of your machine, but the important
ones are Virtual. These allow transfer of data between your computer
and the outside world, some with allocated functions, some without, but
knowing how these work is the first step to discovering who is
attacking you; you simply MUST have a basic knowledge of this, or you
won’t get much further.
# What the phrases TCP/UDP actually mean
TCP/IP stands for Transmission Control Protocol and Internet Protocol,
a TCP/IP packet is a block of data which is compressed, then a header
is put on it and it is sent to another computer (UDP stands for User
Datagram Protocol). This is how ALL internet transfers occur, by
sending packets. The header in a packet contains the IP address of the
one who originally sent you it. Now, your computer comes with an
excellent (and free) tool that allows you to see anything that is
connected (or is attempting to connect) to you, although bear in mind
that it offers no blocking protection; it simply tells you what is
going on, and that tool is NETSTAT.
## Netstat: Your first line of defence ##
Netstat is a very fast and reliable method of seeing exactly who or
what is connected (or connecting) to your computer. Open up DOS
(Start/Programs/MS-DOS Prompt on most systems), and in the MSDOS
Prompt, type:
netstat -a
(make sure you include the space inbetween the “t” and the “a”).
If you’re connected to the Internet when you do this, you should see something like:
Active Connections
Proto Local Address Foreign Address State
TCP macintosh: 20034 modem-123.tun.dialup.co.uk: 50505 ESTABLISHED
TCP macintosh: 80 proxy.webcache.eng.sq: 30101 TIME_WAIT
TCP macintosh MACINTOSH: 0 LISTENING
TCP macintosh MACINTOSH: 0 LISTENING
TCP macintosh MACINTOSH: 0 LISTENING
Now, “Proto(col)” simply means what kind of data transmission is taking
place (TCP or UDP), “Local address” is your computer (and the number
next to it tells you what port you’re connected on), “Foreign Address”
is the machine that is connected to you (and what port they’re using),
and finally “State” is simply whether or not a connection is actually
established, or whether the machine in question is waiting for a
transmission, or timing out etc.
Now, you need to know all of Netstat’s various commands, so type:
netstat ?
You will get something like this:
Displays protocol statistics and current TCP/IP network connections.
NETSTAT [-a] [-e] [-n] [-s] [-p proto] [-r] [interval]
-a Displays all connections and listening ports.
-e Displays Ethernet statistics. This may be combined with the -s option.
-n Displays addresses and port numbers in numerical form.
-p proto Shows connections for the protocol specified by proto; proto
may be TCP or UDP. If used with the -s option to display per-protocol
statistics, proto may be TCP, UDP, or IP.
-r Displays the routing table.
-s Displays per-protocol statistics. By default, statistics are shown
for TCP, UDP and IP; the -p option may be used to specify a subset of
the default.
Have a play around with the various options, but the most important use
of these methods is when you combine them. The best command to use is
netstat -an
because this will list all connections in Numerical Form, which makes
it a lot easier to trace malicious users….Hostnames can be a little
confusing if you don’t know what you’re doing (although they’re easily
understandable, as we shall see later). Also, by doing this, you can
also find out what your own IP address is, which is always useful.
Also,
netstat -b
will tell you what ports are open and what programs are connecting to the internet.
## Types of Port ##
It would be impossible to find out who was attacking you if computers
could just access any old port to perform an important function; how
could you tell a mail transfer from a Trojan Attack? Well, good news,
because your regular, normal connections are assigned to low, commonly
used ports, and in general, the higher the number used, the more you
should be suspicious. Here are the three main types of port:
# Well Known Ports These run from 0 to 1023, and are bound to the
common services that run on them (for example, mail runs on channel 25
tcp/udp, which is smtp (Simple Mail Transfer Protocol) so if you find
one of these ports open (and you usually will), it’s usually because of
an essential function.
# Registered Ports These run on 1024 to 49151. Although not bound to a
particular service, these are normally used by networking utilities
like FTP software, Email client and so on, and they do this by opening
on a random port within this range before communicating with the remote
server, so don’t panic (just be wary, perhaps) if you see any of these
open, because they usually close automatically when the system that’s
running on them terminates (for example, type in a common website name
in your browser with netstat open, and watch as it opens up a port at
random to act as a buffer for the remote servers). Services like MSN
Messenger and ICQ usually run on these Ports.
# Dynamic/Private Ports Ranging from 49152 to 65535, these things are
rarely used except with certain programs, and even then not very often.
This is indeed the usual range of the Trojan, so if you find any of
these open, be very suspicious. So, just to recap:
Well Known Ports 0 to 1023 Commonly used, little danger.
