This free password recovery software does not need installation and can be run from a USB thumbdrive but it requires administrator rights, once you execute it, you can remove the password for any Windows user using a drop down menu, you can enable or disable Windows account manager or change the Windows logon password without using the Windows control panel.
Advanced Password Recovery can retrieve stored wireless networks passwords, Instant Messenger account passwords from MSN, Yahoo Messenger, Google Talk, ICQ, Trillian and others, Windows Office password recovery for Microsoft Office software and Microsoft Exchange Server, and Internet browsers password recovery for all of the major browsers like Opera, Firefox, Internet Explorer and Chrome.
Advanced Password Recovery
Advanced Password Recovery also includes a basic password generator where you can specify password length and spawning of numeric or alphanumeric passwords, this is a nice bonus but you will be better off using a specialist password generator tool if you are going to use it often, the one included has very basic configuration options, there is no support for password lists or presetting password suffixes.
The software includes a utility called Password Encrypter to encrypt text , there is no documentation explaining how it is implemented, it does not not look like strong encryption, probably more indicated to stop the occasional coworker spying or someone who doesn’t have the time and motivation to try and break it.
This Windows SSH server built around CygWin (Linux environment for Windows) comes as a single executable and it is very easy to install, you can configure an SSH server on any Windows PC with just a couple of clicks, MobaSSH is registered as a Windows service it can be monitored like any other normal service, it will help you supervise and manage your Windows PC remotely allowing you to run commands and securely transfer files from any other operating system using a secure encrypted SSH tunnel, all you need is an SSH client on your end (OpenSSH, PuTTY, KiTTY) and MobaSSH installed in the computer you would like to have access to.
You will be able to administer a Windows machine using Unix commands as if it were a Linux operating system, the most useful GNU utilities are all included, the tool appears directed towards system administrators but home users with a small network at home can make good use of it too, you could for example, install MobaSSH on your home computer and securely connect to it from work or an Internet café using a portable SSH client on a thumbdrive to create an SSH tunnel and retrieve forgotten files or upload them to your home computer.
MobaSSH Windows SSH server
Commonly performed functions with MobaSSH include:
Use a Windows machine as a central backup server: With scp/sftp you can securely transfer files to the central server or write a script that will automatically run backing up a folder to the other offsite computer.
Manage a computer remotely without the logged in user even noticing: When you remotely log into a Windows machine remotely where MobaSSH is installed nothing is displayed on the screen, everything runs silently in the background, the user will be able to carry on working as normal.
Monitor what a Windows computer is doing: You can look at what programs/daemons are running on the computer and display the data packets crossing the network card in real time using TCPCapture, the network connection can be probed too using ftp/telnet/rlogin/wget/ping, etc.
Remotely run scripts on a Windows machine: Using bash, vim, chmod, cut, etc you can suddenly start an inactive script on a Windows computer, this can be done while a user is logged in.
MobaSSH main features
Execute commands on a remote Windows computer
Transfer files through an encrypted SSH tunnel
Retrieve information about the remote computer
Make backups of your computers over the network
Silently install software on remote Windows computers
Silently administer a remote Windows computer
The free version is for personal use only and it does not have advanced logging options, Samba domain users, hosts allow/deny configuration and service Keep Alive can only be found in the pro version. MobaSSH includes an easy to understand manual with screenshots, but you need to have a working knowledge of the Unix (Linux) command line in order to operate this tool, this is not difficult to learn.
Any hardware with a communications network interface card (NIC) will have been assigned by the manufacturer of the card a unique Media Access Control (MAC) address embedded on the network card, this address includes the manufacturer identification number, the make and model of the device could be embedded too. A MAC address takes the viewable form of six groups grouped in blocks of two hexadecimal digits (composed of numbers from 0 through 9 and letters from A up to F) separated by hyphens or colons.
Example MAC addresses: 00-B0-D0-86-BB-F7, 09:00:07:A9:B2:EB, D1-AD-04-EF-C1-02
A network interface card MAC address does not contain user information and it is not visible on the Internet, it remains behind the router, a router will use a device MAC address to identify a local computer, the router will be able to see and log the device MAC address when connected to, if you are using a public wireless access point for example, the access point will log your network card MAC address, time and date.
