The most common methods used by intruders to gain control of home
computers are briefly described below.
1. Trojan horse programs
Trojan horse programs are a common way for intruders to trick you
(sometimes referred to as "social engineering") into installing "back
door" programs. These can allow intruders easy access to your
computer without your knowledge, change your system configurations,
or infect your computer with a computer virus.
2. Back door and remote administration programs
On Windows computers, three tools commonly used by intruders to
gain remote access to your computer are BackOrifice, Netbus, and
SubSeven. These back door or remote administration programs, once
installed, allow other people to access and control your computer.
3. Denial of service
Another form of attack is called a denial-of-service (DoS) attack. This
type of attack causes your computer to crash or to become so busy
processing data that you are unable to use it. It is important to note that
in addition to being the target of a DoS attack, it is possible for your
computer to be used as a participant in a denial-of-service attack on
another system.
4. Being an intermediary for another attack
Intruders will frequently use compromised computers as launching
pads for attacking other systems. An example of this is how distributed
denial-of-service (DDoS) tools are used. The intruders install
an "agent" (frequently through a Trojan horse program) that runs on
the compromised computer awaiting further instructions. Then, when a
number of agents are running on different computers, a single "handler"
can instruct all of them to launch a denial-of-service attack on another
system. Thus, the end target of the attack is not your own computer,
but someone else’s -- your computer is just a convenient tool in a larger
attack.
5. Unprotected Windows shares
Unprotected Windows networking shares can be exploited by intruders
in an automated way to place tools on large numbers of Windows-
based computers attached to the Internet. Because site security on the
Internet is interdependent, a compromised computer not only creates
problems for the computer's owner, but it is also a threat to other sites
on the Internet. The greater immediate risk to the Internet community
is the potentially large number of computers attached to the Internet
with unprotected Windows networking shares combined with distributed
attack tools.
Another threat includes malicious and destructive code, such as viruses
or worms, which leverage unprotected Windows networking shares to
propagate.
There is great potential for the emergence of other intruder tools that
leverage unprotected Windows networking shares on a widespread
basis.
6. Mobile code (Java/JavaScript/ActiveX)
There have been reports of problems with "mobile code" (e.g. Java,
JavaScript, and ActiveX). These are programming languages that
let web developers write code that is executed by your web browser.
Although the code is generally useful, it can be used by intruders
to gather information (such as which web sites you visit) or to run
malicious code on your computer. It is possible to disable Java,
JavaScript, and ActiveX in your web browser.
7. Cross-site scripting
A malicious web developer may attach a script to something sent to a
web site, such as a URL, an element in a form, or a database inquiry.
Later, when the web site responds to you, the malicious script is
transferred to your browser.
You can potentially expose your web browser to malicious scripts by
following links in web pages, email messages, or newsgroup postings
without knowing what they link to
using interactive forms on an untrustworthy site
viewing online discussion groups, forums, or other dynamically
generated pages where users can post text containing HTML tags
8. Packet sniffing
A packet sniffer is a program that captures data from information
packets as they travel over the network. That data may include
user names, passwords, and proprietary information that travels
over the network in clear text. With perhaps hundreds or thousands
of passwords captured by the packet sniffer, intruders can launch
widespread attacks on systems. Installing a packet sniffer does not
necessarily require administrator-level access.
Relative to DSL and traditional dial-up users, cable modem users have
a higher risk of exposure to packet sniffers since entire neighborhoods
of cable modem users are effectively part of the same LAN. A packet
sniffer installed on any cable modem user's computer in a neighborhood
may be able to capture data transmitted by any other cable modem in
the same neighborhood.
Tuesday, May 24, 2011
Sunday, May 15, 2011
The methods to ensure Internet security
1. Use a firewall
We strongly recommend the use of some type of firewall product for Internet security, such as a network appliance or a personal firewall software package. Intruders are constantly scanning home user systems for known vulnerabilities. Network firewalls (whether software or hardware-based) can provide some degree of protection against these attacks.
2. Don't open unknown email attachments
Before opening any email attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. The Melissa virus spread precisely because it originated from a familiar address. Malicious code might be distributed in amusing or enticing programs.
If you must open an attachment before you can verify the source, we suggest the following procedure:
a. save the file to your hard disk
b. scan the file using your antivirus software
c. open the file
For additional protection, you can disconnect or lock your computer's network connection before opening the file.
Following these steps will reduce, but not wholly eliminate, the chance that any malicious code contained in the attachment might spread from your computer to others.
3. Don't run programs of unknown origin
Never run a program unless you know it to be authored by a person or company that you trust. Also, don't send programs of unknown origin to your friends or coworkers simply because they are amusing -- they might contain a Trojan horse program. These programs seriously hurt Internet Security.
4. Disable hidden filename extensions
Windows operating systems contain an option to "Hide file extensions for known file types". The option is enabled by default, but you can disable this option in order to have file extensions displayed by Windows. After disabling this option, there are still some file extensions that, by default, will continue to remain hidden.
There is a registry value which, if set, will cause Windows to hide certain file extensions regardless of user configuration choices elsewhere in the operating system. The "NeverShowExt" registry value is used to hide the extensions for basic Windows file types. For example, the ".LNK" extension associated with Windows shortcuts remains hidden even after a user has turned off the option to hide extensions.
5. Keep all applications, including your operating system, patched
Vendors will usually release patches for their software when a vulnerability has been discovered. Most product documentation offers a method to get updates and patches. You should be able to obtain updates from the vendor's web site. Read the manuals or browse the vendor's web site for more information.
Some applications will automatically check for available updates, and many vendors offer automatic notification of updates via a mailing list. Look on your vendor's web site for information about automatic notification. If no mailing list or other automated notification mechanism is offered you may need to check periodically for updates.
6. Turn off your computer or disconnect from the network when not in use
Turn off your computer or disconnect its Ethernet interface when you are not using it. An intruder cannot attack your computer if it is powered off or otherwise completely disconnected from the network.
7. Disable Java, JavaScript, and ActiveX if possible
Be aware of the risks involved in the use of "mobile code" such as ActiveX, Java, and JavaScript. A malicious web developer may attach a script to something sent to a web site, such as a URL, an element in a form, or a database inquiry. Later, when the web site responds to you, the malicious script is transferred to your browser.
The most significant impact of this vulnerability can be avoided by disabling all scripting languages. Turning off these options will keep you from being vulnerable to malicious scripts. However, it will limit the interaction you can have with some web sites.
Many legitimate sites use scripts running within the browser to add useful features. Disabling scripting may degrade the functionality of these sites.
8. Disable scripting features in email programs
Because many email programs use the same code as web browsers to display HTML, vulnerabilities that affect ActiveX, Java, and JavaScript are often applicable to email as well as web pages. Therefore, in addition to disabling scripting features in web browsers, we recommend that users also disable these features in their email programs. It is important to Internet security.
9. Make regular backups of critical data
Keep a copy of important files on removable media such as ZIP disks or recordable CD-ROM disks (CD-R or CD-RW disks). Use software backup tools if available, and store the backup disks somewhere away from the computer.
10. Make a boot disk in case your computer is damaged or compromised
To aid in recovering from a security breach or hard disk failure, create a boot disk on a floppy disk which will help when recovering a computer after such an event has occurred. Remember, however, you must create this disk before you have a security event.
If you use your broadband access to connect to your employer's network via a Virtual Private Network (VPN) or other means, your employer may have policies or procedures relating to the security of your home network. Be sure to consult with your employer's support personnel, as appropriate, before following any of the steps outlined in this document.
Tuesday, May 10, 2011
Can I Become A Good Hacker Without A Prior Knowledge Of Programming??
"Can I become a good hacker without knowning Programming?", "Is Programming necessary for learning how to hack", I usually get these question asked almost daily, There have been lots of debates on this topic, Some think that it's necessary while others think that it's not necessary at all, So I thought to write a post on this topic explaining my views if programming is necessary for becoming a hacker or not.
The answer is that it depends:
Why it's not necessary?
In early 90's the best hackers were known as those who were best at the knowledge of programming and the reason for that was probably that almost every thing was based on a command line so it was for sure that if some one is a good hacker he is surely a good programmer.
However the definition of hackers sort of changed after the beginning of 21'ST century, One could become a fairly good hacker without any knowledge of programming, This reason for that is because now a days there are lots of ready made tools which helps you to compromise a machine without any knowledge of Programming, Take an example of "Havij", Havij is a small software which helps you automate the process of SQL Injection and helps you extract sensitive database information in seconds where it may take hours in some cases to extract it, If you still don't agree with me try answering the following question:
Does it matter if an elite hacker writes a buffer overflow or a script kiddy runs a tool if the target system gets compromised anyway?
