The concept of cyber security has gained a lot of strength in the last couple of years. The rapid change in the composition of the Internet has been the main factor that has forced users and companies, in particular, to beef up security on their PCs and networks.
A decade ago, people who setup and maintained servers, had very little knowledge of basic skills in security. Even today, average folks usually establish servers, websites and businesses, many of who have little security experience.
Ordinary users are pacified when big corporations make statements about how secure their servers/applications are. Nothing could be far from the truth. Each month we have more cases of hackers breaking into some server systems and stealing information.
But why should you care about all this? I could tell you greatly about all the websites defacements, stolen corporate secrets, or the break-ins to government servers, but let's give you a more personal reason to why should you care?
Let's ask you, the reader a question? Do you think your organization's data is valuable? How about all the contact lists, emails, credit card numbers that you have collected, or your current marketing strategies, financial reports, aren't these valuable.
What if I told you that I could break into any of these systems? What could I do? I could basically steal your credit card number and use it all over the country, destroying your bank account. I could change your records so you don't get any kind of service anymore.
I could access your confidential information to your competitor. I could get your phone disconnected. Or even worse, if you have an e-commerce site, I could crash it so you lose a lot of money.
Or what if I am working in your company as an employee and I'm not happy, I could launch a DOS (Denial of Service) attack so that no information can be accessed over network. I also with a few well-placed Trojans, can corrupt your entire database.
Are you convinced why we need security measures?
The problems with security can be grouped into four basic heading:
1. Network and Host Misconfigurations
2. Operating Systems and Applications Flaws
3. Irresponsible Vendor Effort or Response
4. Lack of Qualified People in the Field
Host Misconfigurations
This is responsible for most of the security breaches that take place. Many times even system administrators are not aware of the servers running on their servers. You may ask how is that possible? Think of some thing as simple as your word processor. How many of its services do you use or are aware off? Even some thing as simple as writing macros would put you in advance users category. Most people just use the basic functionalities save, spell, check, tables etc.
The same concept applies to the OS and software. The dynamic nature of the industry is such that a few can ever keep up with it. And such a machine when connected to the net is just waiting to be hacked.
Some basic examples of these types of utilities and services include:
1. Network Printing Utilities
2. Remote System Configuration Utilities
3. File Sharing Utilities
4. Sample CGI Programs and Scripts
These with default or misconfigured settings are the most common to being hacked especially if they have known vulnerabilities.
Application Flaws
Vulnerabilities due to flawed programming are other security breach and one, which is quite out of the control of the user. Vendor failure is the most common source of security problems. For instance, one of the most common used exploits is the IIS server and Microsoft. Other includes ISC's BIND (an implementation of the DNS), SSH (Secure Shell) or many services found in Sun's Solaris OS. One of the most common email program Outlook Express has constantly been a target of Trojans due to its programming nature. Remember the "I LOVE YOU" virus or "Melissa".
Irresponsible Vendors
Many vendors have no idea what is going into their codes. There is very little quality assurance in the software industry. We use substandard programmers to save money on development. Who would end up paying for the negligence of the vendors? The end users would by having their networks and computer breached.
Or even in the case of slow patch response, for example, issuing patches, would compromise security. Exploits travel at the speed of light in the hacker community. From email lists and discussion groups to IRC chats. They are alive with the latest exploits of one group or another. And if the vendor is slow in responding, there are many computers, which would be hacked virtually over night.
Incompetent Consultants
Even if all of the above problems would be resolved, companies would still find other problems on their hands such as the lack of qualified people. It's a hard job finding even a competent systems engineer, administrator or programmer, much less a security professional.
And you can't get training that can make you a security professional within days. It's a very long process, which takes into account TCP/IP, hardware, OS and basics of cryptography and programming. This would enable you to understand basics of security.
This lack of personnel contributes to misguided or absent information security programs within organizations. Policies are incomplete or non-existent. And this would leave your system vulnerable to attacks.
So how exactly do hackers break into systems?
