Friday, October 3, 2014

How To Unblock Streaming Sites In Australia (Or Anywhere)

Want to unblock streaming sites from Government blocks? There are many programs you can use, or websites but by far the cheapest option we have found is 143VPN. You can use this coupon code for 10% off: TDJM13K1KX

Examples of sites you can unblock:

  • Kinox.to

  • Movie4k

  • Hulu

  • Netflix


With the recent blockage from Australia of Kinox.to and Movie4k, this is a powerful tool to have in your movie watching toolbelt.

How To Keep Hackers From Scanning Your Websites For Vulnerabilities

Want to prevent hackers from scanning your site for exploits? Paste this code in your .htaccess file on the root directory and it will block most scanners from being able to scan your website.

How To Troll Email Harvesters On Your Sites

Want to stop email harvesters from gathering information on your website? This is a little trick I want to show you on how to basically troll email harvester programs into harvesting fake email addressed when they attempt to harvest from your website. Add the below code to your .htaccess file in your root directory of your websites and they will get random emails instead of the ones on your website.


#protect htaccess file

<Files .htaccess>
deny from all
</Files>

RewriteEngine on

RewriteBase /
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mozilla.*NEWT [OR]
RewriteCond %{HTTP_USER_AGENT} ^Crescent [OR]
RewriteCond %{HTTP_USER_AGENT} ^CherryPicker [OR]
RewriteCond %{HTTP_USER_AGENT} ^[Ww]eb[Bb]andit [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebEMailExtrac.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^NICErsPRO [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus.*Webster [OR]
RewriteCond %{HTTP_USER_AGENT} ^Microsoft.URL [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^LinkWalker [OR]
RewriteCond %{HTTP_USER_AGENT} ^sitecheck.internetseer.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ia_archiver [OR]
RewriteCond %{HTTP_USER_AGENT} ^DIIbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^psbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailCollector
RewriteCond %{HTTP_USER_AGENT} ^Anarchie [OR]
RewriteCond %{HTTP_USER_AGENT} ^ASPSeek [OR]
RewriteCond %{HTTP_USER_AGENT} ^attach [OR]
RewriteCond %{HTTP_USER_AGENT} ^autoemailspider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xenu [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus.*Webster [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus

RewriteRule ^.*$ http://english-61925045732.spampoison.com [R,L]


Thursday, September 25, 2014

How To Enhance Privacy And Security In Firefox

Do you want to take the next step in protecting your privacy while browsing the web? Using the Firefox Open Source browser you can accomplish your security and privacy goals. With this guide I will show you how to keep your data private and stay secure online.

Configuration


Firefox was designed to be a extremely customizable web browser. It will allow you to tune nearly every aspect of your browsing experience. We shall start with the configuration inside of Firefox itself. Type  about:config into the address bar and push enter. You will see this:



First we will focus on a preference called network.http.sendRefererHeader. The value by default is 2, this is bad for privacy because it will show where you are coming from because it stores habits. This is mainly used by advertisers to generate better focused ads. To disable this setting you will need to navigate to network.http.sendRefererHeader by copying and pasting it into your search bar. Double click the integer and set the number to 0 like so:



The next thing we will focus on is the privacy options built in. Go to the options menu, then go to privacy and follow these settings to ensure you are not tracked.


Web Browsers


Now we will focus on search engines now that your browser won't be tracking you. Search engines will track what you do as well.

StartPage - A is a search engine that was launched  in 2009 by Ixquick and is the worlds most private search engine. They provide results from Google without giving up your identity or habits, keep no logs and are based offshore in The Netherlands.  They support these methods of encryption:

  • TLS

  • SSLv3

  • TLS1.1

  • TLS1.2


 

StartPage uses POST requests  instead of GET requests to give your your results by default which even if you have referrer headers enabled, it would prevent sites from knowing your search queries. StartPage also allows you to connect and search from servers outside of your country to separate yourself from the Government.

DuckDuckGo - Another alternative to Google and is similar in policies as StartPage as their privacy policy states they never keep logs. The difference between StartPage and DuckDuckGo is this search engine provides results from other places besides Google such as Wikipedia, Wolfram Alpha, Bing, Yahoo, Yandex,  and Yelp.

