Dlink DSL-2520U_Z2 Router DNS hijack

Last week,  I faced a weird problem with my internet connection. Whenever I tried to search something on google, it took me to a google page which said your flash player is outdated, download and upgrade it. I found it unusual for google, to ask users to upgrade their flash player before it showed the search result.

I ran  nslookup command for google, which resulted in a IP address of google. I tried to access google webserver using IP, hmm...same problem!!

I ran google search on my android tablet still it asked me to upgrade flash player. Strangely, on Android tablet also, it asked me to download setup.exe.( Google is smart enough to detect android and would not have asked for setup.exe, it should have taken me to the play store) . It took me a while to grasp that some very skillful hacker found a poor person like me, to be worthy enough for hacking. What would he gain anyway, there is nothing on my computers except for some pirated movies. Perhaps, something more valuable which I do not know about :P

Well well well..I rubbed my hands together. Curious to find out what was wrong I logged into my router to find out, which DNS server, my router was pointing to. One DNS IP was 8.8.8.8 and another was I don't remember what , but it was the culprit DNS. Btw both the IP's were not setup by me, they were hacked. This DNS gave my devices wrong IP of google servers and asked me to download flashplayer.

I called up my ISP and asked for the correct DNS.  Later on  I came to know that this is a common problem faced by many customers as well.

Ok! So I changed the DNS on my Router. Restarted my Wi-Fi access point ( since my router and Wi-Fi are two different devices, this was to ensure that my Wi-Fi now gets the correct DNS from the router, else it would use the cached DNS ) and reconnected all my wifi connected devices, phone, laptop etc. ( for the same reason as above)

Few days later, just curious to check the DNS, I logged in to the router and saw that my DNS has been hijacked again...boohooo...why me??  I thought CIA is after me, who else??...could be MI6??..

Hooray!! I am again the lucky winner!! Thank you !!somebody thinks I am important ?? :P

Again I had to change the DNS and restart /reconnect all my devices.

I googled, if anyone else is also facing similar issue, it turns out, this is a result of a bug in the router software, read more about the bug here - misfortune cookie and 12million + devices have been affected OMG...where is Snowden? More over there is no patch(firmware) available to fix this in the router.

I tried these steps to resolve the problem -
1.  Since I have  separate  router and a Wi-Fi access point. I have manually setup correct DNS in my Wi-Fi access point, so no matter how many times my router DNS is hijacked my laptop and mobile would always pickup the correct DNS from my Wi-Fi access point.
2.  Disabled DHCP on router , gave static IP to my Wi-Fi access point.( I think this was not important for this issue, but I still did it , because if someone gets IP via dhcp they get root access to the router)
3.  Changed password on router ( I think , this is not useful for this issue)
4. Enable firewall, this wouldn't help either, but it is a good practice to enable fire if it is not enabled already.
5. This is the most important one, disable remote access on WAN via ftp,telnet,tftp,icmp . See the screenshot.

My DNS has not changed for some time now. Another way, is obviously to buy a new router.


Disclaimer - This will probably help in thwarting DNS hack to some extent but we CAN NOT call it 100% safe from hackers.  Respect hackers, they are very knowledgeable and skillful. If they want they can do a personalized attack and get what they want.

We are on the internet, it is very important to believe that we do not have anything safe :)

Screen shot - Step by step setup instructions -

##Important Step3 :- Disable all the access via WAN and, for LAN enable HTTP and ICMP.

Was this article helpful? Please leave a comment.

How to edit your Android contact list on PC using gmail contacts.

I have my android phone for over an year now. Initially I was very frustrated organizing  my contact list on the new Android phone. I had an  old java based phone and about 250 contacts in it. The only way to transfer my contacts was to copy it on my sim card and transfer it to my android phone. Delete all the contacts from the sim card put it back in the old phone copy remaining numbers and put it back in the android phone and copy the remaining numbers. I was okay with this activity thinking that I have to do it only once. But soon I found out that while copying from the sim card lot of information was lost. The names of people who had long names cut short because sim didn't support long name. Also, multiple numbers stored under a persons name on the old phone had multiple entries on the new android phone. I desperately wanted to cleanup all this. But editing hundreds of contacts on the touch screen was not easy. After tinkering for a week or so, I found a easy way out. I really wonder why I couldn't find any thing on google help. The catch here was to store the contact list on gmail contacts.Here is my easy  guide to perform this activity.


General GuideLines

1. You need to transfer all your contacts to your android phone.
2. You have to sign in into your gmail account on your phone.
3. You should have a SD card on your phone to export your contact list .
4. You will need to connect your phone to the internet (Wi-fi would be good) so you can sync your contacts on your gmail account. 
5. Open Contact list on your Android phone.Click settings button , and select  import/export and then     export your contact list on SD card. 

 

 

6. Now that you have backed up your contact list on SD card, go ahead and delete all your contact list. Yes you read it right, delete all the contacts.(NOTE:  Please make sure that your export of contact list was successful before proceeding with this step)
7. Open contacts, go to settings and select save new numbers to google.

8. In contact settings click Import contact list from SD card and import the previously exported contact list.
9. Now you should  have your contact list back.
10. Exit the contact application.
11. Now your phone has all the contacts ready to be uploaded to gmail contact list.
12. Go to android settings and click account and sync

13. Click on Google account and sync contacts.

This will sync all your contacts to your gmail account.It may take some time to sync depending on your internet connection and number of contacts.

You can now login to your PC and access your gmail account and check the contact list all your contacts. Now you can easily edit all your contacts from your PC.

HOWTO fix the SATA controller drivers in Windows XP on a dell laptop

When I had installed Windows XP on my dell 1510 laptop, the installation kept crashing with blue screen. The reason was simple, Windows XP installation CD didn’t have the SATA controller driver and used to crash during installation as it couldn’t detect the hard drive. I had to change the Hard disk settings in bios from AHCI to ATA.
The installation worked fine without any problems. Windows XP ran with IDE settings. When I used to copy files it copied at about 1.2 to 2 Mbits/sec. But recently I started facing problems like laptop freezing up , frequent hanging and found it to be running very slow despite having a core 2 duo processor and 2 GB of RAM. The problem was that the IDE settings didn’t allow windows to exploit the full potential of the SATA controller. After enabling the SATA controller drivers, my laptop is running in a pretty normal manner.
This is a step by step HOWTO fix the SATA controller drivers in Windows XP on a dell 1510 laptop. I guess same method should apply to other laptop also.
Before proceeding with any changes to the device drivers. Please make sure that you have created a restore point.
Creating a restore point:
Click start=>Accessories=>System Tools=> System restore
Select create restore point=> => click create.
A restore point is created now to check whether the correct version of SATA controllers are installed.
1. Go to device manager(Run command “devmgmt.msc”)
2. Under IDE ATA/ATAPI controller, check if Windows XP has detected the correct version of the SATA Hard Disk Controller. Note down the controller detected by windows XP . If you are not sure continue to the next Step.
3. Insert the Dell driver cd which came along with your laptop and extract the drivers to a folder which you can easily remember and locate or download hard disk drivers for your laptop from dell’s website. The extracted files should have a filename.cab and filename.inf files.
4. Double clicking the installer and doing next-next-next-ok-finish won’t work because your laptop is already working in ATA mode so windows xp is unable to find the SATA drivers.
5. Now reboot your laptop, go to the bios setup by pressing F2
6. In the Advanced setting change the hard disk setting from ATA to ATAPI. If the settings are already ATAPI and windows xp was running you already have working drivers installed on your laptop. The next steps would probably won’t help much. If the hard disk controller is set to ATA then you should proceed with the next steps.
7. This is a tricky issue if you are new to linux. But don’t worry it’s pretty simple. The only way I knew to detect the SATA controller was using linux. You will need Ubuntu live cd/dvd to detect the SATA controller. Insert Ubuntu 9.10 Jaunty Live cd or dvd. I guess older version of ubuntu or any other distro of linux should also work. I have mentioned ubuntu 9.10 because , ubuntu has great support for dell laptop hardware and 9.10 being the latest version was able to detect the SATA controller.
8. Change boot sequence, set cd rom as first boot device.
9. Boot from the ubuntu live cd.
10. Open a terminal and run
sudo lspci | grep –i sata
Or
sudo lspci | grep –i ide
11. The output should give you the name of the SATA controller as detected by ubuntu. Note down the controller.
12. Reboot
13. Go to Bios again by pressing F2 and change the hard disk controller from AHCI to ATA again so windows can boot normally or it will crash with a blue screen.
14. Now boot into windows XP
15. Go to device manager(Run command “devmgmt.msc”)
16. Be careful about the next step you can only revert back by restoring from the previous restore point.
17. Under IDE ATA/ATAPI controller , Right click on AHCI controller => update drivers => Select not at this time=>Next=> Install from a list or specific location=> Don’t search I will choose the driver to install => Have a Disk=> Browse to the location where you have extracted the drivers=>Now select the SATA controller as detected by Ubuntu=>Click Next
18. Now reboot and go to Bios and change the ATA setting to AHCI.
19. Save the bios settings and boot to windows XP , windows should now work with your sata drivers.

