Contact Me @ +91-9041922099

Mail me at mail@amarjit.info

Friday, May 19, 2017

Download Decryption Tool for WannaCry Ransomware - Unlock Files

Download Decryption Tool for WannaCry Ransomware - Unlock Files 

Since the WannaCry ransomware ripped through the internet late last week, infecting hundreds of thousands of machines and locking up critical systems from health care to transportation, cryptographers have searched for a cure. Finding a flaw in WannaCry’s encryption scheme, after all, could decrypt all those systems without any ransom.

Now one French researcher says he’s found at least a hint of a very limited remedy. The fix still seems too buggy, and far from the panacea WannaCry victims have hoped for. But if Adrien Guinet’s claims hold up, his tool could unlock some infected computers running Windows XP, the aging, largely unsupported version of Microsoft’s operating system, which analysts believe accounts for some portion of the WannaCry plague.
"Does not erase the prime numbers from memory before freeing the associated memory," says Guinet.
Based on this finding, Guinet released a WannaCry ransomware decryption tool, named WannaKey

"It does so by searching for them in the wcry.exe process. This is the process that generates the RSA private key. The main issue is that the CryptDestroyKey and CryptReleaseContext does not erase the prime numbers from memory before freeing the associated memory." says Guinet

So, that means, this method will work only if:

  1. The affected computer has not been rebooted after being infected.
  2. The associated memory has not been allocated and erased by some other process.

"In order to work, your computer must not have been rebooted after being infected. Please also note that you need some luck for this to work (see below), and so it might not work in every case!," Guinet says.

Download Tool here @ https://github.com/gentilkiwi/wanakiwi/releases

Wednesday, May 17, 2017

Ransomware – The next level of Cybersecurity - Deadliness

What would you do if today you found out that cybercriminals had managed to infect your computer with malware that has encrypted all your files? Would you pay to get them back, and if so, how much are you willing to spend? Five times or more amount ?? What if you are in charge of a company server on which all your organization’s intellectual property gets locked up by a cyber-extortion gang? What if all the computers in the hospital you manage are encrypted and held hostage by cybercriminals? Will you pay? Attackers are counting on you to do just that!

What is Ransomware?
Ransomware is a family of computer bugs that are programmed to lock up an endpoint, such as a PC, server, or mobile device, in various ways and then asks the victim to pay a ransom to regain control of the data or the endpoint. A Ransomware attack can affect an individual or organization anywhere in the world. According to the FBI, ransomware attacks cost victims in the US a total of $209 million in the first three months of 2016. That’s a 771% increase for the $24 million reported in all of 2015.

How does it attack?
Cybercriminals typically use social engineering such as unsolicited email, or spam, to lure victims into opening a malicious attachment. The attachment attempts to exploit a vulnerability in productivity software the user likely possesses in order to allow file execution, in this case Ransomware. The Ransomware code is designed to scan the file system on the endpoint and find all the locations where the victim keeps files, including shadow copies and backup files and including network repositories and even external drives attached to the endpoint. The files are then encrypted and users are prevented from accessing them. The key to unlocking the files remains in the cybercriminal’s hands until the victim pays a ransom to obtain the key and attempts to restore the files.

Your MONEY or your DATA?
Victims all around the globe have been receiving on-screen ransom requests averaging $500USD, demanded most often in the form of cryptocurrency. Businesses are now seeing larger-scale ransomware attacks on their servers and networks, along with demands for 4- to 5-digit ransom payments, all the way up to millions demanded in some cases.

What can consumer do to lower the Ransomware risk?

What can Business do to lower the ransomeware risk?

Ransomware has emerged as one of the most lucrative and popular techniques cybercriminals are using against both businesses and consumers.

We strongly encourage you to read X-Force research report (https://securityintelligence.com/media/ransomware-report/) to get a deeper insight on Ransomware.We urge you to take necessary and sensible precautions and encourage safe practices within your team. 

Monday, August 29, 2016

What is Serve Humanity Serve God ? Who are We ?

What is Serve Humanity Serve God ? Who are We ? 

Serve Humanity Serve God is a team of volunteers provides help to those poor and needy patients who cannot afford to pay for their medical treatment. “We ‘adopt’ these people and help them with everything they need — be it a Dialysis, an MRI, a CT Scan, Provide free medicines, an operation, or anything else. The small team raises money by speaking to people across the city — friends, acquaintances, family, strangers – anyone who can help them with funds. It is mostly by word of mouth that donors reach to us.
We also took responsibility of children staying in the compound and take them out on vacations or weekends.
PGI Chandigarh has many poor patients coming from Bihar, Uttar Pradesh, Chhattisgarh and Nepal. They stay at the gurdwara compound for months, and some, for years. Many such patients come along with their families, including children. About 2,500-3,000 persons including patients and their family members take food at the gurdwara community kitchen daily.
To join in donations please contact: 
  1. Amarjit Singh - 90419-22099 (Chandigarh) India
  2. Navjot Sidhu - 87280-00333 (Chandigarh) India
  3. Sherry - 425-306-6831(Seattel) USA
  4. Hardeep Gill - 916-538-8107(California) USA
  5. Mandeep Malhi - 647-709-0096 (Canada)
  6. Sunny Grewal - 61-402-906-576 (Australia)

Follow Serve Humanity Serve God on Social Media

Hashtags on Social Media: #ServeHumanityServeGod

Friday, May 20, 2016

IBM Smart City Solutions - Rashtrapati Bhavan would be transformed into a smart township

IBM to transform Rashtrapati Bhavan into smart township

Rashtrapati Bhavan would be transformed into a smart township with the help of IBM Smart City Solutions.IBM on Thursday announced that its smart city solutions have been deployed for the digital transformation of the Presidential Estate. “Spread across 330 acres of land and home to over 5,000 residents, the self-sustained Presidential Estate is adopting IBM’s technology and solutions to become future ready.

The Intelligent Operations Center addresses challenges that are inherent to townships - water supply, security, electrical infrastructure and solid waste management,” said an IBM statement.“The transformation of the estate into a smart township is customized to further enhance the efficiency of critical infrastructure and utilities,” it added.The partnership to reimagine the Rashtrapati Bhavan in the digital age was announced at an event graced by President Pranab Mukherjee. A citizens mobile app, created by IBM Intelligent Operations Center (IOC), was also launched, which allows residents to report issues using the web and mobile. “Rashtrapati Bhavan is an iconic representation of India’s smart city vision. It is a proud moment for all of us and the beginning of a great journey. We are honored to be their partner in enabling this transformation,” said Vanitha Narayanan, MD, IBM India.

Tuesday, May 10, 2016

Types Of Routing Tables In Junos

Juniper Network Operating System (JUNOS) maintains different types of routing tables for clear separation of different types of routes. Each routing table populates a portion of forwarding table and thus the forwarding table is partitioned based on routing table. The routing table in Juniper Network Operating System or JUNOS contains all the information known by that router and routing protocol puts the different routes in the routing table for single destination. Further the routing table places the best route in the packet forwarding engine (PFE).

Below is the list of different types of routing tables created by Junos. They are as follows:
1. Inet.0: This table stores the IPv4 unicast routes. This is equivalent to global routing table in CISCO.

2. Inet.1: This table stores the multicast routes. This table stores the (S,G) entries. This is equivalent to mroute table of CISCO.

3. Inet.2: This table is used for unicast RPF (Reverse Path Forwarding). For subsequent address family indicator (SAFI) 2 routes, when multiprotocol BGP (MBGP) is enabled. This table stores unicast routes that are used for multicast reverse-path-forwarding (RPF) lookup. The routes in this table can be used by the Distance Vector Multicast Routing Protocol (DVMRP), which requires a specific RPF table. In contrast, Protocol Independent Multicast (PIM) does not need this table because it can perform RPF checks against the inet.0 table. You can import routes from inet.0 into inet.2 using routing information base (RIB) groups, or install routes directly into inet.2 from a multicast routing protocol.