A network administrator could use this information to link your machine, i.e. laptop, mobile device, etc, with a particular Internet session, in order to do that you would have to lose control of the device and allow someone to examine it, using a VPN on a Wi-fi connection will not hide your MAC address.
Note: A computer MAC address is not related to Apple Macintosh computers, it is related to network cards.
How to find out a computer MAC address
Windows MAC address: Go to the command line (Run>cmd) and type ipconfig /all you will see a line that says “Physical address”, that is your network card burned-in address, aka MAC address, if you have a wireless router you will see more than one physical address, one belongs to the ethernet wired connection and the other to the wireless connection.
Apple Macintosh MAC address: Go to System Preferences>Network Icon>Show (select Built-in Ethernet)>Ethernet Card, the MAC address is listed next to Ethernet ID:, to determine the MAC address of a Wi-fi card select Show: Airport>Airport the address is listed next to Airport ID:
Linux MAC address: Become root at the command line (typing su or root) and type ifconfig -a the MAC address will be listed next to HWaddr on the first line, or type /sbin/ifconfig | grep HWaddr
FreeBSD MAC address: Type dmefg to see display MAC address or grep eth0 /var/log/dmesg or type ifconfig and look for the ether line, the MAC address will be written next to that.
Note: A hard coded MAC address is meant to be unique in the world, there can only be one NIC card with that number, if you spoof a network MAC address and it coincides with that of another device in the same local network there could be serious networking problems, or data could be forwarded to both devices, the consequences will depend on how the switch handles it.
How do I change my MAC address?
To physically change a network card MAC address it is necessary to remove the NIC card flash chip, re-programming it with new MAC address and putting it back on the card, changing your device network card will also change the hard coded MAC address, the easiest and quickest way to change a MAC address is by using special MAC address changing software:
DynaMAC: Freeware application to view and change any computer MAC address, including wireless cards, the user can specify the MAC address that should be used, the old address can easily be reset to the original one with a single click.
After downloading DynaMac choose custom installation to stop your homepage and default search engine from being changed (Ad-aware).
DynMAC free MAC address changer
Technitium Tmac: Highly configurable MAC address changer, it provides complete information on all of your network cards MAC addresses, you can select a random MAC address from the list of manufacturers that Tmac includes, it makes for a perfect MAC spoofing if you match it with your network card manufacturer brand.
Change computer MAC address manually
Change a MAC address in Windows: Go to Start>Network Connections>Network Sharing Center (Vista) (Network and Dial-up on XP)>, choose Adapter Settings, right click and choose Properties>Configure, Network Connection Properties>Advanced tab, review the list for “Physical Address” or “Ethernet Address” (each NIC utilizes a different name), click on Properties once you have found it, click next to Value and input your desired MAC address, the computer will have to be rebooted for the changes to take effect.
Change a MAC address editing the registry: You could change a network card MAC address editing the Windows registry, the address will be found around HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\ one of the subkeys labeled NetworkAddress contains it, you could cause serious damage to your operating system and need to reinstall it if you make a mistake editing the registry.
Change MAC address in Linux: Become root and use the ifconfighw command or GNU MAC changer.
Change MAC address in FreeBSD: Become root and use the ifconfig command with three steps.
ifconfig {name of the interface} down
ifconfig {name of the interface} hw ether {new MAC address}
ifconfig {name of the interface} up
Tip: Network administrators could be filtering access to the network based on a device MAC address, changing it while being part of a network could lock you out.
Note: MAC address changing software does not modify the embedded network card address physically, it instructs Windows (example OS) to use the MAC address specified in the registry.
Change a router MAC address
A router MAC address can be emulated/changed through the router interface, the process is known as MAC cloning, not all routers have this ability, the cheap ‘free’ router given to you by your ISP is unlikely to allow this.
