Hackers, Crackers And More


I'm sure you have seen the term hacker in the newspapers, on television or read it in a book. Defining what a hacker is depends upon the source the definition comes from.

Also there are terms such as a white hat hacker, black hat hacker and script kiddie. During my research I have seen several sources saying a hacker builds things and a cracker tears things up. Ok so what is a hacker?

White hat hacker - writes code, does it with a creative mind, wants to create and improve the use of the code. Many use their talents to help companies improve their security.

Black hat hacker - does the same as the white hat cracker, except they use their talent for the darker side, such as breaking into systems.

For the context of this book I will use the term hacker loosely for the most part as someone trying to break into your system.

This is easier than trying to distinguish specifically hacker, cracker or script kiddie. Do I mean any disrespect for the many good hackers? Certainly not.

Hackers, crackers, or simply intruders probably do not give a squat about who you are, but are probably more concerned about gaining access to your computer.

Once the intruder gains access, then they can do pretty much anything they want to. They can access personal information about you, such as credit card information, user names and passwords for access to other sites.

If they choose, they can even send email to all your friends telling each one of them just how stupid you think they are.

This happened to a friend of mine. Imagine his surprise when I called him and told him about the email I received from him....grin....
It read as shown below:

Fortunately for my friend this was the only thing the intruder did
(except for leaving him a message his computer had been hacked!),
he didn't do any damage to his computer, although my friend did have to do a lot of explaining to a lot of friends.

Needless to say he added a software firewall to his system after re-installing his operating system. He re-installed his operating system to be assured the hacker couldn't access his machine again.

I might add that this friend was an excellent programmer and computer tech. Goes to show anyone's system can be compromised.

This is just one example of what an intruder can do.

They can also use your computer to attack other computers. The hacker or cracker will go around getting access to a bunch of people's computers and then command all those computers to launch an attack on another system such as a website.

This is known as a DDOS or Distributed Denial of Service attack. The website server is over run by requests from the attacking computers and it results in an overload. This means that legitimate visitors to the website can't access the site due to the overload.

A DOS or plain Denial of Service attack is made by one computer sending out huge amounts of data and packets to overload the targeted system.

Imagine the power available by using several, or even hundreds of computers (distributed) combined to attack a system, compared to the attack of one computer. Look at all of the recent news, including the attack on the DNS servers that are the backbone of the internet.

You can read more about this sort of attack at the below link. This site targets pc security and was brought down by hackers just to prove they could do it.

Scroll down about half way to get into the details of the attack and to see just how much control can be used by intruders. This link will open a new window in your internet browser. Close it to return here.
http://grc.com/dos/drdos.htm


We had what was probably a cracker visit one of our ecommerce sites that we just recently sold. The attacker had stolen credit card numbers from several home systems or obtained them from some of the "shady" online sites (more on these later) that offer such information for sale.

(That's not why we sold the site, it was last year when the below incident happened ....grin....).

Another incident that happened to our business was definitely from an intruder. We used to host a newsletter on one of the free popular list group servers. This was a newsletter sent out monthly, members could not post to the list, however they could send email to the owner of the list (me).

These are examples of what can happen when intruders can break into a home computer or even a web server. Of course they can also format your hard drive and destroy all the data on your computer.

Again always have a recent backup in case of any disaster, whether it's security related or just a failed hard drive. Don't think that a disaster can't happen to your computer and the information, disaster will strike eventually.

Ok, so now you are or should be aware of the need to protect your computer, so lets discuss some of the ways intruders sneak into your system.

First, do you think hackers or crackers develop all the tools they use?
If so think again! I did a search on google with the key words "hacker tools" and turned up 586,000 matches.

There are also plenty of sites devoted to the subject of "How to Hack" on the internet with tutorials.

Most hackers have spent plenty of time preparing themselves and work up to the actual task of hacking. Once they are ready, the tools are certainly there and ready for them.

Ironically many utilities used by intruders were originally developed by network administrators as a network tool and not for hacking.

The administrators were wanting to monitor the traffic on their network in order to optimize the performance of the network. It just so happens many of the same utilities could be used for breaking into systems. Now there are many deviations of the same basic utilities rewritten by hackers to optimize the tool for their purpose.

Below are just a few of the tools and methods used by intruders:


Sniffers - When two or more computers communicate with each other, such as a network of computers, or the internet for example, these computers send out packets (of info) that identify each other to the other computers so they can communicate.

Sniffer programs grab these packets and make the info available to the hacker, which can contain passwords, login names and other tasty bits of info hackers can use to further their efforts.

KeyLoggers - These utilities are similar to a Sniffer, except they extract passwords as they are typed on a keyboard and stores them in a separate file or sends them to a hacker for later use. These will normally be placed on the local machine after the hacker has found a hole on your system.

Port Scanners - Simply put, these utilities scan the internet or network sending out requests to random computers seeking to get an answer (packet) back from the computer.

Depending upon the port (a number assigned for that application by your computer) that responds back to the scanner, then the hacker may be able to gain access to the computer through that possibly unsecured port. It's kind of like going down a hallway and checking for unlocked doors in a building. A computer has 65,535 communication ports, that is a lot of doors and only one has to be unlocked.

Network administrators use port scanners to detect any possible holes in their network that might be accessible. Hackers use them on the internet to find unsuspecting and unprotected systems to target for access. This is where firewalls come into play, they can make your system seem invisible to these scans.

IP Spoofing - The hacker fabricates fake information in the packets (see sniffers above) that make it look like they are coming from a trusted computer. If the target computer accepts these packets and thinks it can trust the computer then the hacker can gain access by changing the trusted computer's IP address to their own IP address in the packets.

