|
|
Computing |
Internet Security
What
is Hacking?
Hacking is an act of penetrating computer
systems to gain knowledge about the system and how it works.
What are Hackers?
Technically, a hacker is someone who is enthusiastic about computer
programming and all things relating to the technical workings of a
computer. Under such a definition, I would gladly brand myself a hacker.
However, most people understand a hacker to be what is more accurately
known as a 'cracker'
What are Crackers?
Crackers are people who try to gain unauthorized access to computers.
This is normally done through the use of a 'backdoor' program installed
on your machine. A lot of crackers also try to gain access to resources
through the use of password cracking software, which tries billions of
passwords to find the correct one for accessing a computer.
What damage can a Hacker do?
This depends upon what backdoor program(s) are hiding on your PC.
Different programs can do different amounts of damage. However, most
allow a hacker to smuggle another program onto your PC. This means that
if a hacker can't do something using the backdoor program, he can easily
put something else onto your computer that can. Hackers can see
everything you are doing, and can access any file on your disk. Hackers
can write new files, delete files, edit files, and do practically
anything to a file that could be done to a file. A hacker could install
several programs on to your system without your knowledge. Such programs
could also be used to steal personal information such as passwords and
credit card information
How do Hackers hack?
There are many ways in which a hacker can hack. Some are as follows –
- NetBIOS
- ICMP Ping
- FTP
- rpc.statd
- HTTP
NetBIOS
NetBIOS hacks are the worst kind, since they don't require you to have
any hidden backdoor program running on your computer. This kind of hack
exploits a bug in Windows 9x. NetBIOS is meant to be used on local area
networks, so machines on that network can share information.
Unfortunately, the bug is that NetBIOS can also be used across the
Internet - so a hacker can access your machine remotely.
ICMP ‘Ping’ (Internet Control Message
Protocol)
ICMP is one of the main protocols that make the Internet work. It
standards for Internet Control Message Protocol. 'Ping' is one of the
commands that can be sent to a computer using ICMP. Ordinarily, a
computer would respond to this ping, telling the sender that the
computer does exist. This is all pings are meant to do. Pings may seem
harmless enough, but a large number of pings can make a
Denial-of-Service attack, which overloads a computer. Also, hackers can
use pings to see if a computer exists and does not have a firewall
(firewalls can block pings). If a computer responds to a ping, then the
hacker could then launch a more serious form of attack against a
computer.
FTP (File Transfer Protocol)
FTP is a standard Internet protocol, standing for File Transfer
Protocol. You may use it for file downloads from some websites. If you
have a web page of your own, you may use FTP to upload it from your home
computer to the web server. However, FTP can also be used by some
hackers... FTP normally requires some form of authentication for
access to private files, or for writing to files
FTP backdoor programs, such as-
- Doly Trojan
- Fore
- Blade Runner
simply turn your computer into an FTP
server, without any authentication.
rpc.statd
This is a problem specific to Linux and Unix. The problem is the
infamous unchecked buffer overflow problem. This is where a fixed amount
of memory is set aside for storage of data. If data is received that is
larger than this buffer, the program should truncate the data or send
back an error, or at least do something other than ignore the problem.
Unfortunately, the data overflows the memory that has been allocated to
it, and the data is written into parts of memory it shouldn't be in.
This can cause crashes of various different kinds. However, a skilled
hacker could write bits of program code into memory that may be executed
to perform the hacker's evil deeds.
HTTP – HTTP stands for HyperText
Transfer Protocol..
HTTP hacks can only be harmful if you are using Microsoft web server
software, such as Personal Web Server. There is a bug in this software
called an 'unchecked buffer overflow'. If a user makes a request for a
file on the web server with a very long name, part of the request gets
written into parts of memory that contain active program code. A
malicious user could use this to run any program they want on the
server.
Where and how to start Hacking
After you get yourself a good scanner, scan some prefixes and find some
cool dialups, then do the following:
First Method
- From your terminal, dial the number
you found.
- You will hear a series of Beeps.
(Telling you that you are connecting to a remote computer.
- After few seconds you will hear
something like “CONNECT 9600”.
- It then identifies the system you are
on.
- If nothing happens after it says
“CONNECT 9600” try hitting ENTER a number of times.
- If you get a bunch of garbage adjust
your parity, data bits, stop bits etc. until it becomes clear.
- Now when you get connected to the
server you can apply either of the above mentioned methods.
Second Method
The TELNET way
- Get your local dialups.
- Then you dial the number from your
terminal & connect.
- Press Enter and wait for a few
seconds.
- Then it will say “Terminal =”.
- Type your terminal emulation.
- If you don’t know what it is hit
ENTER.
- It will give you a prompt @.
- Type ‘c’(connects to the host)
- Type NAU (Network user address) that
you want to connect.
- Find out the type of system you are on
UNIX, VAX/VSM, PRIME.
Here is a list of some Telenet commands
and their functions.
- c Connect to a host.
- stat Shows network port.
- Full Network echo.
- half Terminal echo.
- Telemail Mail. (need ID and password)
- mail Mail. (need ID and password)
- set Select PAD parameters
- cont Continue.
- d Disconnect.
- hangup Hangs up.
- access Telenet account. (ID and
password)
– Anup Gaurav
January 12, 2003
Anup Gaurav is a student of computer engg.,
questing for knowledge in computer science right from his childhood.
Presently working on threats to computer such as Hacking and Viruses, he
feels that computer systems are not at all secure and its easy to
penetrate into even the highly secured systems just with a little effort
and computer mind. He can be contacted at
anup_gaurav@yahoo.com.
The Worms on the Net
Security: A
Futile Endeavor!
Glossary of
TCP/IP Terms
Remote Admin
Tools
Hacking
TCP/IP – The
Entire Net Runs On A Set of Rules
Telnet
Internet Warfare
RATS
Type of RATS
Trojans - The Method of Infection
Subseven – Beware of this one!
Port Scanners
What is Hacking? by Anup Gaurav
Virus Related Articles
The Anatomy of a Virus
Viruses - Types & Examples
Symptoms of Virus Infection
Kak Worm - An Internet Virus
Melissa
W95.MTX
Computing
CC++ |
Flash |
Java
Linux |
Networking
General Articles
Top |
Previous
|
|
