hackthisway

Kidkeylock #recommendation

In Uncategorized on October 3, 2010 at 7:06 am

Another tiny application but of great use.  As the name explains,  this software can lock your computer keyboard the way you lock your cellphone’s keypad. Also, it can lock mouse movements and certain other things which you must find on your own.

Visit the creator’s site :

KidKeyLock

Wizmo #Recommendation

In Uncategorized on September 26, 2010 at 9:41 am

This one is good, really. A  small versatile program which turns off your monitor in a click or two. It does many other jobs but this one caught my attention.  Useful for laptops that don’t have a button to switch off just the monitor without bringing the computer to standby or hibernation.

To turn your monitor back on, just move the mouse.

Instead You may like changing settings in power options but that is not such a handsome idea.

So, go for Wizmo ( works with Windows 7 as well ) , compatible with windows OS only.

Download Wizmo

For more info :

Wizmo

Email Tracing Facts

In Uncategorized on September 21, 2010 at 10:36 pm

 

 

 

 Header files are monitored to extract the information about the sender, the route taken and certain other things. Now, every header file does not give you enough information, mostly in the case of web based mail programs like gmail and yahoo. But hotmail has the trend of attaching “ X- originating IP” in the header file which contains the email and IP address of the computer from which the email was sent. e.g.

X-Originating-IP: [***.***.80.54]

X-Originating-Email: [hackthisway@live.com]

I have masked the IP address for security purpose.

However, same is not true for Gmail or Yahoo mail. They don’t add any such information if the email is sent from a web based mail program. Hotmail or live mail does this to figure out the origin of spam or phishing mails. Not a foolproof method to counter spam but effective sometimes.

But if the sender uses a desktop based mail program like Outlook or Eudora or Incredimail etc., you may find the IP of the sender’s computer. The IP address and machine name is one of the first things that get added to the header file. The IP address could be the IP address of the computer which is directly connected to Internet or it could be the address of a router. Well, even this can be faked.

Let us understand through some examples of the header files …

NOTE : unimportant data is not shown.

Header files of an email received from a web based mail program :

X-Apparently-To:   ******@yahoo.com via 203.104.17.143; Mon, 20 Sep 2010 07:21:31 -0700

Return-Path:   <check.wsx@gmail.com>

Received-SPF:   pass (mta1188.mail.sk1.yahoo.com: domain of check.wsx@gmail.com designates 209.85.160.42 as permitted sender)

X-YMailISG:   zhjciiocZAr0A1zpFh5t5Rj.LSVeZFGWC8HYRDb.qOGPnalU LVLBncoIcmp05C2ma3amJN_.PDdW5gmqKebX3OzwpOL4h7vxwSbdqD6oGdd5 ……

X-Originating-IP:   [209.85.160.42]

Authentication-Results:   mta1188.mail.sk1.yahoo.com from=gmail.com; domainkeys=pass (ok); from=gmail.com; dkim=pass (ok)

Received:   from 127.0.0.1 (EHLO mail-pw0-f42.google.com) (209.85.160.42) by mta1188.mail.sk1.yahoo.com with SMTP; Mon, 20 Sep 2010 07:21:30 -0700

Received:   by mail-pw0-f42.google.com with SMTP id 9so1549545pwj.1 for <*******@yahoo.com>; Mon, 20 Sep 2010 07:21:30 -0700 (PDT)

MIME-Version:   1.0

Received:   by 10.143.40.18 with SMTP id s18mr7678419wfj.283.1284992490002; Mon, 20 Sep 2010 07:21:30 -0700 (PDT)

Received:   by 10.143.161.2 with HTTP; Mon, 20 Sep 2010 07:21:29 -0700 (PDT)

Date:   Mon, 20 Sep 2010 19:51:29 +0530

Subject:   checking again

From:   This sender is DomainKeys verified check checkk <check.wsx@gmail.com>  Add sender to Contacts

To:   **********@yahoo.com

Content-Type:   multipart/alternative; boundary=001636e0b5e4e7d9e10490b1a0a2

Content-Length:   190

None of this contains the IP address of the sender.

Let us have a look at another header file sent from Microsoft Outlook 2007:

 

X-Apparently-To:   ******@yahoo.com via 203.104.17.159; Mon, 20 Sep 2010 07:18:31 -0700

Return-Path:   <check.wsx@gmail.com>

Received-SPF:   pass (mta1082.mail.ac4.yahoo.com: domain of check.wsx@gmail.com designates 209.85.212.182 as permitted sender)

X-YMailISG:   tDcVrVIcZApapCW99IhBY.3q6CQSIqoRSTz07uQYj3WyscDw

X-Originating-IP:   [209.85.212.182]

Authentication-Results:   mta1082.mail.ac4.yahoo.com from=gmail.com; domainkeys=pass (ok); from=gmail.com; dkim=pass (ok)

Received:   from 127.0.0.1 (EHLO mail-px0-f182.google.com) (209.85.212.182) by mta1082.mail.ac4.yahoo.com with SMTP; Mon, 20 Sep 2010 07:18:28 -0700

Received:   by pxi17 with SMTP id 17so1777220pxi.41 for <rohit_apogee@yahoo.com>; Mon, 20 Sep 2010 07:18:27 -0700 (PDT)

DKIM-Signature:   v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com;

Received:   by 10.114.46.8 with SMTP id t8mr10160141wat.32.1284992307235; Mon, 20 Sep 2010 07:18:27 -0700 (PDT)

Return-Path:   <check.wsx@gmail.com>

Received:   from myPC ([***.234.80.49]) by mx.google.com

with ESMTPS id o17sm13595920wal.21.2010.09.20.07.18.24 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 20 Sep 2010 07:18:26 -0700 (PDT)

From:   This sender is DomainKeys verified “check.wsx” <check.wsx@gmail.com>  Add sender to Contacts

To:   <rohit_apogee@yahoo.com>

Subject:   checking

Date:   Mon, 20 Sep 2010 19:48:19 +0530

Message-ID:   <4c976d32.1156730a.27c7.fffffa26@mx.google.com>

MIME-Version:   1.0

X-Mailer:   Microsoft Office Outlook 12.0

Have a look at the underlined data which shows the name and IP  of the computer from where the mail was sent.

With this piece of info in hand you can find out the ISP with which the IP address is registered and can report any suspicious activity.  However, the law enforcement ppl can go a step ahead,  they can even get the residential  address of the registered user from the ISP.

Do a google search or bing      :)      to  find out  how you can view the headers in your email clients.

Follow

Get every new post delivered to your Inbox.

Join 43 other followers