Norton Antivirus 2009 – Norton Fails me..Again all started with me picking up a Not For Sale copy of Norton Antivirus from an official source who wanted me to Norton Antivrus 2009 - well..what can i say :X test and rate the antivirus. Reluctant in the beginning (I had to take my Comodo firewall and Nod32 antivirus cover from my system to test this behemoth) , I agreed for the sake of proving myself wrong as my previous experience with it was terrible.

I was right..

Well lets start with the basics,I installed it,activated it online and there you go..It eats up system memory and rules like a beast. Silent operation is pesky however you can control the notification settings from the configurable options. I intentionally inserted an infected pendrive with a rather assorted collection of viruses,worms and Trojans (some made with love from various Virus development kits and Trojan makers like Turokjan and PRORAT)  and it was able to detect most of them,however some hardened binded executables were not detected by it.
It includes facility of monitoring and scanning in realtime but doesn't includes anything special and distinctive from other antivirus products. Standard guard subsystems like mail scanning,file scanning,boot time scanning and  reporting are there but are also available in cheaper and free antivirus products like Avast too.
Norton has made a name of itself for its antivirus and I now wonder how ? Perhaps there was a time when only they existed and people didn't really had any choice,but seriously,its time to switch over.
The updates are heavy as it tries to connect to central server and opens many ports in process.Norton Antivrus 2009 interface
I did that after my system slowed down tremendously and I was pesked with its notifications,I tried to uninstall it but here it too proved that I had to bite tougher nails. Uninstalling pesks with options and tries to stop you like he is the boss and you are not. NAV and live update features suffer from installshield errors sometimes and sometime a virus which has impenetrated into its defenses may corrupt a file or too,which will make it almost impossible (literally) to uninstall. Trust me,I m not a skeptic critic of Norton but they make me shudder every time I see NAV.
I was able to uninstall it after few registry edits and some messing with unlocker .


  1. Total Protection (?) in a comprehensive suite


  1. protection at the cost of resources
  2. heavy updates
  3. System hog
  4. resource eater
  5. file behemoth
  6. uninstallation is tougher
  7. Its NORTON
  8. costlier then others

I reverted to Nod32 and Comodo combo and My PC is almost as secure as Fort Knox :P and the best part is that they are the ones I shall recommended to you.

You can download it from here -

Download Norton Antirus 2009 TRIAL

(TRIAL ? well try before you buy which you are not gonna do it after you try it :P else you know where to get cracks :) )

Keep learning..




Top 10 Linux Speed Hacks

Ah…Linux..The pinnacle of what open source can achieve today..the brainchild of Linus Torvalds has surely come a lot Top 10 Linux Speed Hacks further and evolved to show the world what it is capable of.As an extremely reliable Operating system, Linux  rarely needs to be rebooted. But when it does, it’s often slow to boot.Loads of Matrix style lines scrolling down the screen are sure to drive nuts added with boot time of GUI initialization.. Fortunately, there are ways to speed things up. Some of these methods are not terribly difficult. (although some, unfortunately, are). Let’s take a look at Top 10 Speed hacks of Linux and let your linux box reincarnate with speed. 

[1]. Quick Fixes - Disable unnecessary services Disable unnecessary services to make Linux Boot Faster

Linux comes in various flavors bundled with a lot of applications.However,most of us don't even use Linux to its full  potential. Depending upon the use of the machine, plenty of services and running programs won’t be needed. And if you are using Linux just for a desktop,then you won’t be needing the default sendmail , httpd, and many other services.You can also turn off many other services if your Linux box is used as a small web server by going to Administration menu,tweaking the Services entry and deselect all of the services you don’t want to start.

[2]. Free up Your Kernel - Disable unnecessary kernel modules

If your Linux box is wired to the LAN/Ethernet,then you don’t need to have a wireless kernel module loaded. More services like smartcard modules and more can be disabled and the load can be taken off from the kernel.This task is a bit Tweaking Linux Kernel is even difficult for Linux Geeks..but its worth its time and learning difficult requires recompilation of kernel, which is daunting for even the *inux geeks. To do this, you will need the kernel sources and then follow the standard steps for compiling a kernel. You will be having a ride through the internals of your system just disable all of the kernel modules you don’t need.

