Aware from these 17 Ways To Hacking of your Computer – A Complete Reference

In the present world of high-speed internet, people have grown curiosity towards HACKING. Everybody is searching for a secret passage or method to bypass, extract, get and modify the information by any means. Among teenagers, the general tendency of hacking is concentrated to social media accounts.

Here I will describe all the methods which are popular in the world of hacking in order to hack into a computer terminal and online account.

1. Phishing

This is a method where you have to bring the user to a webpage created by you which appears to be the same as the interface of the legitimate one and get him/her to enter the credentials. Then the redirect page will land somewhere else and you will get the password in your mail box as defined inside the php script.

2. Keylogger

Consider a situation; everything you type in the system is mailed to the hacker! Wouldn’t it be easy to track your password from that? Keyloggers perform similar functionalities. So you have to be cautious while typing anything. Now a day, remote keyloggers are also used. So before downloading any executable file keep an eye on the downloadable element. Also lookout for your open ports… someone might be looking into it. Periodically check “netstat” from command prompt.

3. BruteForcing

This is quite a long and most tiring task. This method is very useful if you know that the victim is using his password among a few known possibilities that you are aware of. If you don’t know much and the possibilities are more, then you shouldn’t go for it.

4. Secret Question 

According to a survey done by security companies, it is found that people generally complain for hacking as per their secret question answers. This is indeed a much easier method. In some cases, there are only fixed secret questions, so it becomes much easier for the hackers. So, don’t use simple answers, don’t reveal it to anyone and I would suggest you to use own secret questions with answers.

5. Social Engineering

This is one of the oldest tricks to hack. Try to convince the user that you are a legitimate person from the system or central server and needs your password for the continuation of the service or some maintenance or you need to reset your password to some combination like ‘abc12345’. This won’t work now since most of the users are now aware about the Scam. But this Social Engineering concept is must for you to convince the victim for many reasons. It may work in some case.

6. Fake Messengers

This is a form of phishing in the application format. Sometimes, there are some fake applications which tend the user to enter the login info in the software and check your mail. But unknowingly, your login credentials are being sent to the ftp server destination of the hacker.

7. Viruses And Worms

Viruses and worms are self-replicating programs or code fragments that attach themselves to other programs (viruses) or machines (worms). Both viruses and worms attempt to shut down networks by flooding them with massive amounts of bogus traffic, usually through e-mail. So install a good working antivirus and antispam program which is capable of handling the potential threats.

8. Back Doors

Hackers can gain access to a network by exploiting back doors administrative shortcuts, configuration errors, easily deciphered passwords, and unsecured dial-ups. With the aid of computerized searchers (bots), hackers can probably find any weakness in the network. So you have to strengthen your security to avoid unauthorized access.

9. Trojan Horses

Trojan horses, which are attached to other programs, are the leading cause of all break-ins. When a user downloads and activates a Trojan horse, the software can take the full control over the system and you can remotely control the whole system. Isn’t it great! They are also referred as RATs (Remote Administration tools). Always periodically watch out your open terminals by checking ‘netstat’.

10. Denial Of Service

DoS attacks give hackers a way to bring down a network without gaining internal access. DoS attacks work by flooding the access routers with bogus traffic (which can be e-mail or Transmission Control Protocol, TCP, packets).

11. Distributed DoSs

Distributed DoSs (DDoSs) are coordinated DoS attacks from multiple sources. A DDoS is more difficult to block because it uses multiple, changing, source IP addresses. So better to use upgraded and advanced servers like grid server etc.

12. Sniffing

Sniffing refers to the act of intercepting TCP packets. This interception can happen through simple monitoring or something more wicked. So it’s better to secure the working network. Also make sure that, none of your users is giving your TCP packets to outer network knowingly or unknowingly. Knowing IP address only also can do a lot as there is a powerful penetration tool to do the damage (BACKTRACK OS + METASPLOIT).

13. Spoofing

Spoofing is the act of sending an illegitimate packet with an expected acknowledgment (ACK), which a hacker can guess, predict, or obtain by snooping.

14. SQL Injection

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. It uses normal SQL commands to get into database with elevated privileges. Some security precautions need to be taken to handle this attack.