Each device has its own interface and it is not possible to write instructions for all routers, read the router own instructions or make sure that you have a high end router and search the interface advanced configuration options for “MAC cloning”, in advanced configuration mode you should be able to enter a new MAC address, after which you will be asked to reboot./em/em
A torrent seedbox is a permanent 24/7 online high speed server dedicated to download and upload (aka seeding) a torrent for you, an average seedbox has a 100 Mbit/s line or more, which is considerably faster than any home ISP and gets around bandwidth throttling if there is one, after a torrent has been downloaded onto the seedbox the user gets it to his computer via S/FTP, this is the only bandwidth consumed by the user, seedbox bandwidth does not count towards your monthly download capping if you have one.
For a monthly fee a seedbox provider will give you an always on server with a dedicated 100Mbps line, dedicated IP, huge amount of bandwidth, an FTP account, allocated hard drive space and RAM with an easy to use interface like TorrentFlux-B4rt to seed your files.
Seedbox torrent interface
Private trackers require users to keep a good ratio to be able to download files from other members faster, instead of leaving your computer on all the time and slowing down your Internet connection, a seedbox will free up computer resources for other tasks, if you need to distribute a torrent file making sure that it is available at all times, a seedbox is the way to go.
The most expensive seedboxes can have a VNC (Virtual Network Computer) remote connection to a Windows machine allowing you to run any BitTorrent client you like, they should also offer torrent creation, unRaring, ZIPing, and firewall protection, the online space they offer is meant to be used for seeding the files but there is nothing stopping you from using it for storage, OpenVPN and Usenet access should be available in the costly high end servers.
Any computer can be converted into a seedbox, with a little knowledge of Linux command line you could easily set up your own seedbox on a VPS as long as their terms and conditions allow it (high bandwidth and resources needed). You would probably not save any money using a VPS compared with renting an specialist seedbox provider, the only advantage of setting up your own seedbox on a server is higher privacy because you are in control of everything, logs and configuration, it is possible to set up a seedbox at home but your ISP might ask you to upgrade to a business line when they detect high bandwidth usage.
Seedboxes and sharing copyrighted files
A seedbox IP can be tracked down just like your home computer, but instead of serving your ISP with a DMCA take down notice they will serve your seedbox provider and they have to comply with it, a seedbox it is not a way to bypass copyright laws, if you use an open tracker it will be found, when a seedbox provider gets a DMCA notice they forward it to you asking to remove the infringing content, DMCA notices are simple take down notices, not court orders requiring personal details, it is when a DMCA notice is ignored that courts can get involved.
Torrentflux seedbox interace
If you make sure that your seedbox is located in a country with weak filesharing copyright laws, one of the few left is Canada, it won’t be possible to serve them with any take down notice even if the customer lives in France (three strikes law), or the US (lawsuits). Anyone sharing extreme illegal files on a seedbox will be caught, in such hypothetic scenario the seedbox provider would be served with a law enforcement subpoena and not a DMCA notice, subpoenas ask for customer personal details and logs that will have to be provided.
What to look for in a seedbox
There are lots of seedbox providers, look for a well established company with good reputation, make sure the specs fit your needs, bandwidth is not normally a problem but seeding files could be as the cheapest seedbox plans impose a limit on the number of files you can seed, get a company with a money back guarantee, you will get discounts for paying for a year, the wise thing to do is to try them out for one month first before any long term commitment.
Why to get a seedbox?
To make a file available 24/7 on the torrent network, to avoid leaving your computer switched on all the time, to speed up uploading and downloading of files, to keep a good filesharing ratio, you are on an ISP that caps bandwidth or you are a member of a private tracker.
There are two kind of hackers, malicious hackers who crack email accounts, distribute viruses, cause destruction and steal money from others, known as crackers or black hat hackers, and ethical hackers who tweak hardware and software to create things that nobody ever thought about, hackers are also programmers and security penetration testers whose job is to find a vulnerability, software bug or technical error before the bad guys do, warning the company/community, aka white hat hackers, this post is about how to become an ethical hacker.
To become a computer hacker requires intelligence, dedication and tenacity, problem solving abilities are a must have and above all you must like computer tinkering since you will spend lots of time working with them. Even thought most desktop computers run on Windows, most servers run some kind of Unix variant, i.e. Linux, FreeBSD, Solaris.
