-
January 26th, 2004, 12:46 PM
#1
Junior Member
How are hackers breaking in?
-
January 26th, 2004, 12:51 PM
#2
Your question is too large to answer. Start by being specific. Like, how are hackers breaking into banks. Or how are hackers breaking into webservers and defacing websites.
Then you get into Microsoft and *nix. Both are very different to break into. Narrow your question down a bit, and I am sure you will get some answers.
Your heart was talking, not your mind.
-Tiger Shark
-
January 26th, 2004, 12:51 PM
#3
Senior Member
Breaking into what? Your toaster?
what is it exactly that you want to know?
how did hackers hack you?
how do they break physical security?
How do they break into windows?
A little more (actually a lot more) on the question would help a lot.
-
January 26th, 2004, 12:52 PM
#4
Senior Member
Please go into more detail.
I and no one else will be able to help with just "how?"
Take a look at the Hacking Exposed books and other computer security related articles.
[pong][gloworange]665[/gloworange] Next door to the [glowpurple]devil[/glowpurple][/pong]
-
January 26th, 2004, 12:54 PM
#5
Well, that's a bit of a broad questions. They could use any number of methods:
- remote exploit that gets access
- find old accounts/unused accounts
- social engineering
- trojans/viruses that create servers that can be connected to
- brute force
- phishing
And probably some I forgot. There isn't a single answer but there is a method to it. Generally, something like this:
1. Pick a target (reasons for the target varies from attacker to attacker)
2. Gain information on the target
- things like DNS, whois, nslookup, dig would be helpful
- searching newsgroups and forums for postings by people from the target location
- dumpster diving, social engineering, getting inside to gather more information ("sticky note gardens")
- fingerprinting scan to determine OS and services running
- create a diagram of the network based on the above information
3. Elevate privileges or DoS
- depending on the intention the attacker will do one of two things: either get an account to raise privileges or do a DoS. If it's a DoS his attack process stops here. Otherwise he continues
- brute force, old accounts, vacation accounts, etc.
4. Covering tracks
- the attack alters/deletes logs, resets permissions
- puts a backdoor in place so he can come back.
Make more sense now?
-
January 26th, 2004, 12:57 PM
#6
Senior Member
Nice post Msmittens, i will ahve to put that into the endless filing cabinets full of txt files.
(if thats alright with you )
Yeah i downloaded the wargames tutorial you did MsMittens (the pdf with all of them) really good tutorial, it shed some light on the wargames i have and will play in the future.
Keep it up
-
January 26th, 2004, 12:59 PM
#7
By all means.. The Wargames tutorials are based on that idea so if you haven't checked them out, might want to.
-
January 26th, 2004, 04:46 PM
#8
Junior Member
sorry2.. the exactly what i mean is ...
how's the hackers can get access to our system..
and exploit our system...
maybe they can view certain private info in the system..
in this case, the system running in windows environment..
that's all 4 this time...
-
January 26th, 2004, 05:00 PM
#9
in this case, the system running in windows environment..
It's still a broad question. Which Windows? Does it have a firewall? AV Software? an user that is aware of security risks and dangerous programs/activities?
Windows 95/98 has 0 security. Windows ME has some security but is very limited in it's security. Windows NT has some but not enough to really with stand simple attacks. Windows 2000/XP/etc are far better.
There is no one way to get in and any number of possible ways. Quite honestly, the biggest factor that determines the success/failure of an attack by an attacker, IMHO, is the user and their awareness of their computer and the risks it faces.
I can say this: there seems to be a trend of attacks using the following techniques:
- social engineering through phishing
- social engineering through P2P programs (Ohh... download Britney today!)
- virus/trojan propagation through the form of "official" support emails
- exploiting flaws in older software like IIS 4/5
- exploiting user 'unawareness' of remote access programs that run by default
- exploiting flaws in IMing software (Yahoo I think was a recent one)
- social engineering through IMing
This is probably a drop in the bucket but I think you get the idea. If you're looking for a step-by-step howto, however, I think you might be on the wrong track in life.
This is, of course, all my own opinion.
-
January 26th, 2004, 05:03 PM
#10
Junior Member
I have a window in the toilet closet of my bathroom. Do you think I am susceptible to being hacked?
Tim Potts
Network Analyst
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|