Registered Ports 1024 to 49151 Not as common, just be careful.
Dynamic/Private Ports 49152 to 65535 Be extremely suspicious.
## The hunt is on ##
Now, it is essential that you know what you’re looking for, and the
most common way someone will attack your machine is with a Trojan. This
is a program that is sent to you in an email, or attempts to bind
itself to one of your ports, and when activated, it can give the user
your passwords, access to your hard drive…they can even make your CD
Tray pop open and shut. At the end of this Document, you will find a
list of the most commonly used Trojans and the ports they operate on.
For now, let’s take another look at that first example of Netstat….
Active Connections
Proto Local Address Foreign Address State
TCP macintosh: 27374 modem-123.tun.dialup.co.uk: 50505 ESTABLISHED
TCP macintosh: 80 proxy.webcache.eng.sq: 30101 TIME_WAIT
TCP macintosh MACINTOSH: 0 LISTENING
TCP macintosh MACINTOSH: 0 LISTENING
TCP macintosh MACINTOSH: 0 LISTENING
Now, straight away, this should make more sense to you. Your computer
is connected on two ports, 80 and 27374. Port 80 is used for http/www
transmissions (ie for all intents and purposes, its how you connect to
the net, although of course it’s a lot more complicated than that).
Port 27374, however, is distinctly suspicious; first of all, it is in
the registered port range, and although other services (like MSN) use
these, let’s assume that you have nothing at all running like instant
messengers, webpages etc….you’re simply connected to the net through
proxy. So, now this connection is looking even more troublesome, and
when you realise that 27374 is a common port for Netbus (a potentially
destructive Trojan), you can see that something is untoward here. So,
what you would do is:
1) run Netstat , and use:
Netstat -a
then
Netstat -an
So you have both Hostnames AND IP addresses.
## Tracerouting ##
Having the attacker’s IP is all well and good, but what can you do with
it? The answer is, a lot more! It’s not enough to have the address, you
also need to know where the attacker’s connections are coming from. You
may have used automated tracerouting tools before, but do you jknow how
they work?
Go back to MSDOS and type
tracert *type IP address/Hostname here*
Now, what happens is, the Traceroute will show you all the computers
inbetween you and the target machine, including blockages, firewalls
etc. More often than not, the hostname address listed before the final
one will belong to the Hacker’s ISP Company. It’ll either say who the
ISP is somewhere in there, or else you run a second trace on the new
IP/hostname address to see who the ISP Company in question is. If the
Hostname that you get back doesn’t actually seem to mention an actual
geographical location within its text, you may think all is lost. But
fear not! Suppose you get a hostname such as
Well, that tells us nothing, right? Wrong….simply enter the hostname
in your browser, and though many times you will get nothing back,
sometimes it will resolve to an ISP, and from there you can easily find
out its location and in what areas they operate. This at least gives
you a firm geographical location to carry out your investigations in.
If you STILL have nothing, as a last resort you COULD try connecting to
your target’s ISP’s port 13 by Telnet, which will tell you how many
hours ahead or behind this ISP is of GMT, thus giving you a
geographical trace based on the time mentioned (although bear in mind,
the ISP may be doing something stupid like not having their clocks set
correctly, giving you a misleading trace. Similarly, a common tactic of
Hackers is to deliberately have their computer’s clock set to a totally
wrong time, so as to throw you off the scent). Also, unless you know
what you’re doing, I wouldn’t advise using Telnet (which is outside the
parameters of this tutorial).
## Reverse DNS Query ##
This is probably the most effective way of running a trace on somebody.
If ever you’re in a chatroom and you see someone saying that they’ve
“hacked into a satellite orbiting the Earth, and are taking pictures of
your house right now”, ignore them because that’s just bad movie
nonsense. THIS method is the way to go, with regard to finding out what
country (even maybe what State/City etc) someone resides, although it’s
actually almost impossible to find an EXACT geographical location
without actually breaking into your ISP’s Head Office and running off
with the safe.
To run an rDNS query, simply go back to MS-DOS and type
netstat
and hit return. Any active connections will resolve to hostnames rather than a numerical format.
# DNS
DNS stands for Domain Name Server. These are machines connected to the
Internet whose job it is to keep track of the IP Addresses and Domain
Names of other machines. When called upon, they take the ASCII Domain
Name and convert it to the relevant numeric IP Address. A DNS search
translates a hostname into an IP address….which is why we can enter
“www.Hotmail.com” and get the website to come up, instead of having to
actually remember Hotmail’s IP address and enter that instead. Well,
Reverse DNS, of course, translates the IP Address into a Hostname (ie -
in letters and words instead of numbers, because sometimes the Hacker
will employ various methods to stop Netstat from picking up a correct
Hostname).
