Click fraud happens when you find a way to generate large quantities of traffic to your site that does not result in anyone seeing the ads that would have an interest in them. A computer can be programmed to visit the same site over and over. At computer speeds, this can create thousands of clicks in a very short time. If you solicit everyone you know to visit the same web page dozens of times each per day, this also is click fraud.

When the purpose of the visit is to create income for the person hosting the ads and not to give the ads a chance to produce income for the advertiser, it is fraud. Many companies have software to monitor where the various visitors to their site come from. When a pattern of visits begins to appear from the same computers over and over, the traffic is investigated to see if click fraud is being done.

Make no mistake. Click fraud is stealing. It also weakens the ability of the internet to produce revenue. If advertisers believe that dollars they are paying each month for the ads is not productive, they will pull the ads and all revenue will be lost for the cheaters and the honest users. This practice is watched as closely as card counters in a casino.

There is a lot of money to be made on the internet. Click fraud is roughly the equivalent of a pyramid scheme. Those who are early on the scam may make some big bucks, but everyone else loses. Someone who generates an extra ten or twenty thousand clicks takes money away from those who are working for it honestly. It is possible to drain enough money from the site that they work for to sink it financially.

These companies will come after those who commit click fraud and get caught. It can result in lawsuits to recover damages. The guilty parties may very well go to jail for awhile to ponder their evil ways. Because multiple scams are needed to generate truly large sums of money, the one committing click fraud will have many companies and people after him or her.

Advertising your website is not click fraud. Finding ways to entice people to come view your site in legitimate ways is just good business. These visitors will see your material and perhaps click on the ads and support the advertisers, too. That is how the world is supposed to run.

If the hacker is able to get into your bank account or steal a significant part of your identity, this is bad. Because of this, users need to find ways to battle back against hackers at work and at home. The key is to make your passwords unique and complex. Having a unique password for each account may be a lot of trouble but your security level increases exponentially.

The second part is just as important as the first. Many sites will no longer allow you to use a password that is less than 8 characters and require that it consists of both numbers and letters. This makes a password complex or more difficult to break. If you can avoid using your birthday or the names of loved ones or pets, it is even better.

For many people, the problem with using unique and complex passwords is trying to keep up with them. Doing this requires a person to record the website, user name or id, and the password in a secure place. Probably the best place to hide this information is in the wall safe in the cellar below your basement floor with iron doors that can be triple padlocked. Most people do not have one of these.

So, a new way to hide this precious information must be devised. Remember, if you hide it on your computer, hackers will be looking for it there. Now, you are back to coming up with a password to protect your password file. At least, you only have to remember one password. That seems better than remember 20 or more. If you can encrypt the file, it will give you another level of protection.

If you must store passwords away from your computer, hide them like huge sums of cash. Your mattress is not recommended. Hide them inside a book that is not obvious or in a folder that holds lots of other papers and documents. Try to make this look like something other than your password list. Do not advertise or share where this list is kept. Think of it as if it is the hidden key to your front door. When it comes to your online dealings, it is.

Do not share passwords. If you do, change them immediately. You should also change passwords about every two or three months. This will help get rid of hackers that might have gained entry but have not done damage yet.

For those passwords that are stored on your computer, you will need a good firewall and anti-virus program to keep unwanted eyes out of your files. Run the virus scan several times per week and keep it active when online. Good spyware programs and an adware programs can be downloaded for free online. These will find some types of intruders that an anti-virus program might miss.

Advantages of Internet storage -

• Your data is safe from accidentally erasing it
• It is inexpensive compared to buying hardware
• It is accessible from any computer
• You can easily share information with friends

Disadvantages of Internet storage -

• Anyone who hacks into your storage site has access to your data
• If the company goes out of business you have the potential of losing all your data
• After extended use the price may be higher than the initial cost of hardware
• No internet connection, no data access

Two of these Internet storage sites I have evaluated and are listed below.

Data Deposit Box (http://www.datadepositbox.com/)

The price is a little expensive compared to other sites, $2/GB, but the flexibility makes it almost worth it. They only charge for what is used. This is great especially for a small up starting business. When the business has no idea of the amount of storage that is needed this could very well be the way, at least till they have an idea of their need.

Registration is easy and only requires basic company information, user information, and of course credit card information.

Other features that this site offers are continuous backups, web file sharing, and file versioning.

Xdrive (http://www.xdrive.com/)

AOL's Xdrive gives away a free 5 GB of space with no ties attached. For students or the Internet hobbyist this would be a great plan. For $9.95 / month you will receive 50 GB, or, if you pay yearly you can get the same 50 GB for $99.50. Unfortunately, if you want more space then you have to buy it in 50 GB increments.

Registration is easy and only requires user information and credit card information.

Other features that this site offers are two different types of control panels you can download, organize music into playlists, and organize pictures into photo albums.

