NOTE: This applies only to specific hosting companies, due to the
specific setup needed and does have its drawbacks.
While setting up hosting space with a specific company I often deal
with, I noticed that they used a shared IP. (IP shared by two or more
websites/domains.) Well, the rates for unlimited bandwidth were
around $50+ per month, which I found unreasonable. I didnt require
much space, and didnt want to be limited to a mere 3 gig of traffic
per month.
Back on track... When setting up the acct, the hosting company needs
to know the domain name so that they can direct it accordingly.
(example: 'http://www.123.4.567.890/~user1/ ,
'http://www.123.4.567.890/~user2/ etc)
At this point you can give a url that doesnt belong to you at all. As
long as the nameservers dont change, that should have absolutly no
negative effects on you or your site whatsoever.
How it works is this:
The host propogates you a certain amount space on its servers, and
monitors the traffic that enters their space through the domain its
registered under. Being that the domain isn't connected to the site
at all, it registers ZERO traffic.
Zero traffic registered = can't possibly go over bandwidth
restrictions
can't possibly go over bandwidth restrictions = free unlimited
bandwidth
Now the problems with this (besides the ethical ones) is that your
host may offer X amount of mail addys with the acct
(you@y...) and these will not work, as the name isnt on their
DNS. However, some domain companies allow you to set it up
regardless. Another problem seems to be strictly cosmetic, but can be
highly problematic... Once you attach the domain you want onto the
site, each page comes up/w the ip/UN the host propagated to your
acct. Its at this point where you have to have a phenominal 10-15
character alphanumerical or better (#, &, etc) pw, or your site will
be vulnerable to attack since the attacker already has your UN. This
only gives attackers a slight advantage as the amount of time it
would take to brute force a 10 character pw @ a rate of 1,000,000 per
second is 10 years. Add numbers and case sensitivity to that and it
becomes approx 26,980 years.
While I'm on it, I may as well add that if you use this method,
obviously you are going to be using the lowest cost hosting plan
available, which in turn will offer the least amount of space. Thats
why free hosts were invented.
Free hosts suck as a general rule. Who wants a site smothered in ads?
However, if you upload all your programs, graphics and other large
files (have a backup of course) to a reliable free host and target
them accordingly from your site you have just freed up a signifigant
amount of space. The only setback/w this is having to keep an index
card or file around/w your pws, as you should never use the same one
twice, and want to use complicated ones.
Jumat, 25 Juli 2008
System Changes To Foil Hackers And Browser Hijacke
Hackers and Browser Hijacking is one area of the Net that affects everyone at some stage.
In addition to having third party utilities such as SpyBot, Anti Virus scanners and firewalls installed there are some changes that can be made to Windows 2000/XP. Below are some details to make your system safer from hackers and hijackers.
Some of these tips require editing of the Registry so it is wise to either backup the registry and/or create a Restore Point.
1. Clearing the Page File at Shutdown
Windows 2000/XP paging file (Sometimes called the Swap File) can contain sensitive information such as plaintext passwords. Someone capable of accessing your system could scan that file and find its information. You can force windows to clear out this file.
In the registry navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management and add or edit the DWORD ClearPageFileAtShutdown. Set it to 1.
Note that when you do this, the system will take much longer to shut down: a system with a really big Page File (! Gig or more) may take a minute or two longer.
2. Disable the POSIX and OS/2 Subsystem.
Windows 2000 and XP come with little-documented subsystems it at allow compatibility with UNIX and OS/2 systems These rues systems are enabled by default but so rarely used that they are best off bring disabled completely to prevent possible service hijackings.
To disable these subsystems, open the registry and navigate to HKEY LOCAL MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystems. Delete the subkeys Os2 and Posix. then reboot.
3. Never leave default passwords blank.
On installation, Windows 2000 sets up an Administrator account with total system access and prompts for a password. Guess what: by default, it allows that password to be blank. If a user doesn't want to type a password, he can simply click Next and the system will be an open door for anyone who wants to log on. Always opt for a password of some kind when setting up the default account on a machine.
4. Install Windows In a different directory.
Windows usually installs itself in the WINDOWS directory. Windows NT 4 0 and 2000 Will opt for WINNT. Many worms and other rogue programs assume this to be the case and attempt to exploit those folders files. To defeat this install Windows to another directory when you're setting it up - you can specify the name of the directory during setup. WINDIR is okay; so some people use WNDWS - A few (not that many) programs may not install properly if you install Windows to another folder but t hey are very few and they are far between
5. Fake out hackers with a dummy Administrator account
Since the default account in Windows 2000 is always named Administrator, an enterprising hacker can try to break into your system by attempting to guess the password on that account. It you never bothered to put a password on that account, say your prayers.
Rather than be a sucker to a hacker, put a password on the Administrator account it you haven't done so already. Then change the name of the Administrator account. You'll still be able to use the account under its new name, since Windows identifies user accounts by a back-end ID number rather than the name. Finally, create a new account named Administrator and disable it. This should frustrate any would -be break-ins.
You can add new accounts and change the names of existing accounts in Windows 2000 through the Local Users and Groups snap in. Right-click on My Computer, select Manager, open the Local Users and Groups subtree, look in the Users folder and right-click on any name to rename it. To add a new user, right-click on the containing folder and select New User. Finally, to disable an account, double-click it, check the Account is disabled box and click OK.
Don't ever delete the original Administrator account. Some programs refuse to install without it and you might have to log in under that account at some point to setup such software. The original Administrator account is configured with a security ID that must continue to be present in the system.
6. Disable the Guest account
Windows XP comes with a Guest account that's used for limited access, but it's still possible to do some damage with it. Disable it completely if you are not using it. Under Control Panel, select User Accounts, click on Guest Account and then select Turn Off the Guest Account.
7. Set the Hosts file to read-only to prevent name hijacking.
This one's from (and to a degree, for) the experts. The HOSTS file is a text file that all flavors of Windows use to hold certain network addresses that never change. When a network name and address is placed in HOSTS, the computer uses the address listed there for that network name rather than performing a lookup (which can take time). Experts edit this file to place their most commonly-visited sites into it, speeding things up considerably.
Unfortunately hijackers and hackers also love to put their own information into it - redirecting people from their favorite sites to places they don't want to go. One of the most common entries in HOSTS is local host which is set 1770.0.1. This refers to the local machine and if this entry is damaged the computer can behave very unpredictably.
To prevent HOSTS from being hijacked, set it to read-only. Go to the folder %Systemroot%system32driversetc, right-click on HOSTS, select Properties check the Read-Only box and click OK. If you want to add your own entries to HOSTS, you can unprotect it before doing so, but always remember to set it to read-only after you're done.
8. Disallow changes to IE settings through IE
This is another anti hijacker tip. IE can be set so that any changes to its settings must be performed through the Internet icon in the Control Panel, rather than through IE's own interface. Some particularly unscrupulous programs or sites try to tamper with setting by accessing the Tools, Options menu in IE. You can disable this and still make changes to IE's settings through the Control Panel.
Open the Registry and browse to HKEY_CURRENT_USER SoftwarePoliciesMicrosoftInternet ExplorerRestrictions. Create or edit a new DWORD value named NoBrowserUptions and set it to 1 (this is a per-user setting). Some third-party programs such as Spybot Search And Destroy allow you to toggle this setting.
You can also keep IE from having other programs rename its default startup page, another particularly annoying form of hijacking. Browse to HKEY.CURRENT USERSoftwarePolicies MicrosoftInternet ExploreControl Panel and add or edit a DWORD, Homepage and set it to 1.
9. Turn off unneeded Services
Windows 2000 and XP both come with many background services that don't need to he running most of the time: Alerter, Messenger, Server (If you're running a standalone machine with no file or printer shares), NetMeeting Remote Desktop Sharing, Remote Desktop Help Session Manager (the last two if you're not using Remote Desktop or NetMeeting), Remote Registry, Routing and Remote Access (if you're not using Remote Access), SSDP Discovery Service, Telnet, and Universal Plug and Play Device Host.
A good resource and instruction on which of these services can be disabled go to /http://www.blkviper.com/WinXP/
10. Disable simple File Shares.
In Windows XP Professional, the Simple File Sharing mode is easily exploited, since it’s a little too easy to share out a file across your LAN (or the NET at large). To turn it off, go m My Computer, click Tools, Folder Option and the View tab, and uncheck Use Simple file sharing (Recommended). Click OK. When you do this you can access the Security tab in the Properties window for all folders; set permissions for folders; and take ownership of objects (but not in XP Home)
In addition to having third party utilities such as SpyBot, Anti Virus scanners and firewalls installed there are some changes that can be made to Windows 2000/XP. Below are some details to make your system safer from hackers and hijackers.