4. Inet.3: For IPv4 MPLS. This table stores the egress address of an MPLS label-swiched path (LSP), the LSP name, and the outgoing interface name. This routing table is used only when the local device is the ingress node to an LSP.

5. Inet6.0: This table stores the IPv6 Unicast routes.

6. Bgp.l2vpn.0: This table stores the L2VPN learned routes.

7. Bgp.l3vpn.0: This table stores the L3VPN learned routes.

8. Mpls.0: For MPLS label switching operations. This table is used when the local device is a transit router.

9. Iso.0: For IS-IS routes. When you are using IS-IS to support IP routing, this table contains only the local device’s network entity title (NET).

10. Juniper_Private: For Junos OS to communicate internally between the Routing Engine and PIC hardware.


Source: http://www.mplsvpn.info/ 

Juniper JET Automation Framework

JET is a framework which means all the features ties together that enables JUNOS to be more open and programmable.

There are four big components of JET
1. Python: Python 2.7.8 is supported on all JUNOS devices. By using Python users can develop and execute Python scripts on JUNOS.

2. JSON: JSON is popular data exchange program because of it’s simplicity, light weight and rich native support in several programming languages. Most of the python programmers use JSON as data exchange program. With this help now JUNOS operational show commands can display data in JSON format also along with XML format. JUNOS configuration can be provided directly in JSON format which can help programmer to write code in python and push configuration on box without having worry of XML.

3. Fast Programmatic Configuration Database: It is fast programmatic configuration database used by JUNOS and gives access to controller’s applications which are pushing fast state changes onto JUNOS. SDN applications can make the changes at very high rate with 1000 of configuration changes per second with no configuration validation. The onus of configuration validation will be taken care by the external SDN controllers and applications.

4. JET API: SDN requires programmable interface for fast rate of configuration changes with multiple instance of databases without the contention of database resources. JET APIs are AVATAR of JUNOS SDK which enables APP developer to program the JUNOS control and data plane. JET APIs constitutes of 5 things as mentioned below
a. Route
b. Interface
c. Firewall
d. Management APIs
e. Notifications

JET APIs framework is language and Operating System agnostic which means APP developer can use any of the language and OS of their own choice. The APPS which are written will be binary compatible and decoupled from the JUNOS releases. All the APIs exposed externally by JET will be used internally as well.


Source: http://www.mplsvpn.info/ 

Monday, April 11, 2016

IBM AND EVRY With a Billion Kroner Partnership - TO BUILD A COMMON CLOUD DATA CENTRE

IBM AND EVRY With a Billion Kroner Partnership 
TO BUILD A COMMON CLOUD DATA CENTER


Global cloud platform on Norwegian soil

EVRY has enticed IBM to invest several billion kroners in a super center at Fet. Hence, Norway is connected to the world’s sole global cloud infrastructure.

- This is an extremely important partnership for us, says Matt Milton, responsible for the EVRY partnership in IBM.

This is the first time IBM builds a data center that is part of the IT giant ’s global cloud infrastructure together with a partner. IBM has built t he remaining 46 data centers by themselves , and are strategically located in all corners of t he world .

The global cloud platform is based on technology from SoftLayer that IBM bought for almost 2 billion dollars in 2013.
- To gather we invest several billion dollars, continues Milton. EVRY’s contribution is 500 million kroners, the rest of the bill is picked up by IBM. It would probably not be a SoftLayer center on Norwegian or Nordic soil if EVRY had not contributed.

“Future Proof” picks up speed

In 2012 while EVRY’s core customers struggled with unstable IT platforms and the IT corporation struggled to give the shareholders value as sto ck exchange listed companies, t he CEO at the time Terje Mjøs launched the concept “Future Proof”.