15. Cookie Stealer

Each time you access into an online account, the sites identify your system and you by your cookies. If somebody gets the cookie saved by the sites, then he can easily decode it and can get the password! This is generally possible in open networks. So while using open networks always use https as it makes you enter into secure mode without leaving the cookie to the network.

16. DNS Poisoning Or PHARMING

Phishing is a tough job. Isn’t it? Convincing someone to enter their password at your page require a lot mind work. What if you don’t have to convince the person? What if they are directed automatically to your site without having a clue? DNS poising or Pharming does the same for you.

For details on DNS poisoning –click here.

17. Whaling

This method gets you the password of the accounts which are used by the hackers to receive the passwords. So you just have to hack one ID, which is simplest method and you will have loads of passwords and so loads of accounts at your mercy..!!!

(collected by http://abkantharaja.blogspot.in & http://rms sa.blogspot.in/

How Employers Disable USB Ports & How Employees Enable them again

Desktop computer equipped with a CD writer or a DVD burner is a rare sight is most companies. But a much larger security threat is posed by the open USB ports where mischievous office workers can just plugin the Flash Pen Drive, External Hard Disk or their iPod music player and transfer corporate data or even copy licensed software to their memory sticks in seconds.

Also, USB keys are not just a popular way to sneak data out from companies, unhappy employees may use USB ports for delivering trojans or spyware into the company networks.

Now some smart admins disable usb drive by changing the BIOS settings and then lock the BIOS using passwords. Some not so-smart admins fix tapes over the USB ports to prevent employees from inserting any USB device into their computer. 

However, both these approaches can prove to be counter-productives as your staff can no longer use USB keyboards, wireless mouse, digital cameras, camcorders, scanners, printers or even USB microphones to their computers.

So a more reasonable option for sysadmins is to disable write access to USB port so that data files cannot be written to the mass storage device. The USB thumb drive will be read-only.

Open the Windows Registry and open the following key

HKEY_LOCAL_MACHINE\System\CurrentControlSet\ Control\StorageDevicePolicies

Now add a new DWORD called WriteProtect and put the value as 0 to disable write privileges to the USB port. To reverse the step, either delete the WriteProtect REG_DWORD or toggle the value to 1 which will enable the port.

Remember that the above trick works only with Windows XP SP2.

If you like to go a step further and disable users from connecting USB storage devices to their computers, here's the trick:

Open registry and navigate to the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet \Services\UsbStor

Now in the right pane, double-click Start and type 4 in the Value data box (Hexadecimal) and quite the registry editor. To enable the USB storage devices, change the Start value back to 3.

No matter how good the protection tricks are, determined people always find workarounds. Here are some of the tricks that may render the above methods unusable:

» Employee may boot computer using a LiveCD like Knoppix or Ubuntu so the USB drives are again available to him for writing.

» They could open the computer chasis, take the battery out to reset the BIOS settings.

» Some may even invest in a PS2 to USB port converter.

» If he manages to get admin access for a temporary period (like installing software), he may undo the registry edits.

The cat-mouse game will never end. USB drives will remain a headache for the sysadmins for some time. However, Windows Vista will make life much simpler for IT administrators. There's a new Policy in Vista that allows USB keyboards or mouse to be used but not any USB devices. 

Source : http://labnol.blogspot.in/   

Courtesy :  http://rms sa.blogspot.in/

How to Lock any Drive ( Hard Disk & CD Drive )

STEPS TO LOCK DRIVE IN WINDOWS:

1. Go to Start menu and then to RUN  and type "gpedit.msc" (without quotes) and Press Enter.

2. Now you will see a new dialog window , where you will see two things "Computer Configuration" and "User Configuration". Now click on "User Configuration".

3. There you will see three items. Now you have to Click on "Administrative Templates". Then go to "Windows Components".

4. There you will see a lot of Windows Components. Now Click on " Windows Explorer". 

5. Now you will find something like this "Prevent Access To Drives From My Computers" , double click on it . It will open its properties. Now to lock a drive or drives click on "Enabled"radio button. Now from the drop down menu select the drive that you want to lock or block.

6. After that click on apply and restart your system. Now anyone will not been able to access the particular drive.

7. To unlock the drive again follow the similar procedure and just click on "Not configured" and apply the settings and restart your system.