Some of these tips require editing of the Registry so it is wise to either backup the registry and/or create a Restore Point.
1. Clearing the Page File at Shutdown
Windows 2000/XP paging file (Sometimes called the Swap File) can contain sensitive information such as plaintext passwords. Someone capable of accessing your system could scan that file and find its information. You can force windows to clear out this file.
In the registry navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management and add or edit the DWORD ClearPageFileAtShutdown. Set it to 1.
Note that when you do this, the system will take much longer to shut down: a system with a really big Page File (! Gig or more) may take a minute or two longer.
2. Disable the POSIX and OS/2 Subsystem.
Windows 2000 and XP come with little-documented subsystems it at allow compatibility with UNIX and OS/2 systems These rues systems are enabled by default but so rarely used that they are best off bring disabled completely to prevent possible service hijackings.
To disable these subsystems, open the registry and navigate to HKEY LOCAL MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystems. Delete the subkeys Os2 and Posix. then reboot.
3. Never leave default passwords blank.
On installation, Windows 2000 sets up an Administrator account with total system access and prompts for a password. Guess what: by default, it allows that password to be blank. If a user doesn't want to type a password, he can simply click Next and the system will be an open door for anyone who wants to log on. Always opt for a password of some kind when setting up the default account on a machine.
4. Install Windows In a different directory.
Windows usually installs itself in the WINDOWS directory. Windows NT 4 0 and 2000 Will opt for WINNT. Many worms and other rogue programs assume this to be the case and attempt to exploit those folders files. To defeat this install Windows to another directory when you're setting it up - you can specify the name of the directory during setup. WINDIR is okay; so some people use WNDWS - A few (not that many) programs may not install properly if you install Windows to another folder but t hey are very few and they are far between
5. Fake out hackers with a dummy Administrator account
Since the default account in Windows 2000 is always named Administrator, an enterprising hacker can try to break into your system by attempting to guess the password on that account. It you never bothered to put a password on that account, say your prayers.
Rather than be a sucker to a hacker, put a password on the Administrator account it you haven't done so already. Then change the name of the Administrator account. You'll still be able to use the account under its new name, since Windows identifies user accounts by a back-end ID number rather than the name. Finally, create a new account named Administrator and disable it. This should frustrate any would -be break-ins.
You can add new accounts and change the names of existing accounts in Windows 2000 through the Local Users and Groups snap in. Right-click on My Computer, select Manager, open the Local Users and Groups subtree, look in the Users folder and right-click on any name to rename it. To add a new user, right-click on the containing folder and select New User. Finally, to disable an account, double-click it, check the Account is disabled box and click OK.
Don't ever delete the original Administrator account. Some programs refuse to install without it and you might have to log in under that account at some point to setup such software. The original Administrator account is configured with a security ID that must continue to be present in the system.
6. Disable the Guest account
Windows XP comes with a Guest account that's used for limited access, but it's still possible to do some damage with it. Disable it completely if you are not using it. Under Control Panel, select User Accounts, click on Guest Account and then select Turn Off the Guest Account.
7. Set the Hosts file to read-only to prevent name hijacking.
This one's from (and to a degree, for) the experts. The HOSTS file is a text file that all flavors of Windows use to hold certain network addresses that never change. When a network name and address is placed in HOSTS, the computer uses the address listed there for that network name rather than performing a lookup (which can take time). Experts edit this file to place their most commonly-visited sites into it, speeding things up considerably.
Unfortunately hijackers and hackers also love to put their own information into it - redirecting people from their favorite sites to places they don't want to go. One of the most common entries in HOSTS is local host which is set 1770.0.1. This refers to the local machine and if this entry is damaged the computer can behave very unpredictably.
To prevent HOSTS from being hijacked, set it to read-only. Go to the folder %Systemroot%system32driversetc, right-click on HOSTS, select Properties check the Read-Only box and click OK. If you want to add your own entries to HOSTS, you can unprotect it before doing so, but always remember to set it to read-only after you're done.
8. Disallow changes to IE settings through IE
This is another anti hijacker tip. IE can be set so that any changes to its settings must be performed through the Internet icon in the Control Panel, rather than through IE's own interface. Some particularly unscrupulous programs or sites try to tamper with setting by accessing the Tools, Options menu in IE. You can disable this and still make changes to IE's settings through the Control Panel.
Open the Registry and browse to HKEY_CURRENT_USER SoftwarePoliciesMicrosoftInternet ExplorerRestrictions. Create or edit a new DWORD value named NoBrowserUptions and set it to 1 (this is a per-user setting). Some third-party programs such as Spybot Search And Destroy allow you to toggle this setting.
You can also keep IE from having other programs rename its default startup page, another particularly annoying form of hijacking. Browse to HKEY.CURRENT USERSoftwarePolicies MicrosoftInternet ExploreControl Panel and add or edit a DWORD, Homepage and set it to 1.
9. Turn off unneeded Services
Windows 2000 and XP both come with many background services that don't need to he running most of the time: Alerter, Messenger, Server (If you're running a standalone machine with no file or printer shares), NetMeeting Remote Desktop Sharing, Remote Desktop Help Session Manager (the last two if you're not using Remote Desktop or NetMeeting), Remote Registry, Routing and Remote Access (if you're not using Remote Access), SSDP Discovery Service, Telnet, and Universal Plug and Play Device Host.
A good resource and instruction on which of these services can be disabled go to /http://www.blkviper.com/WinXP/
10. Disable simple File Shares.
In Windows XP Professional, the Simple File Sharing mode is easily exploited, since it’s a little too easy to share out a file across your LAN (or the NET at large). To turn it off, go m My Computer, click Tools, Folder Option and the View tab, and uncheck Use Simple file sharing (Recommended). Click OK. When you do this you can access the Security tab in the Properties window for all folders; set permissions for folders; and take ownership of objects (but not in XP Home)
Hacking - Stealing passwd email
Disclaimer
----------
First of all English is not my first language hence sorry for any typos. This material is for educational purpose only, be clever and don't act stupid...
Here are the most common ways someone can hack mail passwords, and how to protect yourself against them. There are more ways, and even these techniques
could be more documented but this file is not intended to be a step-by-step lamer spoonfeeding device. You only get the ideea, the rest is up to you.
If you don't, that means you're too iresponsible in the first place. Ouch! :)
Hope you enjoy reading this... So lets get started:
Guessing
--------
Duh! The easiest method of hacking mail passwords is password guessing. Find out all information about the victim.
For example if the victim is interested in aquarium then his password might be something like fish, whale, dolphin, aquariam. etc.
A lot of people keep there passwords their the girlfriend's name or boyfriend's name. ;)
You can also try "forget password", available on all mail providers. Try to guess answer to the secret question the victim gave.
For example if the question is "my mother's maiden name", "my first school name", "my pet's name", etc. its quite easy to get the answer of it.
Note that a clever user doesn't actually set the answer to have anything to do with the question, do you? :>
Dictionary Attack
-----------------
A dictionary attack means you use a program that tries to connect to the mailserver using a username (your victim's), and as password,
all the words from a long filelist. If the password is a common word (eg. cat, john, sex, password, etc) and you have a big enaugh list than you might get lucky.
Brute force
-----------
Brute force works in a way like the dictionary attack, the difference is that the program you use doesn't read the passwords from a list,
but it generates them itself. Lets say you want to break a 5 digit password.
The combinations would look like this aaaaa, aaaab, aaaac, ... aaaba, aaabb, aaabc, ... , zzzzz, if you use only lowercase alphabet digits, no numbers.
The thing is that most mailservers allow you to use lowercase, uppercase, numbers and sybols, some even require a minimmum length for the password
(eg. Yahoo! length is 6 digits). A password that look like "gJe4Ty&8lk!3" is practicly unbreakable considering the time needed to try all the combinations possible.
You do the math. Brute force is theoreticly the method that CAN get the password of the victim but it's almost IMPOSSIBLE to use in practice do to the time needed.
It all depends on the length of the password. Also, many servers may ignore you after you have to much failed logins.
Using a Keylogger
-----------------
Just install a keylogger on your victim's computer. Send it by mail or IRC and tell the victim it's a cool mp3player, whatever...
There are keyloggers that only need to be cliked once and they do all the installing job by themself without the victim even notice it.
What a keylogger does is it will log all the keystrokes the victim types on that machine.
It works in background so the victim will not realize that his keystrokes are being logged.
And if all keystrokes are recorded it means even his login and password are also included when he logins to read his mail.
Then just connect to the keylogger or set it to automaticly send you the logfile by email.
Social engeniering
------------------
This is one of the best methods, and unless the one you want to get the password from is realy smart, you have all the chances to trick him. What you will do over here is send mail to the victim from administrator@hismailserver.com so that the victim will think he received mail from his administrator!
Newbie note: For the people who are new to SMTP, it is the Simple Mail Transfer Protocol and it runs by default at port 25. To get some SMTP servers use google to search "free smtp" or download a free smtp server to be able to telnet to your own computer on port 25.
Personaly I use Linux wich comes by default with sendmail, and since now it worked everytime. I also played a prank on a friend tricking him
to think he was wanted by the FBI. :) Ok just type the following commands, without the "" of course:
"telnet mail.mailserver.com 25" or "telnet mailserver.com 25"
"HELO victimsmailserver.com"
"MAIL FROM: administrator@victimsmailserver.com
"RCPT TO: victim@victimsmailserver.com"
"DATA"
Here you can write the message you want to send to victim. After the message is over press [Enter] and on the new line put a ".", and press [Enter] again to indicate the server that your message is over. The mail might look like this:
-------------------------------------------------------------------------
Form: administrator@victimsmailserver.com
Hello user of victimsmailserver.com. We deeply apologise for the inconvenience, but our server will go down for technical problems.
We have to announce you that you have to change your password in order to keep your account.
victimsmailserver.com keeps this information private and we assure you your data will suffer no harm.
IMPORTANT NOTE: Change your password to "revalidate_account" as soon as possible or your account will be DISACTIVATED!
You will receive a confirmation e-mail from our server to notify you that your request has been taken care of, once you've made the neccesary changes.
Once again we apologise for the inconvenience and thank you for your understanding.
victimsmailserver.com administrator.
----------------------------------------------------------------------
Now this was just an example. Be creative. You can tell the victim to send his username and password by email to you
(get a fake mail like administartor@victimsmailserver.com, note "administartor" not "administrator").
Once again you will be amased how many peolpe will get tricked even if most mailservers spcificly tell you something like:
"MAILSERVER staff will NEVER ask for your password"...
Now the way experts use, is to include a link in the mail you've sent him to a webpage you've already made that looks like the victimsmailserver.com's homepage.
Just write on that page something like "lost VICTIM'S NAME account data" so the victim thinks he has to send all his data again ;)
Once he writes to the form on that page and presses "Submit" the page will actualy send you mail with all his data, including password.
With a little knowledge of HTML and PHP you can trick even the smartest people.
More social engeniering
-----------------------
Open your victim's mail website and login over there with wrong password! You will be directed to a page with "invalid login" message.
Just modify that page and add the line "Operation time out" by editing its source code.
Also you will have to find the line and change it to .
----------
First of all English is not my first language hence sorry for any typos. This material is for educational purpose only, be clever and don't act stupid...
Here are the most common ways someone can hack mail passwords, and how to protect yourself against them. There are more ways, and even these techniques
could be more documented but this file is not intended to be a step-by-step lamer spoonfeeding device. You only get the ideea, the rest is up to you.
If you don't, that means you're too iresponsible in the first place. Ouch! :)
Hope you enjoy reading this... So lets get started:
Guessing
--------
Duh! The easiest method of hacking mail passwords is password guessing. Find out all information about the victim.
For example if the victim is interested in aquarium then his password might be something like fish, whale, dolphin, aquariam. etc.
A lot of people keep there passwords their the girlfriend's name or boyfriend's name. ;)
You can also try "forget password", available on all mail providers. Try to guess answer to the secret question the victim gave.
For example if the question is "my mother's maiden name", "my first school name", "my pet's name", etc. its quite easy to get the answer of it.
Note that a clever user doesn't actually set the answer to have anything to do with the question, do you? :>
Dictionary Attack
-----------------
A dictionary attack means you use a program that tries to connect to the mailserver using a username (your victim's), and as password,
all the words from a long filelist. If the password is a common word (eg. cat, john, sex, password, etc) and you have a big enaugh list than you might get lucky.