So, for example,
298.12.87.32 is NOT a Hostname.
mail6.bol.net.au IS a Hostname.
Anyway, see the section at the end? (au) means the target lives in
Australia. Most (if not all) hostnames end in a specific Country Code,
thus narrowing down your search even further. If you know your target’s
Email Address (ie they foolishly sent you a hate mail, but were silly
enough to use a valid email address) but nothing else, then you can use
the Country codes to deduce where they’re from as well. You can also
deduce the IP address of the sender by looking at the emails header (a
“hidden” line of code which contains information on the sender)…on
Hotmail for example, go to Preferences, and select the “Full Header’s
Visible” option. Alternatively, you can run a “Finger” Trace on the
email address, at:
Plus, some ISP’s include their name in your Email Address with them too
(ie Wanadoo, Supanet etc), and your Hacker may be using an email
account that’s been provided by a Website hosting company, meaning this
would probably have the website host’s name in the email address (ie
Webspawners). So, you could use the information gleaned to maybe even
hunt down their website (then you could run a website check as
mentioned previously) or report abuse of that Website Provider’s Email
account (and thus, the Website that it goes with) to
If your Hacker happens to reside in the USA, go to:
for a complete list of US State abbreviatons.
## List of Ports commonly used by Trojans ##
Please note that this isn’t a complete list by any means, but it will
give you an idea of what to look out for in Netstat. Be aware that some
of the lower Ports may well be running valid services.
UDP: 1349 Back Ofrice DLL
31337 BackOfrice 1.20
31338 DeepBO
54321 BackOfrice 2000
TCP: 21 Blade Runner, Doly Trojan, Fore, Invisible FTP, WebEx, WinCrash
23 Tiny Telnet Server
25 Antigen, Email Password Sender, Haebu Coceda, Shtrilitz Stealth, Terminator, WinPC, WinSpy, Kuang2 0.17A-0.30
31 Hackers Paradise
80 Executor
456 Hackers Paradise
555 Ini-Killer, Phase Zero, Stealth Spy
666 Satanz Backdoor
1001 Silencer, WebEx
1011 Doly Trojan
1170 Psyber Stream Server, Voice
1234 Ultors Trojan
1243 SubSeven 1.0 – 1.8
1245 VooDoo Doll
1492 FTP99CMP
1600 Shivka-Burka
1807 SpySender
1981 Shockrave
1999 BackDoor 1.00-1.03
2001 Trojan Cow
2023 Ripper
2115 Bugs
2140 Deep Throat, The Invasor
2801 Phineas Phucker
3024 WinCrash
3129 Masters Paradise
3150 Deep Throat, The Invasor
3700 Portal of Doom
4092 WinCrash
4567 File Nail 1
4590 ICQTrojan
5000 Bubbel
5000 Sockets de Troie
5001 Sockets de Troie
5321 Firehotcker
5400 Blade Runner 0.80 Alpha
5401 Blade Runner 0.80 Alpha
5402 Blade Runner 0.80 Alpha
5400 Blade Runner
5401 Blade Runner
5402 Blade Runner
5569 Robo-Hack
5742 WinCrash
6670 DeepThroat
6771 DeepThroat
6969 GateCrasher, Priority
7000 Remote Grab
7300 NetMonitor
7301 NetMonitor
7306 NetMonitor
7307 NetMonitor
7308 NetMonitor
7789 ICKiller
8787 BackOfrice 2000
9872 Portal of Doom
9873 Portal of Doom
9874 Portal of Doom
9875 Portal of Doom
9989 iNi-Killer
10067 Portal of Doom
10167 Portal of Doom
10607 Coma 1.0.9
11000 Senna Spy
11223 Progenic trojan
12223 Hack´99 KeyLogger
12345 GabanBus, NetBus
12346 GabanBus, NetBus
12361 Whack-a-mole
12362 Whack-a-mole
16969 Priority
20001 Millennium
20034 NetBus 2.0, Beta-NetBus 2.01
21544 GirlFriend 1.0, Beta-1.35
22222 Prosiak
23456 Evil FTP, Ugly FTP
26274 Delta
30100 NetSphere 1.27a
30101 NetSphere 1.27a
30102 NetSphere 1.27a
31337 Back Orifice
31338 Back Orifice, DeepBO
31339 NetSpy DK
31666 BOWhack
33333 Prosiak
34324 BigGluck, TN
40412 The Spy
40421 Masters Paradise
40422 Masters Paradise
40423 Masters Paradise
40426 Masters Paradise
47262 Delta
50505 Sockets de Troie
50766 Fore
53001 Remote Windows Shutdown
54321 SchoolBus .69-1.11
61466 Telecommando
65000 Devil
## Summary ##
I hope this tutorial is useful in showing you both how to secure
yourself against unwanted connections, and also how to determine an
attacker’s identity. The Internet is by no means as anonymous as some
people think it is, and although this is to the detriment of people’s
security online, this also works both ways….it IS possible to find
and stop even the most determined of attackers, you just have to be
patient and keep hunting for clues which will help you put an end to
their exploits.
