What is ip & what is public & private ip?

nternet Protocol (IP) addresses are usually of two types: Public and Private. If you have ever wondered to know what is the difference between a public and a private IP address, then you are at the right place. In this post I will try to explain the difference between a public and a private IP addres in layman’s terms so that it becomes simple and easy to understand.

What are Public IP Addresses?

A public IP address is assigned to every computer that connects to the Internet where each IP is unique. Hence there cannot exist two computers with the same public IP address all over the Internet. This addressing scheme makes it possible for the computers to “find each other” online and exchange information. User has no control over the IP address (public) that is assigned to the computer. The public IP address is assigned to the computer by the Internet Service Provider as soon as the computer is connected to the Internet gateway.

A public IP address can be either static or dynamic. A static public IP address does not change and is used primarily for hosting webpages or services on the Internet. On the other hand a dynamic public IP address is chosen from a pool of available addresses and changes each time one connects to the Internet. Most Internet users will only have a dynamic IP assigned to their computer which goes off when the computer is disconnected from the Internet. Thus when it is re-connected it gets a new IP.

You can check your public IP address by visiting www.whatismyip.com

What are Private IP Addresses?

An IP address is considered private if the IP number falls within one of the IP address ranges reserved for private networks such as a Local Area Network (LAN). The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private networks (local networks):

10.0.0.0 – 10.255.255.255 (Total Addresses: 16,777,216)
172.16.0.0 – 172.31.255.255 (Total Addresses: 1,048,576)
192.168.0.0 – 192.168.255.255 (Total Addresses: 65,536)

Private IP addresses are used for numbering the computers in a private network including home, school and business LANs in airports and hotels which makes it possible for the computers in the network to communicate with each other. Say for example, if a network X consists of 10 computers each of them can be given an IP starting from 192.168.1.1 to 192.168.1.10. Unlike the public IP, the administrator of the private network is free to assign an IP address of his own choice (provided the IP number falls in the private IP address range as mentioned above).

Devices with private IP addresses cannot connect directly to the Internet. Likewise, computers outside the local network cannot connect directly to a device with a private IP. It is possible to interconnect two private networks with the help of a router or a similar device that supports Network Address Translation.

If the private network is connected to the Internet (through an Internet connection via ISP) then each computer will have a private IP as well as a public IP. Private IP is used for communication within the network where as the public IP is used for communication over the Internet. Most Internet users with a DSL/ADSL connection will have both a private as well as a public IP.

You can know your private IP by typing ipconfig command in the command prompt. The number that you see against “IPV4 Address:” is your private IP which in most cases will be 192.168.1.1 or 192.168.1.2. Unlike the public IP, private IP addresses are always static in nature.

Unlike what most people assume, a private IP is neither the one which is impossible to trace (just like the private telephone number) nor the one reserved for stealth Internet usage. In reality there is no public IP address that is impossible to trace since the protocol itself is designed for transparency.

Netbios Tricks [ hack ]

THIS NETBIOS HACKING GUIDE WILL TELL YOU ABOUT HACKING REMOTE COMPUTER AND GAINING ACCESS TO IT’S HARD-DISK OR PRINTER. NETBIOS HACK IS THE EASIEST WAY TO BREAK INTO A REMOTE COMPUTER.

STEP-BY-STEP NETBIOS HACKING PROCEDURE

1.Open command prompt

2. In the command prompt use the “net view” command

( OR YOU CAN ALSO USE “NB Scanner” OPTION IN “IP TOOLS” SOFTWARE BY ENTERING RANGE OF IP ADDRESSS. BY THIS METHOD YOU CAN SCAN NUMBER OF COMPUTERS AT A TIME).

Example: C:\>net view \\219.64.55.112

The above is an example for operation using command prompt. “net view” is one of the netbios command to view the shared resources of the remote computer. Here “219.64.55.112″ is an IP address of remote computer that is to be hacked through Netbios. You have to substitute a vlaid IP address in it’s place. If succeeded a list of HARD-DISK DRIVES & PRINTERS are shown. If not an error message is displayed. So repeat the procedure 2 with a different IP address.

3. After succeeding, use the “net use” command in the command prompt. The “net use” is another netbios command which makes it possible to hack remote drives or printers.

Example-1:
C:\>net use D: \\219.64.55.112\F
Example-2:
C:\>net use G: \\219.64.55.112\SharedDocs
Example-3:
C:\>net use I: \\219.64.55.112\Myprint


NOTE: In Examples 1,2 & 3, D:,G: & I: are the Network Drive Names that are to be created on your computer to access remote computer’s hard-disk.

NOTE: GIVE DRIVE NAMES THAT ARE NOT USED BY ANY OTHER DRIVES INCLUDING HARD-DISK DRIVES, FLOPPY DRIVES AND ROM-DRIVES ON YOUR COMPUTER. THAT IS, IF YOU HAVE C: & D: AS HARD DIRVES, A: AS FLOPPY DIVE AND E: AS CD-DRIVE, GIVE F: AS YOUR SHARED DRIVE IN THE COMMAND PROMPT

F:,”SharedDocs” are the names of remote computer’s hard-disk’s drives that you want to hack. “Myprint” is the name of remote computer’s printer. These are displayed after giving “net use” command. “219.64.55.112″ is the IP address of remote computer that you want to hack.

