How to Bypass Windows Admin Account Password Of Vista, XP, Windows 8

It is not rare that users forget the password set for Windows administrator account. Though Microsoft does not support password recovery, there are some methods to bypass the forgotten Windows admin account login details. This tutorial explains some well known procedures to bypass the Windows account login details for  Vista, Windows 8, 7 and  XP. It is important to understand, the successful procedure to bypass admin sign in for  Vista may not work for Windows 8 and vice versa. So I recommend you to read this tutorial carefully and choose the best method to recover or reset forgotten MS admin account login information.

1. Login To Windows XP Default Administrator Account

In XP computers, it is easy to access the computer even though you forgot the administrator password. We can bypass the Windows XP administrator account by using the default XP admin account created while installing OS on this computer. In most cases this default admin account is not password protected. So to bypass Windows XP admin login, follow the steps below.
  1. Restart Computer in Safe Mode

  2. When shows, select the default admin

2. Bypass Windows Vista Administrator Account Authentication

In Vista, we can bypass admin authentication with Emergency Repair Disk commander. So at first make sure you have Emergency Repair Disk for your Vista computer.

  1. Create an Emergency Repair Disk

    • Go to All Programs from Start

    • Click Accessories and go to System Tools

    • Click on Backup and select full information and write it to a disc

  2. Use ER Disc to Bypass Vista Admin Password

    • Change BIOS Settings

      Go to BIOS by pressing [Del] or [F2] button while booting your computer. The key to access BIOS may change depends on your motherboard. In BIOS select first boot device as Disc.

    • Insert ER Disc and boot your computer

    • Your Computer boots from ER disc and click start

    • Go to System Tools and click LOCKSMITH

    • Select the account you want to reset the current logon details. Enter new key and log off

    • Eject the CD and restart your computer


Third Party Tools To Reset Windows Admin Account

We have plenty of third party tools offering services to reset Microsoft Operating System Administrative password. Here let us check how to reset Admin access using a third party Windows password recovery tool, PC Login. Since it is a third party tool, users are advised to use it at their own risk.
  1. Burn the software to CD and reboot your computer with CD

  2. Since first booting device in BIOS is CD, your computer boots from CD
    Break Windows Admin entry

  3. Now PC login will find the Operating Systems installed on your computer. For multiple OS you should select the OS.
    Windows Password Hack

  4. Select the user account

    We need to select the user account which need to bypass the authentication.
    Reset the lost Windows entry

  5. Show the account properties

    Here we see the five properties of an account.

    • Administrator
      if the account has the Administrator privilege. It is useful if you need the administrator privilege to run certain program;

    • Password is empty : if the password of the account is empty

    • Password is disabled :if the account has been disable due to the operation of Administrator or the system rules;

    • Password is locked out: if the account has been locked out

    • Password never expire: if the account has to set sign in details every time when login

  6. We should select the box administrator and password empty.
    Reset unknown Windows pass-phrase by third party tools

    Then click on next

  7. Reboot your computer
    Hack the Windows Password by running CD

Other Windows Articles
  1. How to Stop Not Responding Programs Automatically in MS 7

  2. Prevent Installation Of Unwanted Programs in MS 7 Computer

  3. Default User Logon Picture to All Users in MS 7 and Vista

Other Microsoft Operating System Password Recovery Tools

You have already learned how to recover lost Windows user account entry using PC login. Now I am introducing two other tools to reset Windows account login set on your computer. One of then is a Linux based freeware but the second one is paid tool.
  1. Reset Admin sign in key using Offline NT Password & Registry Editor

    It is a Linux based freeware and can be used to reset lost Windows Admin password. To know more about this tool and download, click on the link below.
    http://home.eunet.no/pnordahl/ntpasswd/

  2. Recover Windows Password Using "recoveranypassword"

    This is a paid tool available to recover the OS password. To know more about this tool click on the link below.
    http://recoveranypassword.com/recover/windows-password/

  3. Using http://www.lostwindowspassword.com

  4. Using http://www.windowspasswordsrecovery.com/ and the procedure is given below.

    • Download the tool from the link given above

    • Decompress the downloaded file and note that there is an ISO image file. Burn the image file onto an blank CD with the burner freely supported.