For added safety,install Bootchart which will tell you if Kernel modules are properly installed and running on your system. Not only will this give you a good list of modules, it will illustrate for you what is happening during your system boot. You can also issue the command

chkconfig –list | grep 3:on

to find out what services are running. Once you know what loading modules you don’t need, you can remove them during a kernel recompilation. While you’re at it, compile the kernel to exactly match your architecture. Make your Linux Faster - Use a  Lightweight Linux Distribution

[3]. Take Load Off Linux - Use a lightweight window manager instead of GNOME or KDE

Using a smaller window manager drastically reduces graphical boot time. Instead of having to wait that extra 30 to 60 seconds for GNOME or KDE to boot up, why not wait two to 10 seconds for Enlightenment or XFCE to boot up? Not only will they save you boot time, they will save your memory and the headache of dealing with bloatware. 

[4]. CUI ROKZ’ - Use a text-based login instead of a graphical login

The graphical logins do two things: increase load times and create headaches trying to recover from an X windows failure.Most of Linux machines which boot to run level 3 instead of run level 5 will halt at the text-based login, where you only have to log in and issue startx to start your desktop of choice.So CUI login is the way to go.

[5]. The Flying Penguin - Use a lighter Linux distribution Let Your Linux Fly - Use a lighter Linux distribution

Are You a Linux newbie ? Instead of loading the heavyweight SUSE, why not try a DSL, Puppy Linux, or Gentoo? The boot times for these smaller distributions are far faster than the more bloated Fedora (SUSE and even Ubuntu).Loading lighter linux distributions will save you from lot of headaches. Of the larger distributions,  OpenSuSE claims to boot the fastest, but between the latest Fedora and Ubuntu, Ubuntu blows Fedora’s boot times away (and that is out of the box,trust me..).

[6]. Get Savvy - Use an OpenBIOS

If you’re tech savvy enough to upgrade your PC’s firmware, you might consider a migration to open source BIOS which Use custom Open bios to meet your machine's needswill allow Linux to actually initialize the hardware as it boots (instead of relying on the BIOS). Also, many open BIOSes can be customised to meet your machine’s specific needs. If you don’t go the open BIOS route, you can at least configure your BIOS to not search for a floppy drive that’s not there or to boot directly to the first hard drive (instead of the CD drive first).

[7]. DHCP woes - Avoid dhcp

If you are working on a home network (or a small business network) where address lease isn’t a problem, go with static IP addresses. This will keep your machine from having to call out to a dhcp server to get an IP address. If you take this approach, make sure you configure your Avioding DHCP and Unplugging Hotplug will surely speed things up


to reflect your DNS server addresses as well.

[8]. Hotplug unplugged - If you can spare it, get rid of hotplug

Hotplug is the system that allows you to plug in new devices and use them immediately. If you know your server won’t need this system, delete it. This will cut down on boot time. On many systems, hotplugging consumes much of the boot time. Removing hotplug will vary depending upon the distribution you use.

NOTE: udev has, for the most part, replaced hotplug. But if you’re running an older distribution, this does apply. Are You Daring enough to mess with initng ?

[9]. If you are REALLY daring, you could give initng a try 

The initng system serves as a replacement for the sysvinit system and promises to drastically decrease boot times in UNIX-like operating systems. If you would like to see the initng system in action, you can give the Pingwinek livecd a try.

[10]. HackerPunk - Use a hack with Debian

If you’re using Debian, there is a simple hack you can use to switch your startup scripts to run in parallel. If you look at Hack your debian to run startup scripts in parallelthe


script, you will see:


around line 24. Change this line to


and you should see a reduction in boot times.


Shall i say “Thats All Folks..” . Yep..thats it..thats the way it is. There are ofcourse better speed hacks available but the above ones shall cover pretty much everything.