Add-Ons


Add-ons can help you lock down on the above settings, and really fine tune your privacy. Here is a list of recommended Add-ons.

  1. NoScript

  2. Self-Destructing Cookies

  3. Better Privacy

  4. HTTPS Everywhere

  5. Disconnect

  6. Adblock Edge

  7. Last Pass

  8. Ghostery


1. NoScript is one of the most recommended security addons for Firefox. It prevents  Javascript, Flash, Silverlight, and many others from running. This protects you from malicious scripts or any plug-ins can reveal your IP address. We advise that you Forbid Scripts Globally after installation and then whitelist the sites you frequently browse.

2. Self-Destructing Cookies detects and deleted cookies when they are no longer in use. When you install it the addon will automtaically delete all of your cokkies, but you can undelete them as needed as well as whitelist cookies you know you will need. Basically this addon will ensure that you only have the cookies you want, and not the ones that you do not wish to have.

3. Better Privacy is an addon that will clear your cache when idle and will elimitate the threat of Supercookies or Evercookies which are hard to get rid of and detect such as Flash cookies.

4. HTTPS Everywhere basically forces HHTPS on every site that has it, preventing MitM attacks.

5. Disconnect is a add-on that blocks over 2,000 sites from tracking you around the internet, helping increase bandwidth loss and load times, as well as remaining more private.

6. Adblock Edge is a fork of Adblock Plus that blocks ads that Adblock Plus allows by default.

7. LastPass is a password manager that help you remain secure online, you only need to remember your master password and the rest can be generated. Lastpass also has 2 factor authentication, and can preform security audits of all of your accounts to tell you if the site you were registered with has been hacked, and it can help recommend a course of action.

8. Ghostery detects trackers, bugs and more on many websites and will show you what is going on under the hood. While you will not need this if you have noscripts enabled for every site, it is good for detecting what is on your whitelisted websites so you know what they are tracking.

Friday, September 19, 2014

CyberGhost VPN Free 1 Year Access

CyberGhost VPN is giving away over 30k Free VPN subscriptions to help spread awareness for their new proxy service.

To get the free VPN go here: http://www.cyberghostvpn.com/en_us/campaign/chip.de_sept2014

Wednesday, August 27, 2014

Hackforums.net and .com have been hacked. DNS hacked.

It appears the most famous hacking forum online has been hacked. It appears that the DNS of the site was hacked, and the site still loads alright for some users including on mobile. This isn't the first time the forum has been hacked. In the past the site was hacked and entire databases of information stolen. It doesn't seem to be that critical this time around but time will tell.



The owner, Omniscient, said that no data was breached via Twitter with mild annoyance.

Friday, August 22, 2014

How To Test A Website Or Web Server For Vulnerabilities

Do you want to know how to run some basic tests on your web server to see if it is vulnerable? This tutorial will teach you how to penetrate your own webserver and test for vlunerabilities. This method is very traceable, so I suggest you only use it on your own web servers and with your Hosts permission.
In this tutorial you will learn how to use a simple tool to find vulnerabilities on your webserver. The tool is called Nikto and is ran on Kali Linux.
Step 1: Run Nikto on Kali Linux
We will use Kali because Nikto is preinstalled. Go to: "Kali Linux - Vulnerability Analysis - Misc Scanners - nikto" and run it.

a

Step 2:  Scan your server
To scan for vulnerabilities on a website type:
nikto -h example.com
You can use this to scan URLs as well as IP addresses. If you want to know the IP of a website just ping it.
Example:
ping example.com


Step 3:  Analyse the server vulnerabilities.
Nikto will give you a report of potential vulnerabilities on the websites server. The scan will give you a list of potential vulnerabilities a hacker could try to exploit on the webserver. Some of the vulnerabilities could be a false positive so be aware of that possibility. Some of the vulnerabilities will be have a OSVDB prefix, which stands for Open Source Vulnerability Database which is a vast database of known vulnerabilities. You can check the vulnerability IDs here: http://www.osvdb.org 

Warning: Only use this on your own server or servers you are authorized to Pen test.