Saturday, April 30, 2011

Get free Domain co.vu

So you blog0„2occasionally using various free platforms available. But you don0„30…4t want to spend money on a custom domain name for your blog?
Well then there is good news for you, recently launched service co.vu provides free domain names of the form <somename>.co.vu . Although a lot of other alternatives to a free service like this exist the differentiating factor of co.vu is that it makes it dead simple for users to configure their registered domain to point to their posterous or tumblr.
Getting a free domain name fromco.cc, it takes around 10 Google search and one whole Wikipedia article to get the job done. However with co.vu this task won0„30…4t take more than half an hour. It has a simple yet detailed tutorial on its site to configure your registered domain name.



One more advantage to sites like these which let you configure your own domain names of the form something is that you don0„30…4t have to reveal details like your phone numbers and addresses. So if you0„30…4re a privacy freak then here is one more good reason for you to opt for domain names like these.
Currently the service isn0„30…4t open toall but you can use the invitation code HN over
here to get your own co.vu domain. It allows only one domain per account and the domain name has to be greater than three letters.
Right now co.vu supports settingup posterous , tumblr , Amazon AWS directly ( wordpress.com support is coming soon). It is facing some issues with blogger sites which the developer has promised to resolve. The site will add support for bit.ly pro which will allow users to set up their custom URL shorten. In case you like the service a lot, in the future you can even pay for a second domain name under the same account, although we doubt anyone would prefer this over opening a new account and registering the second domain.
So head over to the site and reserve your domain name before someone else grabs it!


and also
Free 3gb hosting  go: http://my3gb.com

free 1gb hosting :
http://1gb.me

free cPanel hosting :

http://unlimitedtree.com

How to increase Downloading speed in BSNL Broadband



  1. Go to Start -> Run
  2. Type “gpedit.msc” to open the group policy editor.
  3. Navigate to “Local Computer Policy” -> “Computer Configuration” -> “Administrative Templates” -> “Network” -> “QOS Packet Scheduler” -> “Limit Reservable Bandwidth.”
  4. Now, double-click on the option named “Limit Reservable Bandwidth” and change the value from 20 to 0.
The third-party DNS servers are always better than the default BSNL DNS servers. So changing these can help you increase the download speed of the BSNL broadband.Go to Start -> Control Panel -> Network and Sharing Center/Network Connections -> Open “Local Area Connection” and click on “Properties” button.
  1. Now click on “TCP/IP” and in the DNS address fields, replace the current DNS servers with the below two addresses.
  2. 208.67.222.222 208.67.220.220
  3. Click “OK” and restart the Internet connection.
That’s it! The above tips worked excellently for me to increase my BSNL broadband speed.
Note: Windows 7 Home Edition (64 bit) doesn’t have gpedit.msc option (group policy editor). Hence, skip the first step and go with the second option if you’re win 7 home user

Listen any PDF Doc:


CTRL+SHIFT+B=Hear d whole Doc
CTRL+SHIFT+V=Hear only d Page
CTRL+SHIFT+C=Resume
CTRL+SHIFT+E=Stop
-

Vodafone Magic Luck Trick


Just type
TYC (Any 14 Digit Number)
Send to
111
[TOLL FREE]
-U will get any gift
-U can use this once in month

Sinuwap.com new mp3 search engine added


Check now:
http://sinuwap.com/mp3
>download lot of mp3 songs for free

Want to maintain your DSLR camera of sony from dust.


See this tutorial
http://www.sony.co.in/support/attachments/235046/235046.swf

DLF IPL Live tv

SITE:

rtsp://10.2.216.228:554/2G/LIVE/IPL2011_H263.sdp?m

Friday, April 29, 2011

MAKE MONEY WITH GOOGLE

1. You will need to use the following software: Front Page
http://www.google.com/search?hl=en&q=download+microsoft+fr
ont+page - website builder, ThumbsPlus http://www.cerious.com/
- photo album software, CuteFTP http://www.cuteftp.com/ - files
uploader software. That’s it.h
Go ahead, get the software and install it to your PC. Learn each
program by reading software instructions. It’s very easy!
2. Open an account with www.netfirms.com hosting company for
only 9.95$ a month.
3. Take/shoot some travel pictures/or buy photos from the
internet, build a website (very well working website layout sample
here: http://www.make-money-on-line.com/website.html ) and
upload your simple website.

 
4. Open an account with http://www.adwords.google.com/ (buy
traffic for your free website). Please read google adwords help files
how to start.
5. Open an account with http://www.google.com/adsense to get
pay per click google ads. Please read google adsense help files on
how to start, Place ads on your website in the recommended way
only (ads placement sample: http://www.make-money-online.
com/place.html ), get paid each time somebody clicks the ads.
The idea is to buy traffic from the adwords.google.com and sell ads
click to google.com/adsense to make profit. People who come from
google are always very happy to click another google ads link -
because they came from google and they trust those links already.
Simple!
Other traffic sources (other then google adwords) are NOT
productive, do not waste your time on them.

Use Yahoo Messenger Online without any software

Now you can Use Yahoo Messenger 
Online without any software 
just go http://in.webmessenger.yahoo.com/ 
sign in and chat with Ur Friends

Vodafone Gaming Super Week

Vodafone Gaming Super
Week (Download 5games/
day for free Till today 29Apr):
Visit with VLive Settings http://wapshop.liv.arvm.in/fiveForFree.do

Reliance services plans code and sms of 2011

Friends
visit
http://bit.ly/khHv5B
to see all Reliance services plans code and sms of 2011
soon i will post blasting tricks keep joining

Free Customer Care Numbers

Airtel:18001031111
Docomo:18002660000
Idea:18002700000
Reliance:18001003333
Vodafone:180012345678

Special unlimited downloads

>videos
>themes
>ringtones
>images
visit:
http://sinuwap.com
1000000+ content free.