Some people might want to prosecute me for distributing this information. Why? Simply because the information might be used to harm rather than for good. I'm not saying this information cannot let you do that. But only they can protect themselves, those who know what to look out for. All this information is available freely on the web and is known to all hackers. The ordinary user does not usually make an effort to acquaint them with it. That is more dangerous. This article would give them a brief insight to what they should expect.
Hacking is a nine part process as described in the book Hacking Exposed. It includes:
1. FootPrinting
2. Scanning
3. Enumeration
4. Gaining Access
5. Escalating Privileges
6. Pilfering
7. Covering Tracks
8. Creating "Back Doors"
9. Denial of Service
1. FootPrinting:
Here a hacker would try and get the maximum information possible about the server/company/user. It includes details on IP addressing using the ARIN Whois, DNS transfers, etc. A hacker generally uses search engines, or the online whois database to find information they need.
2. Scanning:
Once you have the information you need about the target, the second stage involves target assessment and the identification of listening services. This includes scanning for open ports, trying to determine the OS being deployed, etc. The tools used in this stage include nmap, WS pingPro, siphon, fscan and mainly other popular utilities.
3. Enumeration:
The third stage includes identifying poorly protected resources, or user accounts that can be used to break into the network. This is where the default passwords and/or sample scripts are used to break into the network. Many network administrators who don't turn off the default guest account in Windows NT have let many hackers in. Or many services that are running by default e.g. the Network Printing services are easy targets for compromising security or latest exploits in the vendor software are easily picking.
4. Gaining Access:
Here the hacker's attempts to access the network with the information gathered in the previous three stages. The methods could be using buffer overflows, password file grabbing or even brute forcing the password. Tools like NAT, podium, or Lopht are commonly used.
5. Escalating Privileges:
If for example, the hacker gained access to just the guest account, now they would try to gain account of whole system. They would try to crack the password of administrators, or use exploits to increase the level of access. John the Riper an excellent password cracker is mostly used here.
6. Pilfering:
Again the information search begins to identify methods of gaining access to other systems and networks. Clear Text passwords (password saved as .txt files), or other not so safe mechanism for storing passwords are a boon to hackers. They can even search the registry for passwords.
7. Covering Tracks:
Once they have the information they need from the computer, hackers cover their tracks. They do this by clearing the system log files on the OS so that the system administrator cannot find out.
8. Creating "Back Doors":
Hackers leave backdoors in system, so next time they don't have to work this hard to gain entry. This could mean leaving Trojans disguised as valid application files, or new user accounts (where companies have 1000s of users). The tools they used are BO2K, keystroke loggers, or changing the registry keys.
9. Denial of Service (aka DoS):
Many crackers if unsuccessful use a DOS attack as a last mean of breaking into a system. If the system is improperly configured, it breaks down and lets the hacker into the system. The tools here used mostly are Pong Of Death, teardrop, and super nuker.
How to Protect Yourself?
You the end user, would ask how can I protect myself from all this? Simply stated, you can't. Nothing in this world is 100 percent safe. New exploits come out all the time. New methods are invented overnight. Things thought safe before, end up having weakness.
But here are a few guidelines to protecting yourself:
1. Install a good firewall and make sure it's configured properly.
2. Disable all system utilities not in use or services, which you don't use.
3. Never run any files sent to you from a total stranger.
4. Make sure you have good antivirus software installed and make sure you update the software on regular basis.
5. Make sure you have latest service pack and patches installed and subscribe yourself to one of the online security lists like SANS (System Administration, Networking and Security) network, which posts regular information on the latest exploits and the patches for the systems.
6. Have a good internal security policy.
7. Make sure you have a good network architecture designed to minimize risks.
8. Invest in good security hardware.
These are not the bible of security. These are just the common tips, which most people don't follow at their own risks. They cannot prevent hacks but can minimize it to a greater degree.