Knowing only Windows will get you nowhere, the first step you should do to become a hacker is to get used to a Unix based operating system where you get to see that not all is a point and click mouse and you can play with a program’s source code, unlike Windows or MAC, source code in Unix is free to modify and distribute, aka open source.
GRML Linux hackers distribution
Linux distributions for hackers:
GRML: A Debian based Linux distribution specially designed for system administrators and text tool users, capable of analyzing systems/networks, to be used as a rescue system or as a main desktop.
Kali Linux: Distribution intended for security professionals, with tools for hacking wireless access points, exploiting web servers and learning, an indispensable security penetration testing tool.
Tip: If you are a Linux beginner download something easier like Knoppix, if you do not want to install it in your computer it can be run as a live CD/DVD or USB thumbdrive, and do not forget that BSD distributions like OpenBSD are also appropriate for hackers.
Programming languages a hacker should learn
Python is a well designed and documented programming language ideal for beginners due to its power and friendliness, C is a +40 years old general purpose programming language still in use, C++ is related to C and knowing one of the languages will make learning the other easy, Perl is a Unix scripting language often used in network administration, you will need to know Perl in order to understand other people scripts rather than writing it yourself, LISP (LISt Processing) is an ancient programming language closely connected with artificial intelligence projects, reverse engineering and being able to disassemble software is a must have skill for software hackers, if you come across a trojan you will want to know how it works and what it does.
Python: Flexible intuitive programming language with clear and readable syntax, it uses standard libraries and third party modules.
Perl: Feature rich programming language that can be embedded into webservers and databases, also used in e-commerce.
Learn the English language
English is the main communication language in between people of different countries wherever you go, the ability to communicate verbally and in writing in English is an essential skill, if you have a different mother tongue, once you have mastered the English language you will be able to translate documentation and will be in a better position than monolingual people. English speaking people must also take care not to misspell or make grammatical errors as that makes you look illiterate, impressions count, nobody is going to hire someone who appears to be uneducated and can’t spell.
Reference Dictionary: A free online thesaurus and dictionary with words of the day and quotes to help you improve your reading and writing skills.
Social engineering
Information and communication technologies relies on humans one way or another, human resources, network administrators and security guards are all composed of humans, if a system is too hard to get into then hack the people in charge (aka social engineering). Some companies hire penetration testers to discover their own weak points and test staff security awareness before something happens for real.
How to become a hacker
You will want to learn human psychology, what makes people give up their password to strangers? How to get information out of people without knowing them? Can people be fooled into thinking a stranger works for the company just because he says so? All of that is used by hackers to learn of administrator passwords and much more.
Security Now podcast: Weekly podcast with computer security expert Steve Gibson, news and tutorials about hacking, security vulnerabilities and Internet privacy.
Learn HTML
Everything worthwhile to learn is on the Internet, tutorials, ebooks, software, is all served to you in websites, you should learn HTML language (not a programming language) this will be useful to understand how websites work and help you to create a blog/website or manage a forum where to interact with others.
W3Schools: Web developer portal for beginners and advanced users, you will learn how to develop a website and technologies being used to do that (HTML, XML, CSS, JavaScript, PHP, and SQL).
Hacking war games
Technology evolves quickly you need to keep learning and adapt to new challenges, security is not a target that can be reached, it is a process that you need to keep improving for ever, hackers never give up due to failure, they keep trying until they find a solution no matter how hard it is. Getting involved in an open source project will be a good way to be part of a community and keep your skills up to date, open source project take all kind of volunteers regardless of skills, if you can’t program yet maybe you can write documentation on how things work.
Another good way to keep your skills up to date and getting started in the hacking world is by joining a war game where the target is to hack other people, everything being legal and only being simulated, aka hacker games.
HackThisSite: A free legal website where to train your hacking skills, with tutorials and a forum where to discuss network security and anything related with computers.
Hacker-Project: Online hacking simulation game where you have to complete tasks like installing virii, hiding/encrypting files,recover logs, acquire computer IPs and collect profits of your hacking activities.