Free Prepaid Mobile Recharge

Amulyam.in gives you free talktime on Airtel, BSNL, !dea, Aircel, LOOP, Reliance, Tata Indicom, Docomo, Uninor and Vodafone prepaid numbers for completing offers on it's sponsor's websites.

Join and Complete Offers to Get Free Talktime Instantly

ENJOY. . .

Thursday, April 28, 2011

AIRTEL ULTRA OFFER


Airtel-Airtel=30ps/min,
Other=40ps/min,
STD=50ps/min.
To activate this Trick dial:
51570 (free)
_
try n Enjoy..!!

PC free SOFTWARE Downloads

Free software dwnload for windows programs games n drivers
www.download3000.com

Enjoyyyyyyyyyy

Know your Number...

Know ur own number

if forget without wasting time in codes
just dail 18002660000p1p3p2p3
(toll free)n enjoy!!!

Free Sms

Want to send free sms to world

with your own sender ID
here is website
-wadja.com
-go to website register
your mobile number
enjoy!!!

Balance Deduction in Reliance..?


Herez d simple solution..
Just Sms:
MyVas to 55333
-- Deactivate Ur Services wich
is activated...

Pc FastHelp

Are you new in pc dos

command?
try this help service in ur
cmd
open cmd
type FASTHELP ok
you can see help.

INCREASE YOUR 2G 3G 3.5G BROADBAND INTERNET SPEED via MS MOD

This trick works on Dial-up's, Dsl, Broadband and wireless modems as well as
Click on start button
then select Run which opens run dialog box...(in windows 7 press windows key+R)
*write "Cmd" and press enter
 

it will opens command prompt (A Black Screen)





[If you are using windows7 don't use windows powershell]





*In that Cmd Prompt (Black Screen) write "ipconfig/all"

Scroll up and inside the PPP adapter
find the IP address of DNS Servers (first one if there exist more then one e.g. 121.242.190.210)


then click on start button and select run (in windows 7 press windows key+R)
*then write the following command in it
"ping < "DNS SERVER IP" > -t"

e.g. ping 121.242.190.210 -t


This command opens command prompt which is pinging your server minimize and don't close it...
you can close the previous command prompt in which you find out your DNS Server IP
This command forces your server to stay connected with you....

Hack All the LAPTOP and PC working...



Now I’m Going to share the Greatest trick for the windows…

I’ve Worked at least 1 month to know this trick.. Now U’ll be Lucky..

With this trick U can easily Hack all the PC/laptop when it is password protected.…

Requirements:
Pendrive, KONUSB software

Step 1:
Download KONUSB software from the attachment here




Step 2:
Plug in Pen drive into the PC/laptop and double click on KONBOOTINSTALL.exe & enter the drive letter of the USB
That’s it…

Step 3:
Now insert the pen drive into the PC/Laptop whichever u want to hack, and boot via USB (using Pendrive) …
That’s it.. Next press OK for everything … if it asks for password, leave blank and press OK

NOTE:
This KONUSB software won’t change the Password of the PC/Laptop whatever U hacked.. It just bypass the password restriction.. If u remove the Pendrive, and boot normally it’ll remains the same as it is password protected. 

It works in All Operating systems including windows XP, Vista, Windows 7 etc.,
100 % Working.


DOWNLOAD KONUSB FROM HERE

Aircel Free 3G Trick



Here im interested to share a trick for free aircel 3g.
As You All Must be knowing that
OPENVPN can be used for airtel and
docomo....for free internet.....
Tools Which we are going to Need
1.Open VPN
You can Download it From openVPN
go to www.hostizzle.com
2.Now First You have To Register
And Download Your Config File From
http://hostizzle.com/
Hostizzle Config ...



3.Now After You Have Downloaded
The Config FIle Extract it to the Folder
C:\Program Files\Open Vpn\data
\config\
[C:\ may change according to drive
on which windows is installed]
Now edit the ***.ovpn filke extracted
by text editor
Replace
proto tcp with proto udp
80 wirh 53
1194 to 53
443 to 53
and all other servers with port 53
Example : 76.10.222.65 40 with
76.10.222.65 53
and now Run Open VPN GUI and click
on Connect
Whoa your free internet is ready to
use
Connect PCs TO
APN : aircelgprs
Trick Can Be USed ON 3G Network....
2G unknown....
Limits:Bandwith LImit of 100GB Per
Month
Speed: fluctuates but gives you the
maximum.
Config File has to be Freshly
Downloaded Every Month(30 Days)
Thank YOU
for onnecting you will be charged
0.20 Re..and then you can download
surf absolutely free........
Therefore use it at balance below
0.10 Re..

Wednesday, April 27, 2011

Google Search Tricks



The tricks are-
define: - This google
operator will find
definitions for a certain
term or word over the
Internet. Very useful
when you come across a
strange word when
writing a post. I use this
as a google dictionary.
example : ( define
computer)
info: - The google info
operator will list the sets
of information that
Google has from a specific
website .




site: - This google
operator can be used to
see the number of
indexed pages on your
site.
Alternative it can also be
used to search for
information inside a
specific site or class
of sites.
link: - This google link
operator allows you to
find backlinks
pointing to your site.
Unfortunately the count is
not updated frequently
and not all
backlinks are shown
allinurl: - Using this
Google operator will limit
the search to results
that contain the desired
keywords on the URL
structure. (i.e.
allinurl:dailyblogtips)
fileformat: - Useful
Google operator for
finding specific file
formats. Sometimes you
know that the information
you are looking for is
likely to be contained in a
PDF document or on a
PowerPoint presentation,
for instance. (i.e.
“ fileformat:.pdf market
research” will search for
PDF documents that
contain the terms
“ market” and “research”).

