Monday, November 7, 2016

TOP TEN ANDROID TIPS

1. Disable app downloads from unknown sources
The easiest way to get infected with malware on an Android phone or tablet is to start installing apps from outside the official Google Play app store. In the Settings menu of any standard Android device is a check box that enables and disables installing ‘unofficial’ apps. An Android that keeps itself legit is far safer.
2. Upgrade to Android and Dont save all your passwords on phone 
Upgrade the Android OS as much as the software update levelMany users tend to save their passwords to online services and sites on their device, never once thinking about what it would mean to a person who got their hands on the phone. Avoid having all important passwords saved in your device particularly when it comes to banking or payment apps  
3. Download an anti-malware app
Now that Android malware and viruses are a widely-recognised part of the smartphone world, there are many solutions to combat them. Most of the big antivirus (AV) companies have their own Android anti-malware apps, including Kaspersky, AVG, Avast and Norton 360 safe . 
4. Do not connect to unsecured, unknown Wi-Fi networks
An unsecured Wi-FI network can seem like a cheeky goldmine of free internet, but if you’re using an outdated version of Android in particular, it could prove dangerous. Imposter Wi-Fi networks can be used to stage a ‘middleman’ attack, where any inputted data can be intercepted by a third party – including passwords and personal details, such as credit card numbers.   
5. Install a remote wipe/lock app/ Enable Finger print sensor
If an Android device is lost or stolen, it is sensible to have a way to wipe or lock it. There are apps available from Google Play that will do just that, reacting to either a command from a web interface or via text. Popular remote wipe and lock apps include Cerberus and Avast Mobile Security.
6. Keep all sensitive data behind an extra encryption layer
Keeping sensitive information logged in a generic note on a phone or tablet is a bad idea. There are plenty of apps that will store information behind a double wall of password protection and encryption. Top picks include mSecure and File Hide Expert.  
7. Be aware of SMS threats
Premium SMS threats are partly responsible for the surge in Android malware. The Obad threat, which was brought to light earlier this year, can send premium rate SMS texts, install other malicious apps and execute other code. If there is mysterious activity on a phone bill, check it is not down to this type of attack.
8. Use the Chrome browser
Since Android 4.1 was introduced, phones and tablets have come with the stock Android browser as well as Chrome installed as standard. Chrome is marginally more secure than the stock version, having been subject to fewer publicised insecurities in recent months. It is also likely that Chrome for Android is being more keenly worked on, its pre-installed status marking it out as the future default browser for Android.  
9. Prepare A Backup Of Your Data
A backup of your precious data is a must-have in the day and age of smartphones. Picture the worst case scenario where your Android device has been stolen or hacked. The last thing you can do is perform a remote wipe . Without a backup, you will lose all your information in your device.
Even if you could retrieve your stolen phone, chances are that hackers that have managed to access your device will render it useless. If you have a backup however, you can still restore your Android device back to its original state. You can choose to backup important information to the Cloud, your desktop or even to a flash drive, for insurance.
10. Stolen phone? 




Many have done it – had a phone lost or stolen just before planning to buy phone insurance or install a phone tracker. There is one last point of call. Try to install Plan B to the phone from the Google Play website and, if successful, it will automatically send the location of the device to the Gmail account linked to it.

SAP BASIS Trace a User’s Activity

Trace a User’s Activity 

Creating a User Audit Profile 

  1. Log on to any client in the appropriate SAP system. 
  1. Go to transaction SM19. 
  1. From the top-most menu bar on the Security Audit: Administer Audit Profile screen, click Profile -> Create. 
  1. On the Create new profile popup, type in a new Profile name and click the green √ picture-icon. 
  1. On the Filter 1 tab of the Security Audit: Administer Audit Profile screen, click the □ to the left of Filter active to place a √ in the box. In the Selection criteria section, select the Clients and User names to be traced. In the Audit classes section, click “on” all the auditing functions you need for this profile. In the Events section, click the radio button to the left of the level of auditing you need. Once you have entered all your trace information, click the Save picture-icon. You will receive an Audit profile saved in the status bar at the bottom of the screen. 
  1. Please note that while the user trace profile has been saved, it is not yet active. To activate the user trace, see the next section Activating a User Audit Profile. 
  1. You may now leave the SM19 transaction. 

Activating a User Audit Profile 

  1. Log on to any client in the appropriate SAP system. 
  1. Go to transaction SM19. 
  1. On the Security Audit: Administer Audit Profile screen, select the audit profile to be activated from the Profile dropdown. Click the lit match picture-icon to activate it. You will receive an Audit profile activated for next system start in the status bar at the bottom of the screen. The audit will not begin until after the SAP instance has been recycled. 
  1. You may now leave the SM19 transaction. 

Viewing the Audit Analysis Report 

  1. Log on to any client in the appropriate SAP system. 
  1. Go to transaction SM20. 
  1. In the Selection, Audit classes, and Events to select sections of the Security Audit Log: Local Analysis screen, provide your information to filter the audit information. If you need to trace the activities of a specific user, be sure to include that user’s ID. Click the Re-read audit log button. 
  1. The resulting list is displayed. This list can be printed using the usual methods. 
  1. You may now leave the SM20 transaction. 

Friday, July 15, 2011

Phishing

So many phishing sites are coming in internet, so be care full of those sites.

Go through with this site and don't be a victim of phishing.


http://www.againstphishing.com/

http://www.focus.com/fyi/it-security/44-ways-protect-phishing/

KEY LOGGER

How to find (fight) keyloggers
If your computer is accessed by other people (or even if not) you may want to find if somebody tries to steal your private data. One of the most used ways to do this is by installing a keylogger, a software (or even worse hardware) that captures the user's keystrokes (and that means they can see your passwords, credit card data, private conversations, output e-mails...). Here are a few ways you can use to check if a keylogger is installed on your computer:

1. Use up to date anti virus and/or anti spyware software
Typically a good anti virus software will find most of the commercial keyloggers and maybe more. Keep the software up to date and don't forget to enable advanced detection features for best results (for example check "Potentially unwanted applications" in NOD32).

2. Use a special software tool
There are a bunch of anti-keylogger software on the market and you may get better results with those. I recommend you to use them if you think there is a high possibility to have a keylogger installed. For example I found Cyberhawk to be the only software that detected a custom made keylogger. Kasperky does a good job in this area too. Also check anti-spy.info. More examples:

http://www.microsoft.com/athome/security/spyware/software/default.mspx

3. Find it yourself
If you are more like an advanced user you can try finding keyloggers by using a few tools like regedit (registry editor) and/or Process Explorer. It will save you some money but it gets harder and harder to find advanced spyware. You can look here or here for more information about using Process Explorer.

You can also try some hot key combination that are used by this kind of software. Examples: Ctrl + Alt + X or Ctrl + Alt + Windows Key + X

--
Pasunorie HariPrasad

"Attitude comes from Behavior"
"Everybody wants to go to heaven, but nobody ready to die including myself"
"
Respect dos friends who find time4u in der busy schedule, But Love dos friends who never C der schedule ven u need them"

Tuesday, September 7, 2010

What is Security?

In the computer industry, the term security -- or the phrase computer security --


refers to techniques for ensuring that data stored in a computer cannot be read or compromised by any individuals without authorization.

Most computer security measures involve data encryption and passwords. Data encryption is the translation of data into a form that is unintelligible without a deciphering mechanism. A password is a secret word or phrase that gives a user access to a particular program or system.

Keep your Password as per the Security Policy.


Computer Virus, Worm and Trojan horse


Viruses, worms and Trojan Horses are all malicious programs that can cause damage to your computer, but there are differences among the three.
One common mistake that people make when the topic of a computer virus arises is to refer to a worm or Trojan horse as a virus. While the words Trojan, worm and virus are often used interchangeably, they are not exactly the same thing. Viruses, worms and Trojan Horses are all malicious programs that can cause damage to your computer, but there are differences among the three, and knowing those differences can help you better protect your computer from their often damaging effects.