A corporation using Internet storage and extras such as geographic mirroring and load balancing can benefit greatly from a global online storage system. The storage infrastructure can benefit the company with quick online access, reduction of IT expenditures, and data security.

Would I recommend Internet storage to a friend? It would depend on the uses that that friend needs it for. Many sites offer a sizeable amount of storage for free. If my friend is in school and is looking for a way to transfer files from home to the at-school lab, then yes, I would make the recommendation. I would, however, also recommend a hard backup at home. This way if something does happen to the Internet storage site his/her data is secure and not lost.

References:

Coates, (May 21, 2001). Internet storage boosts Web sites [Electronic version]. Network World 18(21), 37. Retrieved March 30, 2008, from ProQuest database.

A very creative idea by an aspiring YouTube video maker is very funny.  Although I do recommend this to your friends if non of them are easily offended, women, or can't take jokes.   I can definitely see why this video is so popular.  It has a nice, catchy beat, very well written lyrics, and a perfect singer for the song.

Normal Instant Messaging Conversation

Believe it or not, this video was made by that young guy in the video.  I don't think he is even legal enough to drive!  Anyways, I really laughed when I first saw this video, and to this day it is still making me chuckle every time I see it.  I really think that this video, and the kid making it, deserves way more veiws for this hilarious video.

Dramatic Chipmunk

This video just puzzles me.  The title of this article is "Top YouTube Videos Sweeping the Internet," but I never said they were going to be funny or entertaining.  I dont understand why this video even has more than 10 views.  I guess it is just one of those popular internet memes that catches like wildfire and everyone uses them.

Evolution of Dance

Easily one of the best, if not the best YouTube video ever made.  This funny, yet realistic portrayal of the evolution of dance hits the nail on the head.  Really, I wouldn't be surprised if this guy makes it in Hollywood.  He has some serious talent.  I can't begin to imagine how he got over 100 million veiws.  Oh wait, I can.  That video is freaking hilarious!

Image Source

Sometimes you really, really want to see that page - it sounded so interesting, after all!  Then you get the 404 message and your head starts to ache.  Why on earth create the page just to take it away again?  It's so not fair!  The message is, put simply, a standard response code.  It indicates to the user that they were able to get through to the server of the site they are attempting to access but said server could not find what they had requested.

Image Source

Why have a computer generated graphic when you can turn the 404 in to something approaching art.  There isn't even an expletive in sight as this generous minded techie takes us through the various reasons we may have got the message.  It is strange that an artist such as Banksy has not taken the 404 to heart, considering its penetration of our collective mindset!

404s can also occur when a server is configured not to carry out the request for the page and does not reveal why.  The message "Server Not Found", however, is completely different.  It means that no connection could be made in any way, shape or form to the destination server.

Image Source

Zivity is a slightly risqué website.  Why its 404 page is so coy is a mystery, but at least it doesn't accuse you of inbred stupidity, like many websites!  404 being the area code for Southern Alberta in the United States of America is quite enough already, thank you!

When a request is made from a web browser for a web page (HTML document) then a server is required to respond.  What you see, instead of your requested page, is an email-like message with a numeric response.  The first 4 indicates a client error (that's you!). This could be as simple as a mistyped URL.

Image Source

The failboat indicates that the page you have requested is not found.  This is a combination of the 404 message and the "Fail" culture, similar to Lolcats, that has over or underwhelmed (depending on your sense of humor and appetite for repetition) the internet recently.  While on the subject of transport, 404 is also the name of a route which traverses Maryland in the USA.  There might be a slight frisson of amusement for any computer (il)literate person who gets on to this particular route. 

Image Source

German books are as sensible as the German people.  It would be great to see a real book with this message on the four hundred and fourth page, though it could be imagined that after a very short time it might become a little tedious!  Incidentally, talking of books, it was in 404 AD that the Buddhist monk Huiyan wrote the book "On Why Monks Do Not Bow Down Before Kings".  It was one of the first written arguments about why the state and religion should be separate.  This was in China, which has certainly succeeded in that in the last century or so, but perhaps not in the way that Huiyan was imagining!

Image Source

The dead duck of dead ducks has had the rise taken out of him so systematically on the internet that it is almost possible to feel a little sorry for him.  Perhaps not, but this Mister President will certainly not be left holding the baby.  Perhaps, though, history will be a kinder judge than his contemporaries?  Or perhaps not!

After the first 4 of the 404, the next two digits indicate to you tat there is a specific error encountered.  This three digit coding echoes similar usage in earlier protocols, such as NNTP and FTP.

Image Source

This was no doubt irresistible to the weary traveler who had to lay his head down in room 404 of an hotel somewhere in the world.  This is one of about a zillion pictures on the same theme that can be found out there, but the cheekiness of the message left on the board is such that it cannot fail to raise a smile.  However weak and feeble the smile, a small one at least.  No? 

Image Source - http://www.flickr.com/photos/jzawodn/492734133/

The marketing people at this stadium may have thought it would be a hoot to put the advertisement for which Yahoo had probably paid thousands of dollars next to the empty advertizing space listed as 404.  No doubt the smile was on the other side of their face when Yahoo demanded its money back!  Whether a knowing attempt at a sly dig or a completely innocent mistake, this one would have had raised a few eyebrows!

Image Source

Darth Vader gets his own take on the 404 with a broken light saber.  The combination of Star Wars and the internet is difficult to resist!  However, the 404 message can often be a little extreme - blaming the user in no uncertain terms and calling them names that would make even politicians and bankers blush.  It is often not the user who is responsible for the error.  It is interesting to note, then, that the last gladiatorial combat took place in the Roman coliseum in the year 404.  The pesky went from being fed to the lions to changing the rules altogether, the spoilsports!

Image Source

This Mailbox has seen much better days!  Perhaps it hasn't been found by its owners for a few years.  Meanwhile at the HTTP level, 404s are usually followed by a reason that can be read by you.  Many web servers issue an HTML page (a web page) that simply states that the page cannot be found.  Although this phrase is customized rarely, is sometimes misleading as the user thinks that they have mistyped the URL and try again.  And again and again.  This often results in the manual removal of a PC through a window, known as defenestration to many.

Image Source

The Times online got a little more honest with its 404.  The page isn't ready to be seen (even though it probably exists) so they put up a message instead which says that they have all gone to the pub.  This is terribly British humor but was, quite likely, true.

It has to be noted here that it is not always the poor computer user's fault that they have received a 404.  The URL they have requested could be completely accurately typed in to their browser.  Often, pages have been moved or deleted altogether.  In the case of the former, then a 301 response would have been far more appropriate.  In the latter, a 410 ("gone") response would have been much better.  However, these responses need the website's servers to be specially configured and out of sheer laziness the 404 has become the prevalent, if somewhat sloppy, response.

Image Source

The Failwhale takes a variation on the current trend for "FAIL" memes and adds its own twist with a little rhyming.

The British Telecom Group in 2004 deployed a locking system known as "Cleanfeed" and incorrectly used the 404 message.  This blocked any pages that had been deemed or identified as illegal by Big Brother, sorry, the Internet Watch Foundation.  So, the pages were there but the user was not allowed to view them because they contained material that was, if bought on printed paper, liable to get the reader more than just a slapped wrist.

Image Source

From Whales to Wales!  This beautiful country, just to the left of England (both politically and geographically!) has more mammals of an ovine nature than those classified as sapiens.  A place, as the saying goes, where women are women, men are men and the sheep are afraid.  This 404 was found in the country's middle region, near the small town of Aberystwyth.  Perhaps this is the herbivore's attempt to make herself "not found" before she can be used and abused!  Perhaps it worked, but it is expected that this lamb was still for the chop pretty soon afterwards!

Image Source

The Computer Technicians may well have arranged their lab to be situated in room 404.  With tongues fairly firmly rooted in their cheeks, of course!  You may also receive a 404 message if you try to access what is known as a dead link.  It can also be called a broken link or - rather provocatively - a dangling link.  The link may also be dead because of firewalls or content filters not allowing access to the page.

Image Source

The Twitter guys took the concept of the internet meme of lolcats, which continues to be irrationally popular to produce a number of its incredibly popular 404 messages.  People would actually type in the wrong URL in order to see one of the various 404 pussy messages that were produced over the space of a few years.  Of dear!  It is akin to the advertisements being better than the shows on the television!

Image Source

Such is the incursion in to our culture of the 404 that it is even appearing on clothing.  What it actually says about the person who wears 404 on their chest is another thing entirely.  Perhaps a great T shirt to buy just before you start college if your intention is to ingest substances both natural and man made that may render you "Not found" in terms of your general level of consciousness, cognition and presence in class!

Image Source

While most people say that they couldn't live without the internet once they have been exposed to it for a year or two and succumb to its charms, many public libraries must rue the day that a certain Mr Berners-Lee had his bright idea.  Chelmsford library, however, have kept up with the times and when their users attempt to get to a book which they do not have in stock, then they get this message.  So, it's not your traditional 404, but it certainly indicates that librarians have a sense of humor too!

Image Source

Ontario International airport, like many others, has its own 404.  One would be a little unsettled to go through this gate.  Have any film makers, doing an airport disaster movie, had the notion to make the departure gate 404?  Answers on a postcard, please!  Perhaps the passengers on the TV series "Lost" made their way on to their fatal flight through gate 404!

Image Source

A list wouldn't be a list these days with at least one Photoshop fan's take on the subject.  Here, the road is not found.  Ah, the path less travelled and so on!  Perhaps this is not unlike link rot, which is when the links on a page gradually lead nowhere.  This is when the sites to which they link change content, disappear altogether or go to new locations.  The road to nowhere, indeed!

