Leaked U.S. document links China to Google attack

The information came from the latest WikiLeaks release

The cache of more than 250,000 U.S. Department of State cables that WikiLeaks began releasing on Sunday includes a document linking China's Politburo to the December 2009 hack of Google's computer systems.

The U.S. Embassy in Beijing was told by an unidentified Chinese contact that China's Politburo "directed the intrusion into Google's computer systems," the New York Times reported Sunday, citing a single leaked State Department cable.
"The Google hacking was part of a coordinated campaign of computer sabotage carried out by government operatives, private security experts and Internet outlaws recruited by the Chinese government. They have broken into American government computers and those of Western allies, the Dalai Lama and American businesses since 2002, cables said," the Times reported.
The cable is another piece of evidence, albeit thinly sourced, linking China to the Google attack. Wikileaks is gradually releasing this latest set of cables, and the document in question was not available on WikiLeaks' Web site at press time. The Times, along with a handful of other newspapers, was given early access to the documents.
Security experts have linked the attacks to servers at a university used by the Chinese military, and both Google and the State Department implied that they thought China was behind the attacks when they were first disclosed in January, but nobody has produced conclusive proof that they were state-sponsored.
Google was one of more than 30 companies targeted in the attacks, known as Aurora. Google said the primary goal of the hackers was to access the Gmail accounts of human rights activists, and that the attack apparently failed.
Within hours of Google acknowledging the Aurora attacks, the State Department issued a statement, saying the attacks were serious and asking the Chinese government for an explanation.
The state documents are the latest blockbuster disclosure to come from the document-leaking organization. Earlier this year, WikiLeaks came under fire from U.S. authorities after releasing hundreds of thousands of military documents relating to the U.S. wars in Afghanistan and Iraq.
Wikileaks and State Department representatives could not be reached immediately for comment Sunday. Earlier this year, the State Department said that it regrets, "all of the activities that WikiLeaks has done, past, present, and future."