FULL Procedure is in this snapshot...

Courtesy : abkantharaja.blogspot.in

Say ‘s' to secure and safe web browsing

The increase in Internet phishing attacks, cyberstalking and other pervasive threats on the World Wide Web is only matching the ever-increasing rate of Internet users. These social crimes perpetrated on the Internet may seem sophisticated to users, but can be tackled by incorporating simple measures into one's browsing habits.

Choosing ‘secure' browsing where possible — as indicated by the ‘s' after the ‘http' on the address bar on the newer browsers — is one of the simplest, yet most effective means of fortifying privacy and enhancing security while transacting on the Internet.

THE RISKS

Traffic snooping, either by purporting to be a trusted source of information, or eavesdropping on users' traffic by capturing Internet packet data, can reveal enormous amounts of information to the attackers about the victim.

Information such as user names, passwords and other important credentials can be directly retrieved, or ‘phished' if the connection is insecure. Eavesdropping on a user's web habits can be used to harass them.

These risks are applicable to all traffic plying on insecure links — the HTTP links that are normally used. HTTP (Hyper Text Transfer Protocol) is the default rule-set for browsing on the Internet and is prone to security risks.

To counter the pitfalls in HTTP, a secure variant, HTTPS, is being widely used, and not just on financial transaction portals, which were primarily using it.

ENCRYPTION

HTTPS provides enhanced security by authenticating the identity of the websites and encrypting the information.

It embeds a mechanism to authenticate websites by signing Transport Layer Security (TLS) certificates, which identify how genuine a website is. This mechanism eliminates fraudsters purporting to be trusted websites, for the TLS certificates cannot be authenticated by them.

Encrypting information using 128-bit encryption mechanism or more sophisticated cryptography algorithms make it virtually impossible for sniffers to make sense out of the traffic flowing.

Karthik Rao, a budding ethical hacker, points out the benefits of using secure links via HTTPS. “Man-in-the-middle (MITM) attacks, where the attacker acts as an invisible relay between two hosts with the purpose of manipulating traffic is easy to unleash when there is an insecure link, whereas it is subdued to a great extent if the link is on HTTPS,” he says.

HTTPS EVERYWHERE

HTTPS content access should be supported by websites. While the browsers can access the content on secure links by appending https instead of http in the URL of websites, this would get cumbersome, and there is also a problem when the websites are not serving content over secure links.

Automating this functionality and going back to HTTP only when https in unavailable, is facilitated by a free and open source software, ‘HTTPS Everywhere', which works as an add-on to the open source web browser Mozilla Firefox. HTTPS Everywhere ensures secure and encrypted communication with websites supporting HTTPS content access.

With major websites including Google, Wikipedia, Facebook, Youtube and Twitter serving secure content, a huge portion of routine browsing can be secure, hence reducing risks such as phishing.

HTTPS Everywhere is a project by The Onion Routing (TOR) project and the Electronic Frontier Foundation (EFF), who are working on making the Internet safer, more secure and with increased privacy to users.

The add-on is currently supported only by Mozilla Firefox, while support on the Google Chrome browser may come in near future. It can be downloaded from https://www.eff.org/ https-everywhere

Source : The Hindu dtd 15/01/2012

System Administrators and Operators in Computerized Post Offices, How much you know about Security Guidelines in Department of Posts?

Copy of C.O. letter No. INV / 150-118 / wr/08 Dated the 20th April, 2010

Several systematic shortcomings are being noticed in the operational methods of Sanchay Post, giving scope for possible manipulation with malafide intentions. It has been observed that the instructions issued to manage the data entry module of Sanchay Post securely were not followed by many of the units leading to frauds in Sanchay Post software.

2. It is once again reinterated that the following aspects should be taken care of by all concerned without any deviation.

a) Operationalization of the data entry module should be limited to

the assigned supervisor only.

b) Only one data entry operator should be there in an office/

network.

c) It is the sole responsibility of the supervisor to keep the password secretly with him, as he is held responsible for the data entries made in an office running Sanchay post online, as pass word securities were not followed properly.

d) As instructed earlier a register should be kept to note the entries in the chronological order carrying the details of corrections made using data entry modules each duly attested by the concerned supervisor.

e) The System Managers of the field units can also hold periodical training for Post office and Divisional office staff to make them fully conversant with the checks and controls existing in the Sanchay Post software, so that supervisory control is made more effective.