Activate Free 6 Months Kaspersky Anti-Virus 2009 Chinese Key Code on English Setup
Filed under: hacks, internet trikx, windows | Tags: Kaspersky Anti-Virus 2009
Leave a Comment The steps to get the activation code is very simple. Just enter your email address in the form, click submit and the code will be instantly delivered to your email. Problem is the code can only be used on Chinese version of Kaspersky AntiVirus 2009 (kav8.0.0.506sch.exe or KAV8.0.0.506sch.zip). If you try to activate the code on the English version of KAV 2009, you’ll get an error saying “Activation code is not compatible with this application. It is impossible to activate Kaspersky Anti-Virus using the activation code for another application. Please, check your product.”
You can of course download the Chinese language of Kaspersky and hit Shift + F12 to change the interface to English (which will be reverted back to Chinese after reboot) but today I will show you how to get the genuine kaspersky key, and how easy it is to do the “impossible” by activating any language of KAV 2009 using the activation code that is meant for Chinese version.
Follow the steps below to get your free 6 months Kaspersky Anti-Virus 2009 activation code:
1. Go to http://li.kaba365.com/
2. Enter your email at the form and click the button.
3. Type the exact verification code that you see and click the button on the bottom left.
4. Click Cancel if you receive a popup that looks like the image below.
5. Check your email address that you’ve entered in step 2. You should receive an email from noreply@pcstars.com.cn with the subject 赠送给您的卡巴斯基反病毒2009(半年卡). Note down the 25 digit Kaspersky activation code.
If you haven’t install Kaspersky Anti-Virus 2009, you download it from here. After installation, make sure you select “Activate later” when asked to activate the application. Finish up the configuration and restart your computer.
To activate the chinese activation code on English version of Kaspersky Antivirus 2009.
1. Right click at Kaspersky icon at the icon at the notification area and select Settings.
2. Go to Options and “uncheck” Enable Self-Defense. Click OK to close the settings window.
3. Right click at Kaspersky icon at the notification area and select Exit.
4. Go to C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\Skin\loc and rename the folder from en to sch.
5. Go to Start > Run , type regedit and click OK.
6. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\KasperskyLab\protected\AVP8\environment
7. Look for the Localization name and double click on it. Change the value data from en to sch. Close the Registry Editor.
8. Run Kaspersky Antivirus either from desktop or start menu and you’ll be prompted to activate the application.
9. Select Activate online and enter the 25 digit activation code that you got earlier.
10. Voila! You should see that it’s sending the data to Kaspersky server and will then tell you that the key is successfully installed with the expiration date 6 months ahead.
Well, it is amazing that Kaspersky is giving out 50,000 activation codes everyday but unfortunately those keys are “trial” keys and not commercial. There is one drawback on trial key which is IF you’ve previously activated the 30 days trial or other promotional trial license, you won’t be able to use this license. Kaspersky application only allows you to activate the trial license ONCE. Uninstalling and reinstalling won’t allow you to activate trial license more than once unless you know how to do kaspersky trial reset by deleting some registry keys which won’t be discussed here.
How to re-install windows without loosing anything
Over time, Windows loses stability. If you keep a computer for more than two years, at some point you’re going to have to bite the bullet and reinstall Windows from scratch. But contrary to popular belief, you won’t have to reformat your hard drive (with one exception, discussed below). The bad stuff you need to get rid of is all in your Windows folder.
Before you begin, gather your Windows and application CD-ROMs. Back up your data files (just to be safe), and then clear two days off your calendar. If everything goes smoothly, you can reinstall Windows in a few hours. But you have to assume something will go wrong: You may not be able to find a necessary CD, or data won’t be where you thought it was, or something will simply refuse to work.
