While most topics in this paper will refer to security administrators In large networks, these common security practices should be applied in any scale; from major companies to home computer networks. Remember, the home user is the security administrator for his home network. This paper will cover three major topics of Anti-Hacking: Education of the Security Administrator, Securing the Environment, and How to Fight Back. L. Introduction Computer hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.
People who engage in computer hacking activities are often called hackers. Since the word “hack” has long been used to describe someone who is incompetent at his/her profession, some hackers claim this term is offensive and fails to give appropriate recognition to their skills. Computer hacking is most common among teenagers and young adults, although there are many older hackers as well. Many hackers are true technology buffs who enjoy learning more about how computers work and consider computer hacking an “art” form.
They often enjoy programming and have expert-level skills in one particular program. For these individuals, computer hacking is a real life application of their problem-solving skills. It’s a chance to demonstrate their abilities, not an opportunity to harm others. Computer hacking can also lead to other constructive technological developments, since many of the skills developed from hacking apply to more mainstream pursuits. For example, former hackers Dennis Ritchie and Ken Thompson went on to create the UNIX operating system in the 1 sass.
This system had a huge impact on the development of Linux, a free UNIX-Ice operating system. Shawn Fanning, the creator of Anapest, is another hacker well known for his accomplishments outside Of computer hacking. In comparison to those who develop an interest in computer hacking out of simple intellectual curiosity, some hackers have less noble motives. Hackers who are out to steal personal information, change a corporation’s financial data, break security codes to gain unauthorized network access, or conduct other destructive activities are sometimes called “crackers. This type of computer hacking can earn you a trip to a federal prison for up to 20 years II. Hacking Good Cracking Bad. Although the term “hacker” is in widespread use, the sense in which it is employed is generally incorrect. Popular media and entertainment providers have long used it to describe anyone who tampers with a system, particularly in connection to criminal activity. This journalistic misuse of the name upset many “traditional” hackers, who responded to the vilification of their good name by offering a new term for these individuals: “crackers. Crackers are vandals and thieves whose sole purpose is unauthorized “cracking” into secure systems for personal gain. This darker side of hacking has three main motivations with varying degrees of harm. The most benign cracks are attempts to gain unauthorized access in order to satisfy a personal motive such as curiosity or pride. More malicious cracking seeks to gain unauthorized access in order to tamper with or destroy information. The goal of the most serious and professional crackers is unauthorized access to systems or computer services in order to steal data for criminal purposes.
Systems commonly under attack are universities, government agencies, such as the Department of Defense and NASA, and large corporations such as electric utilities and airlines. Many crackers are professional criminals involved in corporate or government espionage and eave links to organized crime. A relative newcomer to the “hacker” field, script kiddies are another break-off group mistakenly called hackers by the media. A lower form of crackers, script kiddies are not particularly knowledgeable about computer and networking details.
Instead, they download ready-made tools to seek out weaknesses on systems accessible via the Internet. They do not target specific information or a specific company but rather scan for opportunities to disrupt and vandalize systems. Most “hackers” and “hacking’ events reported on by the popular press are actually of this type. II. Anti hacking weapons The weapon is just as important as the weapon master and this is true for hackers as well. An important thing to remember is that most hackers, Script kiddies not included, are often skilled in computers on both the using and managing level.
As such they know their way around a keyboard and can write up programs themselves. However it is narrow mind thinking to presume that the only tools available are computer applications. As previously stated social engineering is a method to gain critical information. Social engineering is unlike most other forms of intrusion in that it requires a ore human approach, as it requires heavy human interaction, to convince a person with sensitive information that the person in question is trustworthy enough to have it.
Such tactics used in social engineering include, appealing to different natures of a person such as; vanity, honor, helpfulness, kindness, authority and so on. Another tactic is simple eavesdropping to hear the desired information; or looking over one’s shoulder briefly to memorize access codes, also known as shoulder surfing. As the value of information increases, the threat of social engineering will increase with it, and as such be en of the strongest methods any cracker has at their disposal.
But as expected, conning someone out of information is not the only tool a skilled cracked has to use. Another such method of system attacks is Password cracking. There are three forms of Password cracking, two which can be done form the outside, and one which involves affecting a system of someone in power. The first of the three methods is dictionary attack. A dictionary attack relies on the weakness in the design of most passwords. This weakness exists in that many users will create passwords that are often words in the English engage, with very little change if any to provide protection.
This attack type goes through the programmed words listed in a predefined dictionary on the program’s coding and runs through the words till a password match is found. To be able to break through minor and predictable changes, such as capitalizing the first letter of a word, these programs are armed with the ability to change the word from a number of setting to reach a great range of possible passwords. A few possible setting include; Toggle the case of all characters, Make only the first letter a capital, Reverse a word, and Replace all f one character with another.
The second form, and much less likely to success of the three, is brute force attack. This attack will in essence generate all possible character combinations from the range specified by the cracker. The reason this form of password cracking has a low chance of success is that with a simple eight character password, the amount of combinations of characters is roughly seventeen million possible passwords. This equation can be found by use of 88th or better understood as 8 to the 8th power. The last of the three methods used for password cracking is key logger.
A key egger is a program or hardware device that logs the keys pressed on the keyboard. A hardware Key logger must be physically connected to the keyboard via the port that plugged into the keyboard into the computer. This device once active takes the keys pressed on the keyboard and logs the order inside a tiny hard drive, which is connected to the device. This disadvantage to this method is because it is a physical device; the hardest part is to plant the device in the first place. However to the cracker’s advantage most of these devices look like keyboard plugs.
The last method for a Key logger is a aerogram version. This version requires a way into the PC, such as a virus or exe that is hidden on the system. If placed in a virus, most virus scanners will delete the key logger quickly. IV. Common hacking tools 1. Map. 2. Nesses Remote Security Scanner. 3. John The Ripper. 4. Nekton. 5. Poof These are some commonly used hacking tools and internet users should take proper precaution to prevent their systems from being hacked. V. Prevention techniques 1 . Perform required software updates for your operating system and web browser. 2. Install a firewall on your computer. . Change your passwords every month. . Purchase or download anti-virus software. 5. Install anti-spare/Edward programs onto your system. 6. Always be aware! VI. Ethical hacking An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known as penetration testing and red teaming.