Friday, July 18, 2008

Flawed Income Tax India website reveals user Tax details

Everybody is getting onto the bandwagon to file their returns online, be it from myitreturn.com or https://incometaxindiaefiling.gov.in.

But I just noticed that on Incometaxindiaefiling.gov.in the registration and password reset is quite flawed.

First you just need a few details about somebody to check all his returns check his earnings and other details, this can be very useful to banks and other services companies to know the real earnings of a person or a corporate. It is very easy to get these details by using Social Engineering (Give a lucrative offer and anyone will fall for it).

Lets have a look at the flaws:

1) Registration Flaw - This gives access to address details of a PAN Holder.

You need PAN number, Name and date of birth of your victim which is very to get via social engineering and you can register as any person whose details you have.

Now after registering you will immediately get the address details of the PAN holder.

2) Forgot Password Flaw - This will give access to a registered users account with all information such as his Income, Taxes, his other income sources, Tax deducted etc

Now you need the same details of your victim Name, PAN card and Date of Birth and fill up those details and put the PAN card number as the Username at Forgot Password Page

The best thing in both the cases is the Username is same as your PAN card so even if you are not aware of the Username no need to worry, its the PAN card number buddy.

On a serious note so many people around you have access to these personal details for example, Cellular service providers like Bharti Airtel and Vodafone and there have been multiple instances when these providers have sold customer details to third parties such as Banks, Mortgage companies, Leisure resort companies etc. (I had a very bad experience with Bharti Airtel).

These loan agents who come to collect your details for a Bank account, Bank Loan, Credit Card, Share Trading account they have all your details and it is so easy for them to go ahead and modify your password and login to your account and then sell you services or even bad collect all these details and sell to Russian mafia for $5 each and it just gets worst from here.

Many bad things can happen, IncomeTax India website needs an overhaul in the way both of these mechnaisms work or else it will be a great threat to the nation and its people.

PS: Do not misuse this feature and blame me.


-Abhi

Flawed Income Tax India website reveals user Tax details

Everybody is getting onto the bandwagon to file their returns online, be it from myitreturn.com or https://incometaxindiaefiling.gov.in.

But I just noticed that on Incometaxindiaefiling.gov.in the registration and password reset is quite flawed.

First you just need a few details about somebody to check all his returns check his earnings and other details, this can be very useful to banks and other services companies to know the real earnings of a person or a corporate. It is very easy to get these details by using Social Engineering (Give a lucrative offer and anyone will fall for it).

Lets have a look at the flaws:

1) Registration Flaw - This gives access to address details of a PAN Holder.

You need PAN number, Name and date of birth of your victim which is very to get via social engineering and you can register as any person whose details you have.

Now after registering you will immediately get the address details of the PAN holder.

2) Forgot Password Flaw - This will give access to a registered users account with all information such as his Income, Taxes, his other income sources, Tax deducted etc

Now you need the same details of your victim Name, PAN card and Date of Birth and fill up those details and put the PAN card number as the Username at Forgot Password Page

The best thing in both the cases is the Username is same as your PAN card so even if you are not aware of the Username no need to worry, its the PAN card number buddy.

On a serious note so many people around you have access to these personal details for example, Cellular service providers like Bharti Airtel and Vodafone and there have been multiple instances when these providers have sold customer details to third parties such as Banks, Mortgage companies, Leisure resort companies etc. (I had a very bad experience with Bharti Airtel).

These loan agents who come to collect your details for a Bank account, Bank Loan, Credit Card, Share Trading account they have all your details and it is so easy for them to go ahead and modify your password and login to your account and then sell you services or even bad collect all these details and sell to Russian mafia for $5 each and it just gets worst from here.

Many bad things can happen, IncomeTax India website needs an overhaul in the way both of these mechnaisms work or else it will be a great threat to the nation and its people.

PS: Do not misuse this feature and blame me.


-Abhi

Flawed Income Tax India website reveals user Tax details

Everybody is getting onto the bandwagon to file their returns online, be it from myitreturn.com or https://incometaxindiaefiling.gov.in.

But I just noticed that on Incometaxindiaefiling.gov.in the registration and password reset is quite flawed.

First you just need a few details about somebody to check all his returns check his earnings and other details, this can be very useful to banks and other services companies to know the real earnings of a person or a corporate. It is very easy to get these details by using Social Engineering (Give a lucrative offer and anyone will fall for it).

Lets have a look at the flaws:

1) Registration Flaw - This gives access to address details of a PAN Holder.

You need PAN number, Name and date of birth of your victim which is very to get via social engineering and you can register as any person whose details you have.

Now after registering you will immediately get the address details of the PAN holder.

2) Forgot Password Flaw - This will give access to a registered users account with all information such as his Income, Taxes, his other income sources, Tax deducted etc

Now you need the same details of your victim Name, PAN card and Date of Birth and fill up those details and put the PAN card number as the Username at Forgot Password Page

The best thing in both the cases is the Username is same as your PAN card so even if you are not aware of the Username no need to worry, its the PAN card number buddy.

On a serious note so many people around you have access to these personal details for example, Cellular service providers like Bharti Airtel and Vodafone and there have been multiple instances when these providers have sold customer details to third parties such as Banks, Mortgage companies, Leisure resort companies etc. (I had a very bad experience with Bharti Airtel).

These loan agents who come to collect your details for a Bank account, Bank Loan, Credit Card, Share Trading account they have all your details and it is so easy for them to go ahead and modify your password and login to your account and then sell you services or even bad collect all these details and sell to Russian mafia for $5 each and it just gets worst from here.

Many bad things can happen, IncomeTax India website needs an overhaul in the way both of these mechnaisms work or else it will be a great threat to the nation and its people.

PS: Do not misuse this feature and blame me.


-Abhi

Flawed Income Tax India website reveals user Tax details

Everybody is getting onto the bandwagon to file their returns online, be it from myitreturn.com or https://incometaxindiaefiling.gov.in.

But I just noticed that on Incometaxindiaefiling.gov.in the registration and password reset is quite flawed.

First you just need a few details about somebody to check all his returns check his earnings and other details, this can be very useful to banks and other services companies to know the real earnings of a person or a corporate. It is very easy to get these details by using Social Engineering (Give a lucrative offer and anyone will fall for it).

Lets have a look at the flaws:

1) Registration Flaw - This gives access to address details of a PAN Holder.

You need PAN number, Name and date of birth of your victim which is very to get via social engineering and you can register as any person whose details you have.

Now after registering you will immediately get the address details of the PAN holder.

2) Forgot Password Flaw - This will give access to a registered users account with all information such as his Income, Taxes, his other income sources, Tax deducted etc

Now you need the same details of your victim Name, PAN card and Date of Birth and fill up those details and put the PAN card number as the Username at Forgot Password Page

The best thing in both the cases is the Username is same as your PAN card so even if you are not aware of the Username no need to worry, its the PAN card number buddy.

On a serious note so many people around you have access to these personal details for example, Cellular service providers like Bharti Airtel and Vodafone and there have been multiple instances when these providers have sold customer details to third parties such as Banks, Mortgage companies, Leisure resort companies etc. (I had a very bad experience with Bharti Airtel).

These loan agents who come to collect your details for a Bank account, Bank Loan, Credit Card, Share Trading account they have all your details and it is so easy for them to go ahead and modify your password and login to your account and then sell you services or even bad collect all these details and sell to Russian mafia for $5 each and it just gets worst from here.

Many bad things can happen, IncomeTax India website needs an overhaul in the way both of these mechnaisms work or else it will be a great threat to the nation and its people.

PS: Do not misuse this feature and blame me.


-Abhi

Flawed Income Tax India website reveals user Tax details

Everybody is getting onto the bandwagon to file their returns online, be it from myitreturn.com or https://incometaxindiaefiling.gov.in.

But I just noticed that on Incometaxindiaefiling.gov.in the registration and password reset is quite flawed.

First you just need a few details about somebody to check all his returns check his earnings and other details, this can be very useful to banks and other services companies to know the real earnings of a person or a corporate. It is very easy to get these details by using Social Engineering (Give a lucrative offer and anyone will fall for it).

Lets have a look at the flaws:

1) Registration Flaw - This gives access to address details of a PAN Holder.

You need PAN number, Name and date of birth of your victim which is very to get via social engineering and you can register as any person whose details you have.

Now after registering you will immediately get the address details of the PAN holder.

2) Forgot Password Flaw - This will give access to a registered users account with all information such as his Income, Taxes, his other income sources, Tax deducted etc

Now you need the same details of your victim Name, PAN card and Date of Birth and fill up those details and put the PAN card number as the Username at Forgot Password Page

The best thing in both the cases is the Username is same as your PAN card so even if you are not aware of the Username no need to worry, its the PAN card number buddy.

