Results 1 to 6 of 6

Thread: General Computer FAQ

  1. #1
    Banned
    Join Date
    Mar 2002
    Posts
    968

    Post General Computer FAQ

    Hey All,

    Here's a little General FAQ I put together. I want to put this to my site (in the computers section) but know that there are parts to it that I'm missing. Which is why I'm posting it here. Can you guys post stuff that I'm missing? Thanks.....

    *Note: I posted this in the tutorial forum due to it's useful nature.....

    ------FAQ------

    Q: What's the difference between a Hacker and a Cracker?

    A: A hacker is almost a myth title now. In the late 70's and 80's, the title was a respected label
    for those who were the computer savvy that knew the workings of computers. They knew how
    they worked, and how to make them do things they weren't suppose to do. Crackers, are on the
    same line, but have malicious intents (defacements, vadalism, theft). Nowadays, Hackers are
    Crackers, all thanks to the media. Instead of using the proper labels, they used Hacker like
    a buzz word. So now, there basically is no difference. Basically, it boils down to your intentions.

    Q: I heard about White Hat Hackers, what are those?

    A: The answer is simple. There are actually 3 types. White, Gray, Black. It works like the old
    movies. White hat is a good guy, Black is a bad guy, and Gray is a shifty guy who does what
    benefits him. This system of labels was created after the neutralization of the term Hacker by the
    media. Does it work? meh... who knows, it seems to be used loosely on the net and chat boards.

    Q: What's a newbie and a script kiddie?

    A: Newbies are people new to a topic. It's not just towards computers this term, but it seems to
    be used more often in this area. When you first start out, learning anything, you are considered a
    newbie. Then, as your learning progresses, you leave the newbie label and become whatever label
    you want, that being either White Hat Hacker, Security Guru, Admin, Junior Programmer, etc.
    A Script Kiddie is a person (usually a young male, age 12 to 18) that downloads pre compiled
    programs to create malicious intentions towards computers, servers, and websites. Sub7 is a
    script kiddie tool, which creates a backdoor access to another persons computer. All a person
    has to do is find this tool on the internet, install it on a victim's computer and work the rest.

    Q: What's a phreak?

    A: A Phreak is a person who "hacks" telephones. They will obtain phone priviledges that are suppose
    to be not accessible to them. Most common methods of obtaining these services are with rainbow
    boxes (different electrical boxes that emitt sounds via hz frequencies to the phonelines and switching
    companies) For more information, see the tutorial section under Hacking.

    Q: How do they do it?

    A: It start by finding out an IP and trying to connect and viewing it's ports. Then, they'll search to
    what possible vulnerabilities reside on that computer and how to exploit it.

    Q: How do they get an IP?

    A: Several methods. One way is a random IP Scanner which searches a range of ips (ie: from
    192.0.0.0 to 192.255.255.255) Another method is by programs like ICQ or mIRC, which gives out
    that information, unless otherwise configured.

    Q: What is a vulnerability?

    A: Basically a programming flaw. It's when a program is made to do something it's not suppose
    to do. A hacker will make a service perform a certain task it's not intended to do and result in
    the computer either crashing or granting full priviledges.

    Q: Why would they do it?

    A: It depends on their age. Younger hackers do it mainly for acceptance in a group and to obtain a label
    of elite. (see movie Hackers for better understanding). Older people will have a personal aim, such as;
    personal gain (services, access), monetary reasons, data theft, or fame.

    Q: I've seen people use funny writing, why? (ie: h3770 = hello)

    A: Back in the day, so called hackers would chat on bulletin boards and use restricted words. Because
    board operators did not like it, they tried censoring it. Unfortunetaly for them, the savvy chatters substituted
    letters for numbers. While the board ops tried to block all possible combinations, substitutions are just too
    numerous for censorship, thus, the birth of so called "leet speech"

    Q: What's a wargame?

    A: A wargame is a server set-up by someone to allow other hackers test their knowledge in a legal
    fashion. Instead of intruding personal computers, they hack public servers. Most will usually have
    different problems to solve, or vulnerabilities to discover, until the next level.

    Q: What's social engeneering?

    A: Social engeneering is basically a con. It's the ability to speak to a person and get them to devulge
    information that they wouldn't usually devolge to a strange. Such information would be either password,
    user names, server information, calling numbers, etc. The method is basically talking to them like
    if they know something or are someone they ain't (ie: a service rep, employee) Kevin Mitnick, well
    known notorious hacker, is a form of pioneer in the field. His book, art of deception, is a perfect
    read for this information.

    Q: What's the difference between a virus, trojan, and worm. Aren't they all the same?

    A: While in simple perspective, yes, it reality no. See they all have different purposes. A virus will write itself
    onto your computer and replicate itself over and over on other files. It'll make chances and create odd
    behaviours from your computer. A trojan is like the Trojan Horse. It's a smoke screen for a hidden agenda.
    Just like the Romans, hidding warriors inside a statue, a trojan is a program hidden inside a program. While
    you think this program is doing something, it's actually doing something else, like opening a port on your
    computer for external access. A worm is a travelling virus. Most common are e-mail worms, which infect a
    computer, read the address book and send out e-mails without the senders knowledge, infecting the
    recipients.

    Q: What is IP?

    A: Internet Protocol. It's the mapping system of the internet and local networks (intranets).
    It's what assigns numerical addresses to computers (ie: local is 127.0.0.0 echo) and
    translates names to it's numerical address (ie: google.com to 196.123.12.30*)

    Q: What is TCP?

    A: Transmission Control Protocol. It control the transmission of your computer to others on
    any type of network. It also takes care to re-transmit lost connections. Basically your
    connection

    Q: What is ISP?

    A: Internet Service Provider. Basically, the people you pay your internet bill to. AOL, Prodigy,
    Sympatico, and countless others are isps.

    Q: What's a firewall?

    A: A firewall is basically a gate keeper for your computer and it's communication ports. See your
    computer uses virtual (as in not physical) ports to communicate with the outside world. Common
    ports are 80 for internet surfing and 25 for e-mail. Firewalls know the common use for these ports
    and when something fishy comes around, the guard will investigate the information and decide wether
    it's authorized or not to access your computer. It's the first line of defence against hackers.

    Q: What's a honeypot?

    A: A honeypot is a program that monitors hackers activity on a certain computer. Like it's name, it
    gets hackers stuck in a trap. It'll record the unauthorized activities of the hacker and place it
    somewhere for the user to analyze later. This is a tool used to profile a hacker and report him to
    the authorities.

    Q: What's a port?

    A: A port is a communication service on a computer. Typical ones are 80 for internet and 25 for
    e-mail. A program uses this port to connect to another computer to run it's service. (like retreiving
    e-mail from the server)

    Q: What's a good password?

    A: A good password is one that's long (more then 8), using many different characters
    (alpha-numeric ie:3eDEs23), and that's not a dictionary word (ie: transport). The longer the
    password, the harder to guess and brute-force attack. The more variation in characters the
    better too. Using numbers and letters (with caps) and even symbols (&$@) are best.
    Using non-dictionary words is best due to brute force using dictionary databases (some even
    substitute letters for numbers as combos ie: c0mpu73r5) So something like this:
    3hD&y43-3eSd would be best.

    Q: What about Linux?

    A: What about it? It's another OS for computers instead of Windows or MacOS. It's not user friendly
    for those used to Windows or MacOS but is comparable to DOS. It's primarily good to use for
    those interested in the networking and domain hosting sector. Home users can use it, but
    switching from the other two is difficult. The upside for this OS is that it's free, as well as a good
    portion of commercial software (WordPerfect, Gimp, Acrobat) So what should you do? Try it if
    your up to the challenge. But remember that it is a challenge at first. Read up on tutorials and
    join some online chat boards for guidance.

    Q: Do I need to switch over to Linux to be a Computer Savvy or Hacker?

    A: No. In the older days, yes. Because most networks ran off Unix/Linux, as well as most websites.
    Now, it's a battle between Linux and Windows NT/2000. Is it more secure, many will argue so, but it's
    got it's pros and cons. Just search the net for comparisons of the two. Nowadays, you can stick to
    the Windows options of NT and 2000. They're more secure now then before, and are more widely used
    then in the past. Linux is favored because of open-source, cost, and customizability.

    Q: Am I safe?

    A: Depends. What do you have protecting yourself and what are you protecting? A personal home user
    whould be fine with a firewall (either software or hardware) and an antivirus. A small business needs to
    implement hardware security as well as a loging system of network activity. Even then, with all this,
    there are no guarantees. Your as safe as your intelligence. Use a weak password and you could be
    victim. Employees leak out vulnerable information or install software on computers, you see....
    Security measures are only as good as the settings and as the users behind it.

    Q: Is my website secure?

    A: It all depends on who hosts it and what kind of scripts (if any) and user inputs you allow.
    Companies like geocities and freeservers try to keep their servers as secure as possible. If
    it's a local commercial provider, the security range from poor to secure. Inquire what kind
    of security protocols are in place to protect their server. As for scripts, some pre-written
    scripts may leave vulnerabilities on your site, giving full access to your website and it's files.
    Also, allowing users to input text on your site could cause a problem. If users can input
    programming tags like html of javascript, the executed code could be malicious.

    Q: What do I do if I got hacked?

    A: Profile. And what I mean by this is gather as much information as possible about the
    attack and the attacker. Note down everything that the attacker did, how he did it, and so.
    Also, if possible, note his IP address (found in firewall logs, network logs). Once you've
    gathered all this information, report it to the proper authorities. (ie: police, isp providers)
    A good tutorial about profiling can be found here
    http://www.antionline.com/hacker-profiling/?s=

    Q: What kind of jobs are out on the market for computers?

    A: Lots. I mean, it can range from webside designer, network administrator, network mapper,
    programmer, tester, repairs, IT, etc. It goes on. There are so many departments to it, that they it
    would be too long to enumerate. Just do a search at a college site or university to see what
    they offer.

    -------------

    Like I said, any assistance is welcome....

    Thanks

  2. #2
    Its a good tut and it also covers most of the basics. Nice job Tiger_Claw!!!

  3. #3
    Banned
    Join Date
    Mar 2002
    Posts
    968
    Thanks, but my question is, does anyone have something to add?
    I want it to be as concise as possible for my site.

    Thanks

  4. #4
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    Hi. Really a great post, and very helpful. I enjoyed reading this alot. maybe add a few subjects like :

    How bout proxies, arps, whois, packet sniffers, admin security tools, ping, backups, bit more on protocols, diff ip classes (class a, b, c etc..as where the diff is between 192.168.x.x and real ips), the upcomming ipv6, telnet, ssh, ftp.

    Im sure i've missed out plenty over here, if i think of more i will post it here.

    Keep up the cool posts tyger_claw

    cheers.

    /addon/

    vpn, and other forms of tunneling (ie. CIPE)

    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  5. #5
    Trumpet-Eared Gentoo Freak
    Join Date
    Jan 2003
    Posts
    992

    Thumbs up

    Hey Tyger,

    This is a nice job you did. My suggestion is to make this a Sticky one for Newbies.

    Enjoyed reading it,

    Greetz,
    Come and check out our wargame-site @ http://www.rootcontest.org
    We chat @ irc.smdc-network.org #lobby

  6. #6
    Junior Member
    Join Date
    Jul 2009
    Posts
    2
    Hey,

    This was very helpful for a newbie.

    Thanks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •