Daily Hacks

How To Protect Yourself From Computer Hacking

­When the internet became the main source for information in the world, there have been those that have sought to gain illegal profit from such things. This is the way of the world and people all over the world are now the target of the many computer hackers that are around. Unlike the bulk of people who are living in the virtual world, these hackers seek to gain access to the personal and private information that one has stored on their computer.

With this information they will work to steal money, and the identity of the person. This is all done without having to leave the home and can be performed with a vast knowledge of how computers work. Many people believe that this sort of crime will never happen to them and that is not the case. The hackers of the world are very clever and work to make sure that they have access to the entire bulk of information on the internet and ways to use that information to their benefit.

The most common form of hacking is the password grabber. With this form you get a program that works to guess the password that you have set up on the many protected areas of the web. Lets say that you do all of your banking online and your bank protects your account by way of a username and password. The hackers will gain access to the user name in one way or another, most often by an intercepted email over a server that is not encrypted. With that they can then put into operation a password program that will guess hundreds of different combinations every hour until the machine has discovered the password.

They will then gain access to your bank and promptly drain it. The best way to protect yourself against such theft is to make sure that you use a password that is not specific to you, such as your birthday, and also make sure that it contains numbers along with the letters. The password software will not be able to gain access because it can only guess either letters or numbers, not a combination of both because the choices are way too vast to compute.

The other most common form of hacking is the direct email scam. These are often times referred to as spoof emails. The email will come in looking very official and proper from a company that you have an account with. Then the email will most likely tell you that your account has been suspended and you need to login to correct the problem. It will instruct you to click on a link to login and will take you to a page that looks exactly like the actual company page. Once you login you have given the hacker all of your account information.

The way to protect yourself in this case is to make sure that you are getting the email from the company. Most often you will find that these companies will never ask you to follow a link to login and they will never ask for your information in an email or other communication. Forward the emails to the company so they can start to track the problem and maybe shut the hackers down before someone falls victim.

About the Author: Read more Computer related articles at: computers-mag.com

Tags: computer security, hackers, hacking, knowledge, Security

Hacking - What, When, And How?

•What is hacking?

According to Computer Crime Research Center (US), “Hacking is unauthorized use of computer and network resources”.

•Who is a hacker?

A hacker is a gifted programmer; a programmer for whom computing is its own reward and also enjoys the challenge of breaking into other computers, networks, cracking applications, etc.

•How the hacker can hack a system?

Hackers hack by exploiting the weaknesses of the target system, network, etc, for poor configuration applications and web servers, unpatched or old software, poorly chosen or default passwords and disabled security controls.

•Why hack at all?

Hackers hack because they want it that way. There is no specific reason why they do that. Some does hacking to test their computer skills, others do that to steal specific data from the target. Once a vulnerable point is identified in the system, they definitely attempt to hack to try to gain administrative access to the machine.

•Different types of hackers

The different types of hacker are

1.WhiteHats are the hackers that try to make the movement go forward by working as system administrators, security experts and by maintaining web sites with new technologies, news events, bug reports, and much more.

2.Black hackers attack other’s systems; whereas White hackers do exactly opposite i.e., defend against attacks.

3.Crackers penetrate networks and try to take advantage of something they discover in the process; they are really malicious.

4.Script Kiddie, does not really possess any skills except for the tools, uses tools and techniques developed by WhiteHats, BlackHats and Crackers to deface sites, destroy information, and do other types of digital-vandalism.

•Basic Hacking Methodology

The basic steps for any hacking methodology are

1.Information gathering (Probe)

2.Attack (Advancement & Entrenchment)

3.Infiltration or Extraction

•Most Prevalent Hacking Attack Categories

Hackers preferably attack the organizations systems infrastructure and commercial applications. If the systems are well secured then the hacker may resort to social engineering or focus upon the target application vulnerabilities.

The four most prevalent attack categories are

1.Exploitation of Application-related privileges: Some server-based applications run with specific User or group permissions. By using Race conditions or Buffer overflow attacks these applications’ security can be compromised.

2.Client-side manipulation: Hackers bypass client-side validations by supplying incorrect data formats or data to the server in an attempt to reveal both the functionality and secured data.

3.Race Conditions: When the coding is not done properly for an application to access specific variables, files, and data or installed the appropriate checks to implement simultaneous accesses then the hacker can get unintended access to data through both trusted and untrusted server application components.

4.Buffer Overflow Attacks: Normally applications take data as an input and pass it to memory buffers for manipulation. If the coders do not put a checkpoint to check whether the size of data is too big for a buffer then they are bound to be a complications. Hackers may take this condition as an advantage and can embed their own commands within the oversized data package. Perfectly implemented, these commands can acquire System Administrator privileges to the hacker.

•Cyber attacks: What are they?

Cyber attacks happen on a nation-wide scale and includes clogging up the adversary country’s computers which handle sensitive information like logistics, communications, war strategies, shutting down their civil utilities, like national power grid, jamming radar sites, crushing military’s computers, and downing commercial websites, etc.

•Hacker’s tools

There are so many tools available in the Net and also in the market using which anybody can do the basic hacking. A few tools are

1.DSniff — a suite of programs that can be used in penetration and auditing testing.

2.Ethereal — the widely used network protocol analyzer.

3.AirSnort — a wireless LAN (WLAN) tool which recovers encryption keys.

4.Netcat — a simple Unix utility which writes and reads data across network connections, using UDP or TCP protocol.

•Hacking in day-to-day life

To name a few…

1.Application hacking

2.Email hacking

3.Password hacking

4.Key Loggers…

•The key to winning the war against hackers…

The first step is to know both the state of one’s own network and its vulnerabilities and also the tactics hackers employ and deploy. Strategic analysts proclaim the key, to escape being hacked by somebody, is network security. But again, unfamiliarity of hacker’s activities and ignorance of how to deploy firewalls and other security features effectively can make you the hacker’s favorite target.

“Hope for the best and plan for the worst” should be the motto in drawing strategies against hackers.

More »

Tags: buffer overflow, email, firewalls, Hacker, Hacker Attitudes, hackers, hacking, ignorance, key loggers, knowledge, password