Must Have Software

After almost five months of hibernation from my blog, still, I was unable to find a topic to write about. But today while chatting with a friend and helping her find a software. I came up with this idea to write about the best software I came across in three years of my interaction with the computer and the internet. There are millions of websites which tell you about zillions of software. They rate them after testing with their hi-tech methods ,but my experience has been that most of the people are not tech savvy and only use some of the limited features. So, here are some software which came across and found reliable and according to me are the best essential software and are simple to use. I have sorted them according to following category.

MUSIC AND VIDEO PLAYERS
INTERNET
SECURITY
GENERAL MUST HAVE SOFTWARE

MUSIC AND VIDEO PLAYERS

Music player
Winamp : I simply love it ,it is a no nonsense player with a very simple interface, it is free, and sound quality is good and it is available in three variants first is pro where you have to pay, so I won't recommend it, second one is free but has limitation that you cannot burn a cd faster than 6x and cannot rip cds faster ,well these are the limitation I can live with , even if I can't burn cd's faster it still plays the music with quality sound. You can get the full version of winamp here.For people who have slower computer and want to try it out can download winamp lite it
You can further enhance the listening pleasures by installing the plug ins which enhances the sound quality, to name a few.

Jammix Enhancer : Amongst the best free ware , sound enhancer is Jammix Enhancer , it has some nice presets , if you have a good amplifier and a set of speaker or a good music system, you will find more than noticeable change in the sound quality. You can adjust the bass , treble level according to your preferences and do much more with it if you have some digital signal processing knowledge. It allows adjustments which can be done by advanced users.Download
DFX audio enhancer : It is also another nice plugin, it does not offer as many adjustments as the Jammix Enhancer and has only two preset available in free version, but it considerably enhances your hearing experience. You can get it here Download
Enhancer 017 : Another DSP audio enhancer is Enhancer 017, it was released in 2001 and wasn't updated since but it a very nice audio enhancer and even now I still use it. You can get it here Download

Actually there are hundreds of plug ins you can use to enhance sound according to your needs, I just mentioned the three of them that I use the most. If you want to try other ones too you can check it out here Download

Now that I have elaborated about winamp , I might seem to be biased about winamp when there are hundreds of audio players available, in fact there are so many players available that it might bore you to death reading all about it. So to sum it up I'll just list a few of the most popular players.Click on the name to download.

Apple's Itunes : Popular amongst the Ipod users. Download
Jet Audio basic : I have used it once, it is a nice player. Download
Sonique Audio Player : I found it's sound quality very good , You can try it. Download
Yahoo's Music Juke box : is gaining popularity nowadays you can hear top rated songs online as well you can play songs from your computer as well as from local network or LAN. Download



Video player
There are so many video formats available mpeg, avi, dvd,flv,3gp format,that it is difficult to get a media player for every format.so I suggest to get a codec pack( A codec pack is software which can decode different type of media files and play it on your media player) like K-lite code pack