Security is not a joke or to be taken lightly. Without security, that dependence on computers can leave us wrecked virtually overnight. With the tools used by the cracker community being what they are, this is not just a proclamation. It's an Omen of what can be.
taken from TechiWarehouse
A decade ago, people who setup and maintained servers, had very little knowledge of basic skills in security. Even today, average folks usually establish servers, websites and businesses, many of who have little security experience.
Ordinary users are pacified when big corporations make statements about how secure their servers/applications are. Nothing could be far from the truth. Each month we have more cases of hackers breaking into some server systems and stealing information.
But why should you care about all this? I could tell you greatly about all the websites defacements, stolen corporate secrets, or the break-ins to government servers, but let's give you a more personal reason to why should you care?
Let's ask you, the reader a question? Do you think your organization's data is valuable? How about all the contact lists, emails, credit card numbers that you have collected, or your current marketing strategies, financial reports, aren't these valuable.
What if I told you that I could break into any of these systems? What could I do? I could basically steal your credit card number and use it all over the country, destroying your bank account. I could change your records so you don't get any kind of service anymore.
I could access your confidential information to your competitor. I could get your phone disconnected. Or even worse, if you have an e-commerce site, I could crash it so you lose a lot of money.
Or what if I am working in your company as an employee and I'm not happy, I could launch a DOS (Denial of Service) attack so that no information can be accessed over network. I also with a few well-placed Trojans, can corrupt your entire database.
Are you convinced why we need security measures?
The problems with security can be grouped into four basic heading:
1. Network and Host Misconfigurations
2. Operating Systems and Applications Flaws
3. Irresponsible Vendor Effort or Response
4. Lack of Qualified People in the Field
Host Misconfigurations
This is responsible for most of the security breaches that take place. Many times even system administrators are not aware of the servers running on their servers. You may ask how is that possible? Think of some thing as simple as your word processor. How many of its services do you use or are aware off? Even some thing as simple as writing macros would put you in advance users category. Most people just use the basic functionalities save, spell, check, tables etc.
The same concept applies to the OS and software. The dynamic nature of the industry is such that a few can ever keep up with it. And such a machine when connected to the net is just waiting to be hacked.
Some basic examples of these types of utilities and services include:
1. Network Printing Utilities
2. Remote System Configuration Utilities
3. File Sharing Utilities
4. Sample CGI Programs and Scripts
These with default or misconfigured settings are the most common to being hacked especially if they have known vulnerabilities.
Application Flaws
Vulnerabilities due to flawed programming are other security breach and one, which is quite out of the control of the user. Vendor failure is the most common source of security problems. For instance, one of the most common used exploits is the IIS server and Microsoft. Other includes ISC's BIND (an implementation of the DNS), SSH (Secure Shell) or many services found in Sun's Solaris OS. One of the most common email program Outlook Express has constantly been a target of Trojans due to its programming nature. Remember the "I LOVE YOU" virus or "Melissa".
Irresponsible Vendors
Many vendors have no idea what is going into their codes. There is very little quality assurance in the software industry. We use substandard programmers to save money on development. Who would end up paying for the negligence of the vendors? The end users would by having their networks and computer breached.
Or even in the case of slow patch response, for example, issuing patches, would compromise security. Exploits travel at the speed of light in the hacker community. From email lists and discussion groups to IRC chats. They are alive with the latest exploits of one group or another. And if the vendor is slow in responding, there are many computers, which would be hacked virtually over night.
Incompetent Consultants
Even if all of the above problems would be resolved, companies would still find other problems on their hands such as the lack of qualified people. It's a hard job finding even a competent systems engineer, administrator or programmer, much less a security professional.
And you can't get training that can make you a security professional within days. It's a very long process, which takes into account TCP/IP, hardware, OS and basics of cryptography and programming. This would enable you to understand basics of security.
This lack of personnel contributes to misguided or absent information security programs within organizations. Policies are incomplete or non-existent. And this would leave your system vulnerable to attacks.
So how exactly do hackers break into systems?
