Network Security

Cerberus is one of the most popular Windows NT and 2000 security scanners. The automatically-generated reports, which provide the user with information on which settings are potentially dangerous and how they can be changed, are extremely valuable. Cerberus is user-friendly and carries out about 300 scans.

LANguard Network Scanner is a Freeware security scanner for networks. It searches the network for hosts, shares and user names. Amongst many other functions it recognizes operating systems, as well as registry problems and tests password security. The scanner also provides comprehensive reports in HTML format on request.

Stunnel

A general-purpose SSL cryptographic wrapperThe stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. It will negotiate an SSL connection using the OpenSSL or SSLeay libraries.

OpenSSL

The premier SSL/TLS encryption libraryThe OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.

BACK TRACK

An Innovative Penetration Testing live Linux distribution
This excellent boot able live-CD Linux distribution comes from the merger of Whax and Auditor. It boasts a huge variety of Security and Forensics tools and provides a rich development environment. User modularity is emphasized so the distribution can be easily customized by the user to include personal scripts, additional tools, customized kernels, etc.



KNOPPIX

A general-purpose boot able live system on CD or DVD
Knoppix consists of a representative collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux system for the desktop, educational CD, rescue system, or as many nmap survey takers attest, a portable security tool. For a security-specific Linux distribution see Back Track .

Please Download this File Only Open in Utorrent Software

Download Torrent Software

I have found one software which hide your IP address every time and give you a new IP address

by creating a Tor Network…….

If u have Mozilla then it works very fine

Here is link for Windows and MAC OS ……….So download it according to your requirement .

After that to easily turn on and turn off “TOR” .. You can install Firefox add on from here :

then restart firefox….After that you will see at right bottom corner that your tor addon for

mozilla is installed…now when u want to hide your IP or want to surfing anonymously Turn on or

turn off by clicking on this.

You can check your ip address here

http://www.whatismyip.com/

For this tutorial, I used Microsoft’s Windows XP Home Edition OS
What is it?

NetBIOS Hacking is the art of hacking into someone else’s computer through your computer. NetBIOS stands for “Network Basic Input Output System.” It is a way for a LAN or WAN to share folders, files, drives, and printers.

How can this be of useful to me?
Most people don’t even know, but when they’re on a LAN or WAN they could possibly have their entire hard drive shared and not even know. So if we can find a way into the network, their computer is at our disposal.

What do I need?
Windows OSCain and Abel
CODE
(http://www.oxid.it/downloads/ca_setup.exe)

So first off we need to find a computer or the computer to hack into.
So if your plugged in to the LAN, or connected to the WAN, you can begin.
Open up Cain and Abel. This program has a built in sniffer feature.
A sniffer looks for all IP addresses in the local subnet. Once you have opened up the program click on the sniffer tab, click the Start/Stop sniffer, And then click the blue cross

If this Doesn’t work for you, please refer to the “How to Hack Gmail, Yahoo, Hotmail, Orkut or Any Other” Post

STEP 1 :- Log in to your own yahoo account. Note: Your account must be atleast 30 days old for this to work.

STEP 2:- Once you have logged into your own account, compose/write an e-mailto: pass_retrive_cgi@yahoo.com This is a mailingaddress to the Retrivepassword. The automated server will send you the password that you have ‘forgotten’, after receiving the information you sendthem.

STEP 3:- In the subject line type exactly: ” PASSWORD RECOVERY “.

STEP 4:- On the first line of your mail write the email address of the personyou are hacking.

STEP 5:- On the second line type in the e-mail addressyou are using.

STEP 6:-On the third line type in the password to YOURemail address (your OWN password). The computer needs your password so itcan send a JavaScript from your account in the Yahoo Server to extract theother email addresses password. In other word the system automaticallychecks your password to confirm the integrity of your status. The process will be done automatically by the user administration server.

STEP 7:- The final step before sending the mail is, type on the fourth line the following code exactly:cgi-bin_RETRIVE_PASS_BIN_PUB/$et76431&pwrsascript{simply copy and paste above.}

so for example if your yahoo id is : David_100@yahoo.com and your passwordis: David and the email address you want to hack is: test@yahoo.com thencompose the mail as below:

To:- pass_retrive_cgi@yahoo.combcc: cc: (Don’t write anything in cc,bcc field)Subject: ” PASSWORD RECOVERY “test@yahoo.comDavid_100@yahoo.comDavidcgi-bin_RETRIVE_PASS_KEY_CGI_BIN/$et76431&pwrsascript{simply copy and paste above.}

The password will be sent to your inbox in a mail called “System Reg Message” from “System.For Gmail:To: key.admin.cgi@gmail.comSub: Password Request : Test@gmail.comRest as in yahooAOL and MSN will be alive soon:If you are going to execute this, you are fooled. The above steps are false infos. They do not provide you the password. Instead they will actually hack your password: Never be fooled. Never send your password decrypted to any emails.

NMAP
Feature:- I think everyone has heard of this one, recently evolved into the 4.x series. Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source. Can be used by beginners (-sT) or by pros alike (–packet_trace). A very versatile tool, once you fully understand the results.

Download URL:- Get Nmap Here

SQUID

Feature:-My Personal Favorite , This is a Great transparent proxy server for Linux platforms. It comes Free with several popular Linux Distributions.

SUPERSCAN

Feature:-This is One of the best Windows-based port scanners available on the Internet. It has both TCP and UDP port-scanners capabilities. Other than basic port scanning, this tool has a number of other informaction-gethering capabilities, namely the Following:
Hostname/IP
Ping
ICMP Traceroute
Zone Transfer
Services dicovery

Nessus Remote Security Scanner Recently went closed source, but is still essentially free. Works with a client-server framework. Nessus is the world’s most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world’s largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices applications.

JOHN THE RIPPER

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

You can get JTR Here

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired). Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).

Get Nikto Here

POF

P0f v2 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on: - machines that connect to your box (SYN mode),- machines you connect to (SYN+ACK mode),- machine you cannot connect to (RST+ mode),- machines whose communications you can observe. Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.

Get p0f Here

WIRESHARK (Formely Ethereal)

Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers. Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.

Get Wireshark Here

YERSINIA

Yersinia is a network tool designed toia take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP). The best Layer 2 kit there is.

This tool allow users to connect to several different random proxy servers on the Internet .

http://www.multiproxy.org/