Tuesday, 22 October 2013

Computer Hacking - An Introduction

Computer Hacking - An Introduction

What is Hacking?

  • Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of the creators original purpose. (http://whatishacking.org/) Computer hacking � is the practice of modifying computer hardware and software to accomplish a goal outside of the creator�s original purpose. � is most common among teenagers and young adults (http://www.wisegeek.org/what-is-computer-hacking.htm)

  • Why Hack? Profit � Information can be sold � Information can be used to steal� Protest � Eg. Hactivism: a hacktivist is someone whom utilizes technology to announce a social, ideological, religious, or political message Challenge � Fun, problem-solving skill, the thrill of power

  • Why Hack? Some examples� Hackers want to � use the victim�s computer to store illicit materials i.e pirated software, pornography, etc. � steal the victim�s personal information in order to access accounts or the accounts of the website visitors. The data can be used to gain access to important databases; billing, merchant accounts, etc.

  • Why Hack? Some examples� Hackers want to � set-up fake ecommerce sites to access credit card details; gain entry to servers that contain credit card details and other forms of credit card fraud � spy on friends, family, co-workers for personal reasons � revenge (http://www.website-guardian.com/why-do-hackers-hack-websites-va-5.html)

  • Effects of hacking� Damage to information� Theft of information � Credit card details, social security numbers, identity fraud, email addresses� Compromise/damage of systems� Use of victim machines as �zombies� Hacking attacks cost large businesses an average of about $2.2 million per year (Symantec 2010 State of Enterprise Security Study)

  • Effects of hacking� Businesses may suffer from damaged reputations and lawsuits� Business secrets could be stolen and sold to competitors� Computing system/infrastructure could suffer from performance degrading as the resources used for malicious activitiesIn an education institution, hacking can cause damage to the institution�scredibility/reputation ie. If examination system is compromised andsensitive data tampered

  • A hacker�Can fall into one of these types: Black hats Individuals with good computing knowledge, abilities and expertise but with the intentions and conducts to cause damage on the systems they attack  Also known as crackers� White hats  Individuals with good hacking skills  They perform defensive activities against hacking  Also known as security analysts

  • A hacker� Gray hats  Individuals that perform both offensive and defensive hacking activities� Suicide hackers Individuals whom want to fail a computing system for a personal �reason� or �cause� Not worried about the serious consequences that they may have to face as a result of their damaging activities i.e being jailed for many years

  • Types of attacks �� DoS/DDoS Attacks� Password Guessing Attacks� Man-in-the-Middle Attacks� Identity Spoofing� Interception� Eavesdropping� Backdoor Attacks� and many more!

  • How to hack?�Many of the hacking toolsand guides are available onthe Internet  BackTrack is a Linux distro with many tools; Metasploit, Aircrack-ng, Nmap, Ophcrack, Wireshark, Hydra and many many more!  The real reasons for BackTrack development are for digital forensics and penetration testing

  • How to hack?�some examples System Hacking; Keyloggers, password cracking Trojans Viruses Sniffers Social Engineering Denial of Service SQL Injection.

  • How to hack?�some examples Password cracking - dictionary attacks, brute forcing attacks, hybrid attacks, syllable attacks and rule-based attacks Other types of password cracking attacks � shoulder surfing, social engineering, dumpster diving, wire sniffing, Man-in-the- Middle, password guessing, keylogger.

  • Passwords�Enforce complexity so that passwordsare difficult to break; use combinationof letters, numbers, special characters.

  • How to hack?�some examples Password cracking - dictionary attacks, brute forcing attacks, hybrid attacks, syllable attacks and rule-based attack, Other types of attacks � shoulder surfing, social engineering, dumpster diving, wire sniffing, Man-in-the-Middle, password guessing, keylogger.

  • How to hack? LIVE DEMO Keylogger Sniffing Web-cloning  Google Hacking NTFS Streams DNS Spoofing.








No comments:

Post a Comment

Ads Inside Post

Must Like Boss