    • Insert the newly created CD into the locked computer and re-boot it from the CD drive.

    • After launched the CD, a window pop up with all your account names(if you have several accounts) select one of the accounts that you have forgotten logon details. Just one press, you have removed the user logon details.

  5. Another tool is http://www.windowspasswordreset.net/ and the instructions are:

    • Download the software from the link and burn to a CD

    • Put into drive and turn on PC, and boot from the CD (set first bootable device as CD Drive from BIOS)

    • Follow instructions, choose the correct USER. & BLANK the password.

    • Make sure you say OK to write the data, and reboot

  6. Another Software is http://www.resetwindowspassword.com and the instructions are provided below.

    • Download Anmosoft Windows Password Reset V8.0 and install it.

    • Burn the ISO image file onto a blank CD/DVD or USB.

    • Boot up your PC by the bootable burned CD/DVD or USB in minutes.

    • Remove the forgotten logon information on the operation interface and logon PC without password.
Technology Portal

How to Secure Your Local Wireless Network from Hackers

Converting your office LAN in to wireless network can ensure the ease of networking by avoiding the coils of Ethernet cables. When I started my networking career, it was the confusing cables that welcomed me and my team in every office and it took time to understand which cable goes to which device since most of the Ethernet cables were not properly arranged. With the popularity of wireless network by the introduction of 802.11 ac and 802.11n, we do not need Ethernet cables to transfer data fast between devices in an office because both these wireless standards offer high data transfer speed. Though wireless makes an office looks smart, it has some security issues. It is true wireless networks are more prone to hacking compared to wired network.

Avoid Risks On Wireless Networks

A sophisticated hacker can easily intrude in to a wireless network compared to a wired network. It is because wireless offers a possibility to connect to the network if one user is in its range where in Ethernet LAN, there is no such an option. However, we can prevent any unauthorized access to a wireless network by following a set of precautions like enabling proper wireless encryption, allow guests to access just guest accounts, MAC Address filtering etc.

How to Secure A Wireless Network From Hackers

  1. Configure Best Wireless Encryption

    One of the most important steps to keep intruders from your wireless network is to enable proper wireless encryption. There are wireless encryption protocols like WEP, WPA and WPA2. Currently industry's best wireless encryption is WPA2. So it is recommended to use WPA2 for your wireless network. To read more about choosing right wireless encryption for your wireless network, read the Cisco guide.
    http://blogs.cisco.com/smallbusiness/understanding-the-difference-between-wireless-encryption-protocols/

  2. Limit the Wireless Network Range

    In most of the modern wireless routers and Access Points we have an option to set the range of the wireless network. It is wise to limit the wireless range of your network just in the boundary of your office. So anyone outside the office cannot join your wireless network even if he managed to break your wireless encryption. So your wireless network is safe from intruders.

  3. Enable MAC Address Filtering

    With MAC Address filtering you can provide another layer of security to your office wireless LAN. You can set which all devices can join office wireless network by specifying the MAC Address of the devices. Since MAC Address is physical address, no other device will have same address. However, you must understand by MAC Address spoofing a talented hacker can break this wireless security. However, this step can prevent a hacker device from joining the wireless network until he identify the barrier.
    Wireless Network Keep Connecting & Disconnecting

  4. Stop Wireless Network Name (SSID) Broadcast

    Though it is useless against a skilled attacker, by hiding SSID broadcast, you can make your wireless network invisible to common users. Your wireless network remain hidden and computers will not detect your wireless network by normal scanning for available wireless networks.

  5. Enable Guest Wireless Account

    Create guest account on your wireless router and let the guests and ordinary users in your office to join that network only.