Get hacker status
If you help to test and debug open source software, keep the infrastructure working, write open source software, and publish useful information and submit it to conferences, you will soon come into contact with other hackers who will appreciate your help and dedication as well as admire you for your work, you will make a name for yourself and if you are good enough, get invited to conferences as a speaker, networking will help you be part of the community and maybe even find an employer or people with whom to work together in a project.
Defcon (DEFense CONdition): One of the oldest hackers conferences in the world where to meet like minded people and showcase new hacking tricks and tips.
BlackHat: A series of highly technical information security conferences that brings together hackers from government agencies, corporations and the underground world.
The easiest way to learn your computer IP address is by visiting one of the dozens of sites that perform an IP look up on the screen, the best websites will add extra information like browser language, installed plugins, ISP and even show a map with your approximate location in the world, this is the same information a webserver gets when you visit it, it is often used for targeted advertising purposes up to the point that US surfers from the West Coast will be shown different advertisements from those in the East Coast if Google or Bing feel like it.
NetIP.de: You are shown your IP, Hostname, country, region and city, with a big map and a pin indicating your geolocation, they offer a free widget that can be integrated on your website and a toolbar showing your computer IP for Internet Explorer and Firefox.
Infosniper.net: Infosniper shows your computer IP, country, region, city and if you don’t like Google Maps, Infosniper can be changed to show your geolocation using Yahoo Maps or Windows Live Maps instead, visiting this website with a VPN shows the ISP/Organization, this is useful to know what company the VPN service has rented its servers from.
InfoSniper find out computer IP address
IP.cc: A quick to type URL to learn your computer IP address, it takes less time to load than a map, it will also let you know your browser language settings which can be used to know your native language even if your are using a proxy, browser language set up is visible by all websites you visit, it can be changed using browser settings, IP.cc also tells you if Java and Javascript are enabled.
NOTE: You might be using a VPN proxy server physically located in for example Germany, and you could notice that some websites detect your computer IP as located somewhere else, like for example the Netherlands, this happens because although the server is located in Germany, the company that owns that server is located in the Netherlands. A web based look up tool will correctly identify your IP geolocation, but advertisers and music or video services might not, as far as they are concerned if the company is Dutch, they will show you Dutch adverts/services believing the company that owns that webserver is your local ISP.
Find your computer IP address in Windows
Go to the Start button (Windows logo), type the words cmd or command in the search box and click on enter to launch cmd (command line Windows), type netstat -n to see a list of active connections, these are all of your computer Internet activities, your IP is listed under foreign address, the number after the colon (:) is the port number your computer is connecting to, port 80 is for http traffic (web browsing), 21 for FTP, 143 for IMAP, etc.To see more information on what programs are connecting to the IP addresses shown type netstat -nabHow to find your IP address using Windows cmd
Go to Windows command prompt as explained above and type ipconfig, your computer IP address is listed where it says IPv4 (unless you are using IPv6), if you are using a wireless router you will notice that IPv4 is listed twice, one of them belongs to the Ethernet (wired) connection, and the other to the Wi-fi (wireless) connection, to find out advanced information like your hostname, DNS server and MAC address then type ipconfig /all
NOTE: If you are using a proxy server to connect to the Internet, Windows command prompt will show your real IP and not the VPN or proxy IP you are using, you will still be surfing anonymously on the Internet. You require administrator rights to launch Windows command prompt.
TIP: If you would like to know your network card physical address type getmac -v in Windows command prompt (cmd), this address is not visible to the websites you visit but your Internet Service Provider or Wifi Access Point will see it when you lease an IP from them, it can only be changed using special software (MAC changer).
Find out your IP address with Javascript
You could set up simple find your IP address website on your own webspace, a free webhost can do the trick, all you have to do is to upload a single HTML page with a small Javascript code inserted in between the <head></head> tags,right before the <body>, HTML code placed inside the <head> tags is not visible to visitors, it is used to instruct the browser where to find style sheets or to place scripts.