VLC Player : There are hundreds of Video players available on the Internet, but mostly you need a versatile player to which can cater to all your needs , is free and is a real no nonsense player, one such software is VLC PLAYER, it is available for hundreds of platforms, windows , linux, mac.Assuming that you might be using windows, here's the download link for VLC PLAYER, you can choose the nearest Download location
Windows Media player : I guess I don't need to write anything about it.You can get lastest version here Download
Real Player : Personally I hate real player I find it pretty nagging one, but that is my opinion and even after uninstalling it , it leaves behind lot of messy thing that you have to remove manually from registry but if you must play .rm files you would need real player.Download
Quick Time : Apples Media player, I do not use it often except for playing 3gp files. Download
Divx Player: It comes with a bundled codec pack as well as a player. I love its simple interface. Download
FLV Player : You would need FLV player if you have downloaded video files from You tube. Download


INTERNET

For Internet, there are hundreds and thousands of software and every now and then I discover a new one , so I'll try to keep it short by discussing only a few which are most essential.

Firefox : It is my favorite web browser, it is fast slick, a memory hog ahem...didn't want to say anything bad about my favorite browser. The best thing about this browser is you can Add plugins .ie. third party software which are less than 200kb but they can make your life so easy.You can get firefox here Download
since I am using yahoo and gmail for emailing, I have used add on plug ins for yahoo and gmail. These plugins login to my yahoo and gmail account as soon as I launch the browser saving lot of pain of typing the ID and password. Just save your ID and password once and the add ons do the rest of the job so easy.You can get these add ons for virtually anything like playing songs from browser, checking emails , searching torrents, blocking java scripts from running, finding IP addresses of websites, downloading videos from youtube and manymore.
I will list them here for convenience.

Add ons
Yahoo mail Notifier : Login to your yahoo account automatically and periodically checks mail and alerts on new mail.Download
Gmail manager : Login to your gmail account automatically and periodically checks mail and alerts on new mail.Download
Script blocking(No Script) : Blocks Java scripts from running automatically, option to enable scripts from trusted websites.Download

IP Addresses of Website : View IP address of the website you are currently visiting.Download

Torrent Finder : Search Torrent from all the torrent sites all at once, but I am not sure whether this plug in contains a spyware or an Adware.Download
Unpug : Download Videos from You Tube using this Add on.Download

Messenger Alternative
Now a days we have at least one account in every Instant messenger service like yahoo, gtalk, AOL, MSN that it is impracticable to run each and every messenger which will eat up all the resources, a better alternative is to use a messenger which can login to multiple accounts all at once.You can use

Gaim/Pidgin : Simple interface, but pretty raw.Recently it has been renamed as PIDGIN so don't get confused if you try to look for gaim and you are redirected to Pidgin.Download
Trillian : I find it a bit confusing, but has a very snazzy interface.Download

Bandwidth Monitor/Internet Usage Monitor
Many of us use Internet packages which are charged according to amount of data transferred and some ISP providers don't provide a simple way to monitor our internet usage. To keep an Eye on our Internet usage you can try out
Tautology Bandwidth Meter: It is very small in size and and does not load your cpu, keeps track of your internet usage, gives live reportDownload

File Sharing Software
The Software list would be incomplete without mentioning the file sharing software which are responsible for heavy internet traffic, the file sharing software are useful for downloading illegal contents from the internet and some hard to find files can be found using them. It works this way, you run the software and connect to the internet and you can share some files like songs movies pdf's etc and just like you are sharing some files there are hundreds of thousands of users running that software get connected to you . This way you can download any file from their computer and they can download anything from your computer. If the same file is shared by many users , only a part is downloaded from each user and all parts are assembled on your computer. The advantage of this method is that everybody's computer shares only a part of the load , this way the bandwidth is also conserved as the load is distributed.Some of the File sharing software I used are.