Thats All Folks :)

So..Keep learning Folks



Protect your Pendrive and surfing using Democrakey

Hi friends.. what I m going to discuss here might be of your interest because almost everyone of us is pesked nowdays with viruses,in our pendrives/usb flash drives.Yep..this is the hard reality,you happily go to your friends home to take those legally downloaded movies (*ahem),software and more stuff and get back to your PC with your antivirus screaming “Caution!!! A virus has been detected”.
Virus in the pendrive..the same sad story..
Well Its my story 2 weeks before when i was busy making a hacking challange and have to deal with quite a lot of pendrives,and the viruses. So I googled and found DemocraKey.Imagine carrying a portable security suite with you wherever you go. Walk up to any computer, quickly scan it for viruses, and then defeat any internet access blocks to view any website you want anonymously. It’s here, and with the DemocraKey 2.0 Lite let’s you have it on your iPod/pendrive/mp3 player.Yep..Its that small (just 50 MB in size) and packs some explosive applications for the stealthy geek.
DemocraKey is the brainchild of Kirk,who invented it in response to government snooping and censorship in China and the United States.DemocraKey converts your portable drive into a start menu like gui enabled mini drive which will track stats of how much space is left in your portable drive and you can directly launch applications from the menu. Yep..Your Pendrive will have a menu like thisDemocraKey features Clamwin as an antivirus suite,Mozilla Thunderbird as an Email client and an  enhanced version of Mozilla Firefox with TOR proxy enabled so that you can connect to any network or surf any site in the world,anywhere..anytime.The best part of it is that its free and its Open source backed up by GNU/GPL license.based upon portable applications,you can enhance the DemocraKey  experience by adding applications from
In a nutshell,DemocraKey is your saviour when it comes to pendrive security and surfing net anonymously.
Lemme sum up features of DemocraKey  -
  • Protect your computer from viruses with a security enhanced version of Firefox
  • Visit sites that are blocked by your school/employer/government
  • Hide your internet actions with Tor
  • Encrypt personal emails with GPG
  • Scan your computer with portable built in Antivirus software
  • Runs from any portable media - iPod, USB key, Digital Camera…
  • It’s FREE and Open Source!
  Secured by ClamwinFree Antivirus   Anonymous surfing from TOR networks   Email powered by Mozilla ThunderBird

You can download DemocraKey from -
Download from Sourceforge

I hope you like it :)


Google gets Powerpoint Powered and TIFF enabled

Google has been sprucing up its services (like it always does) and has added the support for viewing PowerPoint files  Google Powered powerpoint :P(.ppt) and TIFF files (compressed image files) to its services,enabled in Google apps. A few months ago, it had added the support for viewing PDFs files in your browser,the same viewer now supports the TIFF and Microsoft PowerPoint document formats too.Now you can view TIFF and PPT files online ,directly in your browser,without needing hefty software packages to start things up.
The default Google viewer earlier had "View as slideshow" option for PowerPoint files for a while; but now they have integrated the conversion technology into the same viewer that they used for PDFs and TIFFs.Google 's Viewer now showcases Powerpoint and TIFF files tooPowered up with a richer set of features,the new viewer enables you to  zoom in and out, select text to copy and paste, and "print" the presentation to a PDF document. And, unlike the old version, you no longer require to have a Flash plugin installed on your browser.
Stay tuned for more Google innovations..
Keep Reading..

Exams and Techfest halt Blog progress

Sorry guys for being away for so long,Its not my habit of leaving anything unfinished,but my exams are do halting my blog Me at techfest :) and We Won :Ppostings. From last 1 week,I have been into a cycle of stress and work  (cuz I was the organizer of Hacking event in my college and participated in Counter Strike,Crysis,NFS Most Wanted and DOTA all stars,apart from gaming,you know the  amount of paper work they make you do if you organize anything :P ) and now,alas,my semester exams have come (these goddamn self assessment events occur twice a year – Dec/Jan and May/June ) and I would be really busy for these. Trust me,I don't care much for my computer exams (Data communication,Operating systems and System Programming) but I do care a lot for subjects I suck the most (Microprocessor programming and the most hated subject of all time – Mathematics). So since I have not studied a bit,its time to remove the dust off my subject books and to study and study some more.

I will buy you a beer if I get my degree ( in Computer Science) , become a Certified Ethical Hacker (CEH) and get  job in a prestigious company and would be writing to you again as a famous programmer/security expert.

Trust me :P

 Me and My exams - time to remove dust off my books :P

I would resume to be a regular blogger as soon as my exams finish.