  6. Set a Custom Router Password

    Though this step is not directly protecting your wireless network against hackers, it will protect router from users in your office to access the router setup page and change wireless settings. It is always advised to change default router password after configuring it.

Other Wireless Security Articles
  1. How to Start WLAN Autoconfig On Windows 8 Computer

  2. How to Configure D-Link Wireless Access Point

  3. How to Setup Wireless & Security On Teracom Modem For BSNL

  4. How to Configure Linksys Range Expander RE1000 & WRE54G

CoreNetworkZ - Complete Network Portal

Solve "Ping:transmit failed, error code 1314"

Yesterday night I was disconnected from Internet connection. As the first step of troubleshooting,I tried to ping Google from my computer. I couldn't ping Google successfully due to an error message. I could fix the problem quickly but decided to write a tutorial about this new ping error code 1314. This tutorial explains what is ping error code 1314 and how to solve it. Here I copy the result of my ping test on command prompt. Out of four packets send, only one could reach successfully. It means packets lost.

Pinging google.com [209.85.171.100]  with 32 bytes of data:

Reply from 209.85.171.100: bytes=32 time=283ms TTL=228

Ping:transmit failed,error code 1314

Ping:transmit failed,error code 1314

Ping:transmit failed,error code 1314

Ping statistics for 209.85.171.100:

Packets: Sent = 4, Received = 1, Lost = 3 (75% loss)

Troubleshooting steps

I just disabled the firewall on my computer and tried to ping Google again. It worked fine and the issue was fixed fixed. Here is the command prompt screenshot of the ping test after disabling Firewall.

Pinging google.com [209.85.171.100]  with 32 bytes of data:

Reply from 209.85.171.100: bytes=32 time=283ms TTL=228

Reply from 209.85.171.100: bytes=32 time=283ms TTL=228

Reply from 209.85.171.100: bytes=32 time=283ms TTL=228

Reply from 209.85.171.100: bytes=32 time=283ms TTL=228

Ping statistics for 209.85.171.100

Packets: Sent = 4, Received = 4, Lost = o (0% loss)

Workarounds

I fixed ping error code 1314 by simply turning off the Firewall protection on my PC. However, if it doesn't solve the issue, you may have to use diagnose button on adapter properties window. Windows will automatically check for the reason behind the issue and fix it. To go to diagnose button, follow the instructions below.
  1. Go to Control Panel from Start menu

  2. Click on Network and Sharing Center

  3. Click on adapter
    diagnose 1314

  4. Click on Diagnose button

Popular Guides
  1. Getting Reply From Loop back Address

  2. Basic Guide To Test LAN Connection

  3. Configure Automatic IP Address From DOS Window

  4. Destination Host Unreachable

Generations and distributions of Linux distros - Linux Family Structure

The generation of Linux distros from the basic Linux is as follows.


The major distros evolved from the Linux are:

1. Debian
2. SLS
3. Red Hat
4.Crux
5. Puppy Linux
6. Dyne: Bolic
7. Enoch


These are the major derivations of Linux distros. But the game still not ended. Again the new derivations of distros came. They are mainly classified in to deb based and rpm based. The Debian Linux and its derivatives are known as deb based distros. All Linux distros except Debian inherited are called rpm based distros.


Deb based Linux distros

1. Ubuntu
2. Linspire
3. Knoppix


Ubuntu is again inherited by:

i. Open GUE
ii. Linux Mint


Knoppix is again inherited by:

i. Damn Small Linux


Now we can check the major rpm based distros and their derivatives.

Rpm based Linux distros

1. SLS
2. Red Hat
3. Crux
4. Puppy Linux
5. Dyme: Bolic
6. Enoch


SLS is inherited by:

I. Slackware

Slackware is again inherited by:

i. Zenwalk
ii. Suse

The Linux distro SUSE is again inherited by Open Suse.