Some people might want to prosecute me for distributing this information. Why? Simply because the information might be used to harm rather than for good. I'm not saying this information cannot let you do that. But only they can protect themselves, those who know what to look out for. All this information is available freely on the web and is known to all hackers. The ordinary user does not usually make an effort to acquaint them with it. That is more dangerous. This article would give them a brief insight to what they should expect.
Hacking is a nine part process as described in the book Hacking Exposed. It includes:
1. FootPrinting
2. Scanning
3. Enumeration
4. Gaining Access
5. Escalating Privileges
6. Pilfering
7. Covering Tracks
8. Creating "Back Doors"
9. Denial of Service
1. FootPrinting:
Here a hacker would try and get the maximum information possible about the server/company/user. It includes details on IP addressing using the ARIN Whois, DNS transfers, etc. A hacker generally uses search engines, or the online whois database to find information they need.
2. Scanning:
Once you have the information you need about the target, the second stage involves target assessment and the identification of listening services. This includes scanning for open ports, trying to determine the OS being deployed, etc. The tools used in this stage include nmap, WS pingPro, siphon, fscan and mainly other popular utilities.
3. Enumeration:
The third stage includes identifying poorly protected resources, or user accounts that can be used to break into the network. This is where the default passwords and/or sample scripts are used to break into the network. Many network administrators who don't turn off the default guest account in Windows NT have let many hackers in. Or many services that are running by default e.g. the Network Printing services are easy targets for compromising security or latest exploits in the vendor software are easily picking.
4. Gaining Access:
Here the hacker's attempts to access the network with the information gathered in the previous three stages. The methods could be using buffer overflows, password file grabbing or even brute forcing the password. Tools like NAT, podium, or Lopht are commonly used.
5. Escalating Privileges:
If for example, the hacker gained access to just the guest account, now they would try to gain account of whole system. They would try to crack the password of administrators, or use exploits to increase the level of access. John the Riper an excellent password cracker is mostly used here.
6. Pilfering:
Again the information search begins to identify methods of gaining access to other systems and networks. Clear Text passwords (password saved as .txt files), or other not so safe mechanism for storing passwords are a boon to hackers. They can even search the registry for passwords.
7. Covering Tracks:
Once they have the information they need from the computer, hackers cover their tracks. They do this by clearing the system log files on the OS so that the system administrator cannot find out.
8. Creating "Back Doors":
Hackers leave backdoors in system, so next time they don't have to work this hard to gain entry. This could mean leaving Trojans disguised as valid application files, or new user accounts (where companies have 1000s of users). The tools they used are BO2K, keystroke loggers, or changing the registry keys.
9. Denial of Service (aka DoS):
Many crackers if unsuccessful use a DOS attack as a last mean of breaking into a system. If the system is improperly configured, it breaks down and lets the hacker into the system. The tools here used mostly are Pong Of Death, teardrop, and super nuker.
How to Protect Yourself?
You the end user, would ask how can I protect myself from all this? Simply stated, you can't. Nothing in this world is 100 percent safe. New exploits come out all the time. New methods are invented overnight. Things thought safe before, end up having weakness.
But here are a few guidelines to protecting yourself:
1. Install a good firewall and make sure it's configured properly.
2. Disable all system utilities not in use or services, which you don't use.
3. Never run any files sent to you from a total stranger.
4. Make sure you have good antivirus software installed and make sure you update the software on regular basis.
5. Make sure you have latest service pack and patches installed and subscribe yourself to one of the online security lists like SANS (System Administration, Networking and Security) network, which posts regular information on the latest exploits and the patches for the systems.
6. Have a good internal security policy.
7. Make sure you have a good network architecture designed to minimize risks.
8. Invest in good security hardware.
These are not the bible of security. These are just the common tips, which most people don't follow at their own risks. They cannot prevent hacks but can minimize it to a greater degree.
Security is not a joke or to be taken lightly. Without security, that dependence on computers can leave us wrecked virtually overnight. With the tools used by the cracker community being what they are, this is not just a proclamation. It's an Omen of what can be.
taken from TechiWarehouse