• Content count

  • Joined

  • Last visited

  • Days Won


whitehatGuru last won the day on November 20 2009

whitehatGuru had the most liked content!

Community Reputation

-2 Noobie

About whitehatGuru

  • Rank
    I broke 10 posts and all I got was this lousy title!

Contact Methods

  • AIM
  • Website URL
  • Yahoo

Profile Information

  • Gender
  • Country
  1. may be you are right... but the post is interesting enough to bring a smile on readers face..
  2. it Sounds u didn't get the title "Changing IPAddress using Command prompt" expert used to do d most of there task via cmd...don't u heard that before. Linux is cool bcos you can do every task via command line or say terminal, but for windows people are just familiar with GUI..and thats the reason I'm trying to teach How to Change Your IP using Command Prompt.
  3. Hi Friend Dont u think it is necessary to scan your Pen Drive before opening it? only people with gud knowledge can take countermeasure to not get infected but for those who dont know about all these stuffs usually double click thr pendrive to see the content that may lead to serious trouble.... Read my article here for more information on Propagation of infection due to PenDrive & Steps required to Maximize there Malware Protection..
  4. what do you think could be a safest method to not get Hacked See this interesting post made by one of our member that describes the Steps you need to know to not get Hacked
  5. This Default Password List is the largest Collection of Login & Passwords of all Router/Switch & Other such Network Devices. http://www.whitehatguru.net/forum/viewforum.php?f=26
  6. Hi Friends! Here is the Recent Post I made to my Site that will teach you How to use Nessus to Scan the vulnerability in Network http://www.whitehatguru.net/forum/viewforum.php?f=39
  7. Open cmd andType in the below command in CMD. Syntex: Netsh int ip set address/dns/wins “interface_name” source IP_address Subnet_mask default_gateway 1 Example: For Static IP Netsh int ip set address “Local Area Connection” static 1 For Static DNS Netsh int ip set dns “Local Area Connection” static primary Netsh int ip set dns “Local Area Connection” static secondary For Dynamic IP (DHCP) Netsh int ip set address “Local Area Connection” dhcp Netsh int ip set dns “Local Area Connection” dhcp
  8. PIO and DMA are standards for data transfer and used in transferring data in the computer between hard drives and optical drives. By default the bios configures the devices in DMA mode which ranges up to 7 levels whereas PIO supports only 4 levels. DMA is an abbreviation for Direct Memory Access, an access method for external devices where the data transfer is not done by the central processor, but by a small special processor called DMA controller. It uses a procedure called cycle stealing, where the central processor memory access cycles are delayed for very short times to intersperse DMA controller memory access cycles. Some newer, faster DMA modes are called UDMA (Ultra DMA). The alternative, slow and inefficient data transfer mode is called PIO, Programmed Input-Output, where the central processor transfers data byte for byte or word for word. This requires many processor commands for each data word and therefore causes a high and unwanted processor load. A typical symptom of PIO mode is slow data transfer, accompanied by high processor load, leading, for example, to a choppy video display. To know if the device is running in PIO or DMA mode, Go to Device Manager: right-click on My Computer, select Properties, click on the Hardware tag, click on the Device Manager button, click on the plus sign to the left of IDE ATA/ATAPI Controller, double-click on the secondary IDE channel, click on Extended Settings and check whether it is set to DMA when available. Directly underneath that setting is a grey field that shows the actual working mode of your IDE channel. You want the highest possible DMA or Ultra DMA mode there, and you definitely don't want PIO mode. To get back DMA mode, Run REGEDIT. Go to the following key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318} It has subkeys like 0000, 0001, 0002, etc. Normally 0001 is the primary IDE channel, 0002 the secondary, but other numbers can occur under certain circumstances. You have to go through these subkeys and check the DriverDesc value until you find the proper IDE channel. Delete MasterIdDataChecksum or SlaveIdDataChecksum, depending on whether the device in question is attached as master or slave, but it can't actually hurt to delete both. Reboot. The drive DMA capabilities will be redetected. originally posted by mani_jeenu on whitehatGuru.net Forum
  9. Today one of the fastest medium used by malware for infection is removable drives. Worms used it to replicate faster, once your removal drive come in contact with infected system it gets infected automatically by the malicious services running in system, one of the first task done by malicious services is to create AUTORUN information file into Removable drive for further propagation. Now once you open these infected Removable Drives in any PC, AUTORUN file do there task, but question is How? Actually AUTORUN file contains code for executing infected executable file instantly which were copied earlier somewhere in Removable Drives by malicious services. The code within AUTORUN information file looks something like this: [AUTORUN] OPEN=recycler/setup.exe In the above script recycler is a folder in removal drives which contain infected executable file (copied earlier by malicious services) that is now being used by AUTORUN file for propagation. Here we can protect our Removal Drives against these worms by restricting changes to Autorun.inf file. Step1: Create four folders in the root directory of your Removable drive with name Autorun.inf, Recycle, Recycler and Recycled. Step2: Go to Start>Run and type cmd to open Command Prompt Step3: Now type below command one by one attrib autorun.inf /s /d –a +s +r cacls autorun.inf /c /d administrators Step4: Repeat Step3 for Recycle, Recycler and Recycled. Here in the above procedure attrib command is used to set the folder attributes and cacls is used to set the privilege label to deny access for members of administrators group. Once you have completed this task successfully you won’t be able to delete, rename, modify, copy or open these folders and this also prevent Malicious services running in any system to modify or copy infected files into Removable Drives.
  10. I launched my new Security webPortal