Wednesday, 28 September 2011
Happy Dashain 2011
We, the team of techgaun.com would like to wish all Hindus and Nepali people happy vijaya dashami 2066/2011 and we hope this Dashain brings peace, prosperity and love in each and every house of Nepal and we also hope that the country finds some right direction to attain political stability.
Read more...
Read more...
Happy Dashain 2011
2011-09-28T17:40:00+05:45
capricious solace
festivals and celebrations|happy dashain|
Comments
Labels:
festivals and celebrations,
happy dashain
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Shutter : Advanced Screenshot Tool For Linux
The default screenshot tool in linux(I'm using ubuntu 10.10) does not have much features as some of you might have desired but there exists yet another tool known as Shutter that has lots of functionalities as a screenshot tool. Shutter is a feature rich screenshot tool available for many flavours of linux distribution.
With shutter, you can take a screenshot of a specific area, window, your whole screen, or even of a website – apply different effects to it, draw on it to highlight points, and then upload to an image hosting site, all within one window. There are numerous plugins written in Perl and bash included within the shutter as plugins and you can give different sexy looks to your screenshot. So for a blogger, writer and screen-sharer, this tool is a must if you are using linux.
To install shutter, either open the software centre according to your distro, search for shutter and install from there. For ubuntu, you can alternatively type the following from your terminal to install shutter:
To open shutter, click on Applications -> Accessories -> Shutter. Then you can use various features of shutter to take screenshots of window, selection, websites and full screen and then edit your screenshot, hide the sensitive areas and apply effects of your choice to the screenshots.
Some sample screenshots of the tool itself:
GUI of shutter:
Screenshot of website:
Screenshot of selection:
Read more...
With shutter, you can take a screenshot of a specific area, window, your whole screen, or even of a website – apply different effects to it, draw on it to highlight points, and then upload to an image hosting site, all within one window. There are numerous plugins written in Perl and bash included within the shutter as plugins and you can give different sexy looks to your screenshot. So for a blogger, writer and screen-sharer, this tool is a must if you are using linux.
To install shutter, either open the software centre according to your distro, search for shutter and install from there. For ubuntu, you can alternatively type the following from your terminal to install shutter:
sudo apt-get install shutter
To open shutter, click on Applications -> Accessories -> Shutter. Then you can use various features of shutter to take screenshots of window, selection, websites and full screen and then edit your screenshot, hide the sensitive areas and apply effects of your choice to the screenshots.
Some sample screenshots of the tool itself:
GUI of shutter:
Screenshot of website:
Screenshot of selection:
Read more...
Shutter : Advanced Screenshot Tool For Linux
2011-09-28T17:13:00+05:45
Cool Samar
graphics|linux|screenshot|software|ubuntu|
Comments
Labels:
graphics,
linux,
screenshot,
software,
ubuntu
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Tuesday, 27 September 2011
Qt4 Development Using Monkey Studio
Monkey Studio is a free and open-source crossplatform Qt 4 IDE. It is developed using the Qt library itself, meaning it will run on any platform supported by Qt 4. This allows you to work on the same project on multiple platforms using the same IDE. Monkey Studio uses the Qt Project file (.pro) to manage the project, and there are no extra files created.
With a active forum and wiki, Monkey Studio IDE offers pretty cool features for developing Qt4 Apps. Its noticeable features are:
- Monkey Studio also features * Advanced, customizable code editor, based on QScintilla.
- Syntax highlighting for more than 22 programming languages
- Templates wizard - create files or projects from templates
- Code restyling - quickly fix/update style of your code using AStyle
- Qt Designer integration
- Qt Assistant integration
To install MonkeyStudio in ubuntu, open the terminal and type:
For downloads for other platforms and more information, visit official website.
Read more...
With a active forum and wiki, Monkey Studio IDE offers pretty cool features for developing Qt4 Apps. Its noticeable features are:
- Monkey Studio also features * Advanced, customizable code editor, based on QScintilla.
