Friday, July 25, 2008

2

How FTP servers are hacked and get down

  • Friday, July 25, 2008
  • ATUL DOGRA
  • Share
  • One of my friend Shadab Nawaz from Digitalpoint forum was very sad because he provides online e-services on his website but his FTP server have been brutally hacked and hackers moved his websites to PORN content and filled his home pages with nude models .By this he faced some huge losses in online business and some of my clients also moved . After facing this incident he decided to go in depth and know that how they do all this .

    Shadab Nawaz from Magicsolv International share his tips in this article that how hackers do all this and how we can save ourselves . So the Prevention is better than cure .

    A Password Cracker is a piece of software that attempts to break into a system by trying many different user names and passwords.

    To break a password, a Password Cracker uses two methods of attack to break into your account.

    1) Brute Force Attack: In this type of attack, the software generates passwords of every possible combination of words, letters, or even symbols to try to break into your account. The longer the password, the longer it takes to break into the system. However, since computers are gearing up the speed every year (according to Moore's law, the computer speed doubles every 18 months), the time to break a password of any certain length reduces 50% every 1.5 years.

    2) Dictionary Attack: This is a more clever method in which the attacker uses a pool of words such as names, common vocabularies, etc., and tries various combinations of them to crack the system. The pool of effective possible choices to use in the trial and error process is much smaller than in a Brute Force Attack because of the more confined choices of numbers and letters to combine. It is very easy to get a word list. Do a search on Google for the search phrase "word list" to look for many databases available on the web.

    now lets come to the point.......How to Remember Your Password

    Coming up with a password which is both easy to remember and safe is no easy task. Try one or all of these different techniques to create a secure but memorable password.

    Develop a Truly Random Password and Use a Mnemonic Device
    (*) Use software or, less reliable but usually effective enough, simply jot down letters and numbers as they come to your mind.
    (*) Focus on each letter of the password. A way to remember a randomized, assigned difficult password, like "tthertd" can be simple and fun. Think of a sentence where there is one word beginning with each letter of the password, for example, "tthertd" could be "terrible tigers have every right to drive."

    Develop an Algorithm
    (*) Take the name of the website and then add the last four digits of a friend's home phone number to the end. (Don't use your own phone number, since a clever hacker could try the same algorithm in a dictionary attack.) The password for wikiHow might be "wikiHow4588". This is by way of example only because it is too easy for others to figure out but you would add your own personal twist. Maybe you would spell wikihow backwards. The more steps in your algorithm, and the more unpredictable each step is, the more secure your password.

    Combine the Best of You
    (*) Choose a favorite number (or two), a favorite word (or two), a favorite symbol (or two). Add the first one (or two) symbols that come to mind when you see the website address or the most prominent words on the sign-in page. Choose an order and put them all together into one long string.

    Remove the Vowels
    (*) Take a word or phrase and remove the vowels from it (for example, "eat the cheeseburger" becomes "tthchsbrgr").

    Use the Keyboard
    (*)
    If your password doesn't use the Q, A, or Z, you can hit the key to the left of your password. Or to the right if you don't use the P, L, or M. 'Speedracer' goes to both sides, but 'wikiHow' can become 'qujugiq' or 'eolojpe'. Shifting things up a key, choose left or right. 'wikiHow' becomes '28i8y92' or '39o9u03'. Shifting up and to the left is slightly more intuitive. Adding the other security measures afterwards is all trivial.

    Combine Small Words
    (*)
    Combine. A smart way to develop an easy to remember password is to combine three small words to make a single password. For example, you can use "howstopyes" or "earpengold". If you want an even easier to remember password, you can use words that are related to each other like "yesnomaybe". Be aware, however, that this is much less secure! It adds more security to capitalize the first letters of the different words: "ballzonecart" becomes "BallZoneCart".

    Connect the first letters
    (*)
    Develop a password using the first letters of a sentence or phrase that means something to you - like your national anthem or a slogan you have seen somewhere. 'Don't shop for it, Argos it' would become DsfiAi.

    Use a Password Manager
    (*) Use a password manager, such as "PasswordSafe", "Roboform" or "PassPack" to generate random passwords and then secure them using one master password.

    Mix Words
    (*)
    Choose two words and combine their letters to create the password, choosing one letter of the first word and one letter of the second word, and repeating this until you get to the last letter of each word. An example could be:
    Words: house & plane
    Password: hpoluasnee

    Some other tips too.............. i found them on the web....

    (*) Change numbers into Roman numerals for more security (i.e. iamcool2 becomes iamcoolii). You can even mix normal numbers and Roman numerals. 1i = 11; 1ii = 12; and so on.

    (*)When coming up with a mnemonic sentence, try and make the sentence funny or relevant to yourself. That way you will find it easier to remember the sentence, so you can remember the password.

    (*)The more complex and longer the password, the less likely it is to be cracked but it is often proportionately harder to remember.

    (*)Mixing letters and numbers is always safer than just using numbers or just using letters.

    (*)Try thinking of a name (BOB). Now use only every second letter, being BB. Then go back and plug any other letter you did not type. Your password would be BBO.

    Enjoy, and if you have other innovative ways to remember difficult passwords, let me know.

    PS: Shadab Nawaz have collected and compiled this info from various websites while i was got everything on dp and i am just sharing it with others .

    2 Responses to “How FTP servers are hacked and get down”

    Anonymous said...
    1:21 AM

    Great stuff....Thx to Mr. Shadab and digitalmail.blogspot.com. Keep it guys...you got a reg visitor to your blog. Really very informative.


    Anonymous said...
    8:55 AM

    Thanks for your complement Sanjay Sachaan . I hope you will get benefit from this post .


    Post a Comment

    Subscribe