Nessus Installation @ Backtrack R3

1.   This post speaks less and shows more about how to install Nessus in Backtrack R3.Also it is assumed that the user is connected to the Internet while installation is in progress.

First Step :  Get to the terminal and type apt-get install nessus

 closer look to the above screen shot as in terminal.

 This screen shot shows a progress shot whilst installation is in progress....

 Installation gets over here....as seen

 Second Step : Creating a user for login into the Nessus Interface.........

 You get to see the following after you have created the user....

 Third step : Visit the website as seen in the screen shot below :
 

 Fourth Step : Click on the Home user option and register with your e-mail id.You get a activation key in few seconds at your e-mail.

 Fifth Step :  After you get the key...type in the following syntax followed by the key that you get in ur email id....

 A closer look of the above screen shot

 After you the user is registered he gets to see the following screen :

 Sixth Step : Now open your Backtrack Mozilla Browser and type in the following address as shown in the screen shot here.This initialising takes a little time...mine took 4 minutes and more...

 A closer look at the address .......

 Once initialised you get the following screen for login

 Here you are...the login screen for Nessus...

Operation b70 : Microsoft Disrupts the Emerging Nitol Botnet Being Spread through an Unsecure Supply Chain

In continuation with the last post, here is more from Microsoft.Please go through this brave but honest confession from Microsoft.......ummmm!!!!I would not say confession but actually Microsoft's attempt to save millions of innocent users...must read for info at

http://blogs.technet.com/b/microsoft_blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx

The Gawker case : EXPERIENCING A HACK

1.   A six-letter password in lower-case text takes a hacker's computer just 10 minutes to crack. But make those letters upper-case and it takes 10 hours for it to randomly work out your password. Thus simply upper-casing your password can minimise a hacker's chance of finding out your account.Add numbers and/or symbols to your password and the hacker's computer has to work for 18 days.Despite widespread warning, 50 per cent of people choose a common word or simple key combination for their password.The most used passwords are 123456, password, 12345678, qwerty and abc123. 

2.   I read about the Gawker case recently wherein the subject media firm Gawker urged subscribers to change their passwords after its user database was hacked and more than 1.3 million passwords were stolen.Now imagine some one like Yahoo or Google requesting one fine day on a similar line....won't our heart come out????

3.   The exact Gawker announce ment goes like this 

“Our user databases appear to have been compromised. The passwords were encrypted. But simple ones may be vulnerable to a brute-force attack. You should change your Gawker password and on any other sites on which you’ve used the same passwords. We’re deeply embarrassed by this breach. We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems. And, yes, the irony is not lost on us.”

4.   The problem emanated when Gawker recently launched a multi-site redesign thatthat failed spectacularly, leading visitors to blank pages. The culprit was a misbehaving piece of JavaScript, but when a single line of JavaScript causes your entire suite of sites to fail you no longer have websites, you have, well, nothing.The problem with Gawker’s redesign is that it uses JavaScript to load everything. That means that, not only is there no chance for the site to degrade gracefully in browsers that don’t have JavaScript enabled, the smallest JavaScript typo can crash the entire website.

5.   Now we all have seen it personally as we sometimes tend to have the same password for multiple accounts on the web.....this could be a simple fall like a pack of cards...one point failure leads to the complete fort coming down.....so guys...take care....change ur passwords for better and stronger security.....

Operation Pay Back & LOIC

A good one to read about the link between Mega D Botnet,Operation Pay Back with the aid of LOIC @ here