Tuesday, March 24, 2009

Certified Ethical Hacker

This is the training for hacker candidate that will know or should be known if you want be a hacker. The material itself will be mastery the how to fools or paralyses the computer system. Hacking materials are about Reconnaissance; Scanning ; Gaining Access ; Maintaining Access till Clearing Tracks.

Persons that better have this knowledge like as:
  • IT Security Officers
  • IT Security Auditors
  • IT Security Professionals
  • Site Administrators
  • Everyone who want to know network security system
The material contains as follows:

1. Introduction to Ethical Hacking
2. Hacking Laws
3. Footprinting
4. Google Hacking
5. Scanning
6. Enumeration
7. System Hacking
8. Trojans and Backdoors
9. Viruses and Worms
10. Sniffers
11. Social Engineering
12. Phishing
13. Hacking Email Accounts
14. Denial-of-Service
15. Session Hijacking
16. Hacking Web Servers
17. Web Application Vulnerabilities
18. Web-Based Password Cracking Techniques
19. SQL Injection
20. Hacking Wireless Networks
21. Physical Security
22. Linux Hacking
23. Evading IDS, Firewalls and Detecting Honey Pots
24. Buffer Overflows
25. Cryptography
26. Penetration Testing
27. Covert Hacking
28. Writing Virus Codes
29. Assembly Language Tutorial
30. Exploit Writing
31. Smashing the Stack for Fun and Profit
32. Windows Based Buffer Overflow Exploit Writing
33. Reverse Engineering
34. MAC OS X Hacking
35. Hacking Routers, cable Modems and Firewalls
36. Hacking Mobile Phones, PDA and Handheld Devices
37. Bluetooth Hacking
38. VoIP Hacking
39. RFID Hacking
40. Spamming
41. Hacking USB Devices
42. Hacking Database Servers
43. Cyber Warfare- Hacking, Al-Qaida and Terrorism
44. Internet Content Filtering Techniques
45. Privacy on the Internet
46. Securing Laptop Computers
47. Spying Technologies
48. Corporate Espionage- Hacking Using Insiders
49. Creating Security Policies
50. Software Piracy and Warez
51. Hacking and Cheating Online Games
52. Hacking RSS and Atom
53. Hacking Web Browsers (Firefox, IE)
54. Proxy Server Technologies
55. Data Loss Prevention
56. Hacking Global Positioning System (GPS)
57. Computer Forensics and Incident Handling
58. Credit Card Frauds
59. How to Steal Passwords
60. Firewall Technologies
61. Threats and Countermeasures
62. Case Studies
63. Botnets
64. Economic Espionage
65. Patch Management
66. Security Convergence
67. Identifying the Terrorist

Wednesday, March 4, 2009

Change Recovery Policy

To change the recovery policy for the local computer

  1. Click Start, click Run, type mmc, and then click OK.
  2. On the File menu, click Add/Remove Snap-in, and then click Add.
  3. Under Add Standalone Snap-in, click Group Policy, and then click Add.
  4. Under Group Policy Object, make sure that Local Computer is displayed, click Finish
  5. Click Close, and then click OK.
  6. In Local Computer Policy, click Public Key Policies.

Location:

    • Local Computer Policy

o  Computer Configuration

o        Windows Settings

o        Security Settings

o        Public Key Policies

  1. In the console tree, right-click Encrypted Data Recovery Agents, and then do one of the following:
    • To designate a user as an additional recovery agent using the Add Recovery Agent wizard, click Add.
    • To request a new file recovery certificate using the Certificate Request wizard, click Create. To complete this procedure, you must have the appropriate permissions to request the certificate and the certification authority (CA) must be configured to issue this type of certificate.
    • To delete this EFS policy and every recovery agent, click Delete Policy. If you select this option, users cannot encrypt files on this computer.

Attention:

  • Before changing the recovery policy in any way, you should first back up the recovery keys to a floppy disk.

Notes

  • You must be logged on as an administrator or a member of the Administrators group in order to complete this procedure. If your computer is connected to a network, network policy settings might also prevent you from completing this procedure.
  • Usually, the computer issues a default self-signed certificate that designates the initial Administrator account as the default recovery agent. However, if the user who first logs on after installation creates a second account by using the Create New User Wizard, then the second account becomes the default recovery agent.
  • If the default recovery agent's certificate is deleted without another recovery agent specified in the policy, the computer has an empty recovery policy. An empty recovery policy means that a recovery agent does not exist. This turns EFS off, so users cannot encrypt files on this computer.
  • In a domain, a default recovery policy is implemented for the domain when the first domain controller is set up. The domain administrator is issued the self-signed certificate, which designates the domain administrator as the recovery agent. To change the default recovery policy for a domain, log on to the first domain controller as an administrator.
  • To make changes to the File Recovery certificate, right-click the certificate and then clicking Properties. For example, you can use this to give the certificate a friendly name and enter a text description.