On a serious note so many people around you have access to these personal details for example, Cellular service providers like Bharti Airtel and Vodafone and there have been multiple instances when these providers have sold customer details to third parties such as Banks, Mortgage companies, Leisure resort companies etc. (I had a very bad experience with Bharti Airtel).

These loan agents who come to collect your details for a Bank account, Bank Loan, Credit Card, Share Trading account they have all your details and it is so easy for them to go ahead and modify your password and login to your account and then sell you services or even bad collect all these details and sell to Russian mafia for $5 each and it just gets worst from here.

Many bad things can happen, IncomeTax India website needs an overhaul in the way both of these mechnaisms work or else it will be a great threat to the nation and its people.

PS: Do not misuse this feature and blame me.


-Abhi

Flawed Income Tax India website reveals user Tax details

Everybody is getting onto the bandwagon to file their returns online, be it from myitreturn.com or https://incometaxindiaefiling.gov.in.

But I just noticed that on Incometaxindiaefiling.gov.in the registration and password reset is quite flawed.

First you just need a few details about somebody to check all his returns check his earnings and other details, this can be very useful to banks and other services companies to know the real earnings of a person or a corporate. It is very easy to get these details by using Social Engineering (Give a lucrative offer and anyone will fall for it).

Lets have a look at the flaws:

1) Registration Flaw - This gives access to address details of a PAN Holder.

You need PAN number, Name and date of birth of your victim which is very to get via social engineering and you can register as any person whose details you have.

Now after registering you will immediately get the address details of the PAN holder.

2) Forgot Password Flaw - This will give access to a registered users account with all information such as his Income, Taxes, his other income sources, Tax deducted etc

Now you need the same details of your victim Name, PAN card and Date of Birth and fill up those details and put the PAN card number as the Username at Forgot Password Page

The best thing in both the cases is the Username is same as your PAN card so even if you are not aware of the Username no need to worry, its the PAN card number buddy.

On a serious note so many people around you have access to these personal details for example, Cellular service providers like Bharti Airtel and Vodafone and there have been multiple instances when these providers have sold customer details to third parties such as Banks, Mortgage companies, Leisure resort companies etc. (I had a very bad experience with Bharti Airtel).

These loan agents who come to collect your details for a Bank account, Bank Loan, Credit Card, Share Trading account they have all your details and it is so easy for them to go ahead and modify your password and login to your account and then sell you services or even bad collect all these details and sell to Russian mafia for $5 each and it just gets worst from here.

Many bad things can happen, IncomeTax India website needs an overhaul in the way both of these mechnaisms work or else it will be a great threat to the nation and its people.

PS: Do not misuse this feature and blame me.


-Abhi

Flawed Income Tax India website reveals user Tax details

Everybody is getting onto the bandwagon to file their returns online, be it from myitreturn.com or https://incometaxindiaefiling.gov.in.

But I just noticed that on Incometaxindiaefiling.gov.in the registration and password reset is quite flawed.

First you just need a few details about somebody to check all his returns check his earnings and other details, this can be very useful to banks and other services companies to know the real earnings of a person or a corporate. It is very easy to get these details by using Social Engineering (Give a lucrative offer and anyone will fall for it).

Lets have a look at the flaws:

1) Registration Flaw - This gives access to address details of a PAN Holder.

You need PAN number, Name and date of birth of your victim which is very to get via social engineering and you can register as any person whose details you have.

Now after registering you will immediately get the address details of the PAN holder.

2) Forgot Password Flaw - This will give access to a registered users account with all information such as his Income, Taxes, his other income sources, Tax deducted etc

Now you need the same details of your victim Name, PAN card and Date of Birth and fill up those details and put the PAN card number as the Username at Forgot Password Page

The best thing in both the cases is the Username is same as your PAN card so even if you are not aware of the Username no need to worry, its the PAN card number buddy.

On a serious note so many people around you have access to these personal details for example, Cellular service providers like Bharti Airtel and Vodafone and there have been multiple instances when these providers have sold customer details to third parties such as Banks, Mortgage companies, Leisure resort companies etc. (I had a very bad experience with Bharti Airtel).

These loan agents who come to collect your details for a Bank account, Bank Loan, Credit Card, Share Trading account they have all your details and it is so easy for them to go ahead and modify your password and login to your account and then sell you services or even bad collect all these details and sell to Russian mafia for $5 each and it just gets worst from here.

Many bad things can happen, IncomeTax India website needs an overhaul in the way both of these mechnaisms work or else it will be a great threat to the nation and its people.

