The threat from Hackers is complex, which perhaps infects internal workings of a system, computers and computer networks in particular. The blog presents the potential risks associated by hacking analyzing different types of hacking and cracking like Inside Jobs, Rogue Access Points etc & its countermeasures like firewall, intrusion detection system and intrusion prevention system. Integrity Checkers, Virus Construction Kits, and Rogue Access Points This blog has presented different motives behind hacking & cracking. The Jargon Wiki’s first definition for hacker says: Hacker is a person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary, whereas cracker is someone whose purpose is to circumvent or break security measures. Some security crackers end up using their powers for good, providing penetration testing services or otherwise making efforts on the side of the angels.
The term “hack” was first used by US university computing centre staff in the mid-1960s.(Wikipedia) Intrusion is defined as an attempt to break into or misuse a computer system. There are two words to describe people who try to get into system :hacker and cracker. Hacker are those people who get into system or use the system for legal purposes. Basic purpose of hackers is to know the system internally without any bad intention. Hackers like to explore their own systems whereas malicious hacker is the person who likes getting into other people’s system. A hacker, in the classic sense of the term, is someone with a strong interest in how things work, who likes to tinker and create and modify things for the enjoyment of doing so. Malicious hacker is known as attacker. A word hacker is often used to refer to malicious security cracker. The RFC 1392: Internet Users’ Glossary defines “hacker” as: A person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular. The term cracker and hacker are used interchangeably (albeit incorrectly) largely due to the ignorance of the general populace, especially the media. Many others use their powers for evil, however, as we are all too painfully aware. The hacking and cracking concepts are often misrepresented and used interchangeably by many within and outside the industry. For simplicity it can be stated that “hackers build things, crackers break them” (Raymond, 2007). One of the fine definitions of hacker and cracker is: “A hacker is someone who thinks outside the box. It’s someone who discards conventional wisdom, and does something else instead. It’s someone who looks at the edge and wonders what’s beyond. It’s someone who sees a set of rules and wonders what happens if you don’t follow them. A hacker is someone who experiments with the limitations of systems for intellectual curiosity” (Schneier, 2007), while a cracker is someone who breaks into a computer system, often a corporate network with the intention of taking advantage of the system. There are two types of hacker: elites and kiddies. Elite hackers are innovative hackers who have a true grasp of systems. Kiddies are hackers who use the tools created by elites to hack the system (Mollick, 2005). There is some kind of motivation behind every act of an individual. So in this case some of the motives include the following:
Financial returns: For very many reasons, an individual might be financially pressured to get involved with human hacking. For example, family pressure.
Revenge: For personal reasons, an individual might decide to target a friend, colleague, organization, or ex-employer to satisfy his or her egocentric desires.
Self interest: An individual might have a vested interest in having access to a system or information in order to modify records for personal gain or to favor a friend, family, or colleague.
WHAT IS HACKING AND CRACKING
Hacking is not a simple operation or sequence of commands as many people think. Hacking is a skill. Hacking is not a specific term, there are many types of hacking. Hacking is unauthorized use of computer and network resources. Computer hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose. People who engage in computer hacking activities are often called hackers. Computer hacking is most common among teenagers and young adults, although there are many older hackers as well. Many hackers are true technology buffs who enjoy learning more about how computers work and consider computer hacking an “art” form. They often enjoy programming and have expert-level skills in one particular program. For these individuals, computer hacking is a real life application of their problem-solving skills. It’s a chance to demonstrate their abilities, not an opportunity to harm others. Cracking is a term also given to those who try to break software in order to make them free or distribute them, this is the same group of sad people. Software cracking is the modification of software to remove or disable features which are considered undesirable by the person cracking the software, usually related to protection methods: copy protection, trial/demo version, serial number, hardware key, date checks, CD check or software annoyances like nag screens and adware. Software cracking is considered illegal and cracked software is often called pirated Software. Cracked software generally has had the executable modified and can cause undesirable behavior.
WHY DO PEOPLE HACK
Why people hack depends on what they’re trying to accomplish. Obviously, a criminal hacker is out to steal financial information or someone’s identity. This can be done by breaching security systems of a company’s database or with viruses. These aren’t the only hackers out there though. In recent years, people have been discussing “ethical” hackers. Many people have a problem believing that any type of hacking could ever be a good thing. Still, there are hackers that find problems and report them. The term hacker, always gives an about someone using computer to commit crimes. What need to realize though is that some hackers hack for a good reason. There are hackers that spend their time trying to find weak spots in software. They don’t do this in order to hack other’s machines. They find the loopholes in the system and find ways to fill them for future security. Without this type of hacking, there would be many more crime-related hacking cases than there currently are. Some people do this:
- out of the excitement of doing something different
- to know the internal working of system
- to understand the internal structure of system
- to find the threats related to security issues and to fix them
Most common methods hackers use for hacking are :
Stealing Password: Dictionary attacks, brute force attacks, and hybrid attacks are all various methods used to guess or crack passwords. The only real protection against such threats is to make very long passwords or use multiple factors for authentication
Trojan horse : It, is malware that appears to perform a desirable function for the user prior to run or install but instead facilitates unauthorized access of the user’s computer system.