Image Source

A final, fresh take on the 404 by Heinz, appropriate that a company with so many varieties should offer its own on the page not found message!

This is the strangest clock/calendar I have ever seen. It's really cool!

Cool!!

This is the coolest handwritten clock/calendar that is very impressing. You may want to keep this in your PC. But, if you want an ambient clock, you should authenticate with Google to connect your Google Calendar to your clock here.

10,000 Coins Topple

There's a cool youtube video showing you 10,000 coins topple like dominoes. Those coins appear to be thicker than American nickels. Some of the motions may be a bit unnatural from the point of physics. It sounds boring when the coins move up and down the ramps made of stack of coins to the end. You may scream, “Coins, c'mon, move on!”

Greeting Hello in over 800 Languages

Now, you've no problem to greet the world “Hello” in more than 800 languages. But how accurate is it? I am doubt of its accuracy. I think some of the “Hello” phrases in Japanese are no longer used in everyday conversations. Of course, “konnichiwa” is always heard, but the dialectical phrases, particularly the “Kansai-ben” will probably appear awkward to the local people there as they are rarely used for conversation these days.

Get Lose in this Game!

This is claimed as the world's most addictive game. The U.S. Air Force Academy uses it to train its pilots. They've to stay alive in this game for as long as 40 seconds. The first couple milliseconds are the hardest part, but it will eventually become easy to pass through. Once you get passed 10 seconds, it'll go very fast. Its speed generally varies accordingly with your network connection or computer.

Can You Spin the Pen Like This?

Now, follow the music, and start spinning your pen as shown in the video. It's interesting, right? Can you do most of the tricks shown to pass your time?

What Codes are These?

These codes appear to me as ASCII art, and this website seems to be very odd and pointless. It was the weirdest website created in 1995 and its HTML source code reveals a detailed diagram of a hydrogen bomb. It is said to be a diagram plan for 2 types of nuclear form which can be found here.

What s Your BMI?

This is a type of BMI calculator used to measure your ideal weight. It requests your height, and frame size but does not ask for your gender. It will then give you a simple way to decide your frame size. You might have shocked at what you should really weight! But, I recommend the other website for an accurate calculation. Give yourself a try here!

Have This Website to Waste Your Time!

These are by far the most interesting and fantastic flash games to waste your time. There are a variety of games here to kill your boredom. These games are awesome, I particularly like “Turbo penguin”.

Very Funny Video Clip!

This is a funny youtube video clip. One yoga guy fights with 2 Kung Fu fighters in the movie called “Kung Fu vs Yoga”. Can a Yoga guy behave like this way?

Beware of TeenScreen!!!

TeenScreen is part of Bush's National Mandated Mental Health Screening program. This test takes 10 minutes to diagnose the mentality health of the kids. When it was done in Colorado, America, 71% of the kids who involved in this test were diagnosed to have a mental disorder. I am wondering how Bush would do on this test…Below is what I quoted from Wiki:

"This has become a source of controversy as some have alleged that TeenScreen is merely a scheme to market psychiatric drugs. [10] In addition, some of TeenScreen's executives and advisory board members have ties to pharmaceutical companies. [11] Some of the symptoms that TeenScreen uses as indicators of mental illness can also be caused by physical illnesses, allergies, poor nutrition, lacked of sleep, drug abuse, and toxic exposure. [12] TeenScreen refers students flagged by the screening process to psychiatric professionals."

Music GenreVisualization

This is a very cool but awesome website that you should give it a try. It's an iPod-like radio which enables you to listen to songs from many genres. There's a huge variety of music to suit your needs. Just click somewhere in the matrix: energetic/clam and dark/positive. The more on the right you click on, the more music to satisfy your ears. One unique interesting feature is that you can choose which years you wish to listen.

Build Your Own Search Robot!

This awesome website sounds great to you, right? Now, you can build a Search robot to place in search engines like Yahoo, Google, and other Web 2.0 sites. It'll also continuously scour social bookmarking sites like Del.icio.us, Digg and even other websites. Your searchbot is brilliant enough to search the web by color and the mood as well. Why don't you give it a try?

And You Thought Your Eyes are Good?

How good are your eyes? Can you find the “C”? I think this website is good for checking your eyesight too. If you can't spot the alphabet, then you've to get a pair of spectacles. Now, try this below, can you spot the “O” hidden among the “Q” alphabets? How many "O" did you find?

QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQOQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQOQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ

300+ UFO Photographs

Do you believe in UFO? By browsing through these photographs, you can feed your eyes with over 300+ photographs at your fingertips.

Creating the Stuff of Your Dream

This is a pretty odd, cool and weird website. Just click on the image and it'll change from a random set of images. Sometimes, you'll get the same combination of images for several times. There are 15625 possibilities to create your dream. Give it a try! Enjoy!