PS: Do not misuse this feature and blame me.


-Abhi

Flawed Income Tax India website reveals user Tax details

Everybody is getting onto the bandwagon to file their returns online, be it from myitreturn.com or https://incometaxindiaefiling.gov.in.

But I just noticed that on Incometaxindiaefiling.gov.in the registration and password reset is quite flawed.

First you just need a few details about somebody to check all his returns check his earnings and other details, this can be very useful to banks and other services companies to know the real earnings of a person or a corporate. It is very easy to get these details by using Social Engineering (Give a lucrative offer and anyone will fall for it).

Lets have a look at the flaws:

1) Registration Flaw - This gives access to address details of a PAN Holder.

You need PAN number, Name and date of birth of your victim which is very to get via social engineering and you can register as any person whose details you have.

Now after registering you will immediately get the address details of the PAN holder.

2) Forgot Password Flaw - This will give access to a registered users account with all information such as his Income, Taxes, his other income sources, Tax deducted etc

Now you need the same details of your victim Name, PAN card and Date of Birth and fill up those details and put the PAN card number as the Username at Forgot Password Page

The best thing in both the cases is the Username is same as your PAN card so even if you are not aware of the Username no need to worry, its the PAN card number buddy.

On a serious note so many people around you have access to these personal details for example, Cellular service providers like Bharti Airtel and Vodafone and there have been multiple instances when these providers have sold customer details to third parties such as Banks, Mortgage companies, Leisure resort companies etc. (I had a very bad experience with Bharti Airtel).

These loan agents who come to collect your details for a Bank account, Bank Loan, Credit Card, Share Trading account they have all your details and it is so easy for them to go ahead and modify your password and login to your account and then sell you services or even bad collect all these details and sell to Russian mafia for $5 each and it just gets worst from here.

Many bad things can happen, IncomeTax India website needs an overhaul in the way both of these mechnaisms work or else it will be a great threat to the nation and its people.

PS: Do not misuse this feature and blame me.


-Abhi

Flawed Income Tax India website reveals user Tax details

Everybody is getting onto the bandwagon to file their returns online, be it from myitreturn.com or https://incometaxindiaefiling.gov.in.

But I just noticed that on Incometaxindiaefiling.gov.in the registration and password reset is quite flawed.

First you just need a few details about somebody to check all his returns check his earnings and other details, this can be very useful to banks and other services companies to know the real earnings of a person or a corporate. It is very easy to get these details by using Social Engineering (Give a lucrative offer and anyone will fall for it).

Lets have a look at the flaws:

1) Registration Flaw - This gives access to address details of a PAN Holder.

You need PAN number, Name and date of birth of your victim which is very to get via social engineering and you can register as any person whose details you have.

Now after registering you will immediately get the address details of the PAN holder.

2) Forgot Password Flaw - This will give access to a registered users account with all information such as his Income, Taxes, his other income sources, Tax deducted etc

Now you need the same details of your victim Name, PAN card and Date of Birth and fill up those details and put the PAN card number as the Username at Forgot Password Page

The best thing in both the cases is the Username is same as your PAN card so even if you are not aware of the Username no need to worry, its the PAN card number buddy.

On a serious note so many people around you have access to these personal details for example, Cellular service providers like Bharti Airtel and Vodafone and there have been multiple instances when these providers have sold customer details to third parties such as Banks, Mortgage companies, Leisure resort companies etc. (I had a very bad experience with Bharti Airtel).

These loan agents who come to collect your details for a Bank account, Bank Loan, Credit Card, Share Trading account they have all your details and it is so easy for them to go ahead and modify your password and login to your account and then sell you services or even bad collect all these details and sell to Russian mafia for $5 each and it just gets worst from here.

Many bad things can happen, IncomeTax India website needs an overhaul in the way both of these mechnaisms work or else it will be a great threat to the nation and its people.

PS: Do not misuse this feature and blame me.


-Abhi

Flawed Income Tax India website reveals user Tax details

Everybody is getting onto the bandwagon to file their returns online, be it from myitreturn.com or https://incometaxindiaefiling.gov.in.

But I just noticed that on Incometaxindiaefiling.gov.in the registration and password reset is quite flawed.

First you just need a few details about somebody to check all his returns check his earnings and other details, this can be very useful to banks and other services companies to know the real earnings of a person or a corporate. It is very easy to get these details by using Social Engineering (Give a lucrative offer and anyone will fall for it).

Lets have a look at the flaws:

1) Registration Flaw - This gives access to address details of a PAN Holder.

You need PAN number, Name and date of birth of your victim which is very to get via social engineering and you can register as any person whose details you have.

Now after registering you will immediately get the address details of the PAN holder.

2) Forgot Password Flaw - This will give access to a registered users account with all information such as his Income, Taxes, his other income sources, Tax deducted etc

Now you need the same details of your victim Name, PAN card and Date of Birth and fill up those details and put the PAN card number as the Username at Forgot Password Page

The best thing in both the cases is the Username is same as your PAN card so even if you are not aware of the Username no need to worry, its the PAN card number buddy.

On a serious note so many people around you have access to these personal details for example, Cellular service providers like Bharti Airtel and Vodafone and there have been multiple instances when these providers have sold customer details to third parties such as Banks, Mortgage companies, Leisure resort companies etc. (I had a very bad experience with Bharti Airtel).

These loan agents who come to collect your details for a Bank account, Bank Loan, Credit Card, Share Trading account they have all your details and it is so easy for them to go ahead and modify your password and login to your account and then sell you services or even bad collect all these details and sell to Russian mafia for $5 each and it just gets worst from here.

Many bad things can happen, IncomeTax India website needs an overhaul in the way both of these mechnaisms work or else it will be a great threat to the nation and its people.

PS: Do not misuse this feature and blame me.


-Abhi

NIST security guides for Firewall and Bluetooth drafts for public review

NIST has released some draft guides for public review.

The three draft guides are:

1. Recommendation for Applications Using Approved Hash Algorithms.
2. Guide to Bluetooth Security.
3. Guidelines on Firewalls and Firewall Policy.

All the documents are very comprehensive and surely a must read, below are the links to those drafts as well as a short description of them.

SP 800-107, titled “Recommendation for Applications Using Approved Hash Algorithms,” is in its second draft release. It provides guidelines for achieving the appropriate level of security when using approved hash functions.

Draft SP 800-121, titled “Guide to Bluetooth Security,” describes the security capabilities of Bluetooth technologies and gives recommendations on securing them effectively.

Draft SP 800-41 Revision 1, titled “Guidelines on Firewalls and Firewall Policy,” updates the original publication released in 2002. It provides recommendations on developing firewall policies and selecting, configuring, testing, deploying and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based and personal firewalls.


-Abhi

NIST security guides for Firewall and Bluetooth drafts for public review

NIST has released some draft guides for public review.

The three draft guides are:

1. Recommendation for Applications Using Approved Hash Algorithms.
2. Guide to Bluetooth Security.
3. Guidelines on Firewalls and Firewall Policy.

All the documents are very comprehensive and surely a must read, below are the links to those drafts as well as a short description of them.

SP 800-107, titled “Recommendation for Applications Using Approved Hash Algorithms,” is in its second draft release. It provides guidelines for achieving the appropriate level of security when using approved hash functions.

Draft SP 800-121, titled “Guide to Bluetooth Security,” describes the security capabilities of Bluetooth technologies and gives recommendations on securing them effectively.

Draft SP 800-41 Revision 1, titled “Guidelines on Firewalls and Firewall Policy,” updates the original publication released in 2002. It provides recommendations on developing firewall policies and selecting, configuring, testing, deploying and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based and personal firewalls.


-Abhi

NIST security guides for Firewall and Bluetooth drafts for public review

NIST has released some draft guides for public review.

The three draft guides are:

1. Recommendation for Applications Using Approved Hash Algorithms.
2. Guide to Bluetooth Security.
3. Guidelines on Firewalls and Firewall Policy.

All the documents are very comprehensive and surely a must read, below are the links to those drafts as well as a short description of them.

SP 800-107, titled “Recommendation for Applications Using Approved Hash Algorithms,” is in its second draft release. It provides guidelines for achieving the appropriate level of security when using approved hash functions.

Draft SP 800-121, titled “Guide to Bluetooth Security,” describes the security capabilities of Bluetooth technologies and gives recommendations on securing them effectively.

Draft SP 800-41 Revision 1, titled “Guidelines on Firewalls and Firewall Policy,” updates the original publication released in 2002. It provides recommendations on developing firewall policies and selecting, configuring, testing, deploying and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based and personal firewalls.


-Abhi

NIST security guides for Firewall and Bluetooth drafts for public review

NIST has released some draft guides for public review.

The three draft guides are:

1. Recommendation for Applications Using Approved Hash Algorithms.
2. Guide to Bluetooth Security.
3. Guidelines on Firewalls and Firewall Policy.

All the documents are very comprehensive and surely a must read, below are the links to those drafts as well as a short description of them.

SP 800-107, titled “Recommendation for Applications Using Approved Hash Algorithms,” is in its second draft release. It provides guidelines for achieving the appropriate level of security when using approved hash functions.

Draft SP 800-121, titled “Guide to Bluetooth Security,” describes the security capabilities of Bluetooth technologies and gives recommendations on securing them effectively.

Draft SP 800-41 Revision 1, titled “Guidelines on Firewalls and Firewall Policy,” updates the original publication released in 2002. It provides recommendations on developing firewall policies and selecting, configuring, testing, deploying and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based and personal firewalls.


-Abhi

NIST security guides for Firewall and Bluetooth drafts for public review

NIST has released some draft guides for public review.

The three draft guides are:

1. Recommendation for Applications Using Approved Hash Algorithms.
2. Guide to Bluetooth Security.
3. Guidelines on Firewalls and Firewall Policy.

All the documents are very comprehensive and surely a must read, below are the links to those drafts as well as a short description of them.

SP 800-107, titled “Recommendation for Applications Using Approved Hash Algorithms,” is in its second draft release. It provides guidelines for achieving the appropriate level of security when using approved hash functions.

Draft SP 800-121, titled “Guide to Bluetooth Security,” describes the security capabilities of Bluetooth technologies and gives recommendations on securing them effectively.

Draft SP 800-41 Revision 1, titled “Guidelines on Firewalls and Firewall Policy,” updates the original publication released in 2002. It provides recommendations on developing firewall policies and selecting, configuring, testing, deploying and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based and personal firewalls.


-Abhi

NIST security guides for Firewall and Bluetooth drafts for public review

NIST has released some draft guides for public review.

The three draft guides are:

1. Recommendation for Applications Using Approved Hash Algorithms.
2. Guide to Bluetooth Security.
3. Guidelines on Firewalls and Firewall Policy.

All the documents are very comprehensive and surely a must read, below are the links to those drafts as well as a short description of them.

SP 800-107, titled “Recommendation for Applications Using Approved Hash Algorithms,” is in its second draft release. It provides guidelines for achieving the appropriate level of security when using approved hash functions.

Draft SP 800-121, titled “Guide to Bluetooth Security,” describes the security capabilities of Bluetooth technologies and gives recommendations on securing them effectively.

Draft SP 800-41 Revision 1, titled “Guidelines on Firewalls and Firewall Policy,” updates the original publication released in 2002. It provides recommendations on developing firewall policies and selecting, configuring, testing, deploying and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based and personal firewalls.


-Abhi

NIST security guides for Firewall and Bluetooth drafts for public review

NIST has released some draft guides for public review.

The three draft guides are:

1. Recommendation for Applications Using Approved Hash Algorithms.
2. Guide to Bluetooth Security.
3. Guidelines on Firewalls and Firewall Policy.

All the documents are very comprehensive and surely a must read, below are the links to those drafts as well as a short description of them.

SP 800-107, titled “Recommendation for Applications Using Approved Hash Algorithms,” is in its second draft release. It provides guidelines for achieving the appropriate level of security when using approved hash functions.

Draft SP 800-121, titled “Guide to Bluetooth Security,” describes the security capabilities of Bluetooth technologies and gives recommendations on securing them effectively.

Draft SP 800-41 Revision 1, titled “Guidelines on Firewalls and Firewall Policy,” updates the original publication released in 2002. It provides recommendations on developing firewall policies and selecting, configuring, testing, deploying and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based and personal firewalls.


-Abhi

NIST security guides for Firewall and Bluetooth drafts for public review

NIST has released some draft guides for public review.

The three draft guides are:

1. Recommendation for Applications Using Approved Hash Algorithms.
2. Guide to Bluetooth Security.
3. Guidelines on Firewalls and Firewall Policy.

All the documents are very comprehensive and surely a must read, below are the links to those drafts as well as a short description of them.

SP 800-107, titled “Recommendation for Applications Using Approved Hash Algorithms,” is in its second draft release. It provides guidelines for achieving the appropriate level of security when using approved hash functions.

Draft SP 800-121, titled “Guide to Bluetooth Security,” describes the security capabilities of Bluetooth technologies and gives recommendations on securing them effectively.

Draft SP 800-41 Revision 1, titled “Guidelines on Firewalls and Firewall Policy,” updates the original publication released in 2002. It provides recommendations on developing firewall policies and selecting, configuring, testing, deploying and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based and personal firewalls.


-Abhi

NIST security guides for Firewall and Bluetooth drafts for public review

NIST has released some draft guides for public review.

The three draft guides are:

1. Recommendation for Applications Using Approved Hash Algorithms.
2. Guide to Bluetooth Security.
3. Guidelines on Firewalls and Firewall Policy.

All the documents are very comprehensive and surely a must read, below are the links to those drafts as well as a short description of them.

SP 800-107, titled “Recommendation for Applications Using Approved Hash Algorithms,” is in its second draft release. It provides guidelines for achieving the appropriate level of security when using approved hash functions.

Draft SP 800-121, titled “Guide to Bluetooth Security,” describes the security capabilities of Bluetooth technologies and gives recommendations on securing them effectively.

Draft SP 800-41 Revision 1, titled “Guidelines on Firewalls and Firewall Policy,” updates the original publication released in 2002. It provides recommendations on developing firewall policies and selecting, configuring, testing, deploying and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based and personal firewalls.


-Abhi

NIST security guides for Firewall and Bluetooth drafts for public review

NIST has released some draft guides for public review.

The three draft guides are:

1. Recommendation for Applications Using Approved Hash Algorithms.
2. Guide to Bluetooth Security.
3. Guidelines on Firewalls and Firewall Policy.

All the documents are very comprehensive and surely a must read, below are the links to those drafts as well as a short description of them.

SP 800-107, titled “Recommendation for Applications Using Approved Hash Algorithms,” is in its second draft release. It provides guidelines for achieving the appropriate level of security when using approved hash functions.

Draft SP 800-121, titled “Guide to Bluetooth Security,” describes the security capabilities of Bluetooth technologies and gives recommendations on securing them effectively.

Draft SP 800-41 Revision 1, titled “Guidelines on Firewalls and Firewall Policy,” updates the original publication released in 2002. It provides recommendations on developing firewall policies and selecting, configuring, testing, deploying and managing firewalls. The publication covers a number of firewall technologies, including packet filtering, stateful inspection, application-proxy gateways, host-based and personal firewalls.


-Abhi

Track who access your gmail account and from where

Gmail has introduced a new privacy feature that will let users see how many computers their account is open on, and also allows them to sign-out remotely. Basic information is displayed as part of the page’s standard footer, and users looking for more detailed information can view a log that displays the most recent IP addresses to access the account, along with the type of access (Mobile, POP, etc.).

The best thing about these features is if anybody had access to your cookies he can be logged out remotely and you can even track who logged into your email account and from what IP address and through which service for eq. IMAP, POP or Browser.

This is really a very good move from Google, because Webmail accounts have always been haven for email snoopers.

The link to access all these information is available at the bottom of the Gmail website.

Have a look at the screen shot below.

-Abhi

Track who access your gmail account and from where

Gmail has introduced a new privacy feature that will let users see how many computers their account is open on, and also allows them to sign-out remotely. Basic information is displayed as part of the page’s standard footer, and users looking for more detailed information can view a log that displays the most recent IP addresses to access the account, along with the type of access (Mobile, POP, etc.).

The best thing about these features is if anybody had access to your cookies he can be logged out remotely and you can even track who logged into your email account and from what IP address and through which service for eq. IMAP, POP or Browser.

This is really a very good move from Google, because Webmail accounts have always been haven for email snoopers.

The link to access all these information is available at the bottom of the Gmail website.

Have a look at the screen shot below.

-Abhi

Track who access your gmail account and from where

Gmail has introduced a new privacy feature that will let users see how many computers their account is open on, and also allows them to sign-out remotely. Basic information is displayed as part of the page’s standard footer, and users looking for more detailed information can view a log that displays the most recent IP addresses to access the account, along with the type of access (Mobile, POP, etc.).

The best thing about these features is if anybody had access to your cookies he can be logged out remotely and you can even track who logged into your email account and from what IP address and through which service for eq. IMAP, POP or Browser.

This is really a very good move from Google, because Webmail accounts have always been haven for email snoopers.

The link to access all these information is available at the bottom of the Gmail website.

Have a look at the screen shot below.

-Abhi

Track who access your gmail account and from where

Gmail has introduced a new privacy feature that will let users see how many computers their account is open on, and also allows them to sign-out remotely. Basic information is displayed as part of the page’s standard footer, and users looking for more detailed information can view a log that displays the most recent IP addresses to access the account, along with the type of access (Mobile, POP, etc.).