Exploiting defaults: Nothing makes attacking a target network easier than when t hat target is using the defaults set by the vendor or manufacturer. Many attack tools and exploit scripts assume that the target is configured using the default settings. Thus, one of the most effective and often overlooked security precautions is simply to change the defaults.
Man-in-the middle attacks : A MITM attack occurs when an attacker is able to fool a user into establishing a communication link with a server or service through a rogue entity. The rogue entity is the system controlled by the hacker. It has been set up to intercept the communication between user and server without letting the user become aware that the misdirection attack has taken place.
Wireless attacks : Wireless networks have the appeal of freedom from wires- the ability to be mobile within your office while maintaining network connectivity. Wireless networks are inexpensive to deploy and easy to install.
Doing their homework : This implies that hackers collect information about the organization to hack their system. Hackers spend considerable time and effort acquiring a complete arsenal. This process can be called reconnaissance, discovery, or foot printing. Ultimately, it is intensive, focused research into all information available about your organization from public and non – so public resources.
Monitoring Vulnerability Research : They are able to read Web sites, discussion lists, blogs, and other public information services about known problems, issues, and vulnerabilities with hardware and software. The more the hacker can discover about possible attack points, the more likely it is that he can discover a weakness you’ve yet to patch, protect, or even become aware of.
Being patient and persistent : Hacking into a company network is not typically an activity someone undertakes and completes in a short period of time. Hackers often research their targets for weeks or months, before starting their first tentative logical interactions against their target with scanners, banner-grabbing tools, and crawling utilities. Once hackers have crafted a profile of your organization, they must then select a specific attack point, design the attack, test and drill the attack, improve the attack, schedule the attack, and, finally, launch the attack.
There are various methods other then these discussed above.
TYPES OF HACKING AND CRACKING
Hackers can be divided into three groups: white Hats, black hats and grey hats. Ethical Hackers usually fall into the white hat. Hackers category but sometimes they’re former grey hats who have become security professionals and who use their skills in an ethical manner.
White hats are the good guys, the ethical hackers who use their hacking skills for defensive purposes. White hat category, but sometimes they’re former grey hats who have become security professionals and who use this knowledge to locate weaknesses and implement countermeasures.
Black hats are the bad guys, the malicious hackers or crackers who use their skills for illegal or malicious purposes. They break into or otherwise violate the system integrity of remote machines, with malicious intent having gained unauthorized access. Black hat hackers destroy vital data, deny leg mate users services, and basically cause problems for their targets. Black hat hackers and crackers can easily be differentiated from white head hackers because their actions are malicious. Grey hat hackers may work offensively or defensibly depending on the situation. This is the dividing line between hackers and crackers. Both are powerful forces on the internet and both will remain permanently. And some individuals qualify for both categories. The existence of such individuals further clouds the division between these two groups of people. In addition to these groups, there are self-proclaimed ethical hackers, who are interested in hacker tools mostly from a curiosity stand point. They may want to highlight the security problem in a system or educate victims so they secure their systems properly. These hackers are doing their “victims” a favor. For instance, if a weakness is discovered in a service offered by an investment bank, the hackers is doing a favor for the bank by giving the bank a chance to rectify the vulnerability. Being able to identify the types of hackers is important, but determining the differences equally hard.
TYPES OF HACKING
Most security breaches originate inside the network that is under attack. Inside jobs include stealing passwords (which hackers then use or sell), performing industrial espionage, causing harm (as disgruntled employees), or committing simple misuse. Sound policy enforcement and observant employees who guard their passwords and PCs can thwart many of these security breaches.
Rogue Access Points
Rogue access points (APs) are unsecured wireless access points that outsiders can easily breech. (Local hackers often advertise rogue APs to each other.) Rogue APs are most often connected by well-meaning but ignorant employees.
Hackers can gain access to a network by exploiting back doors’ administrative shortcuts, configuration errors, easily deciphered passwords, and unsecured dial-ups. With the aid of computerized searchers (bots), hackers can probably find any weakness in your network.
Denial of Service
DOS attacks give hackers a way to bring down a network without gaining internal access. DOS attacks work by flooding the access routers with bogus traffic (which can be e-mail or transmission Control Protocol, TCP, packets).
(DDOSS) are coordinated DOS attacks from multiple sources. A DDOSS more difficult to block because it uses multiple, changing, source IP addresses.
Anarchists, Crackers, and Kiddies
Anarchists are people who just like to break stuff. They usually exploit any target of opportunity. Crackers are hobbyists or professionals who break passwords and develop Trojan horses or other SW (called wares). They either use the SW themselves (for bragging rights) or sell it for profit. Script kiddies are hacker wannabes. They have no real hacker skills, so they buy or download wares, which they launch. Other attackers include disgruntled employees, terrorists, political operatives, or anyone else who feels slighted, exploited, ripped off, or unloved.
