HACKERS AND ATTACKERS
The primary weapon of a hacker is a thorough understanding of the methods required to successfully discover, penetrate and control a system.
STAGE 1 - DISCOVERY
The hacker gathers information on the target system by mapping the system. A large amount of information is freely and legally available to hackers - e.g. a 'Whois' search can determine the name servicer IP address and domain range.
STAGE 2 - PENETRATION
Once the hacker has determined the scope of the system, he will choose a specific target. This trget will be the one with the weakest security or one for which the hacker has the most tools.
Once the hacker has determined the scope of the system, he will choose a specific target. This trget will be the one with the weakest security or one for which the hacker has the most tools.
STAGE 3 - CONTROL
When the hacker has successfully penetrated the system, he will immediately attempt to control it. The hacker will destroy evidence of activity, obtain root and administrative access, open new security holes, create new accounts and move to other systems. Detection is extremely difficult.
When the hacker has successfully penetrated the system, he will immediately attempt to control it. The hacker will destroy evidence of activity, obtain root and administrative access, open new security holes, create new accounts and move to other systems. Detection is extremely difficult.
ATTACKS
MAN-IN-THE-MIDDLE - Hijacking
The hacker captures packets being sent from one host to another. The hacker must be literally between the two communicating hosts.
The hacker captures packets being sent from one host to another. The hacker must be literally between the two communicating hosts.
DENIAL-OF-SERVICE
These are the most common types of attack. They occur when the host cannot perform properly because another program on the network is using all the resources.
Hackers conduct denial-of-service attacks with spoofing attacks - if a hacker is imitating another network or device, the hacker will generate a rapid flood of information to overburden or crash the network device.
Mail bombing (mail flooding) is another denial-of-service attack that occurs when a user receives a massive amount of emails The load will cause the mail server to fail. Often in retaliation against spamming.
These are the most common types of attack. They occur when the host cannot perform properly because another program on the network is using all the resources.
Hackers conduct denial-of-service attacks with spoofing attacks - if a hacker is imitating another network or device, the hacker will generate a rapid flood of information to overburden or crash the network device.
Mail bombing (mail flooding) is another denial-of-service attack that occurs when a user receives a massive amount of emails The load will cause the mail server to fail. Often in retaliation against spamming.
INSIDER
Again used for unauthorised access. Two insider-attack techniques are eavesdropping on messages between applications and compromising existing control mechanisms.
Again used for unauthorised access. Two insider-attack techniques are eavesdropping on messages between applications and compromising existing control mechanisms.
BRUTE FORCE - Front door attacks
- The hacker has complete information to fraudulently identify himself as a legitimate user.
- The hacker will try every character, word or letter he can think of to defeat authentication.
TRAPDOOR
The hacker establishes certain commands that open potential unauthorised access. The hacker can view and possibly execute system applications.
The hacker establishes certain commands that open potential unauthorised access. The hacker can view and possibly execute system applications.
TROJAN HORSE
A variation of the trapdoor attack involving hiding an unauthorised command within a commonly used function to cause a breach.
A file or program that purports to operate in a legitimate way, but has an alternative secret operation. A Trojan Horse is a specific program that destroys information on the hard drive.
A variation of the trapdoor attack involving hiding an unauthorised command within a commonly used function to cause a breach.
A file or program that purports to operate in a legitimate way, but has an alternative secret operation. A Trojan Horse is a specific program that destroys information on the hard drive.