- Syntax highlighting for more than 22 programming languages
- Templates wizard - create files or projects from templates
- Code restyling - quickly fix/update style of your code using AStyle
- Qt Designer integration
- Qt Assistant integration
To install MonkeyStudio in ubuntu, open the terminal and type:
sudo apt-get install monkeystudio
For downloads for other platforms and more information, visit official website.
Read more...
Qt4 Development Using Monkey Studio
2011-09-27T07:51:00+05:45
Cool Samar
development|ide|monkey studio|programming|qt|software|
Comments
Labels:
development,
ide,
monkey studio,
programming,
qt,
software
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Monday, 26 September 2011
RSS and Related Security Issues For Business People
While RSS is a very simple way to expand your business and nothing complex is involved in RSS feed systems, you should never underestimate the security issues in any digitized systems, not even in really simple technology like RSS. A business company should always be aware of possible security risks in any system they are employing to help them in their tasks.
Most of you might believe there would not be much security issues in RSS feeds and feel that you need not worry about any cases of exploiting of your system but that's just a myth. Malicious attackers can inject scripts inside the feeds and affect thousands of feed readers with even a single vulnerability discovered in the popular RSS reader or aggregators.
Bad HTML or javascript can be injected as malware inside the feeds and if your business is gathering content from other sources and adding them to feeds, your feeds are likely to be affected by such malwares. Such scripts are generally injected in the feed titles, descriptions, links and other components of the RSS feeds. The scripts injected can exploit the possible vulnerabilities in the RSS readers of your subscribers leading to possible control of your subscriber's PC by the attacker. This can open possible backdoors by the installation of trojans or keyloggers using the proper exploits such as browser exploits, activex exploits, etc. and let the attacker steal the data by using possible local zone security attacks which can be the worst thing you can imagine happening to your business as customers are the life blood of every business and you engage customers everywhere. And if your customers are affected, then ultimately your business will be affected. Hence extreme care should be taken while importing content from other sources to develop your RSS contents.
Many times business owners like to include the comments from subscribers in the RSS contents and mostly they hardly watch the actual content in those comments. There is always a possibility of injection of malicious scripts in those comments as well. So proper filtering and stripping mechanism has to be employed before storing new contents to your RSS feeds rather than just storing those comments in the feed contents. The HTML tags such as script, embed, object, etc. are the ones that must be stripped out in most cases to avoid possible security issues. Also, using safe and secure RSS reader or aggregator is a good approach to RSS security. So you should choose the most secure RSS reader or aggregator from the available ones and suggest those to your subscribers. Also, make sure that your customers and employees use the latest and patched version of the reader so that maximum level of security is ensured.
In many cases, the RSS generators and other services in the RSS servers are also prone to security attacks and the attackers might be able to gain certain level of privilege in the system. In such case, the attackers can replace the original RSS feeds with their own affected version of RSS feeds which will then be delivered to your customers affecting your customers and your business as well. This can be devastating as this might lead not only to the script injections in the feeds but also stealing of many sensitive information from the server. For example, if your RSS server is used to host your business website or maybe for file sharing, the critical data related to them might be compromised as well. So proper security assessment of the server and network from the security professionals is necessary before taking your system live for production usage.
As a business owner, you must understand that security is a necessity in any system, be it a physical system or be it a digitized and online system and RSS is not an exception to this. If you want to succeed as a business owner, you should never underestimate the need of security and privacy and you should employ proper level of security as discussed above in the RSS system. Security in RSS system will ensure gaining of customers and expansion and promotion of your business so do not miss security practices in your RSS feed contents.
Read more...
Most of you might believe there would not be much security issues in RSS feeds and feel that you need not worry about any cases of exploiting of your system but that's just a myth. Malicious attackers can inject scripts inside the feeds and affect thousands of feed readers with even a single vulnerability discovered in the popular RSS reader or aggregators.