There’s a difference between a repair reinstall and a complete reinstall. Though a repair (also called a refresh) will let you keep your current settings, a complete reinstall will give you a truly fresh version of Windows. Repairs are fast and easy, but they don’t fix anywhere near as many problems. The instructions below are for total reinstalls, except where noted.
Your Vendor’s Restore CD
Most computers ship with a vendor-specific restore CD rather than with a Microsoft Windows CD-ROM. (If your PC came with a Microsoft Windows CD, or if you bought a retail copy of Windows, skip to the section for your version.)
Some restore CDs give you all the options of a full Microsoft Windows CD, but with better instructions and the convenience of having all the right hardware drivers. Others can do nothing except reformat your hard drive and restore it to the condition it was in when you bought the PC. (This case is the exception I mentioned above that requires a reformat.)
If your restore CD is reformat-only, back up your data files to a network or a removable medium before reinstalling Windows. If you use Windows 98 or Me, back up C:\My Documents, plus the folders inside C:\Windows discussed in the 98*steroidsRgangstaa section below. If you have Windows 2000 or XP, back up C:\Documents and Settings. Also back up any other folders in which you store your data files.
Windows 98 and ME CDs
These Windows versions keep some important data inside your soon-to-be-erased Windows folder, so you need to copy several of its subfolders to another location. Right-click My Computer and select Explore. Double-click the C: drive icon (in Me, you may then have to click View the entire contents of this drive). Right-click in the right pane and select New, Folder. Name the new folder oldstuff.
Go to the Windows folder (you might have to click View the entire contents of this folder), hold down Ctrl, and select the following subfolders: All Users, Application Data, Desktop, Favorites, Local Settings, Profiles, SendTo, and Start Menu. If you don’t see them all, select View, Folder Options (Tools, Folder Options in Me), click the View tab, select Show all files, and click OK. (If you still don’t see them all, don’t worry about it.) Press Ctrl and drag the folders to C:\oldstuff (see FIGURE 1).
Restart Windows with a start-up disk in your floppy drive. (To make a start-up floppy, insert a disk, select Start, Settings, Control Panel, double-click Add/Remove Programs, click Startup Disk, Create Disk, and follow the prompts.) At the Startup Menu, select Start computer with CD-ROM support. While the drivers load, insert your Windows CD-ROM.
Unless you’re doing a repair reinstall, type the command c:\windows\command\deltree /y c:\windows and press Enter. Deleting your old files could take time, but the /y switch suppresses confirmation prompts, so take a break.
When you’re back at the A: prompt, type x:setup, where x is your CD drive letter (it’s likely one letter past what it usually is in Windows, so if it’s D: in Windows, it’s probably E: here). Press Enter and follow the prompts.
Once you’re back in Windows, reinstall your graphics card driver. If you have Windows set up for more than one user, you’ll also have to re-create each account. Select Start, Settings, Control Panel, Users to do so. It’s important that the user names match those in the old installation. If you’re not sure, open Windows Explorer and navigate to C:\oldstuff\profiles. There you’ll find a folder for each registered user name (see FIGURE 2). Don’t worry about passwords. Log off and log back on as each user. When you’re done, log off and back on one more time, but instead of choosing a user name and a password, press Esc to enter Windows without being a specific user.
Select Start, Programs, MS-DOS Prompt (in Windows 98) or Start, Programs, Accessories, MS-DOS Prompt (in Windows Me). Type xcopy c:\oldstuff\*.* c:\windows /s /h /r /c and press Enter (if you want to know what the xcopy switches do, enter the command xcopy /?). When xcopy asks if it should overwrite a file, press a for All.
When xcopy is through, reboot and log on (as a particular user, if necessary). Open My Documents to make sure all your personal files are where they belong, including your Internet Explorer favorites and your custom Start menu shortcuts.
Now skip ahead to “Finishing the Job.”
Windows 2000 and XP CDs
Boot your computer with your Windows CD-ROM inserted. When you get the ‘Press any key to boot from CD’ message, do so. (If you don’t see that message before Windows starts, restart Windows, press the key you’re prompted to enter for your PC Setup program, and change the boot order so your CD drive is first.)
At the ‘Welcome to Setup’ screen, press Enter. The R (repair) option takes you to the Recovery Module, which is useful if Windows won’t boot, but it’s no help with a reinstallation. Soon you’ll be told that there’s already a Windows installation on the computer. Press r for a repair reinstall or Esc to begin a complete, destructive one. For a complete restore, select your C: partition and press Enter. When you get the warning that says an operating system is on that partition, press c. When you are asked your partition preference, select Leave the current file system intact (no changes). When you’re told that a Windows folder (or Winnt folder for Windows 2000) already exists, press l (‘ell’) to delete it and create a new one. Follow the series of prompts. When the installation program asks for your name, enter temp.