ALSO,
1. Google trick to search
different file formats
(keyword filetype:doc)
2. Google trick to search
educational resources
(keyword site:.edu)
example ( computer
site:.edu)
3. Finding the time of any
location ( time
romania)
4. Finding the weather of
any location ( boston
weather)

Tuesday, April 26, 2011

Aircel call Reducing Trick

DAIL *122*400# from
your aircel no. and enjoy
20paisa per mintue to aircel
and 30p to other network
rs4 deduct from your



account with 1 yr validty..working in jammu
and kashmir and kerala check in your state too...

RIM Free Net On Pc






step-1
First Download Proxifier Below Which Is in Zip. Also Download the setting

Step-2
After Downloading Extract All Files Now opn proxifier.exe
Goto-
File>Load Setting & Select The Setting Which Is In .prx
Step-3 Now Connect Your Mobile With apn - rcomwap
STEP 1:Goto option/network/setting
STEP 2:choose mannual proxy config.
Http proxy=148.122.38.200 port=8080
leave all ssl ftp column blank

now settins for idm:
STEP 3:Goto downloads/options/proxy
Enter above proxy nd port in http,https and ftp setting.
To get 3G speed choose any 3G data plan.i suggest go wid rs 20 plan.
for fastest proxies vsit aliveproxy.com nd choose proxies wid ssl support.

Note-Many Proxies Are Blocked In Two Or Three Days So If Any One Facing Problem Goto The Link Below Select A Proxy Put it In proxifier>Option>Advanced>Http Traffic(See SS Below)


Footprinting a VoIP Network


Overview

While the intricacies of invading a country are slightly different than hacking a VoIP network, the success of each typically depends on having done solid reconnaissance and research well before the first shot is ever fired.
By its very nature, VoIP exemplifies the convergence of the Internet and the phone network. With this convergence, we are starting to see the exploitation of new exposures particular to VoIP as well traditional avenues of attack. Much like WWW technology, VoIP devices, by technical necessity, are advertised and exposed on IP networks in many ways, allowing hackers to find and exploit them more easily.
Any well-executed VoIP hacking endeavor begins with footprinting the target—also known as profiling or information gathering. A footprint is the result of compiling as much information about the target's VoIP deployment and security posture as possible. This initial approach is similar to the way a modern military might pour over intelligence reports and satellite imagery before launching a major enemy offensive. Leveraging this profile allows a general to maximize his troops' effectiveness by aiming strategically at holes in his enemy's defenses.
This chapter focuses on a variety of simple techniques and publicly available tools for gathering information about an organization's VoIP security posture from the perspective of an external hacker.


Why Footprint First?

Most organizations are consistently amazed at the cornucopia of sensitive details hanging out in the public domain and available to any resourceful hacker who knows how and where to look. Exacerbating the situation is that VoIP, as an application much like WWW, DNS, or SMTP, is also dependent on the rest of an organization's network infrastructure for its security posture (for example, its router configuration, firewalls, password strength, OS patching frequency, and so on). As Figure 1-1 depicts, VoIP security clearly intersects the traditional layers of data security within an organization.
Image from book
Figure 1-1: The VoIP security pyramid sliced open
Many of the VoIP application attacks shown in Figure 1-1 will be explained and demonstrated throughout the following chapters. We want to underscore that many of the other attacks listed (such as SQL injection and SYN floods) have been around for years and are hardly new by any stretch of the imagination. These are the very same attacks that plague most traditional data networks today. However, in some cases, these attacks can take on an expanded severity against a VoIP deployment. For instance, a SYN flood denial of service attack against your organization's router might mean that web browsing is a little slow for internal users. While the very same SYN flood against a VoIP network or VoIP device might mean that voice conversations are unintelligible because of jitter or calls cannot be placed because of network latency.
It's clearly in a hacker's best interest to gain as much information about the supporting infrastructure as possible before launching an attack. The path of least resistance to compromising an enterprise VoIP system may not necessarily be to go directly for the VoIP application itself, but instead a vulnerable component in the supporting infrastructure (router, web server, and so on). Why would an attacker bother spending time brute forcing a password in the VoIP voicemail system's web interface when the Linux system it runs on still has a default root password? Simply researching the flavors of a VoIP deployment and its dependent technologies ahead of time can drastically save a hacker time and brute forcing effort. Therefore, the first step to assessing your own external security posture is to discover what information potential attackers might already know about you.

VoIP Footprinting Methodology

The CSI/FBI Computer Crime and Security Survey for 2005 implies that insider abuse is still very much a threat to the enterprise. Insiders are typically those people who already have some level of trusted access to an organization's network, such as an employee, contractor, partner, or customer. Obviously, the more trust an organization places in someone on the inside, the more damaging an impact his malicious actions will have.
Most of the upcoming chapters will take the perspective of an inside attacker. For the purpose of this chapter, however, we've taken the viewpoint that the potential VoIP hacker is beginning his efforts external to the targeted organization. In other words, he is neither a disgruntled employee who has intranet access nor an evil system administrator who already has full run of the network.
You can safely assume though that the hacker's first order of business is to gain internal access remotely in order to launch some of the more sophisticated attacks outlined later in this book. While it's often trivial for a hacker to gain inside access, footprinting still reaps rewards by helping to fuel some of the more advanced VoIP attacks discussed in later chapters.
Time and time again throughout this book, we will emphasize the importance of supporting infrastructure security. Because of the security posture dependencies that VoIP places on your traditional data network, it's not uncommon for attackers to compromise a trusted workstation or server to gain access to the VoIP network.

Scoping the Effort

VoIP installations can be tightly confined to one geographic location or deployed across multiple regions with users making calls from the office, their homes, or the road. Because most VoIP technology is extensible enough to deploy in a myriad of scenarios, it is important to define the scope and goals of your hacking efforts well in advance. If the goal of these hacking simulations is to secure the VoIP services of your branch office, it might be a pointless exercise to overlook completely the security holes in your main headquarters' VoIP PBX.
It's often hard to discern all of these VoIP security dependencies ahead of time. Footprinting can sometimes paint only part of the network picture no matter how much time and effort you put into the research. Other key areas might gradually appear only later in the scanning and enumeration phases.

