December 10, 2010
The tricks hackers use, and what you can do to foil them.
Do you like this story?
I was going through an article at pc world and came across this. Please tech geeks looking for how hackers hack, here you are. I bring this piece of writing by Kim & Zetter to enlighten your mindset.
The tricks hackers use, and what you can do to foil them.
Kim Zetter and Andrew Brandt, PCWorld.com
With the click of a mouse on one computer, the screen of the laptop a few feet away flashes wildly as a flood of data flies silently across a private network cable connecting the two machines. Within a minute the laptop's file sharing password is compromised.
"The computer is having a bad day," says a reporter as he watches the effect of the attack on his machine. "Packets are coming at it so fast, the firewall doesn't know what to do."
Some hackers claim they can teach a monkey how to hack in a couple of hours. We asked two hackers, Syke and Optyx (at their request, we are using their hacking pseudonyms rather than their real names), to give us non-simian reporters a demonstration.
What we got was a sometimes-frightening view of how easily nearly anyone's computer--at home or at work, protected or not--can be cracked by a determined hacker. But we also found out that computer users can make a hacker's job much harder by avoiding a few common mistakes.
Syke, a 23-year-old white-hat hacker, and Optyx, a 19-year-old self-proclaimed black hat, both work in computer security (Syke, until recently, for a well-known security software vendor; Optyx for an application service provider).
They launch their attack on our notebook from desktop computers located in the windowless basement that is New Hack City, a sort of hacker research-and-development lab (and part-time party lounge).
The lab's rooms are filled with over a dozen Sun SPARC servers, assorted network hubs and mountains of ethernet cable, an arcade-size Ms. Pac Man game, and a DJ tower stocked with music-mixing equipment for all-night hacker jams.
Kim Zetter and Andrew Brandt, PCWorld.com
With the click of a mouse on one computer, the screen of the laptop a few feet away flashes wildly as a flood of data flies silently across a private network cable connecting the two machines. Within a minute the laptop's file sharing password is compromised.
"The computer is having a bad day," says a reporter as he watches the effect of the attack on his machine. "Packets are coming at it so fast, the firewall doesn't know what to do."
Some hackers claim they can teach a monkey how to hack in a couple of hours. We asked two hackers, Syke and Optyx (at their request, we are using their hacking pseudonyms rather than their real names), to give us non-simian reporters a demonstration.
What we got was a sometimes-frightening view of how easily nearly anyone's computer--at home or at work, protected or not--can be cracked by a determined hacker. But we also found out that computer users can make a hacker's job much harder by avoiding a few common mistakes.
Syke, a 23-year-old white-hat hacker, and Optyx, a 19-year-old self-proclaimed black hat, both work in computer security (Syke, until recently, for a well-known security software vendor; Optyx for an application service provider).
They launch their attack on our notebook from desktop computers located in the windowless basement that is New Hack City, a sort of hacker research-and-development lab (and part-time party lounge).
The lab's rooms are filled with over a dozen Sun SPARC servers, assorted network hubs and mountains of ethernet cable, an arcade-size Ms. Pac Man game, and a DJ tower stocked with music-mixing equipment for all-night hacker jams.
Hacking 101
"You should understand," says Optyx, as he enters a few commands that bring our machine to its knees, "no matter what people do, hackers will always find a way to get into systems."
Just as he says this, Optyx uses a program to get the laptop to spew out a bit of data identifying its operating system and version.
He then runs the program that cracked the file sharing password in the blink of an eye. We watch as he uses another tool to root through files in the laptop's shared directory.
As hacking goes, the methods our two instructors use on our laptop are not very elegant--the equivalent of using brute force to knock in a door--and through the machine's software firewall, we are immediately aware that the machine is being hacked. But, save from disconnecting our machine from the network cable, we're powerless to stop it.
Most hacking attacks, however, are much more invisible.
Open Sesame
The methods hackers use to attack your machine or network are fairly simple. A hacker scans for vulnerable systems by using a demon dialer (which will redial a number repeatedly until a connection is made) or a wardialer (an application that uses a modem to dial thousands of random phone numbers to find another modem connected to a computer).
Another approach used to target computers with persistent connections, such as DSL or cable connections, employs a scanner program that sequentially "pings" IP addresses of networked systems to see if the system is up and running.
Where can a hacker find such tools? On the Internet, of course.
Sites containing dozens of free, relatively easy-to-use hacking tools available for download are easy to find on the Net. While understanding how these tools work is not always easy, many files include homegrown documentation written in hacker shoptalk.
Among the programs available are scanning utilities that reveal the vulnerabilities on a computer or network and sniffing programs that let hackers spy on data passing between machines.
Hackers also use the Net to share lists of vulnerable IP addresses--the unique location of Internet-connected computers with unpatched security holes. Addresses of computers that have already been loaded with a Trojan horse are available for anyone to exploit (in many cases without the owner of the computer knowing).