Biography Bill Gates

Biography Bill Gates

Biography Bill Gates 2009 DVDRip XviD – RiPPERS – 350M
Language: Englis
Release Date: 1
Video: MPEG-4 XviD 512×384 25Fp
Audio: MP3 128Kbps 2Channel
Size: 350M
Runtime: 00:43:3
William (Bill) H. Gates is chairman of Microsoft Corporation, the worldwide leader in software, services and solutions that help people and businesses realize their full potential.
Microsoft had revenues of US$51.12 billion for the fiscal year ending June 2007, and employs more than 78,000 people in 105 countries and regions.
On June 15, 2006, Microsoft announced that effective July 2008 Gates will transition out of a day-to-day role in the company to spend more time on his global health and education work at the Bill & Melinda Gates Foundation. After July 2008 Gates will continue to serve as Microsoft’s chairman and an advisor on key development projects. The two-year transition process is to ensure that there is a smooth and orderly transfer of Gates’ daily responsibilities. Effective June 2006, Ray Ozzie has assumed Gates’ previous title as chief software architect and is working side by side with Gates on all technical architecture and product oversight responsibilities at Microsoft. Craig Mundie has assumed the new title of chief research and strategy officer at Microsoft and is working closely with Gates to assume his responsibility for the company’s research and incubation efforts.
Born on Oct. 28, 1955, Gates grew up in Seattle with his two sisters. Their father, William H. Gates II, is a Seattle attorney. Their late mother, Mary Gates, was a schoolteacher, University of Washington regent, and chairwoman of United Way International.
Gates attended public elementary school and the private Lakeside School. There, he discovered his interest in software and began programming computers at age 13.
In 1973, Gates entered Harvard University as a freshman, where he lived down the hall from Steve Ballmer, now Microsoft’s chief executive officer. While at Harvard, Gates developed a version of the programming language BASIC for the first microcomputer – the MITS Altair.
In his junior year, Gates left Harvard to devote his energies to Microsoft, a company he had begun in 1975 with his childhood friend Paul Allen. Guided by a belief that the computer would be a valuable tool on every office desktop and in every home, they began developing software for personal computers. Gates’ foresight and his vision for personal computing have been central to the success of Microsoft and the software industry.
Under Gates’ leadership, Microsoft’s mission has been to continually advance and improve software technology, and to make it easier, more cost-effective and more enjoyable for people to use computers. The company is committed to a long-term view, reflected in its investment of approximately $7.1 billion on research and development in the 2007 fiscal year.
In 1999, Gates wrote Business @ the Speed of Thought, a book that shows how computer technology can solve business problems in fundamentally new ways. The book was published in 25 languages and is available in more than 60 countries. Business @ the Speed of Thought has received wide critical acclaim, and was listed on the best-seller lists of the New York Times, USA Today, the Wall Street Journal and Amazon.com. Gates’ previous book, The Road Ahead, published in 1995, held the No. 1 spot on the New York Times’ bestseller list for seven weeks.
Top row: Steve Wood (left), Bob Wallace, Jim Lane. Middle row: Bob O’Rear, Bob Greenberg, Marc McDonald, Gordon Letwin. Bottom row: Bill Gates, Andrea Lewis, Marla Wood, Paul Allen. December 7, 1978.
Top row: Steve Wood (left), Bob Wallace, Jim Lane. Middle row: Bob O’Rear, Bob Greenberg, Marc McDonald, Gordon Letwin. Bottom row: Bill Gates, Andrea Lewis, Marla Wood, Paul Allen. December 7, 1978.
Gates has donated the proceeds of both books to non-profit organizations that support the use of technology in education and skills development.
In addition to his love of computers and software, Gates founded Corbis, which is developing one of the world’s largest resources of visual information – a comprehensive digital archive of art and photography from public and private collections around the globe. He is also a member of the board of directors of Berkshire Hathaway Inc., which invests in companies engaged in diverse business activities.
Philanthropy is also important to Gates. He and his wife, Melinda, have endowed a foundation with more than $28.8 billion (as of January 2005) to support philanthropic initiatives in the areas of global health and learning, with the hope that in the 21st century, advances in these critical areas will be available for all people. The Bill and Melinda Gates Foundation has committed more than $3.6 billion to organizations working in global health; more than $2 billion to improve learning opportunities, including the Gates Library Initiative to bring computers, Internet Access and training to public libraries in low-income communities in the United States and Canada; more than $477 million to community projects in the Pacific Northwest; and more than $488 million to special projects and annual giving campaigns.
Gates was married on Jan. 1, 1994, to Melinda French Gates. They have three children. Gates is an avid reader, and enjoys playing golf and bridge.
Some unknown facts
- He has an IQ of 160
- He dropped out (DO) of Harvard University in 1975
- His company, Microsoft, went public on 28 October 1985, his 30th birthday.
- He Became a billionaire (US dollars) at age 31, making him the youngest self-made billionaire in history.
- He has been the richest man in the world consistently every year since 1998.
- As of 2005, his personal fortune was in excess of $46 billion.
- He was diagnosed with Asperger’s Syndrome.
Download
http://hotfile.com/dl/33358353/9538718/bg-RiPPERS.part1.rar_shytex.com.html
http://hotfile.com/dl/33358378/7c5701b/bg-RiPPERS.part2.rar_shytex.com.html
http://hotfile.com/dl/33358408/591536d/bg-RiPPERS.part3.rar_shytex.com.html
http://hotfile.com/dl/33358426/7569ecd/bg-RiPPERS.part4.rar_shytex.com.html
 

Password default : Top2Read.info

 

DDoS Attacks and Torrent Sites

DDoS Attacks and Torrent Sites

If anyone has been following the recent news about anti-piracy companies trying to take torrent sites offline by DDoSing them, then you’ll know that this was a bad idea from the start, if not here’s a brief recap.
Aiplex Software is a company that has been trying to take down torrent sites for a while now. As they weren’t getting anywhere, they decided to take on a new approach, and DDoS the torrent sites instead. It was suspected that this was the case for a while, but then to save everyone the effort, the nice guys over at Aiplex Software openly admitted that they were doing it, big mistake!

As the Internet is a wonderful medium for communication, there was a scheduled DDoS attack against Aiplex Software which took their site offline for a fair amount of time, until all the attackers then decided that moving onto the MPAA website was a better idea. The MPAA was forced to move it’s site to a new IP address after being down for 18 hours.

An attack was launched against the RIAA in the same manner, and knocked the web site of the Internet for a good few hours.

All this was done via various means of communication, using the tool LOIC (Low Orbit Ion Cannons) and a bunch of anonymous supporters that weren’t afraid to stand up for what they believed in.

Whether these attacks were right or wrong is purely a matter of opinion, but more to the point is the amount of damage that can be done.