Red Hat is inherited by the following distros.

i. Caldera
ii. Centos
iii. Fedora Linux
iv. Mandriva

Mandriva is again inherited by PCos Linux


Crux is inherited by:

i. Arch Linux


Enoch is inherited by:

i. Gentoo


More Linux Related Topics

Access To Add or Remove Programs is Restricted

Add or Remove Programs feature allows users to uninstall, install or repair software products installed on their Windows computers. If you do not want others to access this feature on your PC, you can restrict access to this window by disabling this feature on your computer. There are two methods to disable Add or Remove Programs on your computer. Either from Group Policy Editor or from Windows Registry. Both methods are explained below. At the end of the guide you can see how to lift restrictions to enter this feature. In most cases this restriction is due to recent malware infection. You can use the same procedure in case if you are facing troubles to enter this window on your laptop.

Disable Access to Add Or Remove Programs

  1. From Group Policy Editor

    1. Type gpedit.msc on Search and click on gpedit link

    2. Go to the location User Configuration and click Administrative Templates

    3. Click Control Panel and select install and uninstall software
      Cannot uninstall programs

    4. Double click on Remove Add or Remove Programs

    5. Select Enable
      Trouble update a software

      Click save settings.

    Now onwards any user try to access this window will receive the error message "Add or Remove Programs has been restricted. Please check with your administrator". You cannot use this method to disable this function on Windows 8, Windows 7 and Vista computers. This method supports only Windows XP, Windows 2000 and Server 2003 only. If you are having the latest versions of Operating systems from Vista onwards, you may try the next method.

  2. Registry Editing

    We can disable Add/Remove Programs from Registry Editor too. Steps are provided below.

    1. Type regedit on Windows search to access registry editor

    2. Go to the location HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies

    3. Right click on Policies

    4. Click new from the right click menu and create a new key and name it Uninstall

    5. Create a new DWORD value and name it NoAddRemovePrograms

    6. Set the value of NoAddRemovePrograms as 1

How to Enable Access to Add/Remove Programs

In case if you want to enable access to this feature on your computer, follow the steps below.

  1. Group Policy Check

    If you are receiving the error message "Add or Remove Programs has been restricted. Please check with your administrator" while trying to access this feature, follow the steps below.

    • Go to the location Administrative Templates >Control Panel >Add or Remove Programs

    • Double Click Remove Add or Remove Programs and select disable option

  2. Registry Check

    • Go to the location HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies

    • Set the NoAddRemovePrograms keys value to 0

So if you are seeing issues with opening this feature on your computer, you may try the steps explained just above this paragraph. We cannot predict the malware products used which method to disable this feature. so I recommend you to ensure that the access to this tool is enable from both Group Policy and Windows Registry.

Other Tutorials
  1. Adobe Flash Player has Stopped a Potentially Unsafe Operation

  2. Steps to Disable Automatic Java Update On Your Computer

  3. Why My Computer Restarts Automatically ?

  4. How to Bypass Windows 8 Admin Account Password

Technology Portal

Hide a Folder By Redirecting Them to System Files Shortcuts

There are so many third party tools available to hide  folders and content inside them from other users on your computer. However, we can do the same task without using any external software products. There are some Windows tricks to convert a folder and its content to system functions shortcuts. When a user click on the it, he will be redirected to system features like Recycle Bin, Control Panel, My Computer etc.This tutorial explains different methods to hide and secure a folder without using any third party tools.

Convert a Folder in to Control Panel Shortcut

In this example I have a folder named corenetworkz in the location D:\alex. Here I am going to change it (corenetworkz) in to Control Panel shortcut.
  1. Type the command ren corenetworkz corenetworkz.{21EC2020-3AEA-1069-A2DD-08002B30309D} on a notepad

  2. Save as lockaccendoz.bat (any name you can use) on D:\alex

  3. Double click the bat file to run it.
Now it looks like Control Panel icon and when a user click on it, he will be redirected to Control Panel.