Keep learning™



Basics of cracking FTP and Telnet accounts

Most of us crave for direct download links so that we can download at the highest possible speed. More intelligent of usCrack FTP,Telnet and POP3 accounts sniff out forums and DDL / WAREZ sites for direct links and to get unethical stuff. But as the saying goes,”Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime”, after a flurry of emails about on  how to crack ftp/pop3/telnet accounts,I decided to post an article on the above stated topic. One of the easy of hacking is brute forcing.You can quickly hack accounts if you have a decent sized password dictionary. I personally use one of about 3.16GB in size, but for this tutorial I'm only going to use a small password list, just so you get the feel of it.
Here is how to do that
The First step is to download hydra either from it's homepage ( Choose the windows version and hit download.Download the zip file, extract it, and make sure you see the files below:
download hydra and extract it
If you do, that's good. Go to Start > Run > cmd to open the command prompt. Then change to your hydra folder using the “cd” command. For example my hydra folder was on the desktop, so I did this:
navigate to hydra directory
Now that you've done this, it's time to execute Hydra for the first time! Sorry Windows fans, but there is only a GUI for Hydra for Linux systems, you you're gonna have to do it the old fashioned way. Just type “hydra.exe” without quotes, and watch the result:
execute hydra
Now we have to find some IP’s to attack and we will do it by ip scanning using Nmap. You can download it from here – make sure to download the windows installer.after installing it,find out your IP address, so that you know a possible IP range. In the command prompt sessions, type “ipconfig” and watch the results:
run ipconfig
In my case, the range is at least, but I'll go from 1 to 10 just to be safe. Fire up Nmap and do a ping scan “nmap -sP” to see what hosts are alive, and wait for the results:
do an NMAP scan
Pick a host to port scan – I picked because it is a router, and for most people the password is generally pretty simple, if not default. Port scan it using something like “nmap -sS -sV -P 0 -T5 -O” and see if it's running any services (click on the “Ports/Hosts” tab at the end for a simpler view of the services running and their ports). If you dont understand on how to use NMAP,read the basics here
lets hack a telnet account
Now we will be attacking the Telnet port because I know that it works, because I know you guys think Telnet is the be-all and end-all of hacking, and because the Windows version of THC-Hydra isn't compiled with LIBSSH support (unless you did it yourself), and as such I can't attack SSH – otherwise I'd be doing that instead. It's so much better. Head back to your command session, and review the output from Hydra before; it tells you the services it can crack. After looking through it, and realising that Telnet definitely is there, we can now proceed to attack it with the command
hydra -l admin -P passlist.txt telnet
as is demonstrated here:
telnet hacked,note the circled password
An explanation of the command: -l admin was used because I assumed that the router would have the login of “admin”. You can use username lists as well if you wish. -P passlist.txt specified a password dictionary named “passlist.txt” - make sure to have the -P include the capital P, otherwise you'll be specifying a password to try. is the routers IP address, and telnet is the protocol we want to attack. Now obviously we could tell it to attack that protocol on a different port, but we won't bother with that right now unless anyone else wants to see how. My dictionary only included 4 words for the purpose of this tutorial. You can see the cracked password circled at the end (which by the way, isn't my password for the router, for those of you who know how to get my IP and wanna try and break in :P). And that's how to do a basic hydra service crack on Windows.

Happy Cracking.


Hard Disk Crash

Hi guys,

due to a hard disk crash (my beloved Western Digital 10000 rpm Raptor) I am unable to post,My PC sure needs a lot of attention as of now (I was on a modding spree from last few nites) ,in the end,I got ram errors,countless BSOD’s,fatsys errors,muscle cramps and a lot of headache. Trust me,I m on a painkiller diet as of now (until stated again..).

 MY PC,2 days ago,alive happy and kicking ass

MY PC,2 days ago

Team PROHACK,at my room,constantly striving to mess with PC’s

Team PROHACK,at my room,constantly striving to mess with PC’s,notice the laptops and tidiness (!) of my room XD

ME,last seen debugging and playing Counterstrike on my mean machine.

ME,last seen debugging and playing Counterstrike on my mean machine.

Alas,I m on my way to Western Digital Service center (after all hopes of reviving my HDD died XD ) and praying to myself that I may be able to ride my machine again.




Wi-Fi Compromised ? Track Wi-Fi Hackers Using MoocherHunter

Got a Wi-Fi net connection ? And do you think it is secure enough ? With the onset of cyber crimes taking place,your Wi-fi Wi-Fi Compromised / Hacked ?may be used illegally by hackers or some other people.Either you may get high internet bills in reward or you may be on headlines as your net may be compromised to send malicious emails to anyone,that's what happened in India sometime ago in Mumbai Bomb blast case. Well,there comes MoocherHunter™ to rescue.

