|Hacking 101.3 from the December 2000 Actrix Newsletter
by Dean Moor
I am again grateful to Dean Moor for this next article in his series on hacking. To many it is a fascinating topic. It really would be a good idea for those interested but new to computers or the net to read over Dean's previous articles at:
Wow, what a month! I dont know about you, but I sure have been flat out with getting ready for Christmas. I hope you havent forgotten to update your virus definitions, there are always a few nasty surprises in some of these Christmas e-mails. Just a quick reminder and please beware of suspicious e-mails.
Anyway, getting back on track! What can a hacker do to your computer? Phew, where to start. Ok, for now I will just list a few of the most common attacks that I have come across, and attempt to explain each one in a little detail.
Firstly, there is the DDoS (Denial of Service) attacks. This is where the "Attacker" just wants to annoy you and prevent you from using the Internet. This can be done in a variety of ways, but the most common is to connect to you and then send a large amount of information to your computer flooding. Generally with 56K (or slower) modems, this is easy to do because the bandwidth is so low, so the attacker hardly has to try to successfully block you from using the Internet. I mean, your information cant get out of the driveway if someone else is parked in the way. Another method to accomplish this attack type is to crash your computer. This is a lot more complicated, and most "Attackers" wouldnt know how to do this. Briefly, the attacker creates a specially worked piece of information to send to your computer. This information is designed for only one purpose and that is to exploit or utilise a vulnerability on your computer. (If you have been keeping up with your Microsoft Updates you should be protected from most of these Exploits and Vulnerabilities). Vulnerabilities are security weaknesses in your computer's software (usually Windows) that were not fully discovered or realised at the time of release. That's why Microsoft regularly publish security updates that you really should download from http://windowsupdate.microsoft.com.
The next basic type of attack is what I call the Trojan Attack. This appears to be the most common of all attacks that I have seen and works in much the same way that a large wooden horse was used to breach the security of Troy . A Trojan program or virus must first be installed on your computer. This can be done in several ways, but the most common two are via email, and download (Set-up Files). This attack is one that I personally consider a VERY HIGH risk! Why? Simply because the attacker, when successful, has got COMPLETE Control of your system! When I say complete, I mean more control than you probably have over your own computer. Just take a look at this partial list of features one popular Trojan has;
Simple Point and Click hacking
|Did you notice the Port
Redirect? With this, the attacker can use your machine to attack someone else! Imagine if
that was the FBI, IRD, or even Police! How about the Spy Functions? Believe me when I say
that these work very well! Some Trojans even have the ability to record Keystrokes while
you are off line, and when you reconnect, the logs are sent to the person who installed
the Trojan. I am not trying to scare you here, this is simple truth. What about the System
Information? Well, This is a very detailed list, ranging from Swap File size, Logged on
user, to amount of ram, windows directory, and even the amount of Hard Drive room you have
left. Passwords? well, lets finish up when I say, none of thepasswords stored on
your machine are safe from this feature!
Now, the last basic category of attacks is very similar to the exploits. In these "Attacks" the attacker sends specific information to your computer to determine your operating system, firewall type, location etc. This information can prove to be very helpful to an attacker who may be planning to break into your machine. Why? Well, if he knows what Operating System you have, the Version and Brand of your firewall, Available Bandwidth and Location in the world he knows this;
Now, I assume when I say this that our "attacker" is a smart one who knows what they are doing, and thankfully there arent really too many of those around!
Well, I hope I didnt scare you too badly. While these situations are VERY REAL, the chances of someone doing this to you are relatively low, depending on your bandwidth and whether you have a static IP address or a dynamic one. However, without any security at all, you may as well do the damage yourself! I firmly believe that it is not a case of IF, but WHEN, and I myself would much rather lock the doors and windows, than leave them open. What do you do when you leave home?
To find out just how secure you are, try clicking the Steve Gibson and Sygate links below. You may be surprised!
and until next time, safe surfing and Merry Christmas.
Sygate's Advanced Scan Utility
SubSeven v.2.1.4 hacker's interface