Sniffing and Spoofing
Sniffing refers to the act of intercepting TCP packets. This interception can happen through simple eavesdropping or something more sinister. Spoofing is the act of sending an illegitimate packet with an expected acknowledgment (ACK), which a hacker can guess, predict, or obtain by snooping.
TYPES OF CRACKING
Cracking is hacking which does damage to a system or its contents. Computers appear to attract a group of people who direct their anti-social activities against the very instrumental that is, computers with which they can conduct those activities. There are three types of cracking:
- that is done for private pleasure of the cracker
- cracking done with financial gain in mind
- cracking done with political motivation.
Cracking for fun : the bulk of cracking is done by personal challenge of getting unauthorized access to another’s computer. At this stage, only hacking is involved, crackers takes the further steps of interfering with the access systems by reading e-mails ,creating fictitious accounts, altering programs (often to allow themselves easier access in future) and so forth. The cracker may do this for purely personal pleasure or satisfaction and may wish to publicize the achievements to a probably small group of like-minded people either to gain credibility or share information.
Financial Crime or Phreaking : while not suggesting, that cracking is not criminal, it is believed that qualitative distinction can be made between cracking which is done with the pleasure of achievement or challenge, and the cracking which is done with the intent of financial gains. The amounts involved can be individually and cumulatively small or large. In this category falls one of the earliest forms of cracking, phreaking which is the simulating of the particular tone that allows access to US long distance telephone services. Telephone Service theft remains a major form of financially motivated Cracking.
Hacktivism : Hacktivism is the active use of the internet with hacking techniques to make a political statement or promote a political cause. This does not include the maintenance of a website with apolitical view, participation in political chat groups or sending individual e-mails with political content. This type of activity referred to by this neologism is the hijacking, defacement, or destruction of another’s website for political motives, secretly hacking activity on government computer so that the public or particularly affected people are informed of developments, destructions of files or computers for political reasons, sending of mass e-mails in order to shutdown a computer system with political uses, and so forth.
How can we stop a virus infecting a computer, and if infected, how can we get rid of it before it does any damage? Since prevention is better than cure, a wide range of antivirus software of varying effectiveness is available, commercially and as shareware. When the software has been purchased, follow the instructions. This usually involves checking the machine for viruses first, before installing the software. Antivirus software normally consists of one or more of the following utilities.
- Scanner – Every virus (or file for that matter) is constructed from a number of bytes. A unique sequence of these bytes can be selected, which can be used to identify the virus. This sequence is known as the virus’s signature. Therefore, any file containing these bytes may be infected with that virus. A scanner simply searches through files looking for this signature. A scanner is the most common type of antivirus software in use, and is very effective. Unfortunately, scanners occasionally produce false positives. That is, the antivirus product identifies a file as containing a virus, whereas in reality it is clean. This can occur by a legitimate file containing an identical sequence of bytes to the virus’s signature. By contrast, a false negative occurs when the antivirus software identifies a file as clean, when in fact it contains a virus.
- Integrity Checkers – Scanners can only identify viruses which have been analyzed and have had a signature extracted. An integrity checker can be used to combat unidentified viruses. This utility calculates a checksum for every file that the user chooses, and stores these checksums in a file. At frequent intervals, the integrity checker is run again on the selected files, and checksums are recalculated. These recalculated values can be compared with the values stored in the file. If any checksums differ then it may be a sign that a virus has infected that file. This may not be the case of course, because some programs legitimately alter files during the course of their execution, and this would result in a different checksum being calculated.
- Behavior Blocker – This utility remains in memory while the computer is active. Its task is to alert the user to any suspicious activity. An example would be a program writing to a file. The drawback of this is that user intervention is required to confirm an action to be taken, which can be an annoyance that may prefer to live without. Fortunately, as viruses increase, so do the number of people taking precautions. With antivirus precautions in place the chance of virus infection can be kept to a minimum.
- Virus Construction Kits – These kits allow anyone to create a virus. There are a number of types available, offering different functionality. Some use a pull down menu interface (such as the virus creation laboratory) others (such as PS-MPC) use a text configuration file to contain a description of the required virus. Using these tools, anyone can create a variety of viruses in a minimal amount of time.
This study shows that for huge development in computer and internet technology all credit goes to hackers, but because of crackers they are now considered as thieves and intruders who penetrates our security and misuse it. There are many techniques that hackers/crackers use for hacking. Hacking and cracking both are good as well as bad in different terms. But in today’s world both plays important role in growing technology. If hacking is used to build something then cracking finds a way to break them. The focus of hacker attacks has moved with improving security measures, as the attackers seek to find a weak point in system defenses. This leads to improvement in security but the level of technical attack sophistication continues to rise.