3. Please circulate the above said instructions under acknowledgement to all the supervisors and operators of Sanchay post offices in your region immediately.

Directorate Letter No. 48-05/2004-Tech/KW dated 02.01.2008

A kind reference is invited to the above letter on Security of Sanchay Post Software. Now a copy of C.O. Lr. No. Tech/2-18/08-09 dated 01.12.2008 regarding Security guidelines for Computerized SB Offices is enclosed herewith for information and necessary action.

Further it is brought to the notice of this office that Data Entry Packages of Sanchay Post are not uninstalled after the accounts were brought into online in several offices and usage of several unauthorized softwares. Hence the following instructions are issued for immediate action.

1. All the Data Entry Modules of Sanchay Post should be immediately uninstalled after completion of the data entry.

2. The Data Entry Package should be installed only in Server or other systems under the direct control of the PM/ SPM only.

3. 'Data Entry Supervisor' user class should be allotted to the PM/ SPM only.

4. It is seen that all users are allotted to Data Entry which is highly irregular.

5. User names and password should be official specific not office specific. No general names and designations should be used. This should be monitored by the Divisional Heads / Sub Divisional Heads during their visits / inspections and recorded.

6. If one PA / Supervisor is on leave, the concerned PM/ SPM should change/authorize the name of the other official actually working on the branch while giving day begin.

7. For every Software / Hardware Problem, an error book should be maintained and recorded then and there by the officials concerned and the DSMs concerned should note the action taken for the rectification. The same should be perused by the

8. Divisional Heads / Sub Divisional Heads during their visits / inspections and recorded.

9. A separate register for entry / access of LAN server should be maintained with the details such as Date and Time of Entry, Work done and out time etc. The register should be under the personal custody of the Head of the Office.

10. It is seen that the opening balances, closing balances are being modified through some unauthorized software which is highly irregular and warrants Disciplinary Action.

11. Similarly doing day begin for the dates prior to the date of operation is also not correct.

12. Directorate has already issued instruction regarding security / preservation of SQL Server Password with the Divisional Heads and hence Divisional Heads should monitor the same to prevent unauthorized persons to have knowledge about the 'SA' password.

13. All the floppy / CD/DVD/Flash Drives should be disabled except the one used for taking backups by the Supervisor incharge.

14. The following certificate from the concerned System Administrators / DSMs should be obtained in respect of Computerised Offices under their jurisdiction and filed at the Divisional Office.

"Certified that there is no unauthorized software installed and data entry modules are uninstalled in the …………………………………….. SO/HO.

Signature of the SA/DSM

Date: "

15.The following certificate should be sent by the Divisional Heads to this office immediately.

"Certified that the SAs / DSMs are instructed about the Security Guidelines for Computerised Offices and the relevant certificates were obtained and filed.

Signature of the Divisional Head

Date:

15. An action taken report on the C.O. Lr. No. Tech/2-15/08-09 dated 01.12.2008 should be sent within a week.

Security guidelines for computerized SB Offices – Reg.

* * * * * * *

Security guidelines to be followed in the offices using Sanchay Post software, along with a list of 'Do's and Dont's'for the officials working on SB LAN is enclosed. Please ensure that the guidelines are strictly adhered to. Additional security measures required if any may be combined with these guidelines and implemented.

Guidelines to be followed by the Systems Administrators / Operators of Computerized Offices:

• The server should be kept securely away from unauthorized users and outsiders to ensure security of data. The 'SA' of MSSQL server has full rights on the operation of RDBMS. It is therefore, necessary that the PASSWORD is granted to the appropriate official and a record is maintained for the same. He should also change the password at regular intervals to ensure better security and should not give the password to other operators.

• The System Administrators should not use SQL Server Management tools such as Query Analyzer, Enterprise manager etc. but should use the front end application only.

• The System Administrators / Managers should ensure that no one has access to SQL Server Tools, which can be used to tamper with databases.

• No personal Pen/Flash Drive/ Laptop should be permitted inside the office by the visitors/employees.

