Monday, 21 November 2016

7 Best security tips to protect your website from Hackers




7 Best security tips to protect your website from Hackers


In the world of internet, owning a blog, website or any web based resource is like an ATM machine. It’s open for everyone. It’s straight forward for the users those who are only intended to withdraw money but worst circumstances arise when someone with malicious intents enters in. If desired evil intention succeed than it cause lot of destruction, damage and loss.


Website is the same entity as ATM. It’s cool when the genuine visitor visits the website, surf and leave. But the user with malicious intent can do the unexpected like stealing the information, defacing the web entity with a crap message, spying. The damage caused could not be recovered completely. It’s well said that “Precaution is better than cure”. Let’s secure it before we face any damage or loss with these security tips.



#1 Stay Up-to-date
If you are using CMS like WordPress, Joomla than they provide regular update which includes bug fixes, security patches and other minor updates. Apply regular updates in the mean time to become less vulnerable to hacking attempts. If your website is built from scratch than ensure all the loopholes is patched and regular updates is applied to patch the latest security vulnerabilities.

Apart from this, if you are using any third party plugins or extensions than ensure to update these utilities too. Always clean junk and stay updated.



#2 Secure Admin Panel
Admin Panel of your website is the key point to get control over the website. So it is necessary to scramble admin login path and secure it. Limit the number of login attempts to avoid brute-forcing. Change your admin panel password regularly. Implement reCAPTCHA verification to keep bots at the bay. You can also impose two-step verification.



#3 Back-up frequently
Take regular, in fact frequent backups of website. If the worse arise for any reason than your latest backup can come handy. Backups can be useful to restore your website if it is hacked or for some reasons hard-drive might have failed. It is good practice to take backup every day, so if the website goes down today than you only loose data of single day (Minimal loss). Keep backups at variant location.



#4 Switch to HTTPS
HTTPS is the Hyper Text Transfer Protocol Secure, which creates an encrypted and secure tunnel between website and the web server. It adds an extra layer of security to HTTP with TLS (Transport Layer Security) or SSL (Secure Socket Layer). HTTPS makes the website additional secure from being hacked. (HTTPS increase the page loading time so it is better to add HTTPS where actually required).



#5 Implement additional security
Just like AntiVirus in Desktop, we need to add AntiVirus like thing to secure the website too. If your website is powered by CMS than number of plugins are available to provide extra layer of security like NinjaFirewall in wordpress. Implement hardware based or install software based Web Applications Firewall to protect your website from hacking attacks. Also you can hide you original IP of your website by using cloud security services. You can also use Cloud Based Web Application Firewall



#6 Avoid using Auto-fill
It is true that implementing auto-fill functionality in website is what user wants. But it makes your website vulnerable to certain attacks. In case the user’s laptop or phone might have stolen than the end guy can easily obtain the information about the user. It’s good practice to avoid auto-fill feature.



#7 Limit File Uploads
File Upload is the control where user is submitting something to the web server. A legitimate user can upload the genuine files but an malicious user can upload anything destructive like shells, malicious scripts. Implement code part that scan and checks the file extensions of the uploading file. Or store the uploaded files outside the root folder and access those resources when required with proper scan and security check.


There are many more precautions to take apart from these,but these are few basic precaution you need to take. Share your reviews and other precautions to take in comments. If you are planning to start a website than first go through various hosting provided by web hosting provider. Keep sharing. Stay tuned to Tech Tunes.

Thursday, 17 November 2016

Microsoft announces the next version SQL Server for Windows and Linux




Microsoft’s announcement that it was bringing its flagship SQL Server database software to Linux came as a major surprise when the company first announced this in March. Until now, the preview was invite-only, but as Microsoft announced today, anybody who wants to give it a try can now download the bits. That public preview is part of the launch of the next version of SQL Server, which will be the first one that’s available for both Windows and Linux.

Thanks to its support for Docker containers, even macOS users will be able to run it. Indeed, Microsoft is betting on containers as one of the main distribution mechanisms for the preview, which will soon be available on Azure Virtual Machines and the Docker Hub (though you can obviously also download RPM and APT packages for popular enterprise Linux distributions like Red Hat, Ubuntu and SUSE).

“This represents a major step in our journey to making SQL Server a true platform of choice across operating systems, development languages, data types, on-premises and the cloud,” Microsoft writes in today’s announcement.

For now, the Linux version will include all the standard SQL Server management features that come with the Windows version. These include advanced features like always-encrypted and row-level security, as well as in-memory columnstores.

As Microsoft corporate VP Julia Liuson told me, it won’t include the business intelligence stack yet (though this part will be added over time). For users, though, what’s maybe most important is that they will soon be able to run SQL Server on Linux and in Linux-based Docker containers, giving them more choice in how they want to deploy their databases (assuming they decide to go with SQL Server and not one of its competitors, of course).

The new version of SQL Server will include improved support for R Services and a number of new machine learning and deep neural networking features.

SQL Server for Linux is just another example of how Microsoft’s view of competing platforms has changed in recent years. This move would’ve been unthinkable under its former CEO Steve Ballmer. Under Satya Nadella, however, the company’s mission is to bring its services and tools to where its customers are, even if that’s not on a Microsoft-owned operating system.

In addition to the SQL Server for Linux news, Microsoft also today announced the preview of Linux support for Azure App Service. Oh, and in order to puts its money where its mouth it, Microsoft is also joining the Linux Foundation.

For SQL Server users on Windows, Microsoft also today announced both the release of the first service pack for SQL Server 2016, as well as changes to its programmability features: many SQL Server users — including those using the free “Express” edition — will now get access to many of the developer features that were previously restricted to the Enterprise edition.

Password Protect Your USB Drive Without Any Software



Portable usb drive is now a most essential gadget after your smartphone. You carry your important data. Most of the time you do not wish to share private data with anyone.
password-protect-usb-pen-drive
Encrypting the data stored on ped drive with password protection is the best way to carry sensitive and private information on usb drive.
Even though you lost your usb drive, you can be sure that, the private data do not fall in bad hands.



💥You do not need any extra application to create a password protected usb drive.

Here we go:
➤ Connect the USB pen drive to your computer.
➤ Go to >>Control Panel>>System and Security>>BitLocker Drive Encryption.
➤ Under 'Removable data drives - bitlocker to go, you will find your USB drive listed. If you don't, click on 'drive letter : bitlocker off'.


turn-on-bit-locker-for-usb-drive

➤ Click on 'turn on bitlocker' option after the usb drive you want to encrypt. Be alert if you have connected more than one usb drive.
➤ Bitlocker service will start. Wait for few seconds.
➤ Select the method you want to unlock your drive. Select use password to unlock the drive, method here.  Enter your preferred and strong password twice here.


bitlocker-password-protection

➤ Take backup of encryption key:
There are 3 ways you can take backup of your encryption key.
1. Save to your microsoft account: only work on Windows 10. The backup file will be saved to onedrive.
2. Save to a file: The encryption key will be saved to local disk. You can delete it afterwards.


save-encryption-key-to-local-file-or-microsoft-account

3. Print the recovery key: Take a printout of password.
I think, the 'save to file' is best way to go. Click on 'next'.
➤ Choose how much of your drive to encrypt.
Encrypt used disk space only: Select first option. Its fast if you do not have any data on the drive. So, take backup of the data on your hard drive. Format the usb drive and then encrypt.
Encrypt entire drive: This will be slow and take little more time to encrypt the entire drive.


encrypt-disc-space-usb-drive

➤ click 'next'.
➤ Choose Encryption mode: here choose compatible mode and click next.
choose-encryption-mode

➤ Click on 'start encrypting'. Wait for some time and your drive is password protected and encrypted. You will get successful message. You are done now.
➤  Now remove your drive and reinsert. You will be asked for password to unlock.


unlock-password-protected-usb-drive

Other features you should know:
1. You can change the password of encrypted drive anytime without formatting.
2. You can set your PC as trusted device so that you don't have to enter the password on your own machine.

Wednesday, 16 November 2016

6 inventive approaches for better password security


6 inventive approaches for better password security

A strong password helps keep your information – and money – secure. When your passwords are weak, you put yourself at risk for identity theft, credit/debit card fraud and a whole slew of other un-fun consequences.

We’ve all heard the basics about creating a good password: make it long, use a combination of letters, numbers and symbols, and avoid anything that could easily be associated with you.

“Person-on-the-street interviews showed that people aren’t taking active steps to help protect themselves from fraud or don’t know what they should be doing,” says Dr. Brad Klontz, a financial psychologist who is teaming up with Chase to help share tips to prevent fraudulent activity.

“By working together, we can help you keep your accounts safer and even more secure,” says Michael Cunningham, the managing director of Chase Fraud Operations. “One of the simplest steps you can take to help prevent fraud is creating stronger passwords.”

Great. So what should you do, exactly, when trying to come up with a stellar password that will be hard to crack? We spoke to a few experts to get their top tips for creating an airtight password.


#1 – Yes, size matters
For a while, 6-8 characters were considered to be enough. Now, experts recommend upwards of 12-14 character passwords – at minimum – to ensure better security.

“The length and complexity of a password is important in that it makes it more difficult to be cracked,” says Greg Kelley, the CTO at Vestige Digital Investigations.

Shorter, simpler passwords are easier to figure out – especially by hackers who have the technology to do so. But when a password is long and complicated, that same hacker (or software) will move on to the next.


#2 – Skip the obvious
Weak passwords like “12345” and “password” continue to be the most common – and pose the biggest threat for users.

Also on the “no-no” list? Anything that someone could discover about you by doing a simple internet search. Things like your name, birthday, spouse’s name, dog’s name, or anything else that are easy to uncover via social media should not be part of your password.

This tip is especially critical when it comes to your bank account password.

“At the core, fraud prevention is a partnership between cardholders and their bank,” Klontz says. “Being a victim of financial fraud can be a very stressful experience. Why put yourself at risk when you can take a few simple, proactive steps to significantly lower your vulnerability to fraud?”

Don’t risk it: Take a few extra minutes when creating your passwords and come up with something unique.


#3 – Think sentences, not words
Many of the experts we spoke to stressed that creating a pass-phrase rather than a pass-word is a smart way to increase complexity.

“Quotes you find easily memorable — from books you love or movies you’ve watched – blended with special characters and numbers would be the best choice for a password due to its overall length and complexity,” says Avi Kasztan, CEO and founder of cyber intelligence firm Sixgill.

For example, “summertimeandthelivingiseasy” is better than, say, “summer1.”

To up the ante, mix numbers, capital letters and characters into your sentence to make it even better. Now it becomes “$ummerT1meAndTheLivingIsEasy.”

It’s a creative way to ensure your password will be unique and complex.


#4 – Utilize the space bar
When creating a passphrase, don’t forget about the spacebar! This keystroke is often overlooked by password cracking tools and can help make your passphrase more complex.

Alex Heid, Chief Research Officer at SecurityScorecard, suggests something like: “My favorite dinner is steak & potatoes.”

This works well, Heid says, because the phrase uses mixed casing and special characters – plus it’s easy to memorize.


#5 – Don’t neglect your email password
When many think about password security, they picture things like bank accounts, credit cards and other pieces of delicate information. Email passwords, however, are often overlooked. But access to this account can be destructive.

Because your email is a gateway to password resetting, locking in a secure phrase and changing it up on the regular essentially works as an extra level of protection for all your other accounts.

Michael Kaiser, Executive Director of the Nation Cyber Security Alliance, suggests implementing authentication steps for your email – a “layer of protection beyond login and password that’s readily available and free [for] nearly all major email providers.”


#6 – Switch it up
When all your passwords are the same, you’re essentially giving hackers a universal key into your life. Experts recommend changing your password every 60-90 days. However, changing your password often but neglecting to make each iteration complex enough could be just as bad as never changing it.

Joe Siegrist, GM and VP of password management site LastPass, says that a recent survey by his company found that 61 percent of respondents use the same or similar passwords across accounts, while 55 percent do so even though they understand the risk.

“Password reuse is one the easiest ways to get hacked, yet even the most tech savvy users are guilty of this,” Siegrist says.

Don’t be lazy! Vary your passwords across your accounts and never repeat those you’ve already used.

Tuesday, 8 November 2016

5 Best Java IDEs for Programmers

5 Best Java IDEs for Programmers


IDE stands for Integrated Development Environment. An IDE is
a software that provides facilities to programmers for software development. It consists of a code editor, build automation tools and debugger. Nowadays modern IDEs comes with great features like intelligent code completion, auto indentation, syntax highlighting and many other advance features. In this
article I am sharing the list of 5 best Java IDEs that are widely used by Java programmers.


1) Eclipse
Eclipse is one the most popular and best Java IDE. It is a
cross platform IDE with awesome features that increases programmer productivity. Eclipse is available for free.
nload and know more about
Eclipse click this Link.
http://www.eclipse.org/


2) Netbeans
Netbeans is also a good and popular Java IDE which contains
almost all the features that Eclipse has. Netbeans is a cross platform IDEwhich is available for free. To download and know more about Netbeans click this Link.
https://netbeans.org/


3) IntelliJ IDEA
IntelliJ IDEA is widely used by Java programmers. You can
download it for free but to get all the features you have to buy it. To download and know more about IntelliJ IDEA click this Link
http://www.jetbrains.com/idea/


4) BlueJ
BlueJ is a free Java IDE which is designed for beginners and
used by millions worldwide. It is a free and cross platform IDE. To download and know more about BlueJ click this Link
http://www.bluej.org/


5) JCreator
JCreator is a powerful IDE for Java programmers with great
features. It is only available for windows platform. To download and know more about JCreator click this Link
http://www.jcreator.com/index.htm

what is Juice Jacking SCAM

  Juice Jacking is a cybersecurity threat that occurs when cybercriminals manipulate public charging stations, such as USB charging ports in...