Friday, July 24, 2009

Hacking Explained

Hacking Explained

Anyone who accesses a public network should know about hackers and their methods. Failure to understand what they do can leave you and your network exposed.

Although thieves and opportunists always go after an easy target versus a difficult (or well-prepared) one, some hackers specifically choose difficult targets, such as government offices or networking companies, solely for bragging rights.

Hacking really boils down to a few activities:

  • Breaking in�'Breaking into a private network is usually the first part of any hacking scheme. (A denial-of-service [DoS] attack is one notable exception.) Most break-ins require a password (which are guessed or stolen), but hackers find other ways to get in as well.
  • Breaking stuff�'Once in a network, many hackers (anarchists in particular) try to break or disable the entire network, or specific parts of it, such as web servers. If they destroy data or disrupt business, recovery can be expensive for the attacked company.
  • Stealing stuff�'Like most thieves, many hackers are motivated by greed. They might sell plans, schematics, or intellectual property to unscrupulous individuals, companies, or government agencies.

Hacks and Attacks
An attack in network speak refers to any attempt to break into a compute network, or packet, as well as any attempt to launch a malicious or self-replicating program. Attacks fit into multiple categories, many of which are described here.

All network attacks are either active or passive.

Active attacks include injecting malicious files, altering data, or clogging the network. In theory, you can detect active attacks but not passive attacks.

Passive attacks such as eavesdropping do not actually cause harm to the network, but hackers can use them to obtain information that enables active attacks. People looking for passwords can tirelessly try every combination until they find a working password (a brute-force attack). Man-in-the-middle attacks occur when a hacker interposes between two valid users and eavesdrops for passwords. Passive attacks are difficult to detect.

Remote attacks are conducted by people outside the network (those without a network ID), whereas local attacks use an existing account to exploit the system.

Hit-and-run attacks quickly crash systems, whereas persistent attacks affect the victims only as long as the attack lasts.

0 comments: