Cyber Security, Cyber Space, Domain Services

Net4 India Domains – Bulk Transfer Initiated by ICANN

In the matter of Net4 India, ICANN today announced that it has invoked De-Accredited Registrar Transition Procedure (DARTP) to enable the successful transition of domain names currently registered with Net 4 India Limited.

What This Means:

  • ICANN will now identify and select the gaining registrar(s) as quickly as possible
  • The gaining registrar(s) will be responsible for support to the domain registrants having their domains with Net4 India, with renewals & transfer of their domains
  • ICANN will identify the gaining registrar(s) and list them on the Bulk Transfers page within the next two weeks
  • Domains currently with Net4 India will be transferred to the gaining registrar
  • After the transfer of domains is completed, the new registrar(s) will contact domain registrants with information on access & management of the domains (This means the domain owner may get their new control panel credentials)
  • There is no cost to registrants for the bulk transfer
  • Domain owner will not need to get Auth Code for domain transfer to another registrar

Exceptions to Bulk Transfer Process

  • Domain Names registered with other Registrars whom Net4 India was working as a Reseller to, will not be transferred under this Bulk Transfer Process
  • Country code top-level domains (ccTLDs) like the domains ending with .IN or .CO will not be subject to the bulk transfer

Net4 India was working as Reseller to various other Registrars i.e. Hosting Concepts (Openprovider), eNom, Name.com, Network Solutions, Namesilo.com and a few others too. Net4 India had registered and after its bankruptcy it transferred thousands of domains to other registrars, without the knowledge and consent from the Domain Registrants (Owners). Moreover, Net4 India also tampered with the Registrant Whois Information i.e. Registrant Name, Registrant Organisation & Registrant Email were changed and privacy protected. So the domain owners would not be able to authenticate and claim their domain ownership, hence would have difficulty in getting their domains.

Will The Domains Function Smoothly During This Time?

The domains currently using Net4 India Name Servers as below, may not function correctly. As Net4 India the bankrupt and fraud registrar, may continue to play mischievous and wreck havoc upon the domains by switching off, disconnecting and disrupting name server operations.
Net4 Name Servers:

  • ns1.net4india.com
  • ns2.net4india.com
  • ns1.webpresenceworld.com
  • ns2.webpresenceworld.com

Next 2 weeks may be really more horrific and this catastrophe would be no less than ‘Cyber Terrorism’.

There is lot more about this fraud which I shall publish in the coming days, once this catastrophe is over. Currently I am occupied as my priority and focus is on recovering domains for my customers.

Should you need support on your Domains with Net4 India, please provide us the relevant information. We first need to inspect your domain and to verify your domain ownership. Please send Authorisation:

Cyber Security, Cyber Space, Internet & Information Technology

Net4 India Breach of Privacy, used Google Analytics to Deny Auth Code

Urgent Notification

Net4 India Domains – Bulk Transfer Initiated by ICANN

In the matter of Net4 India, ICANN today announced that it has invoked De-Accredited Registrar Transition Procedure (DARTP) to enable the successful transition of domain names currently registered with Net 4 India Limited.

Should you need support on your Domains with Net4 India, please provide us the relevant information. We first need to inspect your domain and to verify your domain ownership. Please send Authorisation:

Net4 India was tracking customers’ activities in Control Panel

Net4 India website used Google Analytics code which was programmed for ‘Targeted Tracking’ of the customers, specifically using CRN ID. Thus persons behind Net4 India, were observing each of the customers Control Panel activities. So, the moment a customer would click ‘Retrieve Auth Code’ button, and an email containing the link to get Auth Code would be generated, someone at Net4 would intercept that email and capture it.

If by any chance they fail to intercept that email and SMTP server sent out the email for delivery to the Registrant Email, they would have another opportunity. When the domain owner upon receipt of Auth Code Request Confirmation email, would follow the link and click ‘I Agree…’ and next email containing Auth Code would be generated. The suspects behind Net4 would again get 2nd opportunity to intercept and capture the email.

It is also important to note that Net4 India never implemented ‘TLS Security’ purposefully, so it could filter, track, intercept and capture such emails having specific phrases and domain name in the subject line.


We recorded such incidents, as the Google Analytics Code screenshot below:

For Information Technology professionals, its apparent from the code above that Net4 India was using, purposefully to monitor customer’s activities in Control Panel and for purposeful denial of Auth Code delivery to the Domain Registrant. Even those who have no technical knowledge, can easily observe the highlighted lines:

  • Line 1575 comment as ‘Google CRNID Tracker Code’
  • Line 1577 contains customUserId & CRN 000391343

This clearly means Net4 India, was in ‘Breach of Privacy’ by using ‘Google Analytics’ code inside ‘Control Panel’.