What Is a Virus?

A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Like a human virus, a computer virus can range in severity: some may cause only mildly annoying effects while others can damage your hardware, software or files. Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without a human action, (such as running an infected program) to keep it going. Because a virus is spread by human action people will unknowingly continue the spread of a computer virus by sharing infecting files or sending emails with viruses as attachments in the email.

What Is a Worm?

A worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided.
The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect. One example would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book, and the manifest continues on down the line.
Due to the copying nature of a worm and its capability to travel across networks the end result in most cases is that the worm consumes too much system memory (or network bandwidth), causing Web servers, network servers and individual computers to stop responding. In recent worm attacks such as the much-talked-about Blaster Worm, the worm has been designed to tunnel into your system and allow malicious users to control your computer remotely.

What Is a Trojan horse?

A Trojan Horse is full of as much trickery as the mythological Trojan Horse it was named after. The Trojan Horse, at first glance will appear to be useful software but will actually do damage once installed or run on your computer.  Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source.  When a Trojan is activated on your computer, the results can vary. Some Trojans are designed to be more annoying than malicious (like changing your desktop, adding silly active desktop icons) or they can cause serious damage by deleting files and destroying information on your system. Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.

What Are Blended Threats?

Added into the mix, we also have what is called a blended threat. A blended threat is a more sophisticated attack that bundles some of the worst aspects of viruses, worms, Trojan horses and malicious code into one single threat. Blended threats can use server and Internet vulnerabilities to initiate, then transmit and also spread an attack. Characteristics of blended threats are that they cause harm to the infected system or network, they propagates using multiple methods, the attack can come from multiple points, and blended threats also exploit vulnerabilities.
To be considered a blended thread, the attack would normally serve to transport multiple attacks in one payload. For example it wouldn't just launch a DoS attack — it would also, for example, install a backdoor and maybe even damage a local system in one shot. Additionally, blended threats are designed to use multiple modes of transport. So, while a worm may travel and spread through e-mail, a single blended threat could use multiple routes including e-mail, IRC and file-sharing sharing networks.
Lastly, rather than a specific attack on predetermined .exe files, a blended thread could do multiple malicious acts, like modify your exe files, HTML files and registry keys at the same time — basically it can cause damage within several areas of your network at one time.
Blended threats are considered to be the worst risk to security since the inception of viruses, as most blended threats also require no human intervention to propagate.

Tips to Combat Viruses, Worms and Trojan Horses on Your Computer

Keep The Operating System Updated

The first step in protecting your computer from any malicious there is to ensure that your operating system (OS) is up-to-date. This is essential if you are running a Microsoft Windows OS. Secondly, you need to have anti-virus software installed on your system and ensure you download updates frequently to ensure your software has the latest fixes for new viruses, worms, and Trojan horses. Additionally, you want to make sure your anti-virus program has the capability to scan e-mail and files as they are downloaded from the Internet, and you also need to run full disk scans periodically. This will help prevent malicious programs from even reaching your computer.

Use a Firewall

You should also install a firewall. A firewall is a system that prevents unauthorized use and access to your computer. A firewall can be either hardware or software. Hardware firewalls provide a strong degree of protection from most forms of attack coming from the outside world and can be purchased as a stand-alone product or in broadband routers. Unfortunately, when battling viruses, worms and Trojans, a hardware firewall may be less effective than a software firewall, as it could possibly ignore embedded worms in out going e-mails and see this as regular network traffic.
For individual home users, the most popular firewall choice is a software firewall.  A good software firewall will protect your computer from outside attempts to control or gain access your computer, and usually provides additional protection against the most common Trojan programs or e-mail worms. The downside to software firewalls is that they will only protect the computer they are installed on, not a network.