Lime Wire : The best I ever came across, it finds and downloads files very quickly. In the lastest version it can also handle torrent files.Though it is a free the disadvantage is it is a resource hogger, it requires lot of CPU power and memory.It is java based so you need to install JRE(Download it here Java Run Time Environment).Download Limewire
Emule : It is not the fastest, and your download request is queued for long time but you would need it to find rare files on the file sharing network, advantage is ,it is light weight and doesn't hog your system resources.Download
DC++ : Direct Connect is also a file sharing network with a difference. You have connect to different servers which looks like a chat room and you can download files from any user you see in that chat room. The disadvantage is you have to login to each server(which appears to be a chat room) and create an account for the first time you use it, you can chat with the users and share files, there is hundreds of terabytes of data shared on DC Network.You can find songs, Movies, ebooks and much more ..Download
Morpheus : I do not like Morpheus because in free version it is bundled with adware I would say avoid it.Download
Shareaza : Shareaza is a freeware, but it is also a resource hogger , it lacks the download speed offered by Limewire. It can handle torrent downloads.Download

Torrents
The file sharing world would be incomplete without torrents. Torrents are one of the most popular way file sharing network but with a difference. Torrents work best when you are looking for a popular file, the downloading is faster as number of users downloading the files are more. The problem arises when the file is rare and very few people are sharing (called seeding in terms of torrents) the complete file which results in slow speed downloads. It works this way,if you want to share a file say an ebook you generate a torrent file. The torrent file contains the information about the file(ebook.pdf), it's size, type and how anybody can reach the file (ebook.pdf), in nutshell contains the address of your computer. Now the torrent file say named as ABC.torrent, just contains the address of your computer and details of the file (like file name, size, type ie ebook.pdf etc)and not the file (ebook)itself. The file(ebook) always stays in your computer. Now all you have to do is to upload the file ABC.torrent on any of the torrent server where people can find the ABC.torrent file. This ABC.torrent file contains the address of your computer and information about the ebook.pdf file. To read the information contained in the ABC.torrent file you will need bit torrent clients which will actually read the file and connect the computer containing ebook.pdf and starts downloading as well as starts sharing with the other users who are trying to download the same file. The following are the bit torrent clients which you can try, every client has its own set of features you can use any one which you find comfortable.

Bit torrent : The original bit torrent client, but now a days people have started using different clients.Download
µtorrent : My favorite client , it is small , light weight and really downloads files quickly and efficiently.Download
Azureus : Another Java based bit torrent client. It has lot of features.Download


SECURITY

When it comes to security, you should very alert , cautious whenever you are on the internet and keep in mind that your personal information can be stolen anytime. Before you connect your system to the internet make sure you have following softwares in place to take care of all the casual innocent mistakes you make while surfing..like clicking links of malicious site..etc.
The foremost comes the, ..yes you guessed it right ..it is the antivirus software. You can use almost any antivirus software, all brands have something better than the other. Some of them use lot of memory and system resources , some are not able to remove all viruses and in turn your system remains infected and the virus stays in your system undetected.
The following is the list of Antivirus software

Norton 2007 Antivirus : A Resource hogger, but one of the best, just keep it updated and keep your system free of viruses. The sadest part is, it is not free they give you the software for a trial period of 15 days.Download

Mcafee 2007 Antivirus : One of the most popularly used antivirus, it is amongst the best antivirus software.Download

Stinger 3.4.9 : It is mcafee's offline antivirus scanner, it can be used to scan computer to detect viruses already present in your system, but it cannot alert you the instant, your system is attacked because it is not running continuously , you have to manually run the scan , it detects terminates the viral activity and exits.Download

AVG FREE Antivirus V7.5.467 : It is FREEE... now we are talking!! This is a good antivirus solution , though not as good as norton at detecting but it can remove viruses , though you have work alongside with it while it cleans. Keeping it updated can keep your system free of viruses.Download

There are still lot of software, but discussing all of them would make this post traumatic for readers, I can see the wrinkle on your forehead already.

Firewalls
Firewalls are the software which, act as selective wall between the internet and your computer , it closely monitors the interface of your system which is connected to the internet. I blocks all the packets( data you send and receive from the internet if broken into small pieces called the packets) you do not want to be sent or received. I have read so much about firewalls and tried so many of them but I do not see anybody really using it except in the corporate world, if you are using one , you amongst the smarter people, and trust me, your system is lot more safer than millions of users who do not use one. Some of the best firewalls are.....actually FREE. So start using one if you are not using one, it might look a bit complicated at start but eventually you get the hang of it and you will realise it is a piece of cake.

Zone Alarm : It is a very good firewall, with lot of configurable options. It is available in both free and commercial version but for home use free one quite sufficient.Download

OutPost Firewall : It is the best firewall I have used, it offers so many manipulations and configurations that you are in total control of your system. Though the free version offers very limited options, I still use it on my system as it has been running trouble free for past two years now.Download free version.


SPYWARE ADWARE Removal tools
Spyware and Adware are some of software which are not viruses or worms which corrupt data , but are infact bundled software which come along with some of the free software. It works this way, when you download and use a so called free software, software maker is unable to generate revenue from the user, so they collaborate with companies who can sponsor the developer for development cost, website hosting and bandwidth cost,though end user i.e. us get the software for free, it still comes for a price. Why would some company pay for you and let you use the software for free???.It is because the free software is bundled with another software provided by the sponsor. This bundled software is known as spyware or adware , this software continuously monitor your surfing habits and keeps track of sites you are visiting this way it is able to know your interests and once it has sufficient data available about your surfing habits it pop ups advertisement in pop up windows. Now you know why sometimes weird pop windows open automatically. Though these things may seem like trivial, it sometimes cause system instability and erratic behavior and Internet explorer is the worst affected in terms of speed and stability.

How to remove them??

use free programs again to clean them?? and get infected again?? ok...you have to trust me here, that not all free ware programs contain bundled spyware and I'll not suggest them. so here are some of the spyware removing tools.

Ad aware : This is a good spyware removing tool. Simply install update and scan your computer and get a clean and stable system.Download
Spy Bot search and Destroy : This also a good tool with some advanced features. It has a nice and simple to use Interface and it is free.Download
Spyware Blaster : ok this one doest actually remove the spyware but it maintains the database of spyware related sites and it blocks your computer from connecting to the bad servers. It runs on the principle that precaution is better than cure.Download


GENERAL MUST HAVE SOFTWARE

Here is the list of most useful software which you should download and burn the setups of all software as a back up. so here's the Must have's, you can choose any of the alternatives available.
File Compression
Winzip : I guess I do not have to say much about it, it is the most popular file compression software, it is used to compress your files to reduce it's size so you can sent it over the internet or password protect it and encrypt it.Download
Winrar : Similar to Winzip, it offers different algorithm to compress files somewhat better than winzip. It is useful for extracting and viewing .rar files.Download
Sevenzip : Totally free!! and offers better compression than .zip or .rar files.Download

PDF Viewer

Acrobat reader : Best PDF ( Post Document Format )viewer, offers many features but the newer versions are bit of a memory hog and have advanced features which haveI never used.
Download. For simple file viewing which does not have overheads like Acrobat reader you can use..
Foxit PDF Viewer : It is simple , light weight with less over head and runs smoothly on old harware. Download

Image Viewer

Irfan View : I only use Irfan View to view all my photos and since I am not much into photo editing, Irfan View cater to all my needs, the special thing about Irfan view is , it can open almost any type of Image format.Download

Run software without using mouse


Keybreeze : It was known as PC-Com , until recently. You can use keybreeze to open any program on your computer without having to use mouse. It scans your computer for all the executables during installation and once installed you can access any program, website by simply typing it's name without having to go through all the fuss of clicking start,all programs finding your program and clicking it. It continuously runs in background but it uses very less memory and resources.Download

Protection yourself from getting caught while using filesharing software and general surfing

Peer Guardian : While downloading movies on file sharing there is always a chance of getting caught, the chances can only be minmized though not completely eliminated, but restricting your computer from connecting to the monitoring authority's servers. You have to Protect yourself not only Monitoring authorities but even from some bad bad servers containing garbage packets which can ruin your complete download. One such tool is Peer Guardian it updates it's database at startup and protects your computer by blocking the communication between authorities and your computer. Though it is not fool proof it somewhat protects you.It can even blocks http connections when you are simply WEB browsing the internet.Download


Computer Maintenance

Ace Utilities : This is the best tool I came across to remove temporary unwanted files, generated by all the software you run even once , to remove invalid entries from registry and for removing duplicate or junk files without messing your computer.This software has helped me keep my system running without formating.The only con is it is not a freeware it runs for a trial period of 30 days, but once you use it your system becomes lighter and runs faster than before.
Download

Well I tried to keep this post as small as possible, hope it is useful to keep your system safe and running without any hassles for long time.