Should Websites use Google Analytics inside Control Panel or Account Area?

  • Should any website have the right to use ‘Google Analytics’ code inside a user’s Control Panel or personalised profile or Account area?
  • Should ICANN make amendment in Registrar Accreditation Agreement for the restriction of using Google Analytics or any other tracking tools?
  • What if a Banking or Wallet Payment website or a Marketplace misuses Google Analytic tool or any other Tracking Code and intercepts an OTP which was to be delivered to the user?
  • Is such an act not a ‘Breach of Privacy’ & should it not be in violation of ‘Usage Terms’ of the Tracking Tool’s provider?

Internet & Information Technology

How To Transfer Domain from Net4 India After ICANN Terminated Net4 Accreditation

Urgent Notification

Net4 India Domains – Bulk Transfer Initiated by ICANN

In the matter of Net4 India, ICANN today announced that it has invoked De-Accredited Registrar Transition Procedure (DARTP) to enable the successful transition of domain names currently registered with Net 4 India Limited.

Should you need support on your Domains with Net4 India, please provide us the relevant information. We first need to inspect your domain and to verify your domain ownership. Please send Authorisation:

ICANN will choose a Sponsoring Registrar and ‘Bulk Transfer’ the domains which are currently with Net4 India. You do not have to get Auth Code for Domain Transfer from Net4 India. ICANN will its ‘De-Accredited Registrar Transition Procedure’ and transfer the domains to another registrar. Domain Registrants (Owners) would receive a notice on how to manage their domain with the gaining Registrar (New Registrar). If you do not receive a notice, you can contact the gaining registrar or contact us if you need technical assistance.

Important: You should take immediate action if:

  • Net4 India has not already transferred your domain in its Reseller Account with some other registrar. You should Check Whois Information to find current registrar of your domain
  • Your Registrant Email is inactive or you have lost access to it
  • You didn’t receive email notice regarding your domain transfer
  • Your Domain has already expired or suspended or you have lost it

Contact Us if you require Technical Assistance

How to transfer domain to registrar of your choice?

There will be a Transfer Lock for 60 days as per ICANN’s Inter-Registrar Transfer Policy. After this 60 days period, you can transfer domain to another registrar of your choice. In case your domain expired or is expiring during this 60 dyas period, you will need to renew your domain for 1 year

Will your Email Services & Website be affected?

Your Website & Email Services may be affected in case:

  • You are using Net4 India name servers
  • Your Email Services are at Net4 India and it may fail anytime or Net4 India may close its operations

Should you require Technical Assistance on setting up best & reliable Email Services, please Contact Us

Domain Services, Hosting & Email Services, Internet & Information Technology

Net4 India – ICANN Terminated Accreditation – What It Means? Must Read

Important Notice – 14th April 2021
We are unable to answer all calls. We request you to fill Authorisation Form using this link
https://zfrmz.in/5UBhiaoreuGJCNYG9eqm
Net4 India has deliberately shut down its Name Servers, so emails and websites of all customers have become in-operational.

We have no association or dealing with Net4 India or its employees, directly or indirectly

Domain Owners must read complete article. ICANN has terminated Net4 India Registrar Accreditation Agreement (RAA). Net4 India failed on compliance and continued to breach various terms of the Registrar Accreditation Agreement. The termination shall become effective 13th March 2021

Download copy of ICANN’s termination notice

Section 2. (b) on page 4 of this termination notice has a mention of 5 domain names deesan.com, arhydraulicfittings.com, slkbima.com, arion.asia and capitalleague.biz all of which were our cases and have been resolved long back. (see pic below)

Caution: Net4 India still has 2 weeks’ time and it may secure ‘Stay Order’ from courts against ICANN’s Termination of Net4 India Accreditation and soon begin mass transfer of domains to Openprovider or other registrars for which it is operating as Reseller. I had already written a post – Net4India Transferring Domains to OpenProvider UnAuthorisedly & Deceitfully, without Registrants Knowledge .

So we recommend that you regularly check the whois status of your domain. Look for the Domain Registrar in the whois output. In case your domain registrar is other than Net4 India Limited, you should take immediate action. You may Contact Us for any assistance.

How To Transfer Domain from Net4 India After ICANN Terminated Net4 Accreditation

I will soon publish observations & findings of the cases I worked upon. I resolved nearly 300 domain cases and have lots of information and evidences that point towards various fraudulent practices of Net4 India.