Bad HTML or javascript can be injected as malware inside the feeds and if your business is gathering content from other sources and adding them to feeds, your feeds are likely to be affected by such malwares. Such scripts are generally injected in the feed titles, descriptions, links and other components of the RSS feeds. The scripts injected can exploit the possible vulnerabilities in the RSS readers of your subscribers leading to possible control of your subscriber's PC by the attacker. This can open possible backdoors by the installation of trojans or keyloggers using the proper exploits such as browser exploits, activex exploits, etc. and let the attacker steal the data by using possible local zone security attacks which can be the worst thing you can imagine happening to your business as customers are the life blood of every business and you engage customers everywhere. And if your customers are affected, then ultimately your business will be affected. Hence extreme care should be taken while importing content from other sources to develop your RSS contents.
Many times business owners like to include the comments from subscribers in the RSS contents and mostly they hardly watch the actual content in those comments. There is always a possibility of injection of malicious scripts in those comments as well. So proper filtering and stripping mechanism has to be employed before storing new contents to your RSS feeds rather than just storing those comments in the feed contents. The HTML tags such as script, embed, object, etc. are the ones that must be stripped out in most cases to avoid possible security issues. Also, using safe and secure RSS reader or aggregator is a good approach to RSS security. So you should choose the most secure RSS reader or aggregator from the available ones and suggest those to your subscribers. Also, make sure that your customers and employees use the latest and patched version of the reader so that maximum level of security is ensured.
In many cases, the RSS generators and other services in the RSS servers are also prone to security attacks and the attackers might be able to gain certain level of privilege in the system. In such case, the attackers can replace the original RSS feeds with their own affected version of RSS feeds which will then be delivered to your customers affecting your customers and your business as well. This can be devastating as this might lead not only to the script injections in the feeds but also stealing of many sensitive information from the server. For example, if your RSS server is used to host your business website or maybe for file sharing, the critical data related to them might be compromised as well. So proper security assessment of the server and network from the security professionals is necessary before taking your system live for production usage.
As a business owner, you must understand that security is a necessity in any system, be it a physical system or be it a digitized and online system and RSS is not an exception to this. If you want to succeed as a business owner, you should never underestimate the need of security and privacy and you should employ proper level of security as discussed above in the RSS system. Security in RSS system will ensure gaining of customers and expansion and promotion of your business so do not miss security practices in your RSS feed contents.
Read more...
RSS and Related Security Issues For Business People
2011-09-26T16:24:00+05:45
Cool Samar
beginner|rss|security|
Comments
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Monday, 12 September 2011
Facebook Pwn - Facebook Profile Dumper Tool
FBPwn is a cross-platform Java based Facebook profile dumper, sends friend requests to a list of Facebook profiles, and polls for the acceptance notification. Once the victim accepts the invitation, it dumps all their information,photos and friend list to a local folder.
Usage
A typical scenario is to gather the information from a user profile. The plugins are just a series of normal operations on FB, automated to increase the chance of you getting the info.
Typically, first you create a new blank account for the purpose of the test. Then, the friending plugin works first, by adding all the friends of the victim (to have some common friends). Then the clonning plugin asks you to choose one of the victims friends. The cloning plugin clones only the display picture and the display name of the chosen friend of victim and set it to the authenticated account. Afterwards, a friend request is sent to the victim's account. The dumper polls waiting for the friend to accept. As soon as the victim accepts the friend request, the dumper starts to save all accessable HTML pages (info, images, tags, ...etc) for offline examining.
After a a few minutes, probably the victim will unfriend the fake account after he/she figures out it's a fake, but probably it's too late!
Check FBPwn Google Code Page
Read more...
Usage
A typical scenario is to gather the information from a user profile. The plugins are just a series of normal operations on FB, automated to increase the chance of you getting the info.