The best thing about these features is if anybody had access to your cookies he can be logged out remotely and you can even track who logged into your email account and from what IP address and through which service for eq. IMAP, POP or Browser.

This is really a very good move from Google, because Webmail accounts have always been haven for email snoopers.

The link to access all these information is available at the bottom of the Gmail website.

Have a look at the screen shot below.

-Abhi

Track who access your gmail account and from where

Gmail has introduced a new privacy feature that will let users see how many computers their account is open on, and also allows them to sign-out remotely. Basic information is displayed as part of the page’s standard footer, and users looking for more detailed information can view a log that displays the most recent IP addresses to access the account, along with the type of access (Mobile, POP, etc.).

The best thing about these features is if anybody had access to your cookies he can be logged out remotely and you can even track who logged into your email account and from what IP address and through which service for eq. IMAP, POP or Browser.

This is really a very good move from Google, because Webmail accounts have always been haven for email snoopers.

The link to access all these information is available at the bottom of the Gmail website.

Have a look at the screen shot below.

-Abhi

Track who access your gmail account and from where

Gmail has introduced a new privacy feature that will let users see how many computers their account is open on, and also allows them to sign-out remotely. Basic information is displayed as part of the page’s standard footer, and users looking for more detailed information can view a log that displays the most recent IP addresses to access the account, along with the type of access (Mobile, POP, etc.).

The best thing about these features is if anybody had access to your cookies he can be logged out remotely and you can even track who logged into your email account and from what IP address and through which service for eq. IMAP, POP or Browser.

This is really a very good move from Google, because Webmail accounts have always been haven for email snoopers.

The link to access all these information is available at the bottom of the Gmail website.

Have a look at the screen shot below.

-Abhi

Track who access your gmail account and from where

Gmail has introduced a new privacy feature that will let users see how many computers their account is open on, and also allows them to sign-out remotely. Basic information is displayed as part of the page’s standard footer, and users looking for more detailed information can view a log that displays the most recent IP addresses to access the account, along with the type of access (Mobile, POP, etc.).

The best thing about these features is if anybody had access to your cookies he can be logged out remotely and you can even track who logged into your email account and from what IP address and through which service for eq. IMAP, POP or Browser.

This is really a very good move from Google, because Webmail accounts have always been haven for email snoopers.

The link to access all these information is available at the bottom of the Gmail website.

Have a look at the screen shot below.

-Abhi

Track who access your gmail account and from where

Gmail has introduced a new privacy feature that will let users see how many computers their account is open on, and also allows them to sign-out remotely. Basic information is displayed as part of the page’s standard footer, and users looking for more detailed information can view a log that displays the most recent IP addresses to access the account, along with the type of access (Mobile, POP, etc.).

The best thing about these features is if anybody had access to your cookies he can be logged out remotely and you can even track who logged into your email account and from what IP address and through which service for eq. IMAP, POP or Browser.

This is really a very good move from Google, because Webmail accounts have always been haven for email snoopers.

The link to access all these information is available at the bottom of the Gmail website.

Have a look at the screen shot below.

-Abhi

Track who access your gmail account and from where

Gmail has introduced a new privacy feature that will let users see how many computers their account is open on, and also allows them to sign-out remotely. Basic information is displayed as part of the page’s standard footer, and users looking for more detailed information can view a log that displays the most recent IP addresses to access the account, along with the type of access (Mobile, POP, etc.).

The best thing about these features is if anybody had access to your cookies he can be logged out remotely and you can even track who logged into your email account and from what IP address and through which service for eq. IMAP, POP or Browser.

This is really a very good move from Google, because Webmail accounts have always been haven for email snoopers.

The link to access all these information is available at the bottom of the Gmail website.

Have a look at the screen shot below.

-Abhi

Track who access your gmail account and from where

Gmail has introduced a new privacy feature that will let users see how many computers their account is open on, and also allows them to sign-out remotely. Basic information is displayed as part of the page’s standard footer, and users looking for more detailed information can view a log that displays the most recent IP addresses to access the account, along with the type of access (Mobile, POP, etc.).

The best thing about these features is if anybody had access to your cookies he can be logged out remotely and you can even track who logged into your email account and from what IP address and through which service for eq. IMAP, POP or Browser.

This is really a very good move from Google, because Webmail accounts have always been haven for email snoopers.

The link to access all these information is available at the bottom of the Gmail website.

Have a look at the screen shot below.

-Abhi