Where It's Necessary?
It's true that many good hackers are technology buffs and are curious about how things work, this is where you need to have prior knowledge of Programming in order to know how things work.
Another reason is why you should probably learn Programming is that you can write your own exploit (An exploit is a peice of code which can be used to gain access to the target machine using a specific vulnerability), which is the single most important thing which will separate you from rest of the script kiddies out there and most of the times some of the exploit codes comes with several code mistakes which are kept by Elite hackers themselves to prevent script kiddies or people with very little knowledge of hacking to run it.
In Short:
You can become a fairly good hacker without having a prior knowledge of programming but if you want take your hacking skills to the next level I will recommend you to learn Programming now the question which might arise in your mind is that what Programming languages should I learn?, I will cover it in my upcoming posts.
Feel free to express your views on the topic, Whether you agree with me or not?
Wednesday, May 4, 2011
Canadians' personal information could be hacked in latest Sony data breach
Sony has revealed that it was the target of a second attack by hackers which, while not affecting the debit or credit card information of Canadian online gamers, may have exposed their personal information.
In the latest data breach, uncovered Tuesday, the Japanese company announced that its Sony Online Entertainment division had been hacked, compromising 22,000 credit or debit numbers of European customers held in a 2007 database.
Personal information from more than 24 million customers worldwide, including names, addresses and dates of birth, may have also been stolen, but the company did not immediately say whether Canadian customers were affected.
Sony spokeswoman Michele Sturdivant told Postmedia News Tuesday that Canadians' financial information is safe from the recent hacks, but she said she did not know how many of the 24 million people who could have had other information stolen were Canadian.
News of the breach comes after Sony last week informed its 75 million PlayStation customers worldwide, including around one million in Canada, of a massive theft of PlayStation Network customer data involving the email addresses, birthdates and network passwords of an unknown number of its users.
Credit and debit information may also have been compromised, but Sony Canada has not released any details about how Canadian PlayStation users may have been affected.
In the short term, Sony Online Entertainment has temporarily shut down its online games service. The division operates online games such as EverQuest and is separate from the PlayStation video game console division.
A Toronto-based law firm has launched a class-action lawsuit against Sony over the "theft from Sony of personal information."
All Canadian PlayStation users can sign on to be part of the $1-billion damage claim, according to a news release from McPhadden Samac Tuovi.
Chester Wisniewski, a Vancouver-based senior security adviser at Sophos Canada, said the latest development involving Sony's online entertainment division, taken together with PlayStation breach, is a massive headache for the company.
"The fix to their reputation is going to take a very long time. With over 100 million victims, that's pretty massive," said Wisniewski.
He warned that personal information can be used for identity theft.
Wisniewski, meanwhile, said the company has to answer for an apparent sloppy handling of customers' personal data involving a 2007 database.
"Why are there old unmaintained databases accessible, especially ones that contain people's unencrypted banking information and credit card information from four years? That's not very standard business practice to keep that kind of sensitivity around," said Wisniewski.
"It's certainly embarrassing for an organization as large as Sony, holding such personal information about over 100 million people without taking due diligence or proper care of that information."
Meanwhile, the office of Canada's privacy commissioner continues to look into the Sony case, but has not launched a formal investigation, said spokeswoman Valerie Lawton.
"We are in communication with Sony to better gauge what has taken place and what measures Sony is taking to deal with the matter."
Tuesday, May 3, 2011
WiFi Wireless Hacking 2011 ( NEW )
LATEST WIRELESS WIFI NETWORK SECURITY ANALYSIS & HACKING SOFTWARE!!
Want updated tools & information to hack wireless networks, mobiles and PDAs (your own or with permission of the owner)? Want to gain access to these devices (break any encryption)? Want to test your network security and learn how to hack it? No hassle of installing & configuring hundreds of tools !! Now included, Wifi Hacks & Mods, Wifi hacking for Dummies and more...