Once the installation is complete, your system will reboot into Windows, and you’ll be logged on as user Temp. If the screen is difficult to read, reinstall your graphics card driver.
If you are reinstalling Windows XP, skip to “For Both Windows XP and 2000.”
If you’re reinstalling Windows 2000, log off as Temp and back on as Administrator. Now log off and on again, this time as Temp. Open Windows Explorer and navigate to C:\Documents and Settings. One of the subfolders will be named Administrator. Another will be named something like Administrator.computername.
Select Start, Programs, Accessories, Command Prompt. Type cd “\documents and settings” and press Enter. Then type xcopy administrator\*.* administrator.computername /s /h /r /c, replacing computername with the last part of that folder’s name (after “Administrator.”) in Documents and Settings. Now press Enter, and when you’re asked about overwriting files or folders, press a for All.
If you have any users on the old installation besides Administrator, continue with the “For Both Windows XP and 2000″ section. Otherwise, open Windows Explorer and make sure your data files are where they belong. Then go to Control Panel’s Users and Passwords applet and delete the user Temp before skipping to “Finishing the Job.”
For Both Windows XP and 2000
Reopen Windows Explorer. Select your C: drive (you may have to click Show the contents of this folder). Right-click in the right pane and select New, Folder. Name the new folder oldstuff. In the left pane, choose the Documents and Settings folder. It should have subfolders for each user from the previous install, plus one for Temp and a few others. Move the folders for your previous user names to oldstuff.
Select Start, Control Panel, User Accounts (Start, Settings, Control Panel, Users and Passwords in Windows 2000). Create an account for each user who was registered before the reinstall. Be sure to use the exact names. They are the same names as the folders you just moved to oldstuff (as shown in FIGURE 2). In Windows XP, at least one user must have administrator privileges.
Log off and back on as each user, before logging back on as Temp. Make sure that you select Log Off and not Switch User at Windows XP’s Log Off dialog box (this isn’t an issue in Win 2000).
Log on as Temp, select Start, Programs, Accessories, Command Prompt (in XP, Start, All Programs, Accessories, Command Prompt), type xcopy c:\oldstuff\*.* “c:\documents and settings” /s /h /r /c, and press Enter. Press a when asked if you want to overwrite a file. Log off Temp and log on to each restored account to make sure everyone’s documents and data are where they belong. Log on as an administrator and run Control Panel’s User Accounts applet again to remove the user Temp.
Finishing the Job
Now you’ve got Windows going, but not much else. You may have to reinstall your printer, sound card, and so on. Luckily, if a driver for the gadget came on your Windows or vendor restore CD, it was probably reinstalled automatically.
You’ll have to reinstall your applications to reintroduce them to Windows. Some of their settings will not be changed by the reinstallation, but those that were stored in the Registry were wiped out.
Once your Internet connection is running again, browse to Windows Update and download all critical updates for your version (see FIGURE 3). Then visit the sites of your hardware vendors to update your drivers.
After the reinstall, some of your data may not show up where it should. Search for it in both your Application Data and oldstuff folders, and see if you can move it to the folder in which Windows or your apps are looking for it. If you find a folder called Identities with two subfolders whose names are long and indecipherable, try moving the contents of one to the other and see if your data reappears.
You’ve probably guessed that the final step is deleting the c:\oldstuff folder–and the Administrator folder in Windows 2000. Make this the very last step, however. Wait a couple of days, weeks, or even months until you’re confident that all of your needed files are accessible.
make a autorun file for your CD
1) You open notepad
2) now you writ: [autorun]
OPEN=INSTALL\Setup_filename.EXE
ICON=INSTALL\Setup_filename.EXE
Now save it but not as a .txt file but as a .inf file.
But remember! The “Setup_filename.EXE” MUST be replaced with the name of the setup file. And you also need to rember that it is not all of the setup files there are called ‘.exe but some are called ‘.msi
3) Now burn your CD with the autorun .inf file included.
4) Now set the CD in you CD drive and wait for the autorun to begin or if nothing happens just double-click on the CD drive in “This Computer”
Kaspersky 7&8 KAV&KIS Unblacklisting Method
[Tutorial] Kaspersky 7&8 KAV&KIS Unblacklisting Method
NEW * Kaspersky version 8 Unblacklist Method Added
scroll down after v.7 method Wink you will find “How to” for version 8 .