Once the hacker finds a machine, he uses a hacker tool such as Whisker to identify in less than a second what operating system the machine is using and whether any unpatched holes exist in it. Whisker, one of a handful of legitimate tools used by system administrators to test the security of their systems, also provides a list of exploits the hacker can use to take advantage of these holes.
The methods hackers use to attack your machine or network are fairly simple. A hacker scans for vulnerable systems by using a demon dialer (which will redial a number repeatedly until a connection is made) or a wardialer (an application that uses a modem to dial thousands of random phone numbers to find another modem connected to a computer).
Another approach used to target computers with persistent connections, such as DSL or cable connections, employs a scanner program that sequentially "pings" IP addresses of networked systems to see if the system is up and running.
Where can a hacker find such tools? On the Internet, of course.
Sites containing dozens of free, relatively easy-to-use hacking tools available for download are easy to find on the Net. While understanding how these tools work is not always easy, many files include homegrown documentation written in hacker shoptalk.
Among the programs available are scanning utilities that reveal the vulnerabilities on a computer or network and sniffing programs that let hackers spy on data passing between machines.
Hackers also use the Net to share lists of vulnerable IP addresses--the unique location of Internet-connected computers with unpatched security holes. Addresses of computers that have already been loaded with a Trojan horse are available for anyone to exploit (in many cases without the owner of the computer knowing).
Once the hacker finds a machine, he uses a hacker tool such as Whisker to identify in less than a second what operating system the machine is using and whether any unpatched holes exist in it. Whisker, one of a handful of legitimate tools used by system administrators to test the security of their systems, also provides a list of exploits the hacker can use to take advantage of these holes.
Security Software Alone Can't Stop Them
Syke and Optyx explain that several conditions make it easier for them to hack into a system. Lax security is one of them--such as when a company uses no passwords on its system or fails to change Windows' default passwords.
In October 2000 hackers broke into Microsoft's system and viewed source code for the latest versions of Windows and Office after discovering a default password that an employee never bothered to change.
Other common mistakes: When system administrators don't update software with security patches, they leave vulnerable ports open to attack. Or when they install expensive intrusion detection systems, some fail to monitor the alarms that warn them when an intruder is breaking in.
Still another boon to hackers is a firewall or router that is misconfigured, allowing hackers to "sniff" pieces of data--passwords, e-mail, or files--that pass through the network.
In October 2000 hackers broke into Microsoft's system and viewed source code for the latest versions of Windows and Office after discovering a default password that an employee never bothered to change.
Other common mistakes: When system administrators don't update software with security patches, they leave vulnerable ports open to attack. Or when they install expensive intrusion detection systems, some fail to monitor the alarms that warn them when an intruder is breaking in.
Still another boon to hackers is a firewall or router that is misconfigured, allowing hackers to "sniff" pieces of data--passwords, e-mail, or files--that pass through the network.
Got Root?
Once a hacker cracks into a system, his next goal is to get root, or give himself the highest level of access on the machine. The hacker can use little-known commands to get root, or can search the documents in the system's hard drive for a file or e-mail message that contains the system administrator's password.
Armed with root access, he can create legitimate-looking user accounts and log in whenever he wants without attracting attention. He can also alter or delete system logs to erase any evidence (such as command lines) that he gained access to the system.
But a hacker doesn't need root access to affect a system. He can misroute traffic intended to go to one company's Web server to a different one. Or, exploiting a well-documented bug (for which there's a patch that many sites haven't applied), a hacker can replace any Web page with his own text using a simple set of UNIX commands typed into the browser's Address bar.
Once a hacker cracks into a system, his next goal is to get root, or give himself the highest level of access on the machine. The hacker can use little-known commands to get root, or can search the documents in the system's hard drive for a file or e-mail message that contains the system administrator's password.
Armed with root access, he can create legitimate-looking user accounts and log in whenever he wants without attracting attention. He can also alter or delete system logs to erase any evidence (such as command lines) that he gained access to the system.
But a hacker doesn't need root access to affect a system. He can misroute traffic intended to go to one company's Web server to a different one. Or, exploiting a well-documented bug (for which there's a patch that many sites haven't applied), a hacker can replace any Web page with his own text using a simple set of UNIX commands typed into the browser's Address bar.
Denying Service
A more serious threat, however, comes from skilled hackers who launch a denial-of-service attack, in which a Web server is flooded with so many requests that it stops responding altogether.
Previously one of the most common attacks, DoS attacks are now much harder to accomplish. Large Internet companies counter them by buying larger Internet pipes, which are harder to fill with the junk data hackers throw at them. The more bandwidth a company has, the more service the hacker needs to interrupt in order to produce a noticeable effect.
Hackers quickly learned that a single computer couldn't send enough phony requests to deny service, so they came up with a clever approach that employs dozens of hacked computers, working in synch to execute a distributed denial-of-service attack.
A DDoS attack uses as many computers as the hacker can control (called "zombies") to send bogus data requests to a targeted server. To unleash the attack, the hacker sends just one command, which propagates to all of the zombies and causes a near-instantaneous death-by-data on the Web server.