There are too many tools (145+) to list but below is a rough outline of the main software:
1) IP Address Scanner
2) IP Calculator
3) IP Converter
4) Port Listener
5) Port Scanner
6) Ping
7) NetStat (2 ways)
8) Trace Route (2 ways)
9) TCP/IP Configuration
10) Online - Offline Checker
11) Resolve Host & IP
12) Time Sync
13) Whois & MX Lookup
14) Connect0r
15) Connection Analysator and protector
16) Net Sender
17) E-mail seeker
18) Net Pager
19) Active and Passive port scanner
20) Spoofer
21) Hack Trapper
22) HTTP flooder (DoS)
23) Mass Website Visiter
24) Advanced Port Scanner
25) Trojan Hunter (Multi IP)
26) Port Connecter Tool
27) Advanced Spoofer
28) Advanced Anonymous E-mailer
29) Simple Anonymous E-mailer
30) Anonymous E-mailer with Attachment Support
31) Mass E-mailer
32) E-mail Bomber
33) E-mail Spoofer
34) Simple Port Scanner (fast)
35) Advanced Netstat Monitoring
36) X Pinger
37) Web Page Scanner
38) Fast Port Scanner
39) Deep Port Scanner
40) Fastest Host Scanner (UDP)
41) Get Header
42) Open Port Scanner
43) Multi Port Scanner
44) HTTP scanner (Open port 80 subnet scanner)
45) Multi Ping for Cisco Routers
46) TCP Packet Sniffer
47) UDP flooder
48) Resolve and Ping
49) Multi IP ping
50) File Dependency Sniffer
51) EXE-joiner (bind 2 files)
52) Encrypter
53) Advanced Encryption
54) File Difference Engine
55) File Comparasion
56) Mass File Renamer
57) Add Bytes to EXE
58) Variable Encryption
59) Simple File Encryption
60) ASCII to Binary (and Binary to ASCII)
61) Enigma
62) Password Unmasker
64) Create Local HTTP Server
65) eXtreme UDP Flooder
66) Web Server Scanner
67) Force Reboot
68) Webpage Info Seeker
69) Bouncer
70) Advanced Packet Sniffer
71) IRC server creater
72) Connection Tester
73) Fake Mail Sender
74) Bandwidth Monitor
75) Remote Desktop Protocol Scanner
76) MX Query
77) Messenger Packet Sniffer
78) API Spy
79) DHCP Restart
80) File Merger
81) E-mail Extractor (crawler / harvester bot)
82) Open FTP Scanner
83) Advanced System Locker
84) Advanced System Information
85) CPU Monitor
86) Windows Startup Manager
87) Process Checker
88) IP String Collecter
89) Mass Auto-Emailer (Database mailer; Spammer)
90) Central Server (Base Server; Echo Server; Time Server; Telnet Server; HTTP Server; FTP Server)
91) Fishing Port Scanner (with named ports)
92) Mouse Record / Play Automation (Macro Tool)
93) Internet / LAN Messenger Chat (Server + Client)
94) Timer Shutdown/Restart/Log Off/Hibernate/Suspend/ Control
95) Hash MD5 Checker
96) Port Connect - Listen tool
97) Internet MAC Address Scanner (Multiple IP)
98) Connection Manager / Monitor
99) Direct Peer Connecter (Send/Receive files + chat)
100) Force Application Termination (against Viruses and Spyware)
101) Easy and Fast Screenshot Maker (also Web Hex Color Picker)
102) COM Detect and Test
103) Create Virtual Drives
104) URL Encoder
105) WEP/WPA Key Generator
119) Net Wanderer
120) WhoIs Console
121) Cookies Analyser
122) Hide Secret Data In Files
123) Packet Generator
124) Secure File Splitting
125) My File Protection (Password Protect Files, File Injections)
126) Dynamic Switch Port Mapper
127) Internet Logger (Log URL)
128) Get Whois Servers
129) File Split&Merge
130) Hide Drive
131) Extract E-mails from Documents
133) Hook Spy
134) Software Uninstaller
135) Tweak & Clean XP
136) Steganographic Random Byte Encryption
138) File Encrypter/Decrypter
139) Quick Proxy Server
140) Connection Redirector (HTTP, IRC, ... All protocols supported)
141) Local E-mail Extractor
142) Recursive E-mail Extractor
143) Outlook Express E-mail Extractor
144) Telnet Client
145) Fast Ip Catcher
146) Monitor Host IP
147) FreeMAC (MAC Address Editor)
148) QuickFTP Server (+user accounts support)
150) Network Protocol Analyzer
151) Steganographic Tools (Picture, Sounds, ZIP Compression and Misc Methods)
152) WebMirror (Website Ripper)
153) Extra Tools
154) Network Hacking for beginners
155) Hacks & Mods
Subscribe to:
Comments (Atom)