Attention for those who didn’t read until bottom , the Patch works only if the AV is installed as
Default in C:/Program Files/Kaspersky Lab/ Smile
or C:/Program Files (x86)/Kaspersky Lab/ for those who have x64 Bit OS’s
Exclamation NEW
New Keys Added valid until 2011 Wink
Are you using a ‘pirate’ copy of KAV ? Are you tired of changing the license up to 3 times a month Very Happy ? Don’t stress yourself , Here’s my solution Smile :
Use this :
Idea This is the ultimate tool for KAV 7 and KIS 7
KIS & KAV version 7.x:
Exclamation It uses advanced methods to avoid getting blacklisted and so on …
Quote:
You will be able to use a key even if it is already blacklisted so , you better listen carefully Smile
Download
Pass:
HOW TO
Read the Readme in the Folder
1. After installing KAV/KIS on your PC , do not activate , use “Activate Later” option .
2. Reboot to complete installation , again “Activate Later”
3. Deactivate all Proactive defense options from the AV like this :
4. In the folder you will find two patches , the one recommended for installing is “Kaspe.. Sollution” because the other one is slightly 99.8% stable not 100% , but is the same patch version so use whatever you like . (do not open the patch yet , so do not worry , cause it will work Wink)
5. Run your PC into Safe Mode with Networking Options :
Arrow There are two ways to get in Safe Mode
a) when booting up windows , press F8 right after the POST screen .
choose Safe Mode with Networking option .
b) Use the RUN from Start Menu .
go to Start -> RUN -> type : msconfig , hit ENTER ,
go to Boot.ini tab , select Safe Boot , check the Network option bellow and close the dialog box , hit Restart after this operation .
When asked what User to Log in , Exclamation click on the Default SYSTEM Administrator , NOT your account or your Guest account , YOUR DEfault Administrator Account , the one from the System , ussually Located in the first ROW .
[/img]http://www.techorama.org/images/win-xp-screen-full_69.jpg[img]
It is very important because the fact that this way the Patch has acces to the System so it will smoothly update . If your account is password protected (The admin acc. , type password when asked)
[/img]http://www3.georgetown.edu/uis/images/software/documentation/winxp/runas2.gif[img]
[/img]http://i25.tinypic.com/14mt25d.png[img]
6. Wait until you reach (get inside) in Safe Mode , you will see that screen (black) with Safe Mode in corners
[/img]http://www.bcot1.com/safemode03.jpg[img]
hit Yes in that box .
7. Double click the “Kas.. Sollution” patch . NOTE! You will have to wait a bit until it shows on the desktop because in Safe Mode , VGA resources are poor .
Exclamation If the Patch isn’t starting in maximum 2.5 minutes , press Ctrl+Alt+Del and simply wait . If even this method isn’t working , Run the second patch and close the first one . But I advice you to wait cause it will work Wink .
8. After starting the patch , you will see some buttons , that may be pressed depending on your version of the AV (KAV or KIS) . Read the following very carefully Smile
9. You will see this screen :
[/img]http://i26.tinypic.com/6fnpt3.jpg[img]
Press ‘key remover’ button first ,
After that ‘Clean’ Button
After that press !! Depending on your version “Patch KAV” or “Patch KIS (intenet security)” .
Cool Probably you won’t have time to see anything on the screen because it’s very fast Wink
10. Now press the “Key KAV+KIS” , and press “Install” , just like there Smile .
After finishing , you may hit “Exit” .
11. Go again to RUN -> msconfig -> Boot.ini and deactivate the safe mode , uncheck the safe Boot , so the OS can start in normal boot .
Image
12. After reboot , you will be asked to Activate , hit “Apply Existing License” and Use one of the ones from the folder I supplied Wink I have included Keygen also for KAV version Smile .
[/img]http://www.kaspersky.com/support/images/support_new/codeinstalled.jpg[img]
13. After Activation , you will have to Update the AV to have the latest protection services activated , and after that You may enable Proactive Defense again Wink .
[/img]http://i26.tinypic.com/fve6oi.png[img]
14. Happy Non-Blacklisting Protection , you can fully update and no worries about Blacklisting again , [the secret method I cannot tell you so don't ask Very Happy]
15. Updated successfully with a key that has already been blacklisted Very Happy :
[/img]http://i25.tinypic.com/m7gt2s.png[img]
[/img]http://i32.tinypic.com/2i881gp.png[img]
[/img]http://i29.tinypic.com/34858id.png[img]
Now you are protected against any type of malware
Reduced: 86% of original size [ 706 x 576 ] – Click to view full image
Now install the Antivirus as Trial first .