In the past, if people wanted to protest, they would all gather in groups with placards and march around yelling various slogans, this usually happened outside the offending parties premises. If it got out of hand, the police would be called in to disperse the crowd, and everything was back to normal. However now in the age of the Internet, people are free to participate from the comfort of their own homes, just by downloading a program, typing in an IP address or hostname and clicking “Attack”. These people won’t be traced if the attack is coordinated properly, as it’s next to impossible to trace where all the packets are coming from if you have a large amount of people doing this at the same time. Even if people were traced, there is always the “Botnet defense” (My PC must have been infected by something and become part of a botnet, I ran my anti-virus program and removed some things, and now it all seems fine).

As security professionals we need to look at this as the shape of things to come, what if an online retailer annoyed a few of it’s customers, or if an online gambling or finance site was just “asking for it”. All it takes is the right form of communication and a few thousand people, and poof, the site is off the Internet if it doesn’t have the correct protection mechanisms in place.

As security professionals, do you do your best to protect your companies online assets from DDoS attacks? Or are you mainly concentrating on making sure the web sites are coded securely, that the web servers have been hardened and patched up to date…

I’m really interested to hear everyone’s comments on this one, so please leave them below.

Cookie Poisoningla

Subjected to Defend Hackers

 Cookie Poisoning

Guys ..today we gonnna discuss about Web Application Security..!!

As I think u people Would Kno The Diff between Web n Network Security..

Cookie Poisoning attacks involve the modification of the contents of a cookie (personal information stored in a Web user's computer) in order to bypass security mechanisms. Using cookie poisoning attacks, attackers can gain unauthorized information about another user and steal their identity.

Details

Many Web applications use cookies to save information (user IDs, passwords, account numbers, time stamps, etc.). The cookies stored on a user's hard drive maintain information that allows the applications to authenticate the user identity, speed up transactions, monitor behavior, and personalize content presented to the user based on identity and preferences. For example, when a user logs into a Web site that requires authentication, a login CGI validates his username and password and sets a cookie with a numerical identifier in the user's browser. When the user browses to another page, another CGI (say, preferences.asp) retrieves the cookie and displays personalized content according to the values contained in the cookie.

 Cookie poisoning is in fact a Parameter Tampering attack, where the parameters are stored in a cookie. In many cases cookie poisoning is more useful than other Parameter Tampering attacks because programmers store sensitive information in the allegedly invisible cookie. For example, consider the following request:

GET /store/buy.asp?checkout=yes HTTP/1.0 Host: www.onlineshop.com

    Accept: */* Referrer: http://www.onlineshop.com/showprods.asp

    Cookie: SESSIONID=570321ASDD23SA2321; BasketSize=3; Item1=2892;

    Item2=3210; Item3=9942; TotalPrice=16044;

Add Yield Manager (DefendHackers)

In this example, the dynamic page requested by the browser is called buy.asp and the browser sends the parameter checkout to the Web server with a yes value, indicating that the user wants to finalize his purchase. The request includes a cookie that contains the following parameters: SESSIONID, which is a unique identification string that associates the user with the site, BasketSize (how many items are in the purchase), the price of each item and the TotalPrice. When executed by the Web server, buy.asp retrieves the cookie from the user, analyzes the cookie's parameters and charges the user account according to the TotalPrice parameter. An attacker can change, for example, the TotalPrice parameter in order to get a "special discount".

Since programmers rely on cookies as a location for storing parameters, all parameter attacks including SQL Injection, Cross-Site Scripting, and Buffer Overflow can be executed using cookie poisoning.

Prevention

Detection of cookie poisoning attacks involves compound HTTP statefulness. The intrusion prevention product must trace down cookies "set" commands issued by the Web server. For each set command the product should store important information such as the cookie name, the cookie value, the IP address and the session to which that cookie was assigned as well as the time it was assigned. Next the product needs to intercept each HTTP request sent to the Web server, retrieve the cookie information out of it and check it against all stored cookies. If the attacker changes the content of a cookie the product should be able to identify that using the information it stores on the specific user. The product must trace application-level sessions and not just IP addresses in order to provide accurate results. 

A Scenario From Use Case Model Tool(Defend Hackers)

Intrusion Detection and Prevention Systems which are not Web application oriented simply do not provide this functionality.

Researchers Working Around this flaw and Often Tools are available Google it ..!! 

Like It..Drop Comments..!!