Also read

• Eight extremely powerful interactive websites to blow your mind
• Nine crazy and hilarious websites that went far away from the internet application

Social Bookmarking

By now, everyone is familiar with term but, do you really know if it’s working for you? Bookmarking articles, on many occasions, only benefit’s the writer by cataloging your articles for future reference.  Also, Bookmarking is a way for users to manage webpages for the sole purpose of sharing them with people we know.

Honestly, this is from my own experience now everyone so don’t get upset, I don’t bookmark as much as the next person.  If you have hundreds of friends that will religiously read your work than that’s wonderful but, would you mind millions of people across the globe surfing on the internet reading your work? Hmm

This is why I spend more time submitting to the sites that will make even a greater difference in page views.

I have noticed that when I directly submit my URL to the link submission page for every search engine my articles get crawled even quicker than if I submit through the Triond submit link tool next to the article.

As writers, we want our articles presented to the masses as quickly as possible not only for exposure but, to make a little pocket change.

If you have a lot of time, check out these social networks:

• Digg - Make lots of friends because this is the true driving force of this website.
• Stumbleupon - Add a toolbar to your browser to submit every piece you read and write.
• My Space

Url Submission

These are the direct links to the major search engines to get you noticed right away.

• Google - Direct link to URL: submission
• Yahoo - Direct link to URL: submission
• Live - Direct link to URL: submission
• Ask - You can’t submit to Ask. They will find your link through links from other sites. Make sure you included external links in your articles to receive the exposure.
• Search Enginez - Submit to Google, Yahoo, and many others from one place.
• Submit Express - This site will submit your URL to  over 40 Search Engines for free!
• Wisenut
• Exact Seek
• Jayde
• Whatuseek
• Scrubtheweb

The list goes on and on.

Submit RSS Feed

Rss Feeds are used to publish work that is frequently changing. It’s a great option for Triond users who are constantly getting comments and submitting new work.

If you are unfamiliar on the location of these feeds, just go to one of your articles and scroll to the bottom where is says Subscribe to RSS.

Click on Subscribe to Feeds and get this screen.

Copy the URL.

Submit the URL to Rss Directories like:

• Feedburner

  

• Feedest

  One of my favorites. Submit as many as you can all at once.
  
  
  

• Blogoculars

  
  
• Live Blog Directory with Live News Feeds.
  
  

External Links (Hyperlinks)

I can not stress enough how important it is to include as many external links within your blog as possible, remembering to keep it tasteful and relevant.

What is an external link? These links travel back to webpages that are pertinent to the subject matter and of course the word that is highlighted.

Play around with these in your articles. This is the best way for your page to be indexed by the major search engines.

Internal Links

These are links within your blog that pertain to another article you may have written that’s related.

We see these all over Triond:

Try adding some more within your piece.

I know this is quite a bit of information to digest but, if you have the time and most of us don’t,  try to use the best options for you. Stop spending so much time on one option.  It’s a learning process for all of us. I am here for each and every one of you if you have questions on how to implement the tasks at hand.

This has now become an obsession of mine and I am hoping it makes a difference for you as well. After all, we are all here for the same reason, to write and have our voices heard by fellow writers aspiring for greatness.

Authentication Credentials Unknown - Not knowing a user account authentication credentials such as the correct user logon name and password is the most common reason for needing to conduct a password recovery procedure or specialized password recovery software.

Regular User Unavailable - Regular user absenteeism is another situation whereby the person who normally uses that machine is unavailable as they may be on holiday, sick or no longer employed or associated with the organization and there are important files that need to be accessed.

Incomplete Documentation - With incomplete or outdated documentation not only may the user have forgotten their password but the network administrator may not have an accessible record of it either.

Malicious Intent - It may well be the case that somebody has changed or modified the genuine authentication credentials. A number of malwares do exactly this. They don't want you to visit your antivirus software's updates.

Before we have a look at how to recover lost or forgotten Windows user account passwords we need to review some essential background information.

Windows Password Recovery Backgrounder

When it comes to recovering lost or forgotten Windows user account passwords you have a number of different alternatives. Which one you use will depend very much upon the password you wish to recover, the operating system, the type and strength of encryption, various application software, password length and complexity, as well as user accounts configuration. Other concepts of weight and relevance here include:

Password Location - Windows passwords are stored in a SAM file which is usually located in the Windows directory (C:windowssystem32driversetclmhosts.sam)

Encryption - Recent versions of the Microsoft Windows operating systems store all passwords in an encrypted format. The algorithm used to encrypt passwords is usually the secure hash standard. If the passwords were to have been stored in an unencrypted format they would be readily available for use once you had located the SAM file where they are stored. Many other applications also store passwords encrypted using the secure hash standard.

Brute Force - One of the easiest to implement methods of “cracking” an encrypted password is by a technique known as “brute force”. The brute force approach essentially tries every possible combination of characters and numbers until it finds a password that works.