Emails and Instant messenger get HACKED this way

Have you ever been a victim whose Instant messenger or email passwords have been stolen? Well if you have been, then I presume you are already taking precautions , however if you aren’t then read on you might be the next victim. Recently one of my net friends was locked out of her yahoo account which she had been maintaining since last eight years and even password recovering methods failed to recover her password , the hacker had taken care that she wasn’t able to recover her passwords. She had been accessing her accounts from her home, she even has a updated antivirus and even has turned on her windows firewall. So what went wrong? Hmm…

Well all she did was she clicked on a innocent looking hyperlink which was sent to her by one of her net friends asking her to see his photos on yahoo and looked something like http://photos.yahoo.au.tc... (this is the actual phishing link received by her so do not click on it unless you are very sure what you are doing )Did you notice that there is something wrong with this link? Well if you didn’t then let me tell you that it doesn’t end with yahoo.com it would have been okay if it ended with something like yahoo.au/… probably nobody wouldn’t have suspected it but it ends with yahoo.au.tc which does arouse suspicion but only when inspected minutely , nobody really observes so closely…More over this should followed by the user name like http://photos.yahoo.com/saurabh .Saurabh is the user. Any way so what does that link do and what can we do to protect ourselves? Well , as soon as you click on that link you got to yahoo photo webpage which asks you to login with your ID and password but here’s the catch that page is infact a fake one that looks like a yahoo’s login page and as soon as you login with your ID and password your password is received by the hacker and he can manipulate your account anyway he wants and if this is not enough the webpage can also contain some malicious html code which can run in background if your Internet explorer is not properly patched and, I am afraid to say even latest version of firefox 1.5.04 has some vulnerabilities, these malicious code can install spywares, trogan etc..

Remedy: Patch your internet explorer and windows with latest updates from Microsoft, Update your Antivirus regularly.

Well this is how my friend was locked out ,but there are still other ways by which your passwords can be stolen ,curious? Well read on…

Keyloggers

These are most easy and popular ways used by script kiddies (hackers who do not actually program and use ready made software to attack the victim) Keyloggers are software programs which are installed in the unsuspecting victim’s computer which monitors all the activities of the victim , these software actually run in background and are invisible even to windows task manager. These software continuously monitor the keyboard (some even monitor the mouse ) and save all the keys that are hit on your keyboard to a file .A clever software program can even send this file to the hacker who can view all that you have typed on your computer at his leisure this way not only your passwords but even your personal letters typed on computer or say your sensitive official documents can be viewed by the hacker…

Remedy : Use a keylogger scanner or software like Adaware or spybot search and destroy to scanner to scan your computer for malicious software like keylogger spywares adwares etc to find and remove these monitoring tools. Use a firewall software when you connect to the internet such as zone alarm ,kero, outpost or sygate , I used to have zone alarm which was free but after I installed the latest version of zone alarm it expired in 15 days and I had to switch to kero which is also a good firewall and for people who are aware with little bit of ports can try outpost which is a good firewall but a bit of a headache for newbies.

Well there is still another way the hacker can pounce on your sensitive data…. Want to know how?...

Network link snooping

Gosh!! you got lot of appetite for reading and I wonder how much more torcher you can take ..lol any ways so how can hacker snoop over your sensitive document? Well he can listen to the media( media like Ethernet in companies , DSL at home or wireless devices ) from which you will send your data say an email or IM conversation( which is mostly in text form). Like you surf internet or send email from office and it goes through proxy server of your company. A naughty network engineer can run software which can assemble all the pieces of your email and let him view all the contents of your emails well this is just one scenario , in fact on the internet our data travels through hundreds of different networks and we can’t be sure about loyalty of each and every person working in hundreds of different networks.

Remedy: Encrypt the data , if you have a word or document file zip it and password protect it, it is simplest way you can encrypt the data without having to secure the complete link .

Well these are few things I think which might be useful to some people who surf the internet though there are lot of dark things which are lurking on the internet but these these few precautions can protect you to some extent.I hope this information helps somebody