• Keep a written record of the officials granted 'LAN Administrator'. 'SQL Administrator' and 'Data Entry Super' rights along with the period.

• Keeping the security issues in mind, the role of the System Administrators should be closely monitored by the competent authority.

System Administrators/Managers to ensure:

• That the clients connecting to the server should have only the client connectivity component of SQL server installed on them. Any other administrative tools such as the Query Analyser, Enterprise Manager etc., if found installed in the clients, should be uninstalled.

• Maintaining Operating system and Database in a NTFS partition provides the ability to limit network access based on user accounts and network-defined groups. Do not unnecessarily share folders on the server.

• Removal of Data entry modules for schemes which have been made online on all the nodes. If found absolutely necessary it should be installed in only one node.

• A new class of user called 'Data Entry Supervisor' has been introduced from Sanchay Post ver 5.0. Correction of accounts in which transactions have been performed in the online module (i.e. already online accounts) can only be done by the 'Data Entry Supervisor'. Hence the rights for the role of Data Entry Supervisor are to be allotted only to the head of the office. (PM/SPM).

• User rights allotted in Sanchay Post should be post specific and a person should not be allotted both counter and supervisor rights. Group and Form access in online mode should be as per work distributions to counter users and supervisors. They should not be assigned groups or forms which are not handled by them to prevent nmisuse. The users should be given access to only the functions they perform and they should set their own password.

• Passwords should be official specific and not post specific. If there are five people who are likely to handle an operation over a period of time, individual user id should be created for each of them and under no circumstances should one individual log in with another's id.

• Only the names of the officials should be given as "Person Name" while creating new persons. Designation of the officials (such as 'Super', 'Counter', 'Postmaster', PA, SPM, APM) should not be used as 'Person name'.

• All the persons operating Sanchay Post application package should be given logon permissions ('person name' & 'person password' corresponding to 'Your Name' & 'Your Password' in the SB application login screen) using the officials name only.

• In the event of one's pass word becoming known to others one should reset his pass word immediately. Free trading of password is risky. If an individual makes his password public, the risk lies with him. Full responsibility for misuse of his password would fall on him.

• Enforce password change at regular intervals and minimum password length to ensure better security.

• Supervisor's id should be at an appropriate level. If more than one supervisor was to work owing to leave or training etc more ids can be created for each of the supervisors in the office.

• Delete old or inactive user accounts

• People who have moved out of the computerized operation set up in a specific office should be removed from the user group without any loss of time.

• Periodic backup should be taken without fail.

• The daily, weekly, monthly back up copies should be kept in different places. (System administrator, Head of the office, Divisional office etc.). The back up taken should be tested to see that restoration is possible without difficulty.

• Atleast one copy of the back up should be kept in a building away from the office (Offsite) to provide protection against location-specific catastrophes. Rotate tapes used for back up and replace tapes when its suspect.

• Antivirus software should be installed in all the nodes and regularly updated. Suitable mechanism for regular upgrading / updates to protect vulnerability against new Viruses should be formulated and implemented.

Do's and Don't's for officials working on SB LAN

Do's:

1. Use easily remembered passwords with sufficient complexity, which should be changed at frequent intervals.

To Change password

Log on to the online module. Go to 'Set Up' Menu. Select 'Set personal password', then type "Current personal password". Type new personal password and retype new password. Click on OK.

2. Back up your data every day. Keep at least one copy offsite. A register has to be maintained for recording the following information. Data name of the person taking back up. Type of Media (CD, Tape or Node) Counter signature of the Postmaster.

3. Enforce logging out when the workstation is unattended for a significant period of time. All changes done to the database is recorded against your name. Use "Lock Screen" in setup menu when leaving workstation for a short while.

4. In case of problem in connecting to the server, follow the sequence of 'switching on'

(a) Hub

(b) Server (Wait for 'Begin log on' screen with a message press Ctrl-Alt-Del to log on)

(c) Switch on nodes.

5. If when you double click on Sanchay Post icon, you get a message "Unable to connect to server. Do you want to correct". Click on "Yes". You will then be prompted for the server name. Type the server name and click "Save". You wil obtain a message 'Rerun Application". Now double click on the Online or data entry icon to enter Sanchay Post application package.

