How are hackers breaking in?
Page 1 of 3 123 LastLast
Results 1 to 10 of 23

Thread: How are hackers breaking in?

  1. #1
    Junior Member
    Join Date
    Aug 2003
    Posts
    3

    How are hackers breaking in?

    how?

  2. #2
    AO Part Timer
    Join Date
    Feb 2003
    Posts
    332
    Your question is too large to answer. Start by being specific. Like, how are hackers breaking into banks. Or how are hackers breaking into webservers and defacing websites.
    Then you get into Microsoft and *nix. Both are very different to break into. Narrow your question down a bit, and I am sure you will get some answers.
    Your heart was talking, not your mind.
    -Tiger Shark

  3. #3
    Senior Member
    Join Date
    Jan 2003
    Posts
    100
    Breaking into what? Your toaster?

    what is it exactly that you want to know?

    how did hackers hack you?
    how do they break physical security?
    How do they break into windows?

    A little more (actually a lot more) on the question would help a lot.

  4. #4
    Senior Member
    Join Date
    Feb 2002
    Posts
    114
    Please go into more detail.

    I and no one else will be able to help with just "how?"

    Take a look at the Hacking Exposed books and other computer security related articles.
    [pong][gloworange]665[/gloworange] Next door to the [glowpurple]devil[/glowpurple][/pong]

  5. #5
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Well, that's a bit of a broad questions. They could use any number of methods:

    - remote exploit that gets access
    - find old accounts/unused accounts
    - social engineering
    - trojans/viruses that create servers that can be connected to
    - brute force
    - phishing

    And probably some I forgot. There isn't a single answer but there is a method to it. Generally, something like this:

    1. Pick a target (reasons for the target varies from attacker to attacker)
    2. Gain information on the target
    - things like DNS, whois, nslookup, dig would be helpful
    - searching newsgroups and forums for postings by people from the target location
    - dumpster diving, social engineering, getting inside to gather more information ("sticky note gardens")
    - fingerprinting scan to determine OS and services running
    - create a diagram of the network based on the above information
    3. Elevate privileges or DoS
    - depending on the intention the attacker will do one of two things: either get an account to raise privileges or do a DoS. If it's a DoS his attack process stops here. Otherwise he continues
    - brute force, old accounts, vacation accounts, etc.
    4. Covering tracks
    - the attack alters/deletes logs, resets permissions
    - puts a backdoor in place so he can come back.

    Make more sense now?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  6. #6
    Senior Member
    Join Date
    Jan 2003
    Posts
    100
    Nice post Msmittens, i will ahve to put that into the endless filing cabinets full of txt files.


    (if thats alright with you )

    Yeah i downloaded the wargames tutorial you did MsMittens (the pdf with all of them) really good tutorial, it shed some light on the wargames i have and will play in the future.

    Keep it up

  7. #7
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    By all means.. The Wargames tutorials are based on that idea so if you haven't checked them out, might want to.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  8. #8
    Junior Member
    Join Date
    Aug 2003
    Posts
    3
    sorry2.. the exactly what i mean is ...
    how's the hackers can get access to our system..
    and exploit our system...
    maybe they can view certain private info in the system..
    in this case, the system running in windows environment..
    that's all 4 this time...

  9. #9
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    in this case, the system running in windows environment..
    It's still a broad question. Which Windows? Does it have a firewall? AV Software? an user that is aware of security risks and dangerous programs/activities?

    Windows 95/98 has 0 security. Windows ME has some security but is very limited in it's security. Windows NT has some but not enough to really with stand simple attacks. Windows 2000/XP/etc are far better.

    There is no one way to get in and any number of possible ways. Quite honestly, the biggest factor that determines the success/failure of an attack by an attacker, IMHO, is the user and their awareness of their computer and the risks it faces.

    I can say this: there seems to be a trend of attacks using the following techniques:

    - social engineering through phishing
    - social engineering through P2P programs (Ohh... download Britney today!)
    - virus/trojan propagation through the form of "official" support emails
    - exploiting flaws in older software like IIS 4/5
    - exploiting user 'unawareness' of remote access programs that run by default
    - exploiting flaws in IMing software (Yahoo I think was a recent one)
    - social engineering through IMing

    This is probably a drop in the bucket but I think you get the idea. If you're looking for a step-by-step howto, however, I think you might be on the wrong track in life.

    This is, of course, all my own opinion.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  10. #10
    Junior Member
    Join Date
    May 2003
    Posts
    18
    I have a window in the toilet closet of my bathroom. Do you think I am susceptible to being hacked?
    Tim Potts
    Network Analyst

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •