Preventing the Hack - Part 1

Preventing the Hack - Part 1

By ghost | 4894 Reads |

0     0

Disclaimer: This series of articles is presented to help you better understand the way a hacker might attack your system or network infrastructure. By understanding the mindset and approach of a hacker, you will be in a better position to prevent such an attack on your own systems. Should you choose to perform any attack covered in this series of articles, you should do so only on your own system or network, or where you have obtained prior permission from the system’s owner.

           PART 1

The purpose of this article is to give you a basic overview of the different types of attacks a hacker has at his or her disposal when trying to gain unauthorized access to your private information. Each of these different types of attacks will be discussed in greater detail in subsequent articles.

*** Non-Technical Attacks ***

Attacks that involve manipulating computer users into compromising their own systems are probably the greatest vulnerability of any computer or network. Human nature causes most people to be naturally helpful and trusting of others. This trusting nature can be exploited by a hacker though a method referred to as Social Engineering. Social Engineering is often done over the phone or internet and frequently doesn’t require the hacker to ever show his face to the target.

Other non-technical attacks against a computer or network infrastructure are physical in nature. A hacker will break into a building, computer room, or other area containing critical information. A very common type of physical attack is referred to as dumpster diving (or trashing). This is the act of looking through trash cans or dumpsters for discarded passwords, network diagrams, organizational leadership charts, dial-up access numbers, or generally any information that will allow the hacker to make his or her social engineering attack more believable and thus more effective.

*** Operating System Attacks ***

Every computer requires an operating system (OS) to run. By using either a personally discovered, or one of many well-known exploits, a hacker may be able to gain control of an individual target system. While some operating systems are more secure than others, all are vulnerable to attack. When these vulnerabilities turn up, they’re shared among those in the hacking community.

The most vulnerable operating system is Windows, but Linux and Mac OS have their own vulnerabilities. Many hackers prefer to attack machines running Windows because they are more widely used and the larger number of vulnerabilities is better known.

Attacks on operating systems include exploiting built-in authentication methods, cracking passwords/hashes, cracking file-system security, and exploiting specific protocol implementations.

*** Network Attacks ***

Attacks on networks are many and varied but the basic attacks include the following: Denial of Service (DoS) to a network by flooding the network with too many requests. A popular variation of the Denial of Service is the Distributed Denial of Service (DDoS) which is harder for a target’s ISP to protect against as the packets are flooding the network from many different IP addresses. Installing a network analyzing/packet sniffer to capture every packet that passes. This type of attack will reveal any confidential information or password sent in clear text. Connecting to a rogue modem installed on a computer attached to the network behind the network firewall. ARP poisoning (or ARP spoofing) a network router. A hacker can change the Address Resolution Protocol (ARP) tables that store IP addresses to Media Access Control (MAC) mappings of a network. This causes the router to sent traffic to the hacker’s computer, rather than the true destination. Exploiting an insecure 802.11b wireless configuration to allow an attacker to piggyback onto the network.

*** Application Attacks ***

Email server software and many popular web applications are frequent targets of hacker attacks. Hackers will try to attack applications that use Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) because the majority of firewalls are configured by default to allow full access to these programs from the internet. Malware such as viruses, trojan horses, worms, keyloggers, spyware, and remote administration tools (RATs) are also popular forms of application attacks.