Hacking. Untargeted attacksMotivation isFun (I can do it)prevalent until ~2000Financial GainSelling access to compute resourcesCreation of botnets for spamming, computation (distributed decryption, phishing, pharming ?) Selling dataCredit Card InformationE-mails?Targeted Denial of Service
Phases of a Targeted Attack
Once we have a target, we need to get to know it better.
Purpose: Find a modem connection.
(Uses traceroute and other tools to map a network.)
Cheops et Co. are the reason that firewalls intercept pings.
in order to trigger a vulnerability.
After successful intrusion, an attacker should:
C:\ nc -1 –p 12345 –e cmd.sh
A backdoor built as a Trojan of system executables such as ipconfig.
Changes the OS, not only system executables.
Study by Sarah Gordon, IBM, in Beiser, Vince, “Inside the Virus Writer’s Mind”