6. If there is some kind of 'system message', read it first, it solves most of the problems. If you have to report a problem, record the messages you get. Telling someone that the message was something about a hardware error does not help the problem solver. Report the message to the System Administrator.

Don't's

7. Don't run any other application other than Directorate approved software on your systems. Use of any other unauthorized software for modification / entering transactions is strictly prohibited.

8. Don't allow another person to log with your name and password (including system Administrators). All the entries and changes made in the application package are entered in a log against your user name.

9. Do not simply turn off your computer: instead use the correct shut down process given below.

10. Shut Down process in nodes:

(a) Exit the application software (Sanchay Post) in the nodes by clicking on quit.

(b) Go to Start button, Click on Shut Down. You will get a screen "Shut down Windows". Select shut down from options available and click on "OK".

(c) Wait till you get the message, "It is now safe to shut down the computer" before switching the computer off.

Shut down Process in server:

Log on to the Server and then follow step (ii) & (iii) as stated above.

Sub: Security of Sanchay Post software – reg

1. It has been come to the notice that because of the easy access to the data base Sanjay Post Software is being mishandled. The offices computerized by the technology division of the Directorate are not following the security guidelines and the Head of the Office is not reviewing the security measures.

2. Please refer to the FS Divisions lr no. 76-03/2005-FS dated 30.07.2007 regarding the security of SQL server password. It is again reminded that, it is the responsibility of the Divisional Superintendent to safe guard the password and to chage the password once in six months when he visits the post office for inspection/verification. Allowing the System Administrator to access the Data base will be dangerous.

3. Number entry package is also available in Sanjay Post Software. Because of this any body can access Data base. Generally, Number Entry is used for loading old numbers and after the entry it is uninstalled. All Circle Heads should ensure that the Number Entry Package has been uninstalled and it should be complied with.

4. Server should be kept under lock and key. Instructions were given to maintain a register at Server Room and to make entrices in the register. Usually it is not maintained in the Head Post Offices. Circle Heads must strictly ensure that this register is being maintained and it should be jointly signed by Postmaster/SBCO officials in Head Post Offices and in other Post Offices it should be signed by Cashier.

5. Issuing of Access card will be a better option which will keep the record of the time of entry and time spent in the Server Room.It will be effective to stop the trespassing into the server room.

6. It is also instructed that the Security Measures in the Computerised Offices may be reviewed periodically by the Inspecting Officer. It should be included in the Inspection Questionnare.

7. Secretary (P) has shown great concern in the above matter and asked to take immediate steps in this matter. Hence you are requested to give the feed back in this regard so that the information may be given to the Secretary (P) Circle wise.

This is issued with the approval of Dy. Director General (Technology).

Sd/-

(Dr. Kushal)

Asst. Director General (Technology)