A hacker can also use an army of compromised computers to steal data--such as credit card numbers and proprietary corporate files--without leaving a clear trail. The hacker hops from machine to machine and then launches an attack that passes through all of them, creating a maze of connections for authorities to sift through.
University systems are prime targets for such activity, since administrators often leave student accounts active after students have graduated. A hacker can take over the account and use it as a base to attack another system.
In December 2000 hackers broke into a U.S. Air Force system in Virginia and downloaded code for controlling communication and spy satellites to a computer in Sweden. The Swedish company that owned the system housing the data had no idea hackers were using its computer, and cooperated with authorities.
From Sweden the activity was traced to a university machine in Germany, which authorities also believe was being used by a distant hacker.
Online Espionage
Hackers can silently collect information from a machine for months without being detected. Using a Trojan horse, a hacker can log keystrokes on a computer (to obtain a user's passwords) or use a "sniffing" program to collect sensitive data as it passes from one computer to another.
Sniffer software is a bit like a radio in that it simply listens for traffic to pass by it on the network wire. Sniffers are undetectable by the user and (usually) by the system administrator.
Hackers can silently collect information from a machine for months without being detected. Using a Trojan horse, a hacker can log keystrokes on a computer (to obtain a user's passwords) or use a "sniffing" program to collect sensitive data as it passes from one computer to another.
Sniffer software is a bit like a radio in that it simply listens for traffic to pass by it on the network wire. Sniffers are undetectable by the user and (usually) by the system administrator.
Nowhere to Hide
It might seem that, with all the ways hackers can get into your system, there's no safe place for your data to hide. Optyx would agree--to a point.
Casually typing commands on his keyboard that sends our laptop into further frenzy, Optyx says that simply running antivirus software alone, or having a firewall or intrusion detection system, won't prevent the theft of data or hacking of your computer.
"If people hack your machine," continues Optyx, "they hack it through a vulnerability."
He recommends that, in addition to using the above tools, every user install the latest security patches on their critical software, including the operating system and the applications they regularly use. "The only way to protect yourself is to patch up the holes," he says.
Kim Zetter and Andrew Brandt are PC World senior associate editors who cover security and privacy issues.
It might seem that, with all the ways hackers can get into your system, there's no safe place for your data to hide. Optyx would agree--to a point.
Casually typing commands on his keyboard that sends our laptop into further frenzy, Optyx says that simply running antivirus software alone, or having a firewall or intrusion detection system, won't prevent the theft of data or hacking of your computer.
"If people hack your machine," continues Optyx, "they hack it through a vulnerability."
He recommends that, in addition to using the above tools, every user install the latest security patches on their critical software, including the operating system and the applications they regularly use. "The only way to protect yourself is to patch up the holes," he says.
Kim Zetter and Andrew Brandt are PC World senior associate editors who cover security and privacy issues.
About the Author:
Ifeanyi Emeka is the founder of this blog and also writes for Tech Forked. He is passionate about tech stuffs and loves customizing blogger themes.
Popular This Week
Subscribe to:
Post Comments (Atom)
13 Responses to “The tricks hackers use, and what you can do to foil them.”
December 17, 2010 at 1:46 AM
This article is very insightful. It is very true... people should never feel too safe with their security. Programs like NMAP can easily scan your network and find weak points and open ports.
December 20, 2010 at 7:36 PM
Thank you very much for the info. I have been looking for this info for the last few days. Your efforts are appreciated.
December 24, 2010 at 2:31 PM
nice tips and thanks for sharing
January 2, 2011 at 4:14 AM
so detail for this info and i like read to this post..thanks for share
January 3, 2011 at 12:44 PM
good tips.
January 4, 2011 at 9:17 PM
thanks for the tips..you should be a computer expert to hack i think..
January 12, 2011 at 12:00 PM
Well hackers are indeed a problem and this info is very useful therefore is like kolye modelleri said - you should be really good to do stuff like that. Not impossible though.
January 16, 2011 at 3:41 PM
i agree with you guys, if you want to become a serious hac** u need to learn serious programming from the indepth.
January 18, 2011 at 3:03 PM
These all are great and effective ways to spoil other hacker to hack any security concern things.
January 22, 2011 at 11:50 AM
Hacking activities are increasing day by day, some ethical hackers are required toovercome bad activities.
February 4, 2011 at 11:58 PM
It is a good and interesting site I have seen in few minutes and I am going to subscribe my email address so that I could have latest updates from your side in time to time.
February 5, 2011 at 9:13 AM
Hacking problem now very common to internet user but there are many facilities to prevent own self by hackers just follow them and be secure.
February 11, 2011 at 1:50 AM
There are a lot of blogs in google search and I am thinking to develop a weblog for me also. I have read the article in some sites to develop such thing but in vain. I am not getting it basically. I should ask my fellows about this.
Post a Comment