MoocherHunter™ is a mobile tracking software tool for the real-time on-the-fly geo-location of wireless moochers and hackers. If you have ever wondered about the possibility of your wireless network getting used for illegal purposes, you must consider using Moocher Hunter. Using Moocher Hunter you can identify the location of the person i.e. an unauthorized user using your wireless network. Its then upto you to either give him a stern warning of not using your wireless network again or complaining to the legal authorities.

Recently Indian Police and RAW (Research and Analysis Wing) used Moocher Hunter to track the source of email which was sent from an unsecured Wi-Fi network from the home of an American expatriate,whose Network was compromised as someone wardived to use his net connection and send an email that took responsibility for a bomb blast that killed at least 42 people.

MoocherHunter is FREE to use and can easily predict the physical location of the computer using the WiFi connection. Tracking location using Moocherhunter

The algorithms applied use various signal variables to accurately predict the position of the connected laptop/machine and allows to identify the location of an 802.11-based wireless moocher or hacker by the traffic they send across the network.MoocherHunter™ allows to pinpoint the location of a WIFI hacker upto an accuracy of 2 meters within an average of 30 minutes.

Moocherhunter is the ultimate Wifi hacker tracker tool and its a must for every Network security specialist,White hats,Black hats,Green and Grey hats out there.

Track Wi-Fi Hackers Using MoocherHunter™ - download it now

Download MoocherHunter™


Keep Learning..




Detect Invisible Users on Instant Messengers

Hi friends,I m one of those guys who always sign in as invisible in my IM’s because if I set my status to “Online” or  Detect Invisible Users on IM'savailable, at least 6 (unwanted) chat windows will open and pest me up. However recently one good friend of mine tracked my status (both on Gmail and Yahoo),slightly baffled I asked him how he did that,and here I m sharing with you how he tracked my status on both IM’s. You can use the given methods to find your friends who try to hide from us,the lesser mortals.
Yahoo Messenger is a bit cryptic when it comes to tracking users,so we can track their status by these 2 methods -
  1. Yahoo Invisibility Detection sites
  2. Using Yahoo’s URL Resources
Yahoo Invisibility Detection Sites
I’ve found many sites which helps you to see which of your buddies are hiding online,some of these sites are: Trace your invisible friends on yahoo Messenger
These site are very easy to use and self explain themselves. Just enter the ID you want to trace and get the status.
Yahoo URL Resources
Here are a bunch of URLs that can be used to detect invisible users, just replace “[username]” with the username you want to detect :[username]&m=g&t=0
(Shows up a yellow smiley if the person is online and gray if the person is offline or invisible)[username]&m=g&t=1
(Shows up a button with “Online Now” or “Not Online”)[username]&m=g&t=2
(Shows an image with “I am Online send me a message” or “Not Online right now”)[username]&m=a&t=0
(Shows a text with “[username] is ONLINE or NOT ONLINE”)[username]&m=a&t=1
(Shows “00” if person is offline and “01” if he is online)
remember,You have to replace the text in RED color in the given URL with the Yahoo ID you want to detect,
for eg - my YahooID is “iamrdx” ,the first URL is :[username]&m=g&t=0
After the replacement it would appear as :

Tracing Gtalk users is rather easy,you only have to use the following method -Trace Invisible Users on Gtalk
  1. Login to Gtalk using your Google id.
  2. Go to IM window of user you want to trace for invisible.
  3. You will see a drop-down list on right top side,click on it.
  4. Click on "go off the record".
  5. Now give any message.
  6. If the " is offline and can't receive messages right now" message appears in red color it means your friend is really offline.
  7. If no message comes means your friend is online and invisible for all.