Attack – Public Web Site Research

Popularity:
10
Simplicity:
10
Impact:
4
Risk Rating:
7
A wealth of information is usually sitting right out in the open on an organization's corporate website. Of course, this information is typically regarded in a benign manner because its main purpose is to help promote, educate, or market to external visitors. Unfortunately, this information can also aid attackers by providing important contextual information required to social engineer their way into the network. The following classes of data can provide useful hints and starting points for a hacker to launch an attack:
  • Organizational structure and corporate locations
  • Help and tech support
  • Job listings
  • Phone numbers and extensions

Organizational Structure and Corporate Locations

Identifying the names of people in an organization may prove helpful in guessing usernames or social engineering other bits of information further down the road. Most companies and universities provide a Corporate Information or Faculty section on their website, like the one shown in Figure 1-2.
Image from book
Figure 1-2: A few names to get started
Location information for branch offices and corporate headquarters is useful in understanding the flow of traffic between two VoIP call participants. This information is also helpful for getting within range of an office building to attack the VoIP traffic going over the wireless networks. Both Google and Microsoft provide online satellite imaging tools, as shown in Figures 1-3 and 1-4, to aid even the most directionally challenged hacker.
Image from book
Figure 1-3: Use Microsoft’s TerraServer (http://terraserver.microsoft.com) to locate your target, in this case the Spy Museum in Washington DC.
Image from book
Figure 1-4: Google Local (http://local.google.com) can help locate targets in any town.

Help and Tech Support

Some sites, especially universities, offer an online knowledgebase or FAQ for their VoIP users. The FAQ might contain gems of information including phone type, default PIN numbers for voicemail, or remotely accessible links to web administration (as seen in Figure 1-5).
Image from book
Figure 1-5: Here a hacker can figure out where your online voicemail system is installed.
In Figure 1-6, you can see that a Cisco IP Phone 7960 is being used throughout the Harvard campus community.
Image from book
Figure 1-6: A brief overview of Harvard's VoIP offering
Why should you care? A hacker can cross reference this juicy bit of information against several free online vulnerability databases to see if it has any security holes. Sure enough, under the listing for Cisco IP Phone 7960, SecurityFocus.com tells us about several previously discovered vulnerabilities for this device and gives information on how to exploit each issue (see Figure 1-7).
Image from book
Figure 1-7: SecurityFocus catalogs a good collection of vulnerabilities for a variety of products, including the Cisco IP Phone 7960.
Even though the university makes sure to patch all of these phones with the latest firmware, a hacker may still encounter the rare device that escaped an administrator's attention. The ongoing challenge of keeping VoIP devices and infrastructure updated with the latest firmware is covered in Part II: "Exploiting the VoIP Network."

Job Listings

Job listings on corporate web sites contain a treasure trove of information on the technologies used within an organization. For instance, the following snippet from an actual job posting for a "VoIP Systems Architect" strongly suggests that Avaya VoIP systems are in use at this company.
Required Technical Skills:
Minimum 3-5 years experience in the management and implementation of Avaya telephone systems/voicemails
* Advanced programming knowledge of the Avaya Communication Servers and voicemails.

Phone Numbers and Extensions

Simply finding phone numbers on the corporate website is not going to reveal a lot about any potential VoIP systems in use. However, compiling a profile of the internal workings of numbers and extensions will be helpful later on. For instance, some branch offices typically have the same one-or two-number prefix that is unique to that site. An easy way to find many of the numbers you're looking for on the website is to use Google,
111..999-1000..9999 site:www.example.com
which returns all 70+ pages with a telephone number in the format XXX-XXXX. To further refine your search, you can simply add an area code if you're looking for a main switchboard,
877 111..999-1000..9999 site:www.example.com
which now returns only three hits.
 Companion Web Site   Once you have what appears to be a few main switchboard numbers, you can then try calling them after normal business hours. Most VoIP systems include an automated attendant feature that can answer calls during or after hours with a prerecorded message. While not an exact science, many of these messages are unique to each VoIP vendor in wording and voice. Simply by listening to the factory default main greeting, hold music, or voicemail messages, a hacker can sometimes narrow down the type of system running. We have included some recorded transcripts and messages on our website, http://www.hackingvoip.com, to assist you. For instance, the open source Trixbox project built on Asterisk (http://www.trixbox.org) will respond to a missed call by default with a female voice that says: "The person at extension X-X-X-X is unavailable. Please leave your message after the tone. When done, please hang up or press the pound key. [beep]"

Countermeasurs – Public Web Site Countermeasures

As discussed earlier, most of the information on a public web site is likely benign in nature until a hacker starts to connect the dots. In practice, the previous information is typically pretty difficult and unreasonable to police, especially since website authors update this information fairly often. The best advice we have is to limit the amount of technical system information in job descriptions and online help pages (including default passwords).