4. Reboot the PC , and after this step , select Activate Later , go into “Self Defense” menu and Disable it Temporary .
5. Now Reboot in Safe Mode just like in the previous pictures .
6. Run the Kaspersky Patch Smile [ Do not forget to be logged in as the Administrator and not Guest or Other User ]
7. The steps to Patch KAV/KIS are exactly the same for version 8 too . , After Done Patching , exit the application [patch] & Reboot in Normal Mode now .
8. When Asked for License , download this License File which is valid untill 2011 for KIS and until 2010 for KAV and until then you won’t have any problems with Updates
How to bypass the Youtube age limit
How to bypass the Youtube age limit
There are some videos on youtube which require you to be a member in order to watch them . What if you wanted to watch them without registering on youtube . Well here’s how to go about it .
For example a video like this :
http://youtube.com/watch?v=ksyxaKWS_j4
would ask you to login and verify your age . *
** How to watch it without logging in ***
We need to edit the link this way .
> Replace the “?” after watch with “/” and “=” after v with “/”
> So our link after editing would be : http://youtube.com/watch/v/ksyxaKWS_j4
> Now use this link in your browser to watch the video Enjoy !
How to surf anonymously
How to surf anonymously
In this tutorial, you will learn how to surf completely anonymously, not
just anonymous to your friends, than for police and government.
This is my first English tutorial, so don’t say I’m illiterate because of
some grammar mistakes. I hope you’ can read it… 
— WHAT IS TOR AND HOW IT WORKS —
Now you can see what’s hiddenTor (The Onion Router) is software project/anonymous network that use
onion routing for anonymity. I’m just paste wikipedia quote for onion
routing, because I think you will understand it better than i write it:
“Onion routing is a technique for anonymous communication over a computer
network. Messages are repeatedly encrypted and then sent through several
network nodes called onion routers. Each onion router removes a layer of
encryption to uncover routing instructions, and sends the message to the
next router where this is repeated. This prevents these intermediary
nodes from knowing the origin, destination, and contents of the message.”
If you still didn’t understand it, you can read great article on tor web-
site with explanation images: http://www.torproject.org/overview.html.en
— INSTILLING AND CONFIGURING TOR AND NECESSARY SOFTWARE—
— LINUX / *BSD—
You can install it by repositories of your distribution, but I suggest
downloading most update version from tor website:
http://www.torproject.org/download-unix.html.en
After installing Tor, you need to install Privoxy – web filtering proxy so
you could use Tor for anonymous web browsing. Go to http://www.privoxy.org and
then go to “Download recent releases”. I installed it form source, but if
you don’t know how to do it… Well, than i must write new tutorial
Now, we must configure Privoxy to work with Tor. Open privoxy config
file (usually located in /etc/privoxy/config) and add this line on top of
CODE
forward-socks4a / 127.0.0.1:9050 .
9050 is Tor port, so privoxy will forward traffic(HTTP and HTTTPS) to Tor.
If you want privoxy to stop logging files, comment (or delete) this files
in his config file:
logfile logfile
jarfile jarfile
and on some systems, you must comment debug lines (eg. “debug 1″)
Now you must restart privoxy to changes take effects.
— WINDOWS —
Go to Tor download page – http://www.torproject.org/download.html.en, and
download tor for Windows. It will install Tor, Vidalia(GUI for Tor) and
privoxy. And, that is that… Don’t panic if your firewall block 9050 and
8118 port, that are default ports of Tor and Privoxy, so allow traffic on
these ports…
— FIREFOX —
There is one beautiful thing – Torbutton firefox add-on, ypu can find it
here: https://addons.mozilla.org/en-US/firefox/addon/2275
Restart Firefox and anonymously browsing is set, Torbutton is located in
right-bottom corner of firefox, and you can easly toggle in Tor mode and
non-tor mode of browsing. You can configure Torbutton for completely
stealth browsing, so this is one more + to firefox 
— OTHER BROWSERS —
In other browsers, you will just must configure it http proxy to point to:
host: 127.0.0.1
port: 8118.
That will forward HTTP/S traffic over privoxy,
who will forward it to Tor. Note, check your firewall (it may block you to
connect to localhost(127.0.0.1)).
— OUTRO —
Ofcourse, because of that, Tor will slow down your connection, but you
must be patient if you want to be secure… Tor is free project who work
because of volunteers, so don’t do illegal things or download big files
over it.