Net4 India Episode – Webinar on Cyber Security

Domain Owners, Techincal Experts, Resellers, Cyber Security Experts and Authorities all should learn their lessons from Net4 India case and safety issues of Indian Cyber Space. We are soon organising a webinar upon the subject. This will be a thought provoking dialog among all concerned. There will be limited seats available on First Come First Serve basis. This will be a paid webinar involving 2 or 3 sessions of 40 minutes each. Dates and charges will be announced very soon. Interested participants Click to Register for Webinar Net4 India Episode – Lessons of Cyber Security

https://zfrmz.in/4xIEpy3KTtrGVSsistOU

Domain Services, Internet & Information Technology

Net4India Transferring Domains to OpenProvider UnAuthorisedly & Deceitfully, without Registrants Knowledge

Important Notice – 14th April 2021
We are unable to answer all calls. We request you to fill Authorisation Form using this link
https://zfrmz.in/5UBhiaoreuGJCNYG9eqm
Net4 India has deliberately shut down its Name Servers, so emails and websites of all customers have become in-operational.

We have no association or dealing with Net4 India or its employees, directly or indirectly

A few days agao, various media websites published the news that NIXI permits Net4India domain name customers to transfer to other Registrars. But in reality this was just a damage control exercise. The domains owners were still not issued auth code, hence unable to transfer their domain from Net4 India to GoDaddy or Bigrock or any other registrar of their choice. Instead, Net4India has started transferring domains to another Registrar Openprovider, unauthorisedly & deceitfully; without bringing it to the knowledge & taking consent of the Domain Registrant (Domain Owner).

Why should Domain Owners be concerned?

So what is the harm in transferring domain from Net4 India to Openprovider? When the domain registrants just want to transfer out their domain from Net4, how does it matter whether domain is transferred to GoDaddy or Bigrock or even Openprovider?

  1. Domain Transfer without Registrant’s Knowledge & Consent

The first objectionable reason is: The domain transferred to another registrar without bringing it to the knowledge and seeking consent from the domain owner (Domain Registrant). You would be always believing that our domain is with Net4. Suppose you have an emergency issue and you need to change Nameservers or update Whoise Data, you approach Net4 which is not even responding, what will you do? You don’t even know where your domain is registered with. Only a technical person can find out that the domain is no more with Net4 India but Openprovider

Now when you approach Openprovider only to get the reply:
“You never registered or transferred your domain with Openprovider so it is not responsible for any support. Net4 is our reseller and you should contact them at these numbers. But nobody answers your calls on those numbers”

Now what would you do?

  1. No Control Panel Access

After transferring your domain silently, without even notifying domain registrant, Net4 didn’t provide with access to the Openprovider account and control panel. So now the domain owner left with Net4 Control Panel credentials, where the owner still can see the domain believing oh yes this is my domain (with notification ‘A renewal request is in ‘in-progress’ for this domain’ under process notification appearing in red and an auth code is already in process). But the domain owner has been cheated because this is actually dummy copy of the domain which you can just play with.

  1. Domain Whois Information Privacy Protected

Not only this, Net4 also privacy protected the domain whois informaiton while transferring your domain to Openprovider. Now when you are left with no access to your domain, and you query a whois server only to find out that the domain whois information has been privacy protected. This means you don’t even know who is the Registrant of your domain, who is Administrative, Technical or Billing Contact. It could also be possible that someone else now own your domain while you are sleeping peacefully every night, believing that you own a domain and an online store or business running on it. One day you wake up and find that someone else is occupying your domain and running that online business you once owned.

I have written this post as quick update, since I am occupied with many cases. Please do check back soon for updates on this post again and more posts as well. In case you any domains with Net4 and need my assistance, please let me know.

Domain Services, Hosting & Email Services, Internet & Information Technology

Still Have Problem with Domain from Net4India or Email Not Working? Contact Us

Urgent Notification

Net4 India Domains – Bulk Transfer Initiated by ICANN

In the matter of Net4 India, ICANN today announced that it has invoked De-Accredited Registrar Transition Procedure (DARTP) to enable the successful transition of domain names currently registered with Net 4 India Limited.

Should you need support on your Domains with Net4 India, please provide us the relevant information. We first need to inspect your domain and to verify your domain ownership. Please send Authorisation:

I have resolved many cases of Domain Renewal & Transfer successfully. I am still receiving many cases. First things first, if you have any of the following issues:

  • Your domain is expired and renewal not done
  • Your domain expiring in next 30 days
  • You have Email Service or Name Server with Net4India

If your domain with Net4 India expiring after 30 days or in 2021

NIXI permits Net4India domain name customers to transfer to other Registrars This news was released and doing rounds on media websites. So, are you receiving Auth Codes for your Domains with Net4India?

The real problem is something else. Major companies would get their domain renewal auth code and transfer issues resolved quickly. Why? Because NIXI or ICANN would require to establish the domain ownership before releasing auth code and allowing domain transfer. Major companies domain whois information is mostly accurate so their wouldn’t be much issue. SMB companies and domain owners who don’t even know what domain whois information is, would face problems in getting their domain issues resolved. Most domain owners do not even know who the real Registered Name Holder or Domain Registrant is. NIXI would only provide Auth Code to the Registrant Email in the records i.e. Registry Whois Data.

I have seen many cases where some technical person or website developer or Net4India representative registered the domain for you and filled his information like Name, Company Name, Email Address, Postal Address, Phone etc. In some cases the domain whois contacts i.e. Registrant, Admin, Technical & Billing Contacts (also called RABT by Net4) had associated email address which was inactive. This means you will never get Auth Code delivered to you by email because your Registrant Contact’s Email Address is not active.

In some cases, the Person Name & Company Name, in Registrant Contact record does not belong to the domain owner. This means you will not get Auth Code because your Domain ownership is not established. You will need to prove that you are the real owner of your domain. Otherwise, even NIXI will not provide you the Auth Code for your domain and without Auth Code you will not be able to Transfer Domain to another Registrar like GoDaddy or Bigrock. Then what should you do?

Get Your Domain Inspected Without Delay

Although the Whois records for domains registered with Net4India cannot be updated now, because Net4 has such long standing practice of intercepting Whois Update requests. Net4 India did not even send Reminder to verify the accuracy of Whois data as per WDRP Policy.

What you should do now

Login to your Net4 Control Panel and follow these steps:

  1. Go to My Services > Domains
  2. Click on The Domain
  3. Click RABT and make sure the Registrant Contact Information, most importantly Email Address is correct. Although contact information for Registrant, Administrative, Billing & Technical must be all accurate

What if your domain’s Registrant Contact email address is not correct?

In case your domain’s Registrant Contact email address is not correct or inactive or you have no access, you may not get auth code for your domain or it may be even suspended or cancelled or may be auctioned to someone else. Because your domain ownership will be established based on the information available in the Whois contacts especially the Registrant Contact. NIXI or ICANN, will not provide you Auth Code and ask for additional information and necessary evidences & documents to establish your domain ownership. So this will be a long process and your domains may be at risk of being suspended or loose out to someone else.

So take immediate steps to safeguard your domain

Should you need support on your Domains with Net4 India, please provide us the relevant information. We first need to inspect your domain and to verify your domain ownership. Please send Authorisation:

Net4 India
Internet & Information Technology

Net4India: How to get Auth Code for Domain Transfer – Domain Whois Contacts Critical

Urgent Notification

Net4 India Domains – Bulk Transfer Initiated by ICANN

In the matter of Net4 India, ICANN today announced that it has invoked De-Accredited Registrar Transition Procedure (DARTP) to enable the successful transition of domain names currently registered with Net 4 India Limited.

Should you need support on your Domains with Net4 India, please provide us the relevant information. We first need to inspect your domain and to verify your domain ownership. Please send Authorisation:

How to get Domain Auth Code & Transfer the domain from Net4India:

ICANN Terminated Net4 India Accreditation – Must Read

ICANN has terminated Net4 India Accreditation which will be effective 13th March 2021. What it means for Domain Registrants (Website Owners)?
ICANN will bulk transfer the domains currently with Net4 India, to the new sponsoring Registrar. But you may still need help in case Net4 India has already transferred your domain unauthorisedly to some other registrar. You should check whois record of your domain.

Most Domain Registrars display the Auth Code right on-screen immediately when you click corresponding Generate / Retrieve button. But Net4India is very tricky on this. Net4 control panel does not display Auth Code when you click Retrieve button, rather Net4India is very tricky in denial of Auth Code and Transferring Domain out. Here are the tricky steps of Net4 India:

  1. Net4India sends an email to the Registrant Contact’s Email in the Whois Record when you click Retrieve button
  2. Even that email does not contain the Auth Code. The email contains a link asking for confirmation whether you really want to generate Auth Code
  3. Then again on a webpage after clicking “I Agree” another email containing Auth Code is sent to Email of Registrant Contact

Remember: Auth Code is Emailed to Registrant Contact

But yet there is lot more into it. Net4India is very tricky, mischievous & vicious. When you update domain whois information from Net4 Control Panel, it is not directly updated in the registry database but actually taken as a request for further process. Net4India does not execute requests for update Whois information or Auth Code. Because there is no proof that you even submitted any such request. So this is how you are unable to update your domain Whois Contact and to get Auth Code for Domain Transfer. Ultimately your domain expires, your crucial websites & emails stop functioning. Then after the grace period is over, Net4India demands a penalty of ₹7000 or even higher for delayed renewal. In many cases the Domain Owners have even lost their domain

Domain Whois Information – You must know

You will be unable to get Auth Code (also called EPP Code or Transfer Secret) if your Domain Whois Contact information is not accurate, and without Auth Code you cannot get your Domain Transfer out to another Registrar. Most Domain Registrants (Domain Owners) do not even know what the Domain Whois Contacts are. Whether you have a Domain registered with Net4 India, or GoDaddy or Bigrock or any other Registrar, you must know and ensure your Domain Whois Information is accurate and check it regularly.

Whois Contacts: Registrant, Adminstrative…

Every Domain has 4 contacts associated with it, called Registrant, Administrative, Technical Billing contacts. As is apparent by the names, these contacts have relevant purposes. Each of these contacts may belong to a single person i.e the Domain Owner. All these contacts have contact information of the person i.e. Name, Email, Address, Phone, Fax etc.

Whois Contacts

Registrant Whois Contact – Key of Domain

As we discussed above, Net4India sends the email containing the link to generate Auth Code, to the Registrant Contact. So in case the email address of Registrant Contact is inactive, discontinued, or does not belong to the Domain Owner, or you have lost control over it, you will not receive that email.

So you need to ensure your domain whois information is accurate and update the Registrant Contact’s Email Address. Of Course all the contact detail of other 3 contacts Administrative, Billing & Technical Contact as well.

Net 4 India is even more tricky

Now as we all know, Net4 India is not responding to customers. They are only taking payments, but taking no action on Renewal, Auth Code requests, Transfer or Whois Update requests. Even suppose your whois information is updated. You cannot get Auth Code. Why?

Because due to incorrect Registrant Contact Email, the link to generate Auth Code, sent in the previous email which was not delivered , has not expired. Now if you click Retrieve button again, you see a message Auth Code request is already in process. Which infinitely long process has it got engaged into?

This means some technical persons working at Net4 India, should clear that restriction so an email containing the link can be sent again. So this is a deadlock situation. Your domain may get in jeopardised condition, because…
Net4India does not answer Phones & Emails

Resolution: How to Get Domain Transferred

We can help you to Transfer your Domain to another Registrar. I want to clarify here that:

  • I have no association or dealing with Net4 India or any other company or person
  • I do not hack into any systems to recover Auth Code for the Domain
  • I am Cyber Security Expert and we our methods & security principles
  • We have our own approach to resolve the cases
  • We work in completely legitimate manner and follow the legal framework
  • I have resolved nearly 300 domain cases and no matter was taken to court so far
  • I have 10 cases pending where Cyber Crime Division have failed on action; But we will resolve those cases too

Domain Registrants (Website Owners) who are not aware about ICANN’s Termination of Net4 India Registrar Accreditation should read the below article:

Should you need our help & Technical Services

Should you need support on your Domains with Net4 India, please provide us the relevant information. We first need to inspect your domain and to verify your domain ownership. Please send Authorisation:

Please subscribe this blog. Many more crucial & helpful articles & videos upon this ‘Cyber Space Catastrophe’ will be published soon.

Net4 India
Domain Services, Hosting & Email Services

Net4India Domain Transfer Renewal Auth Code – We Help You on Net4 Problems

Urgent Notification

Net4 India Domains – Bulk Transfer Initiated by ICANN

In the matter of Net4 India, ICANN today announced that it has invoked De-Accredited Registrar Transition Procedure (DARTP) to enable the successful transition of domain names currently registered with Net 4 India Limited.

Should you need support on your Domains with Net4 India, please provide us the relevant information. We first need to inspect your domain and to verify your domain ownership. Please send Authorisation:

Do you have a domain registered with Net4 India?

Rest Assured! Your domain can be safe & will be safe. I shall be committed to ensure smooth operations and safety of your valuable domains. I am equally concerned for Your domains, a valuable Business Identity. Many customers of Net4 India have complaints their phone calls to helpline were not answering, no response to emails, domains not renewed even after making payment. Many domain registrants were not getting Auth Code so unable to transfer domains to other registrar i.e. GoDaddy or Bigrock.