Attack – Google VoIP Hacking

Popularity:
10
Simplicity:
10
Impact:
6
Risk Rating:
9
One of the great benefits of Internet search engines today is their massive potential for unearthing the most obscure details on the Internet. One of the biggest security risks of Internet search engines today is also their massive potential for unearthing the most obscure details on the Internet. There have been entire books written on the subject of hacking using search engine technology, including Google Hacking for Penetration Testers by Johnny Long (Syngress 2004). When footprinting a VoIP network, there are a variety of ways a hacker can leverage search engines by simply using the advanced features of a service such as Google. Targeting the following categories of search results can often provide rich details about an organization's VoIP deployment:
  • VoIP vendor press releases and case studies
  • Resumes
  • Mailing lists and local user group postings
  • Web-based VoIP logins

VoIP Vendor Press Releases and Case Studies

When VoIP vendors have obtained permission to do so, some of them will issue a press release about a big sales win, usually including a quote from the customer. Additionally, many VoIP vendor sites include case studies that sometimes go into detail about the specific products and versions that were deployed for a customer. Confining your search to the VoIP vendor's site might hit paydirt with one such case study. In Google, try, for example, typing
site:avaya.com case study
or
site:avaya.com [company name]

Resumes

In the same way that job descriptions are chock full of potentially useful information for a hacker, so too are resumes. Some creative search terms can unearth particularly useful bits of information from resumes, such as:
"Phase I: designed and set up a sophisticated SIP-based VoIP production Asterisk PBX with headsets and X-Lite softphones."
"Provided security consulting, VPN setup, and VoIP assistance including CallManager installation with Cisco 7920 IP Phones."
"Successfully set up and installed Nortel Meridian PBX and voicemail system."

Mailing Lists and Local User Group Postings

Today's technical mailing lists and user support forums are an invaluable resource to a network administrator trying to learn about VoIP technology for the first time. Often, an administrator with the best of intentions will reveal too many details in order to elicit help from the online community. In some cases, a helpful administrator may even share his configuration files publicly in order to teach others how to enable a certain hard-to-tune feature. For instance, the following example reveals what type of VoIP PBX is in use, as well as the type of handsets being employed:
Hello,
We just got a new IP Office 406 system in our office in San Jose, CA. I'm in IT and will help manage the system. We have complete support from a local VAR for one year, however, this is the first implementation for IP Office so they are learning, too.
So far our major issues are:
1) Dial-by-name directory not delivered from Avaya. Our VAR said Avaya said maybe next week it will be ready.
2) Programming DSS buttons crashes the system. Our VAR said Avaya said this is a known problem and they are working on it. What I am trying to accomplish is, for example, I want to be able to answer the phone of my assistant's extension and I want it to actually ring on my phone. On our old NEC system a light appeared on the phone. Our VAR said I had to use DSS, but 1) the phone does not actually ring—the line only flashes, and 2) it crashes the system, or actually the digital card, the VAR said.
3) We have to reboot the system when we want to add extensions and update other settings. So far, the "Merge" option has not worked for us.
4) The 4412D+ handsets are nice but they do not fit well into the cradle and sometimes leave the phone off the hook!
We have three 30-port D-term modules and two analog modules. We also have Voicemail Pro with Phone Manager Lite. If there is other information I can provide please let me know. If there is another forum or website I should also be looking at, I'd appreciate that information, too. Thanks again,
[Name removed to protect the innocent]
National and local user conferences are typically attended by enterprises using those vendors' systems. While the conference proceedings are often restricted to paying members of the group, sometimes there are free online materials and agendas that may still help with footprinting. As a starting point, aim your search engine at one of the following good user-group sites.
International Alliance of Avaya Users
International Nortel Networks Users Association
Communties@Cisco
Asterisk User Forum

Web-based VoIP Logins

Most VoIP devices provide a web interface for administrative management and for users to modify their personal settings (voicemail, PIN, forwarding options, among others). These systems should generally not be exposed to the Internet in order to prevent password brute-force attacks, or worse yet, exposing a vulnerability in the underlying web server. However, search engines make it easy to find these types of sites. For instance, many Cisco CallManager installations provide a user options page that is typically accessible at http://www.example.com/ccmuser/logon.asp. Typing the following into Google will uncover several CallManager installations exposed to the Internet:
inurl:"ccmuser/logon.asp"
Or to refine your search to a particular target type:
inurl:"ccmuser/logon.asp" site:example.com
Many Cisco IP phones come installed with a web interface that is also handy for administration or diagnostics. Type the following into Google:
inurl:"NetworkConfiguration" cisco
Some of these web interfaces are also exposed to the Internet and reveal extremely useful information (like nonpassword-protected TFTP server addresses) when clicking on the Cache link, as shown in Figure 1-8.
Image from book
Figure 1-8: The network settings for a phone exposed to the Internet, including IP addresses for TFTP servers, the CallManager server, and the router
Asterisk is probably the most popular open source IP PBX software in use today. You can also use Google to find several web management front ends to Asterisk:
intitle:"Flash Operator Panel" -ext:php -wiki -cms -inurl:asternic
-inurl:sip -intitle:ANNOUNCE -inurl:lists
and even:
intitle:asterisk.management.portal web-access
 Companion Web Site   There are some more general search terms for network devices that can be found in the Google Hacking Database (GHDB) project at http://johnny.ihackstuff.com. We have also uploaded a collection of popular Google VoIP hacking terms to our website, http://www.hackingvoip.com.
In addition, here is a sampling from our online collection of other web-based VoIP phone and PBX's that can be found with Google:
Linksys (Sipura) series of phones
Grandstream series of phones
Polycom SoundPoint series of phones
Zultys series of phones
Snom series of phones
intitle:"Sipura SPA Configuration"
intitle:"Grandstream Device Configuration" password inurl:"coreConf.htm"
intitle:"SoundPoint IP Configuration Utility"
intitle:"VoIP Phone Web Configuration Pages"
"(e.g. 0114930398330)" snom
Snom phones also include a potentially dangerous "feature" called PCAP Trace, which reads as shown here.
Image from book
If the phone is left in its default nonpassword-protected state, anyone can connect with a web browser and start to sniff traffic. This is especially dangerous if the phone is connected to a hub with other users!