Unlock

To recover the hidden folder, follow the steps below.
  1. Type the command ren corenetworkz.{21EC2020-3AEA-1069-A2DD-08002B30309D} corenetworkz in notepad

  2. Save as unlockaccendoz.bat (You can use any name) on D:\alex

  3. Double Click the bat file to unlock it

Secure Folder Content by Redirecting to My Computer

This method allows you to secure a folder and its content by redirecting it to My Computer icon. When a user click on it, My Computer window will be opened. Here we convert the corenetworkz to My Computer icon.
  1. Rename the folder corenetworkz to
    MyComputer.{20D04FE0-3AEA-1069-A2D8-08002B30309D}

  2. Now it looks like:
    redirecting to My Computer


Unlock the Hidden

Create a bat file on the same location where the folder presents with the following command: ren My Computer.{20D04FE0-3AEA-1069-A2D8-08002B30309D} corenetworkz and run the file to unlock it.

Convert a Folder to Recycle Bin Shortcut Icon

Another method to hide file on your computer from others is to convert it in to Recycle Bin icon. Steps to perform this task are given below.
  1. Right click on the file and rename it to anyname.{645FF040-5081-101B-9F08-00AA002F954E}

  2. Now it looks like Recycle Bin icon and when a user click on it, he will be redirected to Recycle Bin

Unlock

Create a bat file with following command ren nameofthefolder.{645FF040-5081-101B-9F08-00AA002F954E} myFolder. Run the bat file to unlock it.

Recommended Tutorials
  1. How to Check whether a Website Safe to Browse

  2. How to View Saved Username and Passwords From Google Chrome

  3. DMZ In Network Security (Demilitarized Zone)

  4. How to View Saved Passwords From Mozilla Firefox Browser

Technical Tips

Configure Generic Attribute Registration Protocol (GARP) with GVRP

Importance of Generic Attribute Registration Protocol (GARP)

In a large network it is not practical to register and de-register the attribute values of switching devices associated in the network. To overcome the difficulty IEEE defines a new protocol which works in layer 2. The new protocol is named as Generic Attribute Registration Protocol or simply GARP.

Definition of Generic Attribute Registration Protocol

Generic Attribute Registration Protocol (GARP) is a generic framework defined by the IEEE to provide bridges, switches, or other similar devices to be able to register and de-register attribute values, such as VLAN identifiers and multicast group membership across an large LAN.

How to implement GARP

To implement GARP, a GARP application has to be created. The best example for GARP application is GVRP. GVRP stands for GARP VLAN Registration Protocol. GVRP creates dynamic VLANs when GARP is enabled on the switch.GVRP is used for propogating VLAN information between switched where VLAN is implemented.


Configure GARP

To enable GARP application the command used is :

ENABLE GARP=GVRP [STP={stp-name|ALL}]

To disable GARP application the command used is:

DISABLE GARP=GVRP [STP={stp-name|ALL}]


Suggested readings


1. Internet Group Management Protocol (IGMP)

2. Address Resolution Protocol (ARP)

3. Dynamic Host Configuration Protocol (DHCP)

4. Internet Control Message Protocol (ICMP)

To know more about GARP please click on the link below.

http://www.alliedtelesyn.co.nz/documentation/at8700/261/pdf/garp.pdf


New Topics in Computer Networking

PPOE configuration in Ubuntu Linux --- Linux Networking tutorial

Some guys said it is difficult to configure PPOE connection in Ubuntu due to some mysterious reasons. But following the simple steps below we can configure PPOE in Ubuntu without any issue. The steps are provided below.


1. Go to systems and select preference

2. Click on Network Configuration

3. Go to DSL tab and click Add

4. Enter the connection name which you would like to give

5. Type the user name and password from your service provider at the user name and password field

6. Click OK and connect your computer to the Internet using PPPoE by selecting your connection from the Network chooser.


Suggested Topics on Linux networking

1. Configure Range Expander using Linux PC

2. Configure broadband in Ubuntu linux

3. Configure DSL in Fedora Linux



New Topics in Networking

Control Packets Traffic Using Access Control List

Access Control List (ACL) is a set of rules to control the traffic of packets in a computer network. In addition to control the traffic in a network ACL plays a big role in network security. It can prevent unauthorized movements of packets and restrict the privileges depends based on the source, destination and port number. It is defined in a way to avoid contradictions in rules. The top rule which matches the condition will operate and ignore the rest of rules. Here let us discuss the major uses and types of Access Control List.