You must take immediate steps, if:

  • Your domain has expired or expiring within next 30 days
  • You have email services on Net4
  • Your Domain using Net4’s Name Server
  • You paid for domain renewal but domain was not renewed
  • You requested for Auth Code to transfer domain but did not get auth code
  • Your emails or website has stop functioning

You should not be in hurry to transfer domain if:

  • Your domain not expiring this year 2020
  • You have Email Services or website hosting not on Net4
  • You paid for renewal but renewal not done or renewed for lesser period
  • You have control over Domain Whois contacts & Net4 control Panel

You must get Domain Inspection (Security Audit) done immediately

Carefully read this paragraph:

Even if you have control over Whois Contacts & Domain Management Control Panel, you should get Security Audit done for your Domain. Many Domain owners (Registrants) do not even know about Domain Whois Contacts. Inaccurate / Inappropriate Whois information have serious repercussions on your domain. So whether you have your domain with Net4, GoDaddy, Bigrock or any Registrar, or even if you ‘Believe’ that the Whois Contacts of your domains have correct information,

You must get Domain Inspection (Security Audit) done immediately

More Detail:

Your domain is held by Registry & its Governing Body, not by Net4 the Registrar who registered your domain. So who is the Registry or its Governing Body? For .COM, .NET, .BIZ, .ORG type domains, the governing body is ICANN
For .IN, .CO.IN, .NET.IN, .EDU.IN etc. the Registry & Governing Body is NIXI (National Internet Exchange of India)
Your domain will be safe, provided it is not expired long back e.g. more than 60 days ago

Note: Even if your domain is expired or in grace or redemption period or even if it has been deleted it can be recovered following the procedures (with certain exceptions). You should take wise decision and in time.

I shall be writing many more helpful articles with critical information about the Domain Registration / Renewal / Transfer / Management issues. Please subscribe this blog.

About Me:

I am a Cyber Security Expert, I have resolved 400+ domain cases. We provide Techincal & Legal assistance to the domain owners in obtaining their ownership control & operational support. Our services are paid and the charges are assessed after ‘Domain Inspection’.

You must get Domain Inspection (Security Audit) done immediately

National

26/11 Mumbai Terror Attack Could Have Been Averted

26/11 Mumbai Terror Attack Could Have Been Averted

What I had kept a secret for almost a year, I feel should be disclosed and be made known to the people of India. For, the concerned authorities, the corrupt politicians & the worst kind of governance seems not at all bothered about the security & growth of The Nation.

26/11 Mumbai Terror attack could have been averted. I had provided some feedback on the basis of my own fact findings almost 2 months prior to it i.e. in the mid of Sep. 2008.

26/11 Mumbai Terror Attack – Shocking Disclosure

National

26/11 Mumbai Terror Attack – Shocking Disclosure

September 18, 2008
Ref: [HIDDEN]

To
[HIDDEN]

Respected Sir,

I humbly request for your kind attention with reference to the email and the attached document I had sent on July 29 and was assigned the reference number 1669/E-mail dated 30/07/2008.

I am only a common citizen but being an experienced IT professional and having a good command over network security, I take it as my duty to submit my suggestions for the attention of concerned authorities. Though I assume there are highly experts constantly on duty at the intelligence and various other departments, yet I feel some of my humble suggestions may prove to be useful in intelligence and combating terrorism.

The terror group involved in the recent blasts had been sending emails by exploiting Wi-Fi connections of others. They have been able to do so because of the negligence by ISPs and ignorance of internet users.

Un-Protected ADSL & Wi-Fi Modems
Almost all ISPs (including AirTel, MTNL & BSNL) provide the ADSL Modem to the users with security configured as the factory settings. All such modems are supplied with a common username and password i.e. Username – admin, Password – admin or Username – admin, Password – password etc. This poses a serious threat not only to the security of the subscriber’s private network but to the national security as well which is indeed of great concern.

An article published on security of Wi-Fi, in HT on page 3 dated Sep 18, is a good initiative though, it is not complete and sufficient. It is not practical and feasible for a user to keep a watch over un-authorised usage. It does not make any difference whether a connection is configured as “On demand” or “Always On”. In fact, even if the connection is set to “On Demand” then, in case the user connects in the morning and stays connected for the whole day, cracker may gain un-authorised access by detecting the IP address and the default login for router control panel.