Good Luck :)


Use SSH Tunneling to surf net invisibly

Unable to surf net over work/college ? Want to surf net invisibly ? Well,we have a solution for that,SSH Tunneling.An SSH  Use SSH Tunneling to surf net invisiblytunnel is an encrypted tunnel created through an SSH protocol connection. SSH tunnels may be used to tunnel unencrypted traffic over a network through an encrypted channel.In easy language,you can surf net without being monitored and even surf blocked sites too.SSH Is pretty awesome.
Without leaving your seat,you have a way to control a computer which ay be located anywhere on this planet.SSH TunnelingAnd if you have access to a PC with an SSHd installed, you can channelize your traffic through that computer,which is particularly is useful in situations when -
  1. The site is normally inaccessible from your current location (School/Work)
  2. You do not want your connection monitored (You’re using a WiFi hotspot/You’re in a country that monitors/censors your internet usage)
In this tutorial,I will be using Firefox on Gentoo Linux , but it its applicable to all distributions of linux.
Step One: Setting Up the Tunnel
All common Linux distributions come with openssh packages. To check whether you have ssh installed already type the command "which ssh". Gentoo has opensh package preinstalled,so no tension :)
First we need to SSH to the server that we want to tunnel through, open up terminal and type the following command
ssh -ND <local-port> <user>@<serverip>
Replace <local-port> with a port number of your choice; This will be the LOCAL port which Firefox will use to tunnel the traffic later on…Try to choose a high and random port number so as nobody scans or sneaks them in (system admin and firewalls)
Practical Example:
ssh -ND 2945
Now enter your password as usual, and it will hang after authentication, which is perfectly normal as it isn’t an interactive session- Now minimize the terminal and open Firefox.
Step Two: Configuring Firefox
In Firefox, Go to (Depending upon which version you are using)
preferences -> advanced -> Network -> connection settings
Tools –> options –> Advanced –> Network –> settings
A new window should appear,select the “Manual Proxy Configuration” option, you’ll need to type some information in the ‘SOCKS Host’ section.
Host: localhost
Port: Port you used in the SSH command earlier.
Save your changes..Just to make sure it worked, check your IP with an online IP checker :)

Happy Surfing
( PS:I will be posting a windows tutorial soon)


Gmail Alerts on your Mobile for FREE

Recently Google launched their Google SMS service and I have been using it to full potential as of now. I have 3 sms Gmail Alerts on your Mobile for FREEchannels,one for this website which you can join here . Being a technogeek (sarcasm) I get loads of emails everyday,no  its not like I m spammed by my fans (sarcasm again..) but still,sometimes i wish that I can check my mails as soon as they come,anywhere,anytime. Of course I use GPRS/EDGE to surf net on my handset,but that costs me money which I don't have. SO I got the brilliant idea of using Google sms service in order to receive email alerts on my cell phone for free. Interested ? Read on then..

Here is How to do that -

Google tends to put everything as a feed,secure and unsecure. Your emails are also published as Atom feeds by google by the syntax of -

first formulate your URL as a feed by replacing your username and password with the above given one.

Then go to feed burner,create an account (if you don't have one),log into it and enter this feed address which you created and burn a new feed.

go to feed burner,create an account

It will ask for Feed name and Feed Title,and then click next and burn a feed right now by clicking next and next one more time.

Enter feeed details

Enter feeed details

Now you will be at your feed management menu,click on Publicize and then at bottom corner,click on NOINDEX option (since you don't want your email and pass to be discovered y every other guy on this planet) and uncheck all options and click Activate.

MAKE SURE TO NONDEX YOUR FEEDS  Congrats,you have created a feed channel for your email. Copy your Feedburner Feed address which you created above.

Now go to Google SMS channels,and create a new account there,enter your cell phone number ,go through usual mombo-jumbo (you know the drill) and make a new sms channel.

Go to google sms and make a new channel

and enter information about your SMS channel. Enter Feed URL into RSS/ATOM feed option (the feed burner URL you copied earlier) and choose invitation only and publishing by Only me.

Configure and you are good to go

Click on create channel and Voila,your are done. You will now get Email alerts of your Gmail account on your mobile.


Keep Learning.



Secure Your Linux Server in 4 Steps

Linux is becoming the defacto’ standard for server based computing nowadays.The free, open-source GNU/Linux Secure Your Linux Serveroperating system is getting better each year for desktop and server use. With popularity, however, it has become profitable for thieves to break into Linux servers and use them for spamming, scams, and serving pornography, among other things. Here are some ways you can protect your server from such a fate.  

Here is How you can do that -

Learn Command Line - Learn to use Linux from the shell (command line). Every layer of software added on to make your system administration "easier" actually adds more methods for crackers to gain access to your machine and also reduces performance. All the further steps will assume your familiarity with using a shell.