4. After succeeding your computer will give a message that “The command completed successfully“. Once you get the above message you are only one step away from hacking the computer.

Now open “My Computer” you will see a new “Hard-Disk drive”(Shared) with the specified name. You can open it and access remote computer’s Hard-Drive. You can copy files, music, folders etc. from victim’s hard-drive. You can delete/modify data on victim’s hard-drive only if WRITE-ACCESS is enabled on victim’s system. You can access files/folders quickly through “Command Prompt”.

NOTE: If Remote Computer’s Firewall Is Enabled Your Computer Will Not Succeed In Gaining Access To Remote Computer Through Netbios. That is Netbios Hacking Is Not Possible In This Situation.(An Error Message Is Displayed). So Repeat The Procedure 2,3 With Different IP Address.

Methode To Detect Anonymous IP Addresses

http://whatismyipaddress.com/ip-lookupAs the fraudsters are now becoming more sophisticated in bypassing the Geo-location controls by using proxies (Anonymous IPs) to spoof their IP address, it has become very much necessary to come up with a means for detecting the proxies so that the authenticity of the users can be verified. Using a proxy (web proxy) is the simplest and easiest way to conceal the IP address of an Internet user and maintain the online privacy. However proxies are more widely used by online fraudsters to engage in cyber crimes since it is the easiest way to hide their actual Geo-location such as city/country through a spoofed IP address. Following are some of the examples where fraudsters use the proxies to hide their actual IP.

1. Credit Card Frauds

For example, say a Nigerian fraudster tries to purchase goods online with a stolen credit card for which the billing address is associated with New York. Most credit card merchants use Geo-location to block orders from countries like Nigeria and other high risk countries. So in order to bypass this restriction the credit card fraudster uses a proxy to spoof his IP address so that it appears to have come from New York. The IP address location appears to be legitimate since it is in the same city as the billing address. A proxy check would be needed to flag this order.


2. Bypass Website Country Restrictions

Some website services are restricted to users form only a selected list of countries. For example, a paid survey may be restricted only to countries like United States and Canada. So a user from say China may use a proxy so as to make his IP appear to have come from U.S. so that he can earn from participating in the paid survey.

Proxy Detection Services


So in order to stop such online frauds, Proxy Detection has become a critical component. Today most companies, credit card merchants and websites that deal with e-commerce transactions make use of Proxy Detection Services like MaxMind and FraudLabs to detect the usage of proxy or spoofed IP from users participating online.

Proxy Detection web services allow instant detection of anonymous IP addresses. Even though the use of proxy address by users is not a direct indication of fraudulent behaviour, it can often indicate the intention of the user to hide his or her real IP. In fact, some of the most used ISPs like AOL and MSN are forms of proxies and are used by both good and bad consumers.


How Proxy Detection Works?

Proxy detection services often rely on IP addresses to determine whether or not the IP is a proxy. Merchants can obtain the IP address of the users from the HTTP header on the order that comes into their website. This IP address is sent to the proxy detecting service in real time to confirm it’s authenticity.

The proxy detection services on the other hand compare this IP against a known list of flagged IPs that belong to proxy services. If the IP is not on the list then it is authenticated and the confirmation is sent back to the merchant. Otherwise it is reported to be a suspected proxy. These proxy detection services work continuously to grab a list or range of IPs that are commonly used for proxy services. With this it is possible to tell whether or not a given IP address is a proxy or spoofed IP.


How to Tell Whether a given IP is Real or a Proxy?

There are a few free sites that help you determine whether or not a given IP is a proxy. You can use free services like WhatisMyIPAddress to detect proxy IPs. Just enter the suspected IP in the field and click on “Lookup IP Address” button to check the IP address. If it is a suspected proxy then you will see the results something as follows.

What is URL Masking & Its need?

What is URL Masking?
URL Masking it is a hack process to hide the real URL to a shorter or alternative URL. This process is used for phishing work normally. Here you can have same URL with a tk domain. Generally we uses some free services for phishing our friends to gain the user name and password.

What is the need of URL Masking?
URL Masking Is specially created for phishing(hacking) work. By this technique we can have same name of URL with tk domain.
Eg. We have a URL cybertechguru.blogspot.com and want a short URL instead of it, or want to use an alternative URL to access this site or blog.

As we all know, Phishing is one of the most useful and simple methods for hacking email accounts. When sending a phishing mail you have to include the link to your phisher page, so instead of sending mail with actual URL that can create a sense of doubt in victim's mind, we can hide the URL. Dot.tk is an online service which enables you to hide/mask the url.

How to Mask a URL:

Consider you have hosted your phisher page and your phisher link is something like: http://www.facebook.110mb.com

So, whenever victim checks out this link, he will find the link suspicious. This can be detrimental for our hack. The best way is to make this link less suspicious i.e. to hide/mask the URL.