A skilled IT professional can easily crack and exploit the entire network of an internet subscriber if one manages to find an un-protected ADSL modem

Security Policy
Windows default installation is not at all secured. Common Anti-Virus software and firewalls are not fully reliable solutions. Highly secured firewall systems are only used by large corporate offices and networks. Small offices and home users must take support from a well qualified service engineers. IPSec Policy, Group Policy, User Level & File Level security must be put in effect

Tracking emails
1. Before an email is received by anyone, it is sent by someone and usually there is an interval of around 15 minutes between the time of sending and receiving.
2. Before an email is sent, an account is created on the website of a free email service provider i.e. Yahoo. Again, there is usually an interval of around 5-15 minutes between the time when these two actions are carried out
3. This time can be crucial in tracking the origin of emails if prior information could be received in time from the email service provider i.e. Yahoo, the moment when an account is created
4. The terrorist is unlikely to use the email account for second time. Once an email is sent, they will never logon to that account again.
5. In addition, there is also every possibility that they regularly create new email accounts for their internal communications too.
6. It is estimated that the number of new email accounts which are created by general public from a particular major city, in a single day, may not be above 1000. That means we need to screen 1000 email accounts in 24 hours (1440) minutes which is not a difficult task provided we obtain account information from Yahoo, Gmail, MSN etc in time
7. If we screen every such new email accounts properly, it may help us in tracking suspicious email accounts and its origin
8. So, it is very important to obtain prior information on email accounts instantly when an account is created. ISPs’ assistance in tracking access to the “Sign Up” page of Yahoo website which means, information would be available even before an account is created

Points to Ponder
Since, these serial blasts are carried out in a series, by a specific group Indian Mujahiddeen, modus operandi being the same, there are some important points
1. During the first serial blast, the terror group sent an email prior to the first bomb went off
2. In the second case, the email was sent a little later
3. In the 3rd case the email was sent even later
4. If they succeed in carrying out another blast, email will be sent even later
5. Is it so that the terror group is assessing the time what a state police and bomb disposal squad takes in detection and diffusion of the bombs?
6. Is it a part of an exercise by the terrorists by which they are preparing to successfully fleeing the city after planting the bombs within the given time, before the cops and bomb disposal squad comes in action?
7. Is it their plan to carry out a massive high intensity blasts after these low intensity blasts so far?
8. Isn’t the terror group misleading our intelligence by marking the bombs with a number? They might be convincing us to trust their numbering patterns so they could plant more bombs than we believe. The terrorists may also mark the bombs with common numbers
9. The next targeted time would be close to the festivals

They have declared that Mumbai is their next target. I suspect that this time it might be their plan to carry out a massive terror attack at the economy hub of the country which is already fighting high inflation and heading the next parliamentary election. It is also to be noticed that the attacks are carried out since India signed up nuclear pacts and strengthened its relations with US.

Alert notifications for general public
The slogans like “Look beneath your seat” and “An un-occupied article could be a bomb” should be made more elaborate, for the following reasons:

•         In a crowded bus or train where the travelers can’t even look beyond the legs of the fellow passengers, it is not feasible for the passengers to look below their own seats
•         It would be more convenient for the passengers to keep a watch below others’ seats
•         Passengers must keep vigil on the number of articles others boarding or de-boarding the train / bus. People need to ensure that a passenger disembarks with all the articles he / she owns
•         An un-occupied article is never labeled as “Un-Occupied” so people in a crowded place will hardly notice such article.
•         It may be a good idea if travelers are asked to stick a photocopy of the owners photograph / ID proof, on the article or over its packaging. Such a photocopy will cost only Re 1/- per article and it would be easier for the policemen checking the articles.

Sincerely
Ashok Khurana
——————————————————————————————————————————————————————–
 
Please notice the following paragraph highlighted in red, which has been mentioned in above message:

They have declared that Mumbai is their next target. I suspect that this time it might be their plan to carry out a massive terror attack at the economy hub of the country which is already fighting high inflation and heading the next parliamentary election. It is also to be noticed that the attacks are carried out since India signed up nuclear pacts and strengthened its relations with US.

It happened the same as was already suspected. The above feedback was sent on September 18th 2008, 2 months before the attack.

Uncategorized

How to curb harassment by private banks

How to curb harassment by private banks

Almost all of us have been a victim of the private banks and harassed by them. Whether you hold an account or a credit card or have taken a loan, you had complaints. You must know that these banks are harboured by the authorities and ministers. These folks have been bribing them rather we should say “The authorities are fed on the pieces thrown by these bankers”.

This is why the general public has been suffering of high inflation and worsening economic conditions.

