- Information security research teams exist—to try to find these holes and notify vendors before they are exploited. There is a beneficial competition occurring between the Hackers securing systems and the Hackers breaking into those systems. This competition provides us with better and stronger security, as well as more complex and sophisticated attack techniques.
- Defending Hackers create Detection Systems to track attacking Hackers, while the attacking Hackers develop bypassing techniques, which are eventually resulted in bigger and better detecting and tracking systems. The net result of this interaction is positive, as it produces smarter people, improved security, more stable software, inventive problem-solving techniques, and even a new economy.
- Now when you need protection from Hackers, whom you want to call, “The Ethical Hackers”. An Ethical Hacker possesses the skills, mindset, and tools of a Hacker but is also trustworthy. Ethical Hackers perform the hacks as security tests computer systems.
- Ethical Hacking — also known as Penetration Testing or White-Hat Hacking —involves the same Tools, Tricks and Techniques that Hackers use, but with one major difference:
- Ethical hacking is Legal.
- Ethical hacking is performed with the target’s permission. The intent of Ethical Hacking is to discover vulnerabilities from a Hacker’s viewpoint so systems can be better secured. Ethical Hacking is part of an overall information Risk Management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.
- As Hackers expand their knowledge, so should you. You must think like them to protect your systems from them.
- Ethical Hacker, know activities attackers carry out and how to stop their efforts. They know what to look for and how to use that information to thwart Hackers’ efforts.
Information Security, Ethical Hacking, website Security, Database Security, IT Audit and Compliance, Security news, Programming, Linux and Security.
Thursday, 13 December 2012
Prevention from Hackers
What can be done to prevent Hackers from finding new holes in software and exploiting them?
Why Hackers Hack?
- The main reason why Hackers hack is because they can hack.
- Hacking is a casual hobby for some Hackers — they just hack to see what they can hack and what they can’t hack, usually by testing their own systems.
- Many Hackers are the guys who get kicked out of corporate and government IT and security organizations. They try to bring down the status of the organization by attacking or stealing information.
- The knowledge that malicious Hackers gain and the ego that comes with that knowledge is like an addiction. Some Hackers want to make your life miserable, and others simply want to be famous. Some common motives of malicious Hackers are revenge, curiosity, boredom, challenge, theft for financial gain, blackmail, extortion, and corporate work pressure.
- Many Hackers say they do not hack to harm or profit through their bad activities, which helps them justify their work. They often do not look for money full of pocket. Just proving a point is often a good enough reward for them.
Overview of Denial of Service
Technologically—the primary goal of an attack is to deny the victim(s) access to a particular resource. It is an explicit attempt by attackers to prevent legitimate users of a computer-related service from using that service. But, as any information and network security issue, combating denial of service is primarily an
exercise in risk management. To mitigate the risk, you need to make business decisions as well as technical decisions.
In general, systems and networks can be engineered to respond to a DoS attack by doing one of these things:
How to Detect Denial Of Service Attack
A DoS attack can be detected via normal monitoring of inbound traffic volumes and other performance metrics. However, the first indication of attack often comes from internal help desk calls reporting that one or more services have become unavailable, or from external customers unable to contact your public web server. Upon examination, traffic volumes on the various network segments leading to the attack target may be found to be far higher than normal, perhaps saturated, or the target server's incoming connection queue may be filled, rendering the server unresponsive. Other substantiating evidence may be present, such as a marked increase in dropped packets on some segments or a substantial increase in firewall log entries. External connectivity may suffer, perhaps causing DNS lookups to fail and thus many second order internal failures. A DoS attack is generally not subtle, and makes itself known in ways that are hard to miss.
Note that it is also important to keep an eye on your outbound network utilization
numbers. This will help you detect the situation where an intruder has commandeered a
compromised machine inside your perimeter and is using it to generate flood traffic
against an external host.
exercise in risk management. To mitigate the risk, you need to make business decisions as well as technical decisions.
In general, systems and networks can be engineered to respond to a DoS attack by doing one of these things:
- Absorb the attack. This implies that additional capacity has already been planned for, installed, and tested before an attack begins. On the negative side, there is an additional resource cost for this excess capacity even when no attacks are currently under way.
- Degrade services. Once the critical services have been identified, it may be possible to design the network, systems, and applications in such a way that noncritical services can be degraded in favor of keeping critical services functional through an attack. If the attack is protracted or extremely heavy, it may become necessary to completely disable noncritical services to provide additional capacity to critical services.