Brute force
-----------
Brute force works in a way like the dictionary attack, the difference is that the program you use doesn't read the passwords from a list,
but it generates them itself. Lets say you want to break a 5 digit password.
The combinations would look like this aaaaa, aaaab, aaaac, ... aaaba, aaabb, aaabc, ... , zzzzz, if you use only lowercase alphabet digits, no numbers.
The thing is that most mailservers allow you to use lowercase, uppercase, numbers and sybols, some even require a minimmum length for the password
(eg. Yahoo! length is 6 digits). A password that look like "gJe4Ty&8lk!3" is practicly unbreakable considering the time needed to try all the combinations possible.
You do the math. Brute force is theoreticly the method that CAN get the password of the victim but it's almost IMPOSSIBLE to use in practice do to the time needed.
It all depends on the length of the password. Also, many servers may ignore you after you have to much failed logins.
Using a Keylogger
-----------------
Just install a keylogger on your victim's computer. Send it by mail or IRC and tell the victim it's a cool mp3player, whatever...
There are keyloggers that only need to be cliked once and they do all the installing job by themself without the victim even notice it.
What a keylogger does is it will log all the keystrokes the victim types on that machine.
It works in background so the victim will not realize that his keystrokes are being logged.
And if all keystrokes are recorded it means even his login and password are also included when he logins to read his mail.
Then just connect to the keylogger or set it to automaticly send you the logfile by email.
Social engeniering
------------------
This is one of the best methods, and unless the one you want to get the password from is realy smart, you have all the chances to trick him. What you will do over here is send mail to the victim from administrator@hismailserver.com so that the victim will think he received mail from his administrator!
Newbie note: For the people who are new to SMTP, it is the Simple Mail Transfer Protocol and it runs by default at port 25. To get some SMTP servers use google to search "free smtp" or download a free smtp server to be able to telnet to your own computer on port 25.
Personaly I use Linux wich comes by default with sendmail, and since now it worked everytime. I also played a prank on a friend tricking him
to think he was wanted by the FBI. :) Ok just type the following commands, without the "" of course:
"telnet mail.mailserver.com 25" or "telnet mailserver.com 25"
"HELO victimsmailserver.com"
"MAIL FROM: administrator@victimsmailserver.com
"RCPT TO: victim@victimsmailserver.com"
"DATA"
Here you can write the message you want to send to victim. After the message is over press [Enter] and on the new line put a ".", and press [Enter] again to indicate the server that your message is over. The mail might look like this:
-------------------------------------------------------------------------
Form: administrator@victimsmailserver.com
Hello user of victimsmailserver.com. We deeply apologise for the inconvenience, but our server will go down for technical problems.
We have to announce you that you have to change your password in order to keep your account.
victimsmailserver.com keeps this information private and we assure you your data will suffer no harm.
IMPORTANT NOTE: Change your password to "revalidate_account" as soon as possible or your account will be DISACTIVATED!
You will receive a confirmation e-mail from our server to notify you that your request has been taken care of, once you've made the neccesary changes.
Once again we apologise for the inconvenience and thank you for your understanding.
victimsmailserver.com administrator.
----------------------------------------------------------------------
Now this was just an example. Be creative. You can tell the victim to send his username and password by email to you
(get a fake mail like administartor@victimsmailserver.com, note "administartor" not "administrator").
Once again you will be amased how many peolpe will get tricked even if most mailservers spcificly tell you something like:
"MAILSERVER staff will NEVER ask for your password"...
Now the way experts use, is to include a link in the mail you've sent him to a webpage you've already made that looks like the victimsmailserver.com's homepage.
Just write on that page something like "lost VICTIM'S NAME account data" so the victim thinks he has to send all his data again ;)
Once he writes to the form on that page and presses "Submit" the page will actualy send you mail with all his data, including password.
With a little knowledge of HTML and PHP you can trick even the smartest people.
More social engeniering
-----------------------
Open your victim's mail website and login over there with wrong password! You will be directed to a page with "invalid login" message.
Just modify that page and add the line "Operation time out" by editing its source code.
Also you will have to find the line and change it to .
Langganan:
Komentar (Atom)
