Hacker, Cracker?! • Are they the same?
Hacker • programmers • intensely interested in the arcane and recondite workings of any computer operating system. • advanced knowledge of operating systems and programming languages. • know of holes within systems and the reasons for such holes. Hackers constantly seek further knowledge, freely share what they have discovered, and never, ever intentionally damage data.
Cracker • breaks into or otherwise violates the system integrity of remote machines, with malicious intent. • having gained unauthorized access, destroy vital data, deny legitimate users service, or basically cause problems for their targets. • can easily be identified because their actions are malicious.
Tools for hacking Scanners Trojan Horses Packet sniffing Password Cracker
Scanners • In Internet security, no hacking tool is more celebrated than the scanner. • good TCP port scanner is worth a thousand user passwords.
What Is a Scanner? • program • automatically detects security weaknesses in a remote or local host. • important to Internet security • reveal weaknesses in the network
How Do Scanners Work? • Every PC has 65535 port • TCP port scanners programs which • attack TCP/IP ports and services (Telnet or FTP, for example) and record the response from the target. • glean valuable information about the target host
What Will a Scanner Tell Me? • reveal certain inherent weaknesses within the target host. • These might be key factors in implementing an actual compromise of the target's security.
What Won't a Scanner Tell Me? • A step-by-step method of breaking in • The degree to which your scanning activity has been logged
Password Cracker • Program • can decrypt passwords or otherwise disable password protection. • Most of them need not decrypt anything.Real encrypted passwords cannot be reverse-decrypted.
Packet sniffing • program • captures data from information packets as they travel over the network. • data may include • user names, passwords, and proprietary information that travels over the network in clear text. • With perhaps hundreds or thousands of passwords captured by the packet sniffer, intruders can launch widespread attacks on systems. • Installing a packet sniffer does not necessarily require administrator-level access.
Trojan horse • program • containing hidden functions • can exploit the privileges of the user [running the program], with a resulting security threat. • does things that the program user did not intend • rely on users to install them • can be installed by intruders who have gained unauthorized access by other means.
What do Trojan horses do? • can do anything that the user executing the program has the privileges to do.Include: • deleting files that the user can delete • transmitting to the intruder any files that the user can read • changing any files the user can modify installing viruses • installing other Trojan horses
installing other programs with the privileges of the user • programs that provide unauthorized network access • executing privilege-elevation attacks
Example of Trojans • Back Orifice • NetBus
DDoS • DDoS(distributed denial-of-service) • DoS • is called a attack(denial-of-service DoS) • causes your computer to crash or to become so busy processing data that you are unable to use it
Ping of Death • Sending too large ping request. • Fragmentation allow to send this large packet. • When packet re-combine,this will overload the buffer.
SYN Flooding • Send tons of SYN(SYNchronize) request to server • When server send SYN-ACK(ACKnowledge) response,it can’t send the last acknowledgment request. • Result- use up the network buffer.
Contributes of hacker?? • Linux is written by hacker!!