- Shut down services. It is plausible that an organization could decide to simply shut down all services until an attack has subsided. While certainly not an optimal choice, it may be a reasonable response for some.
How to Detect Denial Of Service Attack
A DoS attack can be detected via normal monitoring of inbound traffic volumes and other performance metrics. However, the first indication of attack often comes from internal help desk calls reporting that one or more services have become unavailable, or from external customers unable to contact your public web server. Upon examination, traffic volumes on the various network segments leading to the attack target may be found to be far higher than normal, perhaps saturated, or the target server's incoming connection queue may be filled, rendering the server unresponsive. Other substantiating evidence may be present, such as a marked increase in dropped packets on some segments or a substantial increase in firewall log entries. External connectivity may suffer, perhaps causing DNS lookups to fail and thus many second order internal failures. A DoS attack is generally not subtle, and makes itself known in ways that are hard to miss.
Note that it is also important to keep an eye on your outbound network utilization
numbers. This will help you detect the situation where an intruder has commandeered a
compromised machine inside your perimeter and is using it to generate flood traffic
against an external host.
Types of Hackers on the basis of activities performed by them.
A Hacker is a person who is interested in the working of any computer Operating system. Most often, Hackers are programmers. Hackers obtain advanced knowledge of operating systems and programming languages. They may know various security holes within systems and the reasons for such holes. Hackers constantly seek further knowledge, share what they have discovered, and they never have intentions about damaging or stealing data.
Who then is a Cracker?
- A Cracker is a person who breaks into other people systems, with malicious intentions. Crackers gain unauthorized access, destroy important data, stop services provided by the server, or basically cause problems for their targets. Crackers can easily be identified because their actions are malicious.
- Whatever the case, most people give Hacker a negative outline. Many malicious Hackers are electronic thieves. Just like anyone can become a thief, or a robber, anyone can become a Hacker, regardless of age, gender, or religion. Technical skills of Hackers vary from one to another. Some Hackers barely know how to surf the Internet, whereas others write software that other Hackers depend upon
White Hat Hacker
- A White Hat Hacker is computer guy who perform Ethical Hacking. These are usually security professionals with knowledge of hacking and the Hacker toolset and who use this knowledge to locate security weaknesses and implement counter measures in the resources.
- They are also known as an Ethical Hacker or a Penetration Tester. They focus on Securing and Protecting IT Systems.
- A Black Hat Hacker is computer guy who performs Unethical Hacking. These are the Criminal Hackers or Crackers who use their skills and knowledge for illegal or malicious purposes. They break into or otherwise violate the system integrity of remote machines, with malicious intent.
- These are also known as an Unethical Hacker or a Security Cracker. They focus on Security Cracking and Data stealing.
- A Grey Hat Hacker is a Computer guy who sometimes acts legally, sometimes in good will, and sometimes not.
- They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.
- They are hybrid between White Hat and Black Hat Hackers.
- Another type of Hackers are Hacktivists, who try to broadcast political or social messages through their work. A Hacktivist wants to raise public awareness of an issue. Examples of hacktivism are the Web sites that were defaced with the Jihad messages in the name of Terrorism.
- There are Hackers who are called Cyber Terrorists, who attack government computers or public utility infrastructures, such as power stations and air-traffic-control towers. They crash critical systems or steal classified government information. While in a conflict with enemy countries some government start Cyber war via Internet.
- Next and the most dangerous class of Hackers is Script kiddies, They are the new generation of users of computer who take advantage of the Hacker tools and documentation available for free on the Internet but don’t have any knowledge of what’s going on behind the scenes. They know just enough to cause you headaches but typically are very sloppy in their actions, leaving all sorts of digital fingerprints behind. Even though these guys are the teenage Hackers that you hear about in the news media, they need minimum skills to carry out their attacks.
- Script Kiddies are the bunnies who use script and programs developed by others to attack computer systems and Networks. They get the least respect but are most annoying and dangerous and can cause big problems without actually knowing what they are doing.
- The Real Hackers are the Coders, the ones who revise the methods and create tools that are available in the market. Coders can find security holes and weaknesses in software to create their own exploits. These Hackers can use those exploits to develop fully patched and secure systems.
- Coders are the programmers who have the ability to find the unique vulnerability in existing software and to create working exploit codes. These are the individuals with a deep understanding of the OSI Layer Model and TCP/IP Stacks.
Subscribe to:
Posts (Atom)