Modern PCs - Modern computers can typically succeed in cracking an encrypted password using a brute force attack within a matter of seconds for passwords of less than 6 characters and a day or so for medium length passwords. Longer more complex passwords will take longer to crack/recover.

Now let us have a look at the possible avenues open to us.

Network Administrator/Help Desk

This is probably the easiest way to recover your lost or forgotten passwords. Get somebody else to do it for you.

In a client/server network environment you are best advised to go to your network administrator or help desk and apply for a new password. An authorized person can access Active Directory and reset your password for you.

Probably the easiest method for them is to change the password to something simple such as “password”. Then reset the account such that you can logon using your usual user logon account's user logon name and the new one-time (single use) password (e.g. “password” as the password). You will now be presented with the change password dialogue.

Don't worry when you see a notification saying that your password has expired and must be changed. This is the dialogue where you change from the once only “password” password to whatever your new password will be. You will see the standard enter new password and retype new password input boxes.

Note that you will most definitely need to change the password as the machine will not allow you to proceed past the change password dialogue otherwise.

Using another Account

If the above method is not available to you then your next strategy will depend upon how the machine has been setup. If there is another account to which you do know the password then you can use this to log onto the machine. The Guest or Anonymous accounts will do fine if they have not been disabled.

If you can do this then once logged in all you need to do is to use some password cracking software to recovery the lost passwords. I will explain about how to use this type of software shortly.

If you cannot logon to the machine using an account with a known password or the account that you can logon with does not permit you to install and run the password cracking/recovery software on the machine you wish to recover the passwords from then you will need to recover the user accounts password file and copy it to removable storage device (floppy disc, flash drive etc.).

Multi Boot Systems

If you cannot log onto the machine and you have another operating system to which you know a valid logon account then reboot the machine into the other OS. Once the machine has finished booting and your alternative desktop environment becomes available you can browse your machine and locate the Windows user account password file.

This is the SAM file which I mentioned above and it is usually located in the Windows directory (C:windowssystem32driversetclmhosts.sam).

You may find that the drive letters are different since you are in another operating system. Do not worry; just locate the installation of the OS from which you need to recover the passwords and then drill down its directories to locate the above mentioned SAM file.

Once located make a copy of it onto removable media. You can then use the copy to recover the passwords from by using a brute force password cracking tool such as Cain and Abel or LCP. I will explain more about them shortly.

No Accessible Local Machine User Accounts Available

If you cannot logon to the machine using another valid account or alternative operating systems then you will need to boot the machine using a “Live” media. This could be a DOS boot disk or bootable CD-ROM boot disk such as one with Knoppix (a Linux distribution which runs from the CD-ROM) or Windows Mini-PE.

There are also many other utility discs that will do the job. Once the machine has booted using this media you will need to locate the SAM file mentioned above and copy it to removable media.

Knoppix - To use the Knoppix method you will first need to burn a copy of Knoppix (a port of Linux); if you don't already have one. Then insert the Knoppix CD into the machine's optical drive and then boot the machine (press the power button while the CD-ROM is in the drive).

You may need to enter the BIOS and change the boot sequence so that the boot from CD-ROM drive is the first boot option in the boot menu. With this done the machine will boot using the CD-ROM. Knoppix doesn't install anything it runs directly from the CD and loads what it needs into memory (RAM).

Windows Mini-PE - Contains a small pre-installation environment upon which a full Windows installation can be performed. The mini-PE disk also contains a number of tools such as disk partitioning tools, ram drive and password recovery tools.

Guess what? It's the password recovery tools that we want to use. They can be run directly from the disk. However; there are occasions when this is not able to be done. In these cases we will simply use the mini-PE disk to recover the SAM file mentioned above.

Secondary Emergency Hard Drive

It is also possible to install a new blank hard disk and install an operating system on it. You can then use this OS to browse to the SAM file you need to recover the passwords from. Copy it to your new hard disk and run the password cracking/recovery software and wait till the passwords have been recovered.

Note that many network administrators will have just such a hard drive already prepared for occasions like this. In enterprise situations this is a reliable method since the vast majority of workstations will all have the same basic hardware which makes driver incompatibility issues a no show. I use a generic install myself on a 120 GB hard drive for recovery situations like this.

Network Access

It is also possible for a user with network administrator privileges to access the SAM file via the network. However; there are still some situations when this can't be done. For example if the SAM file was created using local users and groups rather than domain network parameters (Active Directory and Group Policy).

Just the Data

If it is just the data that you are after and the user account is expendable then use the secondary hard drive to boot the machine. Once booted you can copy the user data to whatever location you desire.

After validating the integrity of the recovered data you can install a new OS on the machine and it will be back in business. Of course if you have already backed up the data you can simply verify the backup's validity and if all is OK proceed with the new installation.