Mjøs planned a data centre of the future, built at Fet outside of Oslo with modern, standardised, virtualised and automated infrastructure.

The new IT platform should easily be able to connect to the customers’ data centres and to commercial clou d platforms such as Microsoft Azure and Amazon Web Services.

However, it has taken longer to complete Future Proof than planned.

- We do this to more rapidly achieve our goal with Future Proof, says CTO Bjørnar Engebretsen in EVRY.

All but one

- Why did you choose IBM’s technology?
- We looked at different models. The determining factor was that we would get all technology and all services that we needed from one service provider if we chose IBM, replies Engebretsen.
It is the Digiplex building that is to house the new center. The actual content will gradually be built during the spring, and the data center will be in full production this autumn.

Engebretsen says that it will initially be set up 10,000 servers at Fet. The CTO underlines that it is e asy to double the amount if need be.

To be able to industrialize and automise the IT deliveries, all SoftLayer centers are identical on the inside. The interior in the data center at Fet has therefore gone through minor modifications in order to become identical to the other 46 data centers.

IT operation for 6 billion 
Engebretsen says that EVRY is in the process to prepare 200 customers for the new SoftLayer platform.

With a center on Norwegian soil , EVRY is able to offer cloud ser vices to customers that due to regulatory reasons require that the data is located in Norway. This applies especially to customers in the public sector and in the bank and finance sector, which comprises one half and approximately one third of the revenue respectively. 

EVRY ’s total revenue today is 12 billion kroners in Norway, where approximately half of this is operations.
When Fet is connected to the global SoftLayer cloud, EVRY’s service offerings to companies with a global presence will increase. Now they can store data in centers relatively close to their local offices no matter where it is in the world.

Access to Watson 
- The goal with the new data center is to become a more important IT partner for our customers, says Engebretsen.
In addition to delivering operation services from a cloud platform, EVRY has developed its own user portal customized to the individual customer as a part of Future Proof. Now IBM takes over the production of this service, and will develop new services for the cloud platform.

EVRY’s customers will in addition get access to IBM’s services and applications collected under the Bluemix umbrella. This includes access to solutions that builds on the self - learning super - machine Watson. 

As a par t of the IBM - EVRY contract, IBM acquired 332 employees from EVRY on the 1 st of December last year. The former EVRY employees are gathered in the newly created IBM Services.

Tuesday, April 14, 2015

Save the Internet: Tell TRAI We Need Network Neutrality

Save the Internet: Tell TRAI We Need Network Neutrality 

Emails should be sent to advqos@trai.gov.in 

Please bcc us at netneutrality59@gmail.com & mail@amarjit.info 

We will try to ensure that your response is acknowledged by TRAI. 

Click Here for Email Format 

The purpose is to assist supporters of strong net neutrality in articulating their own views on the matter in a legally precise manner, in order to submit a response to the TRAI before the deadline on 24 April 2015.


We appeal to parliamentarians and political leaders to keep this campaign apolitical. Citizens: demand a free and open internet. Contact your MP now. 



Wednesday, March 25, 2015

Nmap Project Seeking Talented Programmers for Google Summer of Code

Nmap Project Seeking Talented Programmers for Google Summer of Code

Hi folks.  I'm delighted to report that Nmap has been accepted by Google to participate in this year's Summer of Code internship program.  This innovative and extraordinarily generous program provides $5,500 stipends to college and graduate students anywhere in the world who spend the summer improving Nmap from home! They gain valuable experience, get paid, strengthen their résumés, and write code for millions of users.  We're one of the few orgs which have participated every year since the program began, and we're quite excited for our eleventh year!