Source : http://satish24k.blogspot.com/

'മാലിന്യനിക്ഷേപം: ഒരു വര്‍ഷം തടവും 5,000 രൂപ പിഴയും

മാലിന്യം നിറച്ച കാരിബാഗുകള്‍ വാഹനങ്ങളില്‍ കൊണ്ടുവന്നു പൊതുനിരത്തുകളില്‍ വലിച്ചെറിയുന്നതു ശ്രദ്ധയില്‍പ്പെട്ടാല്‍ ഈ വാഹനങ്ങളുടെ നമ്പര്‍ കുറിച്ചെടുത്ത്‌ പോലീസിനെ അറിയിക്കുന്നതു കുറ്റക്കാര്‍ക്കെതിരേ നടപടി സ്വീകരിക്കാന്‍ സഹായകമായിരിക്കും. ഇത്തരം പരാതികളില്‍ പോലീസ്‌ നിയമനടപടി സ്വീകരിക്കും. ജില്ലാ പോലീസ്‌ കണ്‍ട്രോള്‍ റൂമുകളില്‍ ടെലിഫോണ്‍ മുഖേനയോ പോലീസ്‌ ഹെഡ്‌ക്വാര്‍ട്ടേഴ്‌സില്‍ എസ്‌.എം.എസ്‌. വഴിയോ (949700000) പരാതി സമര്‍പ്പിക്കാമെന്നു ഡി.ജി.പി. അറിയിച്ചു.ആരെങ്കിലും മാലിന്യങ്ങള്‍ വലിച്ചെറിയുന്നതായി ശ്രദ്ധയില്‍പ്പെട്ടാല്‍ പൊതുജനങ്ങള്‍ക്ക്‌ പോലീസ്‌ സ്‌റ്റേഷനുകളില്‍ നേരിട്ടു പരാതി പറയാം. പൊതുസ്‌ഥലങ്ങളിലും വഴിയോരങ്ങളിലും മാലിന്യങ്ങള്‍ ഉപേക്ഷിക്കുകയോ വലിച്ചെറിയുകയോ ചെയ്യുന്നവര്‍ക്കെതിരേ കര്‍ശന നടപടി സ്വീകരിക്കുമെന്നു ഡി.ജി.പി. അറിയിച്ചു. ഒരു വര്‍ഷംവരെ തടവുശിക്ഷയും അയ്യായിരം രൂപ വരെ പിഴയും ഈടാക്കാവുന്ന കുറ്റമാണിത്‌. പൊതുനിരത്തിലും പൊതുസ്‌ഥലത്തും മാലിന്യങ്ങള്‍ വലിച്ചെറിയുന്നതിനെതിരേ നടപടി സ്വീകരിക്കുന്നതിന്റെ ഭാഗമായി ഓപ്പറേഷന്‍ സ്വീപ്‌ പദ്ധതി നടപ്പിലാക്കും. സംസ്‌ഥാനത്തെ എല്ലാ പോലീസ്‌ സ്‌റ്റേഷനുകളിലെയും സ്‌റ്റേഷന്‍ ഹൗസ്‌ ഓഫീസര്‍മാര്‍, സി.ഐമാര്‍, സബ്‌ ഡിവിഷണല്‍ ഓഫീസര്‍മാര്‍, ജില്ലാ പോലീസ്‌ മേധാവികള്‍ എന്നിവര്‍ക്ക്‌ ഇതുസംബന്ധിച്ച്‌ നിര്‍ദേശം നല്‍കി. ഓരോ പോലീസ്‌ സ്‌റ്റേഷന്‍ അതിര്‍ത്തിയിലും സ്‌റ്റേഷന്‍ ഹൗസ്‌ ഓഫീസര്‍മാര്‍ ഇത്തരം കുറ്റകൃത്യങ്ങള്‍ കണ്ടുപിടിക്കാന്‍ പ്രത്യേക പട്രോളിംഗ്‌ സംവിധാനം ഏര്‍പ്പെടുത്തും. സി.ഐമാരും സബ്‌ ഡിവിഷണല്‍ ഓഫീസര്‍മാരും ദൈനംദിനം ഇതിന്റെ പുരോഗതി വിലയിരുത്തും. ജില്ലാ പോലീസ്‌ മേധാവികള്‍ ഓരോ ആഴ്‌ചയിലും ജില്ലയിലെ പ്രവര്‍ത്തനങ്ങള്‍ പരിശോധിച്ച്‌ സംസ്‌ഥാന നോഡല്‍ ഓഫീസര്‍ക്ക്‌ റിപ്പോര്‍ട്ട്‌ നല്‍കും. മാലിന്യം നിറച്ച ബാഗുകള്‍ വാഹനങ്ങളില്‍ കൊണ്ടുവന്ന്‌ റോഡില്‍ വലിച്ചെറിയുന്നതു പതിവായതിനാല്‍ ജില്ലകളിലെ ട്രാഫിക്‌ വിഭാഗത്തെയും പരിശോധനയ്‌ക്കായി ചുമതലപ്പെടുത്തിയിട്ടുണ്ട്‌. പോലീസ്‌ സ്‌റ്റേഷന്‍ തലംമുതല്‍ സംസ്‌ഥാനതലംവരെ തദ്ദേശഭരണ സ്‌ഥാപനങ്ങളുടെ സഹകരണത്തോടുകൂടി റസിഡന്റ്‌സ് അസോസിയേഷനുകള്‍, വിദ്യാഭ്യാസ സ്‌ഥാപനങ്ങള്‍, ഫ്‌ളാറ്റുകളിലെ റസിഡന്‍സ്‌ അസോസിയേഷന്‍ എന്നിവരെയുള്‍പ്പെടുത്തി പത്രമാധ്യമങ്ങളുടെ സഹകരണത്തോടെ വിപുലമായ പരിപാടികളും സംഘടിപ്പിക്കും. പൊതുനിരത്തിലും പൊതുസ്‌ഥലങ്ങളിലും ആരെങ്കിലും മാലിന്യങ്ങള്‍ വലിച്ചെറിയുന്നതായി ശ്രദ്ധയില്‍പ്പെട്ടാല്‍ പൊതുജനങ്ങള്‍ക്ക്‌ പോലീസ്‌ സ്‌റ്റേഷനുകളില്‍ നേരിട്ടു പരാതി പറയാം. മാലിന്യം നിറച്ച കാരിബാഗുകള്‍ വാഹനങ്ങളില്‍ കൊണ്ടുവന്നു പൊതുനിരത്തുകളില്‍ വലിച്ചെറിയുന്നതു ശ്രദ്ധയില്‍പ്പെട്ടാല്‍ ഈ വാഹനങ്ങളുടെ നമ്പര്‍ കുറിച്ചെടുത്ത്‌ പോലീസിനെ അറിയിക്കുന്നതു കുറ്റക്കാര്‍ക്കെതിരേ നടപടി സ്വീകരിക്കാന്‍ സഹായകമായിരിക്കും. ഇത്തരം പരാതികളില്‍ പോലീസ്‌ നിയമനടപടി സ്വീകരിക്കും. ജില്ലാ പോലീസ്‌ കണ്‍ട്രോള്‍ റൂമുകളില്‍ ടെലിഫോണ്‍ മുഖേനയോ പോലീസ്‌ ഹെഡ്‌ക്വാര്‍ട്ടേഴ്‌സില്‍ എസ്‌.എം.എസ്‌. വഴിയോ (949700000) പരാതി സമര്‍പ്പിക്കാമെന്നു ഡി.ജി.പി. അറിയിച്ചു. Sourses; mangalam dt23-11-2011