Uses

The major uses of ACLs by network administrates are to control the telnet access through VTY and to filter the packets by defining the right rule on the basis of source IP address.

  • Control vty access into a router

  • Filter traffic that originates from the router


Types

There are two types of Access Control List. They are:
  1. Standard ACL

  2. Extended ACL

Standard ACL is based on the source IP address of the packet. Using standard ACL we can either block or permit traffic from one specific source IP. Extended ACL allows us to control the traffic on the base of source IP, destination IP and Port number. Now let us check how to control packet movements in a network using these rules.


Configure Standard ACL on a Cisco router

To configure Standard ACL on a Cisco router, use the command below. It is the format of the command and it is explained with an example below.

access-list [ID] [per/deny] [Source IP] [Wild mask]

Now let us check one example. I am creating an access list with ID 10 to permit the packet from the source IP 192.168.1.0. To write such rule, refer the command below.

access-list 10 permit 192.168.1.0 0.0.0.255

Now let us check some important points while writing standard ACL rule.

  1. The standard Access Control List ID can be in the range of 1 to 99.

  2. rule is applied based on the source IP

  3. You can either permit or deny access to packets

Configure Extended ACL

Extended ACL is more flexible than standard ACL due to the extra features it controls. It uses source IP, destination IP and port numbers to control a packet. To configure a rule, we can use the command given below.

access-list 109 permit tcp 30.30.2.0 0.0.0.255 any eq 80

Here we are creating a rule to permit traffic from 30.30.2.0 through port 80 to any destination IP address.In extended ACL the ID can be changed from 100 to 199.

Further Readings
  1. Virtual Redundancy Protocol

  2. Dynamic Host Configuration Protocol

  3. Presentation Layer

  4. Fiber Distributed Data Interface

Home

Internet Group Management Protocol (IGMP)- Protocol tutorial

Internet Group Management Protocol (IGMP) is used to exchange membership status information between IP routers that support multicasting. It is a is a communications protocol used to manage the membership of Internet Protocol multicast groups.

Uses of Internet Group Management Protocol (IGMP)




1. IGMP can be used for online streaming video and gaming.


Implementation of IGMP


The IGMP protocol is implemented as a host side and a router side. A host side reports its membership of a group to its local router, and a router side listens to reports from hosts and periodically sends out queries.


Versions of IGMP


There are three versions of IGMP. They are :


1. IGMP v1
2. IGMP v2
3. IGMP v3

IGMPv2 allows group membership termination to be quickly reported to the routing protocol than IGMPv1, which is important for high-bandwidth multicast groups and/or subnets with highly volatile group membership. Multicast routers use IGMPv2 to learn which groups have members on each of their attached physical networks. IGMP v3 is an upgrade to IGMP v2.

IGMP snooping



IGMP snooping is the process of listening to IGMP network traffic. It prtevents a networking host from accessing multicast traffic for a group where it is not joined. So we can make sure that the device is not wasting its band width for unwanted traffic. IGMP snooping is of two kinds. They are:

1. Active IGMP snooping
2. Passive IGMP snooping



Suggested Readings


1. Internet Control Message Protocol (ICMP)

2. Interior Gateway Routing Protocol (IGRP)

3. Address Resolution Protocol (ARP)

4. Dynamic Host Configuration Protocol (DHCP)

5. More reading on IGMP

New CCNA Topics

Denial of Service (DOS) attacks - Tutorial

Denial of Service (DOS) attacks are intended to shut down or slow down targeted servers for a period of time. As the name says a successful DOS (Denial of Service) attack ensures legitimate users are not getting any kind of services from the victim. In general Denial of Service (DOS) attacks ensure the attacked server busy with forged connection requests and keep it on a status where the server is no longer able to accept connection request from any legitimate users. In this tutorial we would like to introduce some common methods to perform DOS attacks:


Common Methods to Perform DOS Attack


  1. ICMP flood to Perform Denial of Service Attack:

    Sending unlimited number of packets by ping command to the targeted server is known as ICMP flood. This method can be done in the following way.

