But What Is Means Hacker..?
possible
characteristics that qualify one as a hacker, which we paraphrase here:
- A person who enjoys learning details of a programming language or system
- A person who enjoys actually doing the programming rather than just theorizing about it
- A person capable of appreciating someone else's hacking
- A person who picks up programming quickly
- A person who is an expert at a particular programming language or system, as in "UNIX hacker"
The Meaning of " Hack "
Hacking might be characterized as ‘an appropriate application of ingenuity’. Whether the result is a quick-and-dirty patchwork job or a carefully crafted work of art, you have to admire the cleverness that went into it.
An important secondary meaning of hack is ‘a creative practical joke’. This kind of hack is easier to explain to non-hackers than the programming kind. Of course, some hacks have both natures; see the lexicon entries for pseudo and kgbvax. But here are some examples of pure practical jokes that illustrate the hacking spirit:
Remember...
Hacker is a term used by some to mean "a clever programmer" and by others, especially those in popular media, to mean "someone who tries to break into computer systems."
Types Of Hacker's
White Hat Hacker
A white hat hacker breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker. This classification also includes individuals who perform penetration tests and vulnerability assessments within a contractual agreement. The EC-Council, also known as the International Council of Electronic Commerce Consultants, is one of those organisations that have developed certifications, courseware, classes, and online training covering the diverse arena of Ethical Hacking.
HERE IS SOME WHITE HAT HACKERS----
1. Stephen Wozniak (white hat)
Nicknamed Woz, he is often referred to as the other Steve of Apple. Wozniak and Steve Jobs, co-founded Apple Computer.
Woz started his hacking making blue boxes, which are devices that
bypass telephone switching mechanisms enabling users to make free long
distance calls. Woz and Jobs sold these blue boxes to their classmates
in college and even used a blue box to call the Pope while pretending to
be Henry Kissinger.
Wozniak
dropped out of college and invented the compute that made him famous.
Jobs had the idea to sell the computer as a fully assembled PC board.
The idea was conceived and developed in Jobs garage. Wozniak and Jobs
sold the first 100 of the Apple I to a local dealer for $666.66 each.
Woz currently focuses on philanthropy and no longer works full time for Apple. "Wozniak 'adopted' the Los Gatos School District, providing students and teachers with hands-on teaching and donations of state-of-the-art technology equipment."
2. Tim Berners-Lee (white hat)
Berners-Lee is credited with being the inventor of the World Wide Web. Berners-Lee has been honored with numerous recognitions incuding the Millennium Technology Prize.
Berners-Lee
was first caught hacking access codes with a friend while a student at
Oxford University. He was then banned from the University computers.
Berners-Lee
realized that hypertext could be joined with the Internet. Berners-Lee
recounts how he put them together: "I just had to take the hypertext
idea and connect it to the TCP and DNS ideas and – ta-da! – the World Wide Web."
Since his creation of the World Wide Web, Berners-Lee founded the World Wide Web
Consortium at MIT. The W3C describes itself as "an international
consortium where Member organizations, a full-time staff and the public
work together to develop Web standards." Berners-Lee's World Wide Web idea, as well as standards from the W3C, is distributed freely with no patent or royalties due.
3. Linus Torvalds (white hat)
Torvalds fathered Linux, the very
popular Unix-based operating system. He calls himself "an engineer," and
has said that his aspirations are simple, "I just want to have fun making the best damn operating system I can."
Torvalds
got his start in computers with a Commodore VIC-20, an 8-bit home
computer. He then moved on to a Sinclair QL. Wikipedia reports that he
modified the Sinclair "extensively, especially its operating system."
Specifically, Torvalds hacks included "an assembler and a text editor…as
well as a few games."
Torvalds
created the Linux kernel in 1991, using the Minix operating system as
inspiration. He started with a task switcher in Intel 80386 assembly and
a terminal driver. After that, he put out a call for others to
contribute code, which they did. Currently, only about 2 percent of the
current Linux kernel is written by Torvalds himself. The success
of this public invitation to contribute code for Linux is touted as one
of the most prominent examples of free/open source software.
Currently,
Torvalds serves as the Linux ringleader, coordinating the code that
volunteer programmers contribute to the kernel. He has had an asteroid
named after him and received honorary doctorates from Stockholm
University and University of Helsinki. He was also featured in Time
Magazine's "60 Years of Heroes."
4. Richard Stallman (white hat)
Stallman's fame derives from the GNU
Project, which he founded to develop a free operating system. For this,
he's known as the father of free software. His "Serious Bio" asserts,
"Non-free software keeps users divided and helpless, forbidden to share
it and unable to change it. A free operating system is essential for
people to be able to use computers in freedom."
Stallman,
who prefers to be called rms, got his start hacking at MIT. He worked
as a "staff hacker" on the Emacs project and others. He was a critic of
restricted computer access in the lab. When a password system was
installed, Stallman broke it down, resetting passwords to null strings,
then sent users messages informing them of the removal of the password
system.
Stallman's crusade for free
software started with a printer. At the MIT lab, he and other hackers
were allowed to modify code on printers so that they sent convenient
alert messages. However, a new printer came along – one that they were
not allowed to modify. It was located away from the lab and the absence
of the alerts presented an inconvenience. It was at this point that he
was "convinced…of the ethical need to require free software."
With
this inspiration, he began work on GNU. Stallman wrote an essay, "The
GNU Project," in which he recalls choosing to work on an operating
system because it's a foundation, "the crucial software to use a
computer." At this time, the GNU/Linux version of the operating system
uses the Linux kernel started by Torvalds. GNU is distributed under
"copyleft," a method that employs copyright law to allow users to use,
modify, copy and distribute the software.
Stallman's life continues to revolve around the promotion
of free software. He works against movements like Digital Rights
Management (or as he prefers, Digital Restrictions Management) through
organizations like Free Software Foundation and League for Programming
Freedom. He has received extensive recognition for his work, including
awards, fellowships and four honorary doctorates.
5. Tsutomu Shimomura (white hat)
Shimomura reached fame in an unfortunate
manner: he was hacked by Kevin Mitnick. Following this personal attack,
he made it his cause to help the FBI capture him.
Shimomura's
work to catch Mitnick is commendable, but he is not without his own
dark side. Author Bruce Sterling recalls: "He pulls out this AT&T
cellphone, pulls it out of the shrinkwrap, finger-hacks it, and starts monitoring phone calls going up and down Capitol Hill while an FBI agent is standing at his shoulder, listening to him."
Shimomura
out-hacked Mitnick to bring him down. Shortly after finding out about
the intrusion, he rallied a team and got to work finding Mitnick. Using
Mitnick's cell phone, they
tracked him near Raleigh-Durham International Airport. The article,
"SDSC Computer Experts Help FBