Crimes and P2P Networks

By on Jan 10, 2007 in Featured, Internet, Security | 0 comments

P2P networks are intended to connect hosts that are connected to the Internet in order to interchange files directly, this method, technically, has a nice and smart idea behind it, but it takes the control away for authorities and digital content owners. One of the most discussed cases of P2P crimes is violation of intellectual properties rights, books, multimedia and software are subjects of this type of crimes. With a P2P network, one can search and find other peers that have or pretend having files that he or she needs. Searching the net reveals that there are many cases versus P2P companies and developers, such as GRANT T. STANLEY [CyberCrime.gov, 2006]. Distributing malware, viruses, worms and exploits are other important issues which its complexity is completely different from intellectual property issues. Computer literates know that downloading files might contain malwares that...

Email information leakage investigation

By on Jan 3, 2007 in Featured, Internet, Security | 0 comments

Precautionary actions: In order to prevent more information leakage, all incoming e-mails are forwarded to a temporary alias e-mail address. Afterward, one of the IT personnel is assigned to feed the mailbox with fake and unreal information that look real by which we can keep the criminal watching the mailbox. Digital evidence collection/reduction and collection: In this phase, all SMTP connections for mail relay, POP, IMAP and web connections that try to access this specific mail box should be recorded and logged, since we can not distinguish between different mailboxes while TCP connections are being intercepted, we need to recover contents of all TCP packets coming and leaving the mail server, after information recovery, we need to filter unwanted data and keep the necessary data. In order to intercept the packets we can use Ethereal in bottleneck of the network or on the mail...

Google Search Language Setting

By on Jan 30, 2005 in Internet | 0 comments

Since I use Google search in my website, I had a small problem with its results. Google normally checks your IP address, regional settings and cookies then return results in your language if its possible. In my case I got different languages in different browsers, when you create search profile in Google control panel, it does not provide any feature to set the search result language. To solve this, when you search normally through Google website, look through the query string showing in your address bar, a parameter named hl holds language name of the result, if you change its value like this hl=fa you will receive search result in Persian, and en is for English. For your website you need to add this inside Google search form for English language: For other languages, at this time, Goggle supports these languages: Persian=fa, Arabic=ar, English=en, Indonesian=id, Romanian=ro,...

How to use .htaccess files for APACHE HTTP Server

By on Jan 7, 2005 in Internet, Networking, Software and Tools | 0 comments

If you have important information which you don’t like to make them public, you can use .htaccess files to customize your directory. But you have to ask from your provider if they can provide you .htaccess file. I post this memo because lots of people use shared hosting services because of their cheap prices, so if you are going to put important information on those type of hosts, asking about this feature will help you for your further website developments. First of all you should have your passwd file to be uploaded on the server, or the hosting service provider should give you some tools to handle this file. After you create your passwd file you should put in a secure place that nobody can access it. of course you should be able to access it through FTP or webtools to handle users and passwords. If your provider doesn’t have these tools you can create password file...

Is it Microsoft bug or SQUID cache server bug?!

By on Dec 27, 2004 in Internet, Software and Tools | 0 comments

These days I received lots of complains from my network users about logging into HOTMAIL, I installed an squid cache server in the transparent mode and it was working fine. I found out that when a user use IE6 and after logging into HOTMAIL.COM, instead of mailbox a blank page was appeared! But with Netscape 7.2 which I normally use, there is no problem! After some work around the issue I found out that its because of header encoding which IE uses to place its requests. Getting rid of this problem is very easy but the concept from SQUID Cache server point of view is, we have to anonymize headers to not to use encodings. for SQUID version 2.5.STABLE7, use the following configuration in squid.conf: header_access Accept-Encoding deny all for SQUID Version 2.4.STABLE6 anonymize_headers deny Accept-Encoding the second configuration may work for HOTMAIL, but check with GMAIL this might not...

PF Firewalling small tip

By on Nov 20, 2004 in Internet, Networking, Software and Tools | 0 comments

I was trying to block HTTP access of one of my users, I have a SQUID Cache server/Gateway in my network bottleneck and I just use one of Ethernet ports of that server just for catching HTTP connections and cache contents, I also installed a PF as Firewall. As you may know with PF is very easy to block any kind of access inbound or outbound, I used following command to not to let my user be able to initiate HTTP requests by editting /etc/pf.conf: block in on bge0 proto tcp from to any port 80 But I experienced a strange thing, the client was able to use HTTP, I also checked my SQIUID, all user queries were passing through SQUID proxy, the reason was because PF redirects packets before any kind of filtering! IMPORTANT: PF redirects packets before any kind of filtering So then, I edited /etc/pf.conf like this: table {, ! } . . . rdr on bge0 proto tcp from to...

Page 1 of 212

Pin It on Pinterest