    A simple DOS attack code would be:

    ping {ip} -t -l 20000

    On command prompt window you can type the following command. This command sends 20000 bytes of data to the IP address, in a single packet. The -t is to ping the specified host until stopped and -l is to specify the buffer size. As shown in the above example ICMP flood is simple and easy to prevent now a days. We have a different tutorial for another form of attack using the similar technique. To read it follow the link below.
    What is Smurf attack & how to prevent it
  2. TCP Attacks:

    If the attacker can create a reliable TCP connection between victim and attacker, the DOS attack would be fatal. In order to do that attacker needs to trick the server (victim) to establish a TCP connection by following the steps mentioned in the link below.

    How to Perform TCP Split Handshake Attack


    If the attacker failed to create a TCP connection between victim and attacker, another form of attack is possible. This is called TCP/SYN flooding. Here attacker floods TCP SYN packets to the server with forged sender address. Server responds to SYN packets and wait for the response. Since the sender address is forged server will not get any response and it cause server slow to respond to legitimate users who ask the same connection request.
  3. Teardrop attack:
    Another form of DOS Attack is Teardrop attack. It involves sending mangled Internet Packet fragments with overlapping, over-sized, payloads to the target machine.
  4. Peer to peer attack
    In peer to peer attack thousands of computers will try to access a single computer at the same time. It will break down all the connection from the server and the target machine will fail.
  5. Application level Flood : Application level flood is done by mis-programming of an application installed on the server.So it will consume a major portion of server computing power and memory and slow down the server.

DOS attack with ping flood will work only if the following cafeterias are satisfied:

1. Attacker should have higher bandwidth than the victim.
2. Victim should respond to the ping requests

DOS Attack and DDoS attack

In Distributed Denial of Service attack (DDoS) more attackers are involved and the result is more fatal compared to DoS Attacks.

DOS attack is about attacking a server but if one web server is spreading malware to client computers what will we do? The following link tells the necessary steps to prevent it.
Steps to Deal with Malware Spreading Websites


Technology Guide

What is Smurf Attack & How to Prevent it

Smurf attack is a kind of attack where attacker generates uncontrolled amount of traffic in to victims network. Smurf attack is mainly targeting networks where routers are configured in a way to respond to ping packets. By pinging the broadcast address of victim network, attacker ensure a huge amount of packet flow from hosts connected to the network by responding to the ping request. Let us check the procedure to conduct Smurf attack.

Smurf attack Procedure


  1. Spoof the IP address of attacker to avoid detection

  2. Find the broadcast address of the victim network

  3. Send huge amount of ICMP request to the broadcast address of the victim network(Directed Broadcast Address).

  4. The ICMP request reach the gateway of the victim network.

  5. Each hosts on the victim network responds to the ICMP request. This process amplifying the ping requests send by the attacker.

  6. Ping response from hosts create uncontrollable amount of traffic in victim's network.

  7. It will consume the useful bandwidth of the server. It is enough to down the server for a limited period of time


How to prevent smurf attack

We can prevent Smurf attack by carefully designing our networks. Important points to remember while configuring a network to prevent Smurf attack are listed below.

  1. Configure individual hosts and routers to not respond ping requests and broadcasts

  2. Configure routers not to forward packets directed to broadcast addresses.


Related Topics

1. Denial of Service (DOS) attacks Tutorial

2. netstat - a command line tool


Technology Blog