Most ISPs will use the Dynamic Host Configuration Protocol (DHCP) to assign you an IP address, the computer IP address will change with each connection/disconnection, the longer you stay disconnected from the Internet, the more chances there are that your former IP address will be given to someone else. A static IP address remains always the same, they are typically used for routers (corporate) and servers that need to have a permanent IP as this is linked to applications and hardware.
The most obvious way to find out if your ISP or network administrator has assigned you a static or dynamic IP address is by asking them, if you are unable to do this another way is by disconnecting your computer from the Internet and see if you are given the same IP address when you reconnect, make sure to allow some time in between disconnections so that the DHCP server can reassign the old IP to a different user if you are in a dynamic IP environment, if nobody else requests an IP from the server while you are disconnected you will be given the same IP address and it will look as if it is a static IP.
ipconfig all Windows command prompt
If you have administrator rights launch Windows command prompt (cmd) and type ipconfig /all you will see a line that says DHCP Enabled indicating Yes or No, if it says yes then you have a dynamic IP address.
You can force a DHCP server to give you a new IP by releasing the connection and typing ipconfig /release which will terminate your Internet connection, after a few minutes type ipconfig /renew to get a new IP.
If you do not have administrator rights, unplug your network cable from the computer, this will disconnect it from the Internet, wait for some minutes, and reconnect the network cable, now you can see if a new IP has been assigned or you keep the old one indicating it is a static IP address.
Once malware has entered in your computer the first thing it might try to do is to disable your antivirus and firewall, online antivirus scanners can scan all of your hard disk, not just a single file, the great advantage of online antivirus scanners is that you will be sure that it has been updated and it can not be disabled because it resides on a server, the disadvantages are privacy concerns as you will have to allow access to your computer files and having to install ActiveX or Java.
It is recommended that you temporarily disable your offline antivirus software before scanning your computer online with a second antivirus, it will not harm your operating system running both antivirus but it will slow down the scan.
List of online antivirus scanners
ESET antivirus online scanner: Using the same ThreatSense® scanning technology and signatures than ESET Smart Security and NOD32 Antivirus to detect well known Trojans, viruses and warms, it detects zero day Internet threats through heuristics (a way to detect software malicious behavior), it requires administration rights and ActiveX enabled in Internet Explorer to run, supported browsers include Firefox, Opera, Safari and Chrome.
It includes rootkit detection and you will not have to register any details to use this online antivirus scanner, one click is all that is needed after installing the components, they can be easily uninstalled once finished, a log file will be stored locally indicating what actions have been performed by ESET antivirus in your computer. You can select specific folders or files for virus scanning, when it detects malware it will delete or quarantine them in a special folder, quarantined files can be restored later on if you are convinced it is a false positive.
ESET online antivirus scanner
BitDefender antivirus online scanner: Bitdefender Quickscan runs in the cloud and detects malware and spyware, it uses very low Computer Power Processor as most of the action happens in the server where the antivirus software is hosted, you can scan your PC by visiting Bitdefender online antivirus website or installing a browser extension or widget, bear in mind that this antivirus will only detect malware that is active already in memory, inactive virus bodies are not scanned.
Bitdefender is a paid for antivirus software and you can now scan your computer online for free using the same antivirus signatures that their paid product uses, however there are no configuration options like the offline version has.
Bitdefender antivirus online
F-Secure antivirus online scanner: It needs Java installed in your computer to run, it will flag tracking cookies as spyware, and they actually are, just do not be scared when you see the word spyware next to a cookie as it is easy to remove. You can run this online antivirus in multiple languages, just choose your preference before starting the scan, there is no need to install anything as everything runs in Java.
F-Secure online antivirus scanner
Zoner antivirus online scanner: It can scan Windows or Linux computers for viruses using Internet Explorer, Firefox and Opera, it only needs Java to run. It uses signature based virus detection, an appropriate system to detect well known malware by comparing file contents with their database, complex and new viruses are detected using dynamic code emulation which simulates the execution of a program to see what it does, dynamic and static heuristic analysis is used by Zoner AV to detect malware, compressed files (.zip, .rar, .7z, .gz, etc) will be automatically unpacked to scan them for viruses.