Countermeasurs – Google Hacking Countermeasures

All of the previous Google hacking examples can be refined to your organization simply by adding your company name to the search or adding a site search directive refining your search space (for example, "site:mycompany.com"). Being able to find exposed web logins proactively for VoIP devices can remove a lot of low-hanging fruit for hackers. At the very least, you should change the default passwords for any VoIP web logins that need to be Internet-accessible. For the most part, however, there's no good reason why a phone or PBX has to be exposed to the Internet.
There are even services that will monitor this for you. Organizations such as Cyveilance (www.cyveilance.com) and BayTSP (www.baytsp.com) send daily, weekly, or monthly reports of your online public presence, including your "Google hacking" exposure.

Attack – WHOIS and DNS Analysis

Popularity:
8
Simplicity:
9
Impact:
4
Risk Rating:
7
Every organization with an online presence relies on DNS in order to route website visitors and external email to the correct places. DNS is the distributed database system used to map IP addresses to hostnames. In addition to DNS, regional public registries exist that manage IP address allocations:
Most of these sites support a WHOIS search, revealing the IP address ranges that an organization owns throughout that region. For instance, going to ARIN's website and searching for Tulane produces the following results:
Tulane University (TULANE)
Tulane University (TULANE)
Tulane University (TULANE-1)
Tulane University (AS10349) TULANE 10349
Tulane University (AS10349) TULANE 10349
Tulane University TULANE-NET (NET-129-81-0-0-1) 129.81.0.0 - 129.81.255.255
Tulane University TULANEU-WSTR (NET-65-36-67-128-1) 65.36.67.128 - 
65.36.67.135
TULANE EXECUTIVE CENTER-050908164403 SBC07025310201629050908164407 (NET-70-
253-102-16-1) 70.253.102.16 - 70.253.102.23
Tulane University SBCIS-021405090840 (NET-216-62-170-96-1) 216.62.170.96 -
216.62.170.127
Tulane University SUNGARD-D9DC603B-C4A4-4879-9CE (NET-216-83-175-144-1)
216.83.175.144 - 216.83.175.151
Tulane University SUNGARD-D9DC603B-C4A4-4879-9CE (NET-216-83-175-128-1)
216.83.175.128 - 216.83.175.143
Tulane University SBC06915011614429040517161331 (NET-69-150-116-144-1)
69.150.116.144 - 69.150.116.151
Tulane University TULANE-200501121422549 (NET-199-227-217-248-1)
199.227.217.248 - 199.227.217.255
Tulane University 69-2-56-72-29 (NET-69-2-56-72-1) 69.2.56.72 - 69.2.56.79
Tulane University 69-2-52-176-28 (NET-69-2-52-176-1) 69.2.52.176 - 
69.2.52.191
Notice that there are several IP address ranges listed toward the bottom of the query results that can offer a hacker a starting point for scanning, which is mentioned in the next chapter. The more interesting range seems to be 129.81.x.x. WHOIS searches won't always provide all of the IP ranges in use by an organization, especially if they outsource their web and DNS hosting. Instead, you can do a WHOIS lookup on a DNS domain itself instead of the organization name. Most *NIX systems support the use of the whois command:
# whois tulane.edu
Alternatively, several websites offer a free WHOIS domain lookup service that will resolve the correct information regardless of country or the original DNS registrar. Going to http://www.allwhois.com gives us:
Domain Name: TULANE.EDU

Registrant:
   Tulane University
   1555 Poydras St., STE 1400
   New Orleans, LA 70112-5406
   UNITED STATES

Administrative Contact:
   Tim Deeves
   Director of Network Services
   Tulane University - Technology Services
   1555 Poydras St., STE 1400
   New Orleans, LA 70112
   UNITED STATES
   (504) 314-2551
   hostmaster@tulane.edu

Technical Contact:
   Tim Deeves
   Director of Network Services
   Tulane University -Technology Services
   1555 Poydras St., STE 1400
   New Orleans, LA 70112
   UNITED STATES
   (504) 314-2551
   hostmaster@tulane.edu
Name Servers:
   NS1.TCS.TULANE.EDU      129.81.16.21
   NS2.TCS.TULANE.EDU      129.81.224.50

Domain record activated:    14-Apr-1987
Domain record last updated: 11-Aug-2006
Domain expires:             31-Jul-2007
After performing some WHOIS research, hackers can start to layout the external network topology of the organization they wish to target. For the purposes of this example, you have two main DNS servers to focus on for tulane.edu based on the search we performed in the previous section. By using simple queries, hackers can glean important information about many hosts that may be exposed to the Internet without even scanning them directly. In Figure 1-9, using Solarwinds DNS Analyzer (http://www.solarwinds.net), you can represent the DNS structure of tulane.edu graphically, including the SMTP servers identified by the MX records.
Image from book
Figure 1-9: A graphical structure of the Tulane DNS and SMTP servers
Based on this information, hackers can determine which servers are running DNS and SMTP services before even scanning the rest of the IP address space. Using the results from the previous queries, they might next look for any other interesting hostnames with public DNS entries that exist within the range 129.81.0.0–129.81.255.255. With a tool such as DNS Audit (also from Solarwinds), you can "brute force" the entire range of IP addresses to see if any of them return a valid reverse DNS lookup (see Figure 1-10).
Image from book
Figure 1-10: Some interesting DNS names are attached to this IP address space.
Hackers are bound to find informative DNS names such as vpn.example.com, callmanager.example.com, and router.example.com, or even voicemail.example.com, which will likely warrant a closer investigation. In addition to some of the tools at Solarwinds, most of these DNS interrogation attacks can be scripted or automated easily using public website DNS search tools.

Countermeasurs – WHOIS and DNS Analysis Countermeasures

WHOIS information is by its very nature meant to be publicized. Administrative contact email addresses, however, can be generic (webmaster@example.com) rather than using a personal address (billy2@pegasus.mail-mx.example.com).
DNS interrogation can reveal a lot about an organization, simply by the way certain servers are named. For instance, instead of naming a server "callmanager.example.com," consider something a little more discreet such as "cm.example.com," or something even more obscure.
It is important to disable anonymous zone transfers on your DNS servers so that hackers can't simply download your entire DNS database anonymously. Enabling Transaction Signatures (TSIGs) allows only trusted hosts to perform zone transfers. You also shouldn't use the HINFO information record within DNS—this comment field can provide much information about a target's IP address.
Also, most hosting providers now offer anonymous DNS service options that hide your personal details from curious eyes (for a price).