1. Go to Dot.tk to hide a URL.

2. Enter your phisher link in the textbox and hit on Next.



3. Enter the link you want to rename your phisher link to.



4. Now, you can send this masked phisher link to your victim. The victim will now find our phisher link less suspicious as we have hidden the actual phisher link using .tk domain.

Enjoy The Post..!!

How Can We Detect Fake E-mails

In my last posts i shared the method to send fake e-mail to any one from any email id. There is a methods to check if your e-mail is fake or original. In this post i will share to check weather your email is fake or original. This is an anti-hacking or security trick to check the information of your received E-mail.

2. Suppose you are the receiver. Now, I will tell you how to recognize this mail as fake. Open the email and hit on "Show Details".

3. Something you must know:

When google will send you email it will content the following details:

• mailed by
• signed by

Also, most of the times, "Mailed by" field will have value:

bounces.google.com or
google.com

 depending on the type of your mail. This is true for every genuine email from every mail provider.

4. But, these two fields will not be present in the details of Fake Mail. Also, if the mail details contain these fields, the value of these fields will not be google.com

Fake Mail without "Mailed by" field:

 









Fake Mail with "Mailed by" field.

 As you can see, the "mailed by" field shows the hosting server's name and not the Google server. This means, this server is used to send you the fake email and most probably, the fake mailer is hosted on the same server.


You can also check out the header field to detect fake mails. Follow the steps:

- Open the mail. Hit on down arrow next to "Reply" and click on "Show Original".

- Now, check out "Received" fields. This field will show you the name of server from which the mail is sent. As you can see, we have used "emkei.cz" as our fake mailer. So, it has appeared in "Received" field.



-----------------------------
use the method and beware from the hacker & being phishing...1

Be Secure from Phishing Scams

Phishing is a form of social engineering technique used by hackers to gather sensitive information such as usernames, passwords and credit card details by posing as a trustworty person/organization. Since most online users are unaware of the techniques used in carrying out a phishing attack, they often fall victims and hence, phishing can be very effective.

With the dramatic increase in the number of phishing scams in the recent years, there has also been a steady rise in the number of people being victimized. Lack of awareness among the people is the prime reason behind such attacks. This article will try to create awareness and educate the users about such online scams and frauds.

Phishing scams usually sends an email message to users requesting for their personal information, or redirects them to a website where they are required to enter thier personal information. Here are some of the tips that can be used to identify various phishing techniques and stay away from it.

How To Identifying a Phishing Scam

1. Beware of emails that demand for an urgent response from your side. Some of the examples are:

    * You may receive an email which appears to have come from your bank or financial organization stating that “your bank account is limited due to an unauthorized activity. Please verify your account asap so as to avoid permanant suspension”. In most cases, you are requested to follow a link (URL) that takes you to spoofed webpage (similar to your bank website) and enter your login details over there.
    * In some cases, phishing emails may ask you to make a phone call. There may be a person or an audio response waiting on the other side of the phone to take away your credit cards details, account number, social security number or other valuable data.

2. Phishing emails are generally not personalized. Since they target a lagre number of online users, they usually use generalized texts like “Dear valued customer”, “Dear Paypal user” etc. to address you. However, some phishing emails can be an exception to this rule.

3. When you click on the links contained in a phishing email, you will most likely be taken to a spoofed webpage with official logos and information that looks exactly same as that of the original webpages of your bank or financial organization. Pay attention to the URL of a website before you enter any of your personal information over there. Even though malicious websites look identical to the legitimate site, it often uses a different domain or variation in the spelling. For example, instead of paypal.com, a phishing website may use different addresses such as:

• papyal.com
• paypal.org
• verify-paypal.com
• xyz.com/paypal/verify-account/

How To Avoid From Being Phishing

1. Do not respond to suspicious emails that ask you to give your personal information. If you are unsure whether an email request is legitimate, verify the same by calling the respective bank/company. Always use the telephone numbers printed on your bank records or statements and not those mentioned in the suspicious email.

2. Don’t use the links in an email, instant messenger or chat conversation to enter a website. Instead, always type the URL of the website on your browser’s address bar to get into a website.

3. Legitimate websites always use a secure connection (https://) on those pages which are intended to gather sensitive data such as usernames and passwords, account numbers or credic card details. You will see a lock icon in your browser’s address bar which indicates a secure connection. On some websites like paypal.com which uses an extended validation certificate, the address bar turns GREEN as shown below.

In most cases, unlike a legitimate website, a phishing website or a spoofed webpage will not use a secure connection and does not show up the lock icon. So, absence of such security features can be a clear indication of phishing attack. Always double-check the security features of the webpage before entering any of your personal information.

4. Always use a good antivirus software, firewall and email filters to filter the unwanted traffic. Also ensure that your browser is up-to-date with the necessary patches being applied.

5. Report a “phishing attack” or “spoofed emails” to the following groups so as to stop such attacks from spreading all over the Internet:

You can directly send an email to spam@uce.gov or reportphishing@antiphishing.org reporting an attack. You can also notify the Internet Crime Complaint Center of the FBI by filing a complaint on their website: www.ic3.gov.