Pages

Tuesday, February 15, 2011

Java sniffer using JPcap

Java is a application programming. So we can't control any hardware directly with Java. But it can be done with C, C++ like system programmes. So network sniffers can be created with system programming but not with Java.

But here comes a Java utility Jpcap, that enables us to do this. It uses C base files that uses operating system specific native functions to control the network. Using this you can capture all the packets received by a computer through a Java program. And it enables filtering packets. It supports most of the common packets used in networks.

Just search Jpcap in Google. You can get more about it.
Posted by Balakumaran at 10:33 PM 0 comments

Sunday, February 13, 2011

Google dictionary add-on for Firefox

A really nice add-on for Firefox browser. When you are reading something in Firefox you may not know the meaning of some words, then probably you will open another tab and search Internet for the meaning of that word. Also me do the same till know about this add-on.

But if you install this add-on, you no need to search anywhere. Just double over the word and a small tip box will appear and show the meaning. It is a wonder full add-on. You can download it here.
Posted by Balakumaran at 7:19 PM 0 comments
Labels:

Saturday, February 12, 2011

Google = Calculator

You know Google is a calculator. You may wonder how a search engine will be. But its true. Just type the expression in the Google search bar. And you will get the answer as result. For example to adding 3 and 9, type 3+9 in the search bar, you will get the answer as in the picture.


Not only arithmetic calculations. You can also do advanced calculations like trigonometry, logarithm, etc., with Google. for example, type sin(84)+log(34) and get the answer 2.26466924 as in the figure following, 


If you want to know more about Google calculator, you can read here.
Posted by Balakumaran at 10:06 PM 0 comments
Labels:

Friday, February 11, 2011

SQL injection

Sql stands for Structured Query Language. Its a language used for querying database. In most of the websites, this is been used. In websites it is used for store and retrieve user information from databases. For example, the login username and password will be compared with the data retrieved for the user information database. So Sql is used in a wide range of websites.

But the websites using sql as back-end are facing a vulnerability known as sql injection. It is very critical one, which should be eliminated from any websites. Because using this vulnerability, anyone can spoof other users who are registered in that website. 
Here in this post, first we will see how sql is been used and then we are going to see how to perform sql injection.

In any website that asks user to login will prompt to enter the username and the password. Those information will be used to frame a query that will be sent to the database. For example in an ordinary login page, you are providing your username as arun and the password as arunasks as int this figure, 
 
those data will be placed in a query like this
select * from user_info where username='arun' and password='arunasks'
consider in this website, user_info is the database table that stores the user information. So this query will return details of a user whose username is arun and the password is arunasks. If no user having this username and the password, you will be returned an error message as login failed. This is what actually happens.

See here in the query, the data that entered in the username field and the password field will be inserted in the appropriate position. So if you insert username as 
x' or '1'='1' -- and enter whatever(blank now) in the password. 
 
Then the query will be framed as,
select * from user_info where username='x' or '1'='1'-- and password =''
so now even the username is wrong, the or condition one equal one is true. and in sql '--' is the comment line. so anything after '--' won't be considered. So you will be logged in.

Not only this method. There are millions of methods in Sql injection. As much as you are creative, you will get more and more.
Posted by Balakumaran at 8:33 PM 0 comments
Labels:

Thursday, February 10, 2011

Write in your blog through email

In my college blogger.com is blocked. But I have a habit that whatever I like, I think, I know, I will write in my blog kumaran127.blogspot.com. So now I need an alternative to write to my blog. Then I found that blogger provides an option to post through mail. First we need to create a secret email id for blog posting (this must be secret. Because only you should be able to write in your blog). After that you can send your writing to that email, that will be published in your blog.

For that option, do the following,
  • In blogger dashboard, select settings
  • then select the tab email & mobile
  • in the email posting address create the secret email
  • there will be some options as, 1.publish emails directly, 2.save emails as draft posts, 3.disabled. Among them select your required option and save the settings.
Thats all. now you can write in your blog through mails. One important thing here is, the subject of your email will be the heading for your post.
Posted by Balakumaran at 10:42 PM 0 comments
Labels:

Make computer as a router

I'm doing my final year project now. For that I need to connect two different network through a router. But in my college there was no router. But I can have as many computers I need to work. So I planned to make a computer as a router. Here I used Ubuntu, a debian based linux destro to make the system to route.

First I have connected two NIC (Network Interface Card) to a computer. And I had a default NIC. That totally three NICs I had in my computer. So I can connect three different network segments together. Now connect three network segments with the computer and assign IP address for three NICs. Now enable IP forwarding in the Ubuntu machine. Restart networking. Thats all the system became router.

I just gave the outline. Now I'm going to tell what I have done in my college. I have four systems totally. One of them is added two more NICs. That system(Ub) is installed Ubuntu 10.10. And the other three have been installed with Windows XP operating system (Xp1,Xp2,Xp3). I decided three XP systems as separate network segments. I have assigned the following IP for those machines
  • Xp1 - 192.168.1.105
  • Xp2 - 10.10.3.101
  • Xp3 - 10.10.2.101
And for those three NICs in the Ubuntu system as follows
  • eth0 - 192.168.1.100
  • eth1 - 10.10.3.100
  • eth2 - 10.10.2.100
I don't have any switch or router as I have told already. So I connected systems directly. But to connect two computers, the cable should be cross connected (search in Internet for cross cable). And I have connected the systems as follows
  • Xp1 - Ub eth0
  • Xp2 - Ub eth1
  • Xp3 - Ub eth2
In the Ubuntu machine I given the IP address in GUI mode. But it didn't worked for me. I don't know why. So I have assigned the IP directly in the interfaces (/etc/network/interfaces) as above. And restarted the network using the following comment
  • $ /etc/init.d/networking stop
  • $ service networking start
Alas! I made my computer into router. Now you can ping any system from any other system.

Posted by Balakumaran at 10:03 PM 0 comments
Labels:
Subscribe to: Posts (Atom)