Find Out Open Ports - Also,Using lsof or a similar tool, find out on which ports your computer is listening for connections:

ns003:~# lsof -i
named 17829 root 4u IPv6 12689530 UDP *:34327
named 17829 root 6u IPv4 12689531 UDP *:34329
named 17829 root 20u IPv4 12689526 UDP
named 17829 root 21u IPv4 12689527 TCP (LISTEN)
named 17829 root 22u IPv4 12689528 UDP
named 17829 root 23u IPv4 12689529 TCP (LISTEN)
lighttpd 17841 www-data 4u IPv4 12689564 TCP *:www (LISTEN)
sshd 17860 root 3u IPv6 12689580 TCP *:ssh (LISTEN)
sshd 17880 root 3u IPv6 12689629 TCP *:8899 (LISTEN)
sshd 30435 root 4u IPv6 74368139 TCP> (ESTABLISHED)

Hack it - If in doubt, hack it out! Shut down any unknown or unneeded services, using the appropriate tools for your Linux distribution, such as update-rc.d on Debian systems, or in some cases editing the

/etc/inetd.conf or /etc/xinetd.d/*

files. Along with this, get rid of any tools your server provider added for system administration, such as Plesk.

No More Roots - Don't allow root logins on your primary sshd port 22 (set PermitRootLogin to "no"); many automated tools run brute-force attacks on that. Set up a secondary port for root access that only works by shared keys, disallowing passwords:

Copy the sshd_config file to root_sshd_config, and change the following items in the new file:

    1. Port from 22 to some other number, say 8899 (don't use this! make up your own!)
    2. PermitRootLogin from "no" (you were supposed to set it to "no" for port 22, remember?) to "yes"
    3. AllowUsers root add this line, or if it exists, change it to allow only root logins on this port
    4. ChallengeResponseAuthentication no uncomment this line if it's commented out, and make sure it says "no" instead of "yes"

Test this command:

sshd -D -f /etc/ssh/root_sshd_config

and see if it works correctly -- try logging in from another computer (you must have already set up shared-key authentication between the two computers) using:

ssh -p8899 root@my.remote.server

and if so, control-C at the above (sshd) command to stop the sshd daemon, then add this to the end of /etc/inittab:

rssh:2345:respawn:sshd -D -f /etc/ssh/root_sshd_config

Restart the init task: # init q This will run your "root ssh daemon" as a background task, automatically restarting it in case of failure.

Keep In Mind

  • Check your log files regularly to see what types of attacks are being run against your server. /var/log/auth is a typical place to find attempted logins:

Jan 18 10:48:46 ns003 sshd[23829]: Illegal user rosa from ::ffff:
Jan 18 10:48:49 ns003 sshd[23833]: Illegal user rosemarie from ::ffff:
Jan 18 10:48:51 ns003 sshd[23838]: Illegal user ruth from ::ffff:
Jan 18 10:48:54 ns003 sshd[23840]: Illegal user sabine from ::ffff:
Jan 18 10:48:57 ns003 sshd[23845]: Illegal user sandra from ::ffff:

  • Regularly upgrade your operating system to add security fixes. On Debian: apt-get upgrade
  • Monitor news on vulnerabilities at securityfocus and related websites.
  • Try installing grsecurity and/or SELinux and/or AppArmour and/or PaX.


  • Nothing you can do will make your server completely secure. Have backups of all important files, and a backup plan in place in case the worst happens.
  • Never trust a server that has been cracked. A cracker has access to 100% of the system once they have root access.



Gmail Turns 5 – Happy Birthday Gmail

What once started as an internal tool for Google employees,Five years ago yesterday on April Fools day, was launched and Happy Birthday Gmailchristened as Gmail,now a full fledged email service. AJAX enabled,simplistic interface,astounding functionality and that Google touch..Gmail is simply the best.Gmail is now used by tens of millions of people around the world in 52 languages. 

In honor of the occasion,a little cake is displayed on the Gmail homepage today.

I remember getting the invitation code to Gmail from my friend Prateek and i switched from my hotmail account to the all new Gmail which revolutionized the email services by providing 1 GB space at that time,streamlined interface and powerful search integration.

And Google continues to make innovations in the business by introducing new features and integrating them in Gmail. You can try them by enabling Labs option in Gmail and they are worth your attention (I m dead serious) and In all seriousness, Gmail has made our lives a lot easier and I wish they keep it that way :)

Happy Birthday Gmail..many Many Happy Returns of the day :P