Locate and Copy Target SAM File

Anyway; once you are in Knoppix, or the machine has booted using whatever option you chose (DOS boot disk, Mini-PE etc) locate the SAM file in the Windows directory which is usually:-

C:windowssystem32driversetclmhosts.sam

With the SAM file located copy it to removable media such as a USB thumb drive, floppy disk, optical media or even a network location. Some people even copy this file to the Internet which I can assure you is a really bad idea from a security perspective.

Password Recovery Software

As mentioned there are a number of password cracking/recovery software applications out there that can do the job.

• Cain and Abel - A long standing very robust and reliable application that comes with a large range of features and capabilities
• LCP - One of the easiest to use
• Other Possibilities Include - John the Ripper, THC Hydra, Brutus, RainbowCrack, Pwdump and many others that have additional features such as packet sniffing capabilities.

For legitimate password recovery procedures such as when you have forgotten or lost the correct password those applications with the additional features are unnecessary since you have legitimate authentic access to your machine; it's just that you can't use the correct authentication credentials. There is no need to perform any packet sniffing etc.

LCP Password Recovery on Target Machine

To recover passwords on the target machine using LCP you will need to:

1. Load LCP and select Import/Import from local computer
2. A list of user accounts and hashes should appear
3. Now select the brute force attack button and select Session/Begin audit
4. Now for the sometimes long wait for the program to find the right password

LCP Password Recovery from SAM File

To recover passwords from the SAM file using another machine simply:

1. Take the SAM file once you have located and copied it to removable media to the machine with LCP installed
2. Now copy the SAM file directly into the LCP directory
3. Start LCP and select Import/Import from SAM file. This will load the hashes.
4. Now you will be able to execute a brute force attack on them to recover your lost or forgotten passwords

Speaking of 20 questions, think of anything in the world, or even out of this world and go to this site. Now pick your language and choose the Classic 20Q button.

This small foe will almost certainly guess whatever item you have thought of in 20 questions. Just answer 20 Q's questions in a normal manner. You're not trying to trick it. You're trying to be absolutely amazed that it can be done. It guessed "Rainbow", "Pluto", and "Space Shuttle" that I thought of. Just to name a few!

Rossco for President! Yup, I'm running for President! You can click on the picture to see my short video. If you're interested in running too, you can have this same video except everywhere you see my name, you'll see your name! After you watch it, click right on the video and take it from there. Very cool and quick and easy to do. You can then send copies to all your friends using e-mail or just keep it for yourself to feed your bloated ego.  Then I can see who I'm going to trample in November!

Weird, Wacky, Wonderful, Website. Very cool interactive site with Haunting music. I wish I could get this as a ringtone! You'll be stuck with it in your head until one of my people come around and install your new mind chip. BUT....Don't just listen and watch! Click all around the guy singing. (Hint: Rest your pointer on his nose while he is singing and check out what happens!)

WoW! Forget surfing the web, someone has found the time to put all the best sites-And I mean ALL the best sites- on one Website!! If you don't bookmark this site as a favorite, well, I don't know what ole' Ma & me are gonna do with you! Very well organized. And in Easter pastels to make you happy if you scratch your computer screen, you can smell the Websites. That's right, a new Scratch ‘n Sniff Web Technology!!!

Well all this talk about Scratch ‘n Sniff has made me hun-ga-ry. Where do you wanna' eat lunch? Oh, I don't know, where do you want to go? Oh, I don't care, where do you want to go? Ad Nauseum... Come checkout Vanna working hard at her night job. And Spin That Wheel !! That's right, through modern technology; let your one eyed computer decide where to eat! When you arrive at the site, type in your zip code and hit GO to Spin the wheel. The wheel will load up with restaurants in your zip code. (And you can change your search term many different ways.) Try "bars" "burgers" "boogers" "steaks" "lunch" "Susie's" etc...Have Fun and don't forget to tip your server!!!!

The term “cyber espionage” was first coined by the Department of Defense to characterize methods used by opposing countries such as China and Russia to breach its top secret networks for the purpose of stealing U.S. military or government secrets. However, due to recent evidence regarding the emergence of a number of breaches at U.S. research labs and targeted phishing campaigns against corporations located in the U.S. and abroad, cyber espionage is breaking new ground at an alarming pace.

Today, economic gain appears to be the number one motivating factor for new and seasoned cyber criminals, followed by companies seeking to gain a competitive advantage, and a variety of amateur hackers targeting large companies looking to establish a reputation and bragging rights. According to PricewaterhouseCoopers, corporate espionage costs the world’s 1,000 largest companies in excess of $45 billion every year and the SANS Institute ranks cyber espionage number 3 on it’s “Top Ten Cyber Menaces for 2008”. If fifty percent of corporate espionage was indeed perfected by utilizing covert electronic techniques for stealing information, that would yield a $22.5 billion a year market for cyber espionage, based on PricewaterhouseCoopers estimates. During an economic recession, it would be very hard to find someone who would not want a piece of this market; especially if they could be convinced that their electronic criminal activities could not be traced.

In addition to financial gain, a new wave of cyber espionage is being launched by disgruntled employees who attempt to leverage the confidential data they obtained through network looting as a bargaining chip or for vindication against their own company or co-workers. Ironically, companies that have been victimized by cyber espionage are usually the ones with more than adequate resources and expertise to protect against the attacks.

In 2000, hackers broke into Microsoft’s systems and accessed Windows and Office source code. They had access to the source code for approximately three months before being discovered.

In 2001, Fortune magazine reported that Proctor and Gamble had been involved in illegal corporate espionage against its archrival Unilever. The article alleged agents appointed by P&G misrepresented themselves as market researchers and used other electronic methods to collect information about Unilever.

In 2006, the UK extradited two hackers to Israel because they developed and sold spyware that was used to spy on rival companies in Israel. Several private investigation companies in Israel sent e-mails with Trojan horse viruses that were designed to evade anti-virus applications.

In 2007, members of AirTran Airways’ executive management team in Orlando, Florida were targeted by phishing e-mails that sought to trick them into divulging confidential corporate information and placed bot-like malware on their computers to capture sensitive information.

The details of these cases were made public most likely due to regulatory reporting requirements; however, there are hundreds of cyber espionage incidents that are not publicized, even though regulatory requirements for reporting these types of incidents exist for the majority of companies affected. Publicly traded companies and companies operating in the healthcare, financial, and government contracting sectors all have regulatory reporting requirements as it pertains to information security incidents. However, most companies don’t report cyber security incidents for fear of damaging their reputation and potential revenue loss. Some companies report information security incidents as required, but not until well after the incidents have been mitigated and prevention measures have been implemented.

In most cases, if companies were to adopt an “an ounce of prevention, beats a pound of cure” philosophy regarding cyber security, rather than an “if it isn’t broke, don’t fix it” philosophy, the risk of cyber espionage could be reduced significantly. Unfortunately, most companies’ approach to cyber security is reactionary, which can prove to be detrimental to their reputation and bottom-line when a breach occurs. Additionally, since cyber espionage often goes undetected, it is usually too late to effectively mitigate the breach before significant loss when it is actually detected.

Just as other crimes seeking financial gain tend to escalate during economic recessions, it is very logical to assume cyber espionage is among these crimes. However, pouring money into the latest security solutions without a defined strategy will simply lead to more widgets eventually being left on the shelf collecting dust.  To make sure your company is prepared to defend against targeted cyber espionage, I recommend the following strategies:

Increase the Information Security Organization’s Visibility

Most companies make the mistake of burying their information security organization under their information technology organization, which often limits the scope of information security to technological solutions only. Not to mention the intradepartmental political screening in an effort to conceal the vulnerabilities caused by IT solutions from executive management. To achieve optimal effect, the information security organization must be strategically aligned with Legal, Risk Management, Human Resources, Regulatory, and executive management. Depending on the corporate culture, industry, and or the degree in which executive management values or understands the mission of information security, attaining appropriate visibility for the information security organization may be very challenging. Regardless of the challenge, information security leaders must strive to attain this goal because visibility can be an effective deterrent.

Implement a Best Fit Information Security Program 

Reliance on point solutions to protect your company’s information assets is an ineffective strategy with little to no return on investment. To become more effective in protecting the corporate environment from cyber espionage, information security leaders must take a holistic approach to information security by implementing a corporate-wide information security program to encompass all personnel, processes, and technology. Using security best practices as defined with the ISO 27001 certification process, information security leaders can use this as a framework for implementing a best fit information security program for their company.  An effective information security program should include components such as a security policy, training and awareness program, asset management strategy, compliance, personnel and physical security, access control, application/systems development, change management, business continuity strategy, governance, and the most important component, buy-in from executive management and or the board of directors.

Layered Security Approach 

The days of just relying on firewalls to protect enterprise perimeter networks and information assets are long gone; firewall manufacturers realized this years ago when they began integrating intrusion detection and prevention functionality in their products.  Although, the added firewall functionality is a significant improvement, it doesn’t address virus and malware on mobile devices, data leakage and compliance issues, role-based and need-to-know access control, or security vulnerabilities that exist on converged networks such as data, voice, and video. Information security leaders can better minimize the risk of cyber espionage by implementing technologies that will provide protection, monitoring, and enforcement at the perimeter as well as within the defined security zones behind the perimeter such as at the desktop/laptop and data centers.

Technologies to consider for a layered approach are enterprise-class anti-virus and malware solutions for the desktop, email filtering solutions, web filtering solutions with dynamic URL verification and filtering, security information management systems with intrusion prevention and robust notification capabilities, data leakage protection solutions, and firewall technology for the perimeter network protection and laptop protection.

Other Articles:

Will Americans Elect a Lo-Tech or Hi-Tech President?