An IP address identifies the computer much like social security numbers are used to identify individuals. Hmmm, the hacker's computer assumes the identity of the trusted host, just like some crooks have assumed the identity of individuals through their social security number.

Password Crackers - These are programs that hackers use, to try to discover the passwords for web servers, password protected email, software programs, Pop3 email accounts, ISP accounts, and most any other program or file that might be password protected.

Email Spoofing - I'm not sure email spoofing would really be classified as hacking, however it can result in an intruder getting access to your computer or sensitive information that you wouldn't want disclosed. It is the process of changing the name in the "from" field to make it look like the email came from someone else. One example is spam where the spammer is hiding their true identity and origination email source. Only the spammer wants to sell you something rather than break into your system.

This practice has also been used to obtain user IDs and passwords for network access to private networks, ISP service providers such as AOL, MSN and many others. Many an unsuspecting person has given their account information to someone who told them they were a representative of the company. This method has been used many times through email, chat rooms, and instant messaging software. (Remember the opening quotes in this book...grin....)

Another recent spoof or scam of this type has been targeting Paypal customers via email. It came with an official looking email asking the customer to go to a link in the email and update or confirm their account information by logging in.

So the user would go to the site and login. Unknown to the user, all the login information was being saved so it could be used by intruders to access their real Paypal account.

The catch being, it was NOT a Paypal web link even though it appeared to be in general appearance.

Web Site Scripts - Though currently this would be in the minority of risks, or was (it's growing each day), some websites do have destructive scripts that will download other scripts or trojan horses to breach your securtiy. Actually some scripts can be destructive even though it wasn't the intention of the website owner. Just a result of bad coding by a not so knowledgeable programmer or site owner.

As far as how high your risk is, this is a numbers game. The more you surf and visit sites, the more the numbers increase against you. Also consider hacking incidents are increasing at an escalating rate as are the number of new websites and users of the internet.

The same applies to downloading files, there are incidents of files being modified and then uploaded to sites that offer shareware (try before you buy software) and freeware (free software) programs. The person downloads the file, runs it, and it secretly places a trojan horse or time bomb on their computer. Worse yet, the program immediately formats their hard drive.

If you download a lot of shareware or freeware from the internet, try to use large well known sites such Tucows.com, ZDNet.com and other well known download sites.

File and Print Sharing Services - These are services your computer allows to be shared. If you don't have a home network then you don't need these services enabled, that is unless you are sharing files across the internet. If so you could be open to viruses, hacks and more.

Unattended Computers - This doesn't apply to your home computer as much, but it can still be a risk. If you work from your home and have a lot of visitors, then don't leave your computer screen on with any sensitve information showing when you have strangers or visitors you don't know. DON'T leave user IDs and passwords pasted to your monitor.

You just never know what prying eyes might be watching your screen. Don't assume a hacker attack would always come from the internet.

Insecure or easy to guess passwords - You would probably be amazed at the amount of people that use their child or children's first names, their wife's first name, their pet's name, and some of the following passwords: God, Hero, Boss, Bossman, Chief.

When choosing a password use at least 6 or 8 characters. Make it a combination of letters and numbers with a mixed case. Such as cD27Br9a.

Don't use common words that can be found in a dictionary.

NEVER give out your passwords.

Change your passwords on a regular basis.

Yeah I know that can be a hassle, but think of the hassle if you get hacked! For software to help you handle your passwords, websites and more go to the below link. And yes this is a plug for our software..grin...
InternetInformationManager.com


Protecting Your Computer

Ok, would you like to do a quick check of your computer to see if it's protected from intruders?

The below links will open your browser in a new window, Just close the browser to return here when you are finished. Some do require Internet Explorer 4.x or better. At this time all the below security checks are free, but of course subject to change at the company's discretion.

Since links can change, if any of the links ceases to work then just go to the company or site's home page and search for security scan.

The above tests should have given you a good start, plus if you want to find more sites then search on the key words online security test using the search engines.


So boys and girls how did you fare?
Are you protected?
Is your computer locked down tighter than a pickle jar?

How about your browser, is it secure? Especially if you use Internet Explorer. Chances are about 50% (if you are using IE) that you may have a possible hole for browser spying.

Maybe you are asking "So what do you base your percentage on?".

According to the Symantec site above, their stats show 50%+ of the browsers they scanned are vunerable to attack. That is based on almost two million scans completed by their online utility.

I might add that it included mine, since I need to get the latest update patch for IE. However I don't use IE except only in the extreme times when it's required. I personally prefer Opera or Mozilla.

BUT, I will go grab the latest update immediately to better secure Internet Explorer. After all it only takes one ill timed incident, no matter how little I use it.

Ok, so I'm assuming you checked your system and perhaps it is lacking in some areas of being protected. If not, great move on to the Virus section and lets see how you fare there. If you do need more protection read on.

Most of the above resource sites offer their version of a software firewall, some may be free, some may have a free trial, and some are not free at all.

Lets face it, that's one reason they have the security tests for free. Once you know you are vunerable, then they want you to buy their software.

But don't worry you will have plenty of choices in the next section of reviews and resources of firewalls to decide which one is best for you.


Geeesh..., the more I write about this subject the more I want to just unplug my computer, then I know it's safe. Well except from an act of nature...grin....


Ok, so on we forge.

Let's do an overview of a few of some of the many software firewalls available. Plus I have included plenty of additional links for reading up on the many choices available.


Next

Back To Index