Add Cocovery Agent for Local Computer

To add a recovery agent for the local computer

  1. Click Start, click Run, type mmc, and then click OK.
  2. On the File menu, click Add/Remove Snap-in, and then click Add.
  3. Under Add Standalone Snap-in, click Group Policy, and then click Add.
  4. Under Group Policy Object, make sure that Local Computer is displayed, and then click Finish.
  5. Click Close, and then click OK.
  6. On the console tree, click Public Key Policies.

Where is the location?

    • Local Computer Policy

o    Computer Configuration

o        Windows Settings

o        Security Settings

o        Public Key Policies

 

  1. In the details pane, right-click Encrypted Data Recovery Agents.
  2. Click Add, and then follow the instructions in the Add Recovery Agent wizard.

Notes

  • You must be logged on as an administrator or a member of the Administrators group in order to complete this procedure. If your computer is connected to a network, network policy settings might also prevent you from completing this procedure.
  • Adding a recovery agent from a file identifies the user as USER_UNKNOWN. This is because the name is not stored in the file.
  • Before you can add or create a recovery agent, you must configure Group Policy on your computer. For more information about using Group Policy, see Related Topics.
  • In the Add Recovery Agent Wizard, be prepared to provide the wizard with the user name for a user with a published recovery certificate. Alternatively, you can use the wizard to browse for ..cer files that contain information about the recovery agent you are adding.

To back up default recovery keys to a floppy disk

  1. Click Start, click Run, type mmc, and then click OK.
  2. On the File menu, click Add/Remove Snap-in, and then click Add.
  3. Under Add Standalone Snap-in, click Certificates, and then click Add.
  4. Click My user account, and then click Finish.
  5. Click Close, and then click OK.
  6. Double-click Certificates - Current User, double-click Personal, and then double-click Certificates.
  7. Click the certificate that displays the words File Recovery in the Intended Purposes column.
  8. Right-click the certificate, point to All Tasks, and then click Export.
  9. Follow the instructions in the Certificate Export Wizard to export the certificate and associated private key to a .pfx file format.

Notes

  • This operation must be performed by the recovery agent account that has the recovery certificate and private key in their private store.
  • Before making any changes to the default recovery policy, be sure to secure the default recovery private key. The default recovery keys in a domain are stored on the first domain controller for the domain. The domain administrator is the default recovery agent.
  • For more information about using Certificates in MMC, see Related Topics.

Recover Enscripted File

To recover an encrypted file or folder if you are a designated recovery agent

  1. Use Backup or another backup tool to restore a user's backup version of the encrypted file or folder to the computer where your file recovery certificate and recovery key are located.
  2. Open Windows Explorer.
  3. Right-click the file or folder and then click Properties.
  4. On the General tab, click Advanced.
  5. Clear the Encrypt contents to secure data check box.
  6. Make a backup version of the decrypted file or folder and return the backup version to the user.

Notes

  • To open Windows Explorer, click Start, point to All Programs, point to Accessories, and then click Windows Explorer.
  • You can return the backup version of the decrypted file or folder to the user as an e-mail attachment, on a floppy disk, or on a network share.
  • You can also physically transport the recovery agent's private key and certificate, import the private key and certificate, decrypt the file or folder, and then delete the imported private key and certificate. This procedure exposes the private key more than the procedure above but does not require any backup or restore operations or file transportation.
  • If you are the recovery agent, use the Export command from Certificates in Microsoft Management Console (MMC) to export the file recovery certificate and private key to a floppy disk. Keep the floppy disk in a secure location. Then, if the file recovery certificate or private key on your computer is ever damaged or deleted, you can use the Import command from Certificates in MMC to replace the damaged or deleted certificate and private key with the ones you have backed up on the floppy disk.
  • For more information about using Certificates in MMC, see Related Topics.

To recover an encrypted file or folder without the file encryption certificate

  1. Open Backup.
  2. Use Backup to make a copy of the file in case of loss or damage.
  3. Send the original encrypted file to the designated recovery agent.
  4. Have the recovery agent use their recovery certificate and private key to decrypt the file.
  5. Have the recovery agent send the decrypted file back to you, using any file transfer method that is desired.

Notes

  • To start Backup, click Start, point to All Programs, point to Accessories, point to System Tools, and then click Backup.
  • The administrator of the local computer is the default recovery agent, unless you are in an Active Directory domain environment. In an Active Directory domain environment, the administrator that initially logged on to the first domain controller is the default recovery agent.
  • Sending the file to the designated recovery agent can be done in a number of ways, including backing up the file up to tape or floppy disk.
  • Files backed up using Backup or any other backup tool retain their encryption while in their backup storage location. The original files can be decrypted or modified without affecting the encrypted state of the backup copies.
  • You can recover an encrypted file or folder yourself if you have kept a backup copy of your file encryption certificate and private key in a .pfx file on a floppy disk. Use the import command from Certificates in Microsoft Management Console (MMC) to import the .pfx file from the floppy disk into the Personal store.
  • For more information about using Certificates in MMC, see Related Topics.