Previous SoC students helped create the Nmap Scripting Engine, Zenmap GUI, and the handy Ncat and Nping utilities.  Several of them became top developers!  We're hoping for the same this year, but we need your help to get the word out! If you know any college/grad students (or are one) who
might be interested, please point them to our project ideas page:

http://nmap.org/soc/ 

You must hurry though, as applications are due this Friday at 19:00 UTC. We're absolutely forbidden from accepting any late applications.  You can start an application now though and improve it up until the deadline.

Applications can be submitted using the orange "Log in" button (under "Students", not "Mentors and Administrators") at https://www.google-melange.com/gsoc/homepage/google/gsoc2015

Cheers,
Fyodor

PS: In Nmap news.  We were so busy coding that we forgot to announce our
Nmap 6.46 and 6.47 releases last year.  But they're available at
http://nmap.org/download.html .  And we're also working on a very big
release expected in the next month or two!

Tuesday, March 3, 2015

How To - Layer 3 Routing Loop Poblem - Split Horizon and Route Poisoning

Most of the time, I always be a part of layer 2 routing loop discussion but never heard about the engineers talking about layer 3 routing loop problem. This is being experienced during my recent visit in some company where all engineers knows why to use Spanning Tree Protocol but none of them knew why to use split horizon and route poisoning. 

In layer 3 networks, there might chance of routing loops and split horizon, hold down timers and route poisoning are the techniques which help to prevent the layer 3 routing loop. Below depicted Figure 1 is showing the converge network. Let’s assume in case of failure of 10.4.0.0 network, router C will forward the update to router B and router B will forward the update to router A and router C as well. By doing this the same kind of the update which is being generated by C is received and C might think that he is getting the information of 10.4.0.0 network from B but In fact, 10.4.0.0 network is directly attached to router C. This situation can arise in smaller networks too.











The first work around is the split horizon technique which says not to send the updates to the interfaces from it has been received. It looks like send update information (Number of interfaces – Receiving Interface Updates).
Next one is route poisoning, when the router detects link down, the attached router sends the update to its neighbors. But in this case, the receiving router can send back the received information to the same interface from where it received by setting the route metric to maximum. Definitely this is the violation of split horizon rule but it helps router to understand about that particular network is down or inaccessible which actually help the convergence of routing. Now 10.4.0.0 is poisoned route which is having the maximum metric assigned as the route is not reachable. When the neighbor send the route back to the originator, it becomes reverse poisoned.

What does route poisoning do?
1. Set the hop count to an unreachable state as soon as the failed network is detected
2. Route remains poisoned until the hold-down timer expires.
3. Hold timer depends on the routing protocol; Every protocol is having different hold-down timer.
4. Only uni direction traffic flow.
5. If the route is not back up during the hold down time period expires, that route is removed from the routing table and added in the garbage table.

The last one is Hold Down timers. What does hold-timers do?
1. A router receives an update from a neighbor indicating that a network that previously was accessible is now no longer accessible.
2. The receiving router marks that route possibly down and starts the hold-down timer.
3. If an update with a better metric for that network is received from any neighboring router during the hold-down period, the network is reinstated and the hold-down timer is removed.
4. If an update from any other neighbor is received during the hold-down period with the same or worse metric for that network, that update is ignored. Thus, more time is allowed for the information about the change to be propagated.
5. Routers still forward packets to destination networks that are marked as possibly down. This allows the router to overcome any issues associated with intermittent connectivity. If the destination network truly is unavailable and the packets are forwarded, black hole routing is created and lasts until the hold-down timer expires. (Very Important Point). This could be the reason, administrators look forward to reduce the hold-down timers to increase the convergence time. Definitely if the network is not stable these timers generates lot of messages.

As per section 2.2.2, RFC 1058 explicitly says that “Split horizon with poisoned reverse will prevent any routing loops that involve only two gateways. However, it is still possible to end up with patterns in which three gateways are engaged in mutual deception.” Definitely this could be the case of broadcast of multi-access networks.

 
Design by Amarjit Singh | Idea From Blogging Tutorials - Premium Themes | Best Buy Coupons