Typically, first you create a new blank account for the purpose of the test. Then, the friending plugin works first, by adding all the friends of the victim (to have some common friends). Then the clonning plugin asks you to choose one of the victims friends. The cloning plugin clones only the display picture and the display name of the chosen friend of victim and set it to the authenticated account. Afterwards, a friend request is sent to the victim's account. The dumper polls waiting for the friend to accept. As soon as the victim accepts the friend request, the dumper starts to save all accessable HTML pages (info, images, tags, ...etc) for offline examining.
After a a few minutes, probably the victim will unfriend the fake account after he/she figures out it's a fake, but probably it's too late!
Check FBPwn Google Code Page
Read more...
Facebook Pwn - Facebook Profile Dumper Tool
2011-09-12T22:53:00+05:45
Cool Samar
facebook|hacking|information gathering|
Comments
Labels:
facebook,
hacking,
information gathering
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Simple Movie Searching Trick with Google
While this post is not anything other than just another simple google dork for advanced google users, it still will help a lot of net beginners to search movies using google.
The trick for searching movies is just another usage of directory browsing feature in many webservers. So our text would be something like below:
Just replace the movie name with the name of your movie and you are good to go. Moreover, you can customize this dork to include extensions(such as .avi, .mkv). Just be creative and you'll find most of the movies to download just by using google. And for download, I use axel or sometimes FatRat under linux.
For example, check the first result in the following dork for sniper movie. Yeah it is simple and really works.
Read more...
The trick for searching movies is just another usage of directory browsing feature in many webservers. So our text would be something like below:
"index of /" "parent directory" "movie name"
Just replace the movie name with the name of your movie and you are good to go. Moreover, you can customize this dork to include extensions(such as .avi, .mkv). Just be creative and you'll find most of the movies to download just by using google. And for download, I use axel or sometimes FatRat under linux.
For example, check the first result in the following dork for sniper movie. Yeah it is simple and really works.
"index of /" "parent directory" inurl:movies "sniper" ".avi"
Read more...
Simple Movie Searching Trick with Google
2011-09-12T09:43:00+05:45
Cool Samar
google hacking|tricks and tips|
Comments
Labels:
google hacking,
tricks and tips
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Nixory - A Light Antispyware Tool
Nixory is a light and handy open source antispyware tool aimed at removing malicious tracking cookies. It currently supports Mozilla Firefox, Google Chrome and Internet Explorer and it runs on all major OS including Windows, Linux and MacOSx.
For more information and download, visit nixory sourceforge page.
Read more...
For more information and download, visit nixory sourceforge page.
Read more...
Nixory - A Light Antispyware Tool
2011-09-12T09:32:00+05:45
Cool Samar
browser|security|software|
Comments
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
LinuxFoundation.org, Linux.com and their subdomains hacked
Linuxfoundation.org, linux.com and their subdomains have been compromised by the hackers and the linux foundation has taken all the related servers down for clean-up.
The index page of linuxfoundation.org and linux.com both state:
Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011. The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org.
We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information.
We apologize for the inconvenience. We are taking this matter seriously and appreciate your patience. The Linux Foundation infrastructure houses a variety of services and programs including Linux.com, Open Printing, Linux Mark, Linux Foundation events and others, but does not include the Linux kernel or its code repositories.
Please contact us at info@linuxfoundation.org with questions about this matter.
The Linux Foundation
Read more...
The index page of linuxfoundation.org and linux.com both state:
Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011. The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org.
We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information.
We apologize for the inconvenience. We are taking this matter seriously and appreciate your patience. The Linux Foundation infrastructure houses a variety of services and programs including Linux.com, Open Printing, Linux Mark, Linux Foundation events and others, but does not include the Linux kernel or its code repositories.
Please contact us at info@linuxfoundation.org with questions about this matter.
The Linux Foundation
Read more...
LinuxFoundation.org, Linux.com and their subdomains hacked
2011-09-12T09:23:00+05:45
Cool Samar
hacking|news|
Comments
Bookmark this post:blogger tutorials
Social Bookmarking Blogger Widget |
Subscribe to:
Posts (Atom)