Here is the way out to curb these cheaters. Simply follow these steps:

1. IF YOU ARE HOLDING AN ACCOUNT WITH A PRIVATE BANK, CLOSE IT AND OPEN YOUR ACCOUNT WITH A NATIONALISED BANK
2. If you are in a job, DO NOT ACCEPT YOUR SALARY THROUGH CHEQUES OF THESE PRIVATE BANKS, SPECIALLY ICICI BANK
3. If you are into business, DO NOT ACCEPT PAYMENT FROM YOUR CUSTOMERS, THROUGH CHEQUES OF THESE PRIVATE BANKS, SPECIALLY ICICI BANK
4. STOP USING ATMs OF PRIVATE BANKS OR ELSE YOU MAY RECEIVE EITHER FAKE NOTES OR RS.100 NOTES INSTEAD OF RS.1000 NOTES
5. IF YOU HAVE INVESTED IN THEIR STOCKS, SELL YOUR SHARES AS EARLY AS POSSIBLE
6. IF YOU ARE A CREDIT CARD HOLDER, GET IT CANCELLED AT THE EARLIEST
7. IF YOU HAVE TAKEN A LOAN, EITHER RE-IMBURSE IT OR GET IT TRANSFERRED TO A NATIONALISED BANK
8. IF YOU ARE EMPLOYED WITH A PRIVATE BANK, START LOOKING FOR A JOB OR ELSE YOU MAY SOON BECOME JOBLESS
9. Trust banking with the Nationalised Bank’s only. Even if their is service is not very prompt and advanced, give them business opportunities and very soon they shall improve.

IF YOU DON’T TRUST THE ABOVE RECOMMENDATIONS, YOU MAY HAVE TO REGRET…

Come on India! Wake Up and act wisely!
Kindly do not advise me to go to the consumer courts or judicial authorities. Even though there are some honest and dutiful people, our system makes them THE SLAVES OF LEGISLATURE
idhar jangal ka kanoon chalta hai…. har taqatwar apne se kam ko markar jeeta hai

National

Satya Ki Kamai Ke Saat Sau Rupaye

Satya ki Kamai ke Saat Sau Rupaye is sarkar se Satta chheen lenge…

When I parked my 2 Wheeler (DL3S AW4500), outside of Krishna Apra Appt. Near Fun Cinema, Netaji Subhash Place, Delhi (on March 3rd 2008 at around 12:00 Noon)

  • It is parking place for the building
  • There is negligible traffic movement on the road
  • It is almost secluded area
  • More than 100 other vehicles were also parked there
  • It was unlawfully towed away

For the recovery of my vehicle, I had to pay Rs.700/- which I earned just a few moments back. For a family of 2, Rs.700/- could keep the housefire burning for almost 7 Days.

Your only business is: Challan a common man for Rs.600/-.
It is none of your business whether:

  • He earned Rs.600/- by fair and honest means
  • He extorted Rs.600/- by armtwisting
  • He stole money or picked some pocket
  • He robbed someone of Rs.600/-

Well… I have 2 more unlawful challans pending since May and Nov 2007 respectively, which I had already denied to pay. Because I intended to begin my protest sooner. Now it is The Call of Duty, that I declare:

Meri nazaron mein yeh system ek charbi wala kartoos hai, aur main ise muh lagane se inkaar karta hoon

For, as A Child Indian, while growing up to be A Dutiful Young Citizen:

  • When I had starved, it was neither of my dad’s concern, nor of any government
  • When I had to drop my studies, it was no apprehension to my dad or any government
  • When I had been struggling for my career, it didn’t matter to my dad nor any government
  • When I had not filed my ITR, it was none of anybody’s business
  • When I did not cast my vote, nobody bothered about it

Then, Is my safety on road anybody’s business?

How and Why? Concerned Authorities kindly justify!

I shall destruct this crippled system the way my grandfather ever demolished “Nand Vansh”

I demand: Sampoorna Swaraj – My Fundamental Duty & Right

“Swatantrata aur Swaraj Hamara Janm Sidh Adhikaar Hai”

Lokmanya Bal Ganga Dhar Tilak

If I can’t elect The Senior Leaders of My nation, it is not Sampoorna Swaraj

Ahimsa & Satyamev Jayate is in my veins, since the day I learnt the meaning of the name I am blessed and endowed with

————————————————————————-

Message for fellow Indians,

Now Rs.700/- have no significance. Now it is the issue of Duties, Rights and SAMPOORNA SWARAJ…
Please read my post once again and help spread it.
Yeh CHINGARI to ab urh chuki…
Thodi si hawa de do yaaro!

KRANTI KI SHURUAT CHINGARI SE HOTI HAI
PHIR DEKHO YEH SATTA KAISE DHARASHAYI HOTI HAI

Countdown started…
The Arrow is mounted on the Bow…
Hey Target! Flee if you have any escape!