Beware of Section 43 of The Information Technology Act - 2000

What’s section 43 of The Information Technology Act,2000?

If any person without permission of the owner or any other person who is in charge of a computer, computer system or computer network,- accesses or secures access to such computer, computer system or computer networkdownloads, copies or extracts any data, computer data base information from such computer, computer system or computer network including information or data held or stored in any removable storage medium.

Introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network;

damages or causes to be damaged and computer, computer system or computer network, data, computer database or any other programmes residing in such computer, computer system or computer network;

disrupts or causes disruption of any computer, computer system or computer network;

denies or causes the denial of access to any person authorised to access any computer, computer system or computer network by any means;

provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made thereunder;

charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system or compute network he shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected.

Explanation.-For the purposes of this section.- (i) “computer contaminant” means any set of computer instructions that are designed –

(a) to modify, destroy, record, transmit date or programme residing within a computer, computer system or computer network; or

(b) by any means to usurp the normal operation of the computer, compute system, or computer network;

(ii) “computer database” means a representation of information,

knowledge, facts, concepts or instructions in text, image, audio, video that are being prepared or have been prepare in a formalised manner or have been produced by a computer, computer system or computer network and are intended for use in a computer, computer system or computer network;

(iii) “computer virus” means any computer instruction, information, data or programme that destroys, damages, degrades adversely affects the performance of a computer resources or attaches itself to another itself to another computer resources and operates when a programme, date or instruction is executed or some other even takes place in that computer resource;

(iv) “damage” means to destroy, alter, delete, add, modify or re-arrange any computer resource by any means.

A perfect example is cited below to support my words-

A lady has violated Section 43 of The Information Technology Act,2000 and made unauthorized access to Gmail accounts of her husband and her father-in law, and unauthorisedly downloaded/forwarded/printed their emails and chat sessions with others, thus committing Identity. Theft by using the password belonging to others dishonestly, and violating the privacy of not only the Complainants, but also of others with whom these chat sessions were conducted. Given the fact that she gave the evidence only to Police and the Court, in the Dowry case lodged by her against her husband and in-laws, and did not make It widely public. Hence the Court ordered that she pay a token fine of Rupees One Hundred to the State Treasury.

Source : http://tkbsen.com