Set RUN command in start menu in Windows-7

>start menu

>properties(right-click)
>Customize
>Tick(Run Command) >ok

Tata Docomo know your friends balance

Dial 09045012345 select 1 or 2 then select 1 type tata docomo number

whose balance you want to know then select 1..
Tell ur frnd to join us...

Monday, April 25, 2011

Get Approved for Adsense In 5 Easy Steps


Get Approved for Google Adsense - My Easy 5 Step Guide Reveals EXACTLY How To Do It


So you want to get your Adsense publisher ID BUT you don't have a clue about how to get approved for one?
If you're tired of scratching your head over what you should do and how to do it, this lens reveals EXACTLY what you need to do to in 5 easy steps.
I was approved for my Google Adsense publisher ID using the same exact steps I'm revealing here, so I know it works. All you have to do is follow the instructions I've laid out here in this Squidoo lens. It took me just 6 days total time to get approved. That's 6 days from the time I began the project until the day I received my welcome email. It's really that simple.
I see no reason why you can't achieve the same results.
I'm going to lay out the steps and add in some other tips that will be helpful to you.
So let's get started with Step 1 now.

 

Step 1: Sign Up for Blogger 

3 Reasons Why You Should Use Blogger

In this module,I've outlined the first step you need to take to get approved for Google Adsense.
Step 1: Go to Blogger.com and sign up for your free account.
What you're doing here is creating a Google account - enter anexisting e-mail address, create a password at least 6 characters in length and enter the name you want to use when you sign your blog posts.

Why Blogger? Here are 3 reasons why: (1) You need a blog or a website to run Adsense ads on and Blogger makes it as easy as 1...2...3 to create your own blog, publish it and run Adsense ads on them; (2) Google loves content from Blogger blogs. And in case you don't know, Google owns Blogger; and (3) my favorite reason - it's FREE!
Note: when you're just starting out or you simply want to get approved for Google's Adsense program before you invest a few bucks on a domain name and web hosting service, a free Blogger blog is OK.
Just go to Blogger.com , follow the instructions to get your account set up.
1 easy step down, 4 more to go to get approved for Google Adsense .
In Step 2, you will choose a name your blog and the URL for it.

How to Create a Blog On Blogger 

This excellent video shows you exactly how to create your Blogger account and set up your Blogspot.

powered by Youtube

Google Adwords: Keyword Tool - The Only Keyword Research Tool You Need For This Project 

Use Google's Powerful, FREE Research Tool to Discover Profitable Keywords

This is my favorite free keyword tool because you can create massive keyword lists (by search term and/or by website URL) using Google's own data. It gives you (a) the keyword, (b) the competition for it (expressed as a shaded bar), (c) the number of global searches per month, and (d) the number of local searches per month. And it gives you this data in broad match, phrase match & exact match. If you want to really ramp up your keyword research, run your search terms through Google Insights for Search.
In the next video module, we're going to take a look at a video walk through of how to use Google's keyword research tool. And in the next text module, we'll take a look at the 2nd Step you need to take in getting approved for a Google Adsense Publisher account.

A Word About Keyword Research Tools ....

I initially posted links to 3 very powerful, very cool free keyword research tools for you to use to uncover good keywords to target for this project. But as time passed by, the tools and my opinions about them have changed. Even Google's external keyword tool has changed. So I've included the link to the "new" Google keyword tool. It's really the only keyword research tool you need.

Using Google's External Keyword Tool 

How to Use The New External Keyword Tool For Keyword Research


powered by Youtube

Step 2: Name Your Blogger blogspot and Choose the URL 

Take some time to research this and give some thought to naming your blog and choosing the URL because .....


  •  the name and URL should be unique and based upon the keyword research you did in the previous module(s)





  • For example, if your topic is " fitness training tips for golfers ", then you might want to name your blog "Golf Fitness Training Tips". You might want to use http:/golf-fitness-training-tips.blogspot.com or http://trainingtipsforgolfers.blogspot.com as the URL .
    note: the hyphen [-] is the only non alphanumeric symbol that can be used in creating a URL for a Blogger blogspot.
    2 easy steps down, 3 more to go to get you approved for Google Adsense.
    In Step 3, I'm going to show you how to start bringing your blog to "life" and make it look more like a website.

    How to Hide The NAV Bar On Your Blogger Blog 

    Since you're using Blogger as your content platform for this project, I would hate to see all your work go down the drain because somebody with too much time on their hands flagged you for spam via the NAV bar on your blogspot. To avoid this I recommend that you remove or hide the NAV bar. This YouTube video shows you exactly how to remove the NAV bar from your Blogger blog.

    powered by Youtube

    Step 3: Bring Your Blogger Blog To Life 

    How To Make Your Blogspot Blog Look Like A Real Website

    If you want to make your blog look more like a website and "pimp out" the template to make it more appealing to the eye, I'm going to show you where you can get some cool Blogger templates and a cool script that can make your blog stand out!


  •  Step 3: Now it's time for you to select a template to bring your Blogger blog to life!





  • When you set up your blog in step 1, you probably noticed that Blogger has a number of pre-made templates for you to choose from and use. But you can easily change your template anytime you want.
    The new Blogger templates are very attractive and much better looking than the ones that were available in Blogger Classic. But if you're not feeling the new templates, it's really easy to change them. You should definitely check out (1) BTemplates.com and (2) Free Blogger Templates for Blogspot templates to make your blog more attractive.

    One thing I do to make my Blogger blogs more attractive is to hide that dorky Blogger nav bar that appears at the top of your Blogspot by adding a simple script to the HTML of your blog template. The video in the previous module shows you how to do this. If you haven't watched it yet, go back and check out that video now.3 easy steps down, only 2 more to go to get approved for Google Adsense.
    I know we've covered quite a bit of ground with these 3 steps, but you should be able knock them out in no time at all; you can probably get it done in about 30 minutes tops.
    In Step 4 I'm going to show you how to create the content you're going to need for your Blogger blog.

    But Before You Make Any Changes To Your Blog's Template.....

    Before you make any changes to your blog's template, save a copy of it in Notepad on your computer. That way if you mess something up, you can easily restore it. It can also save you time when setting up new blogs once you have your template modified the way you like.

    Step 4: Create Content For Your Blogger Blog 

    3 Tips For Creating Commercial Content For Your Blog

    Step 4: Create commercial content for your blogspot!

    This step is HUGE because without it, you're not going to get approved for Google Adsense. So to help you, here are 3 tips on how to create the blog content for your Blogger blog:

    Tip No. 1: Stay away from topics that lack commercial intent and those that are considered Spam in Google's eyesight

    If you want to get your Adsense publisher ID, you have to select a topic that has commercial value. What do I mean by "commercial value"? The topic or related search terms are attractive enough for advertisers to run pay-per-click ad campaigns in Google's search results. When you find search terms that you want to target, be sure to check out if there are any Adwords ads running in the search engine results for that keyword. If you don't see any or you only see a few, choose another topic.

    Don't choose topics like Debt Consolidation or Mesothelioma to get approved for Adsense. There are a number of other topics that are deemed to be spam in Google's eyes. I tried to include 6 of the worst offenders here, but they triggered Squidoo's spam filter.

    Tip No. 2: Don't keyword stuff your blog posts

    Don't over use your primary keyword phrase in your posts. A good formula to follow is 1 instance per 100 words. You can have your primary search term appear in the title of the post, in the first sentence of the first paragraph of the first sentence, in the middle paragraph and in the last sentence of the last paragraph of the post.

    Tip No. 3: Write 3 - 4 solid posts for your blog

    By "solid" I mean informative posts that are at least 400 words in length. You're going to publish to your blog every other day. For example, if you make your first post on Monday, you'll make your second post on Wednesday and your third post on Friday.

    You could do what I did as an alternative. I created 2 detailed, informative posts on my subject. I spaced the posts 2 days apart, added a detailed topic related "About" page and added an RSS feed covering news about my topic. The day after I made the second post, a Saturday, I applied for my Adsense publisher ID. I was approved the same day.

    4 easy steps down, 1 last step to go to get approved for your Adsense publisher ID.

    Tools To Use If You're Struggling To Create Content For Your Blog 

    Tools To Help You Create Content and GenerateTopic Ideas

    What do you do when you feel like you can't write to save your life or you can write, but it's a real struggle for you to write the blog posts you need for this project?

    Use Private Label Rights (PLR) .... Very Carefully
    Everyone has PLR (private label rights) articles on their PC. Don't let your private label rights content gather digital dust on your hard drive; put it to use now. But you really have to be smart about using it. For the purposes of this project, you must do a quality rewrite of the PLR - you can't use it as is. Prior to the Google "Farmer" algo update, some internet marketing experts said it was okay to do a rewrite of 35 - 55%. Don't waste your time doing such low quality rewrites because they will get you nowhere fast! I personally do rewrites that are 85 - 90% unique on all PLR articles that I use. Yes it's a lot more work, but it's worth it and I don't have the problems other marketers have when using private label rights content. Run your rewritten articles through CopyScape, DupeFreePro or DupeCop to compare your rewrite against the original article.

    If you have poor quality PLR (meaning the stuff you get from those infamous 'giveaway' promotions), I highly recommend PLR MiniMart and NetPLR. They aren't free, but both of these sources offer high quality PLR that is well researched and well written (which will make it much easier for you to rewrite).

    b>Use About.com or GistWeb together with Google search
    GistWeb is a free tool that can give you the summary or "gist" of a web page's content. You can also use it with web search summaries. It's very easy to use and it can help you with creating content for your Blogger blog. But don't get lazy and use the Gist summary as is! Rewrite it in your own words and run the rewrite through DupeFreePro to make sure your rewrite is unique when compared to the Gist summary.

    If you're really stuck and can't come up with a commercial topic, scan Google Hot Trends andthe original Yahoo! Buzz log. When you discover a hot commercial topic, run it through your keyword research tools to get an idea of the estimated daily and monthly searches, as well as an estimate of the number of clicks the term gets per day. Then run the search term throughGistWeb to generate content ideas.

    The Key to Getting Approved For My Adsense Publisher ID

    I believe the key to getting approved for my Adsense publisher ID on the first attempt was in creating unique content based on a viable commercial topic (meaning there were Adwords advertisers running PPC campaigns on the topic I created blog content on).

    How To Rewrite PLR Articles 

    The Easy Way to Rewrite PLR Articles

    Here's an excellent YouTube video by Tiffany Dow from PLR MiniMart on how to work with PLR articles.

    powered by Youtube

    Step 5: Apply for Your Adsense Publisher ID! 

    Step 5 - apply for your Adsense publisher ID 

    You can apply for Adsense through Blogger.com from your blogspot's Template tab under Page Elements sub heading or you can submit your application thru the main sign up page for Adsense . Click the sign up now button and follow the instructions.



  •  Tip: When you sign up for Adsense, use an existing e-mail address other than the one you created your Google account with.







  • That's it - if you followed the instructions in this lens you will be approved for Google Adsense in 2 - 3 days.
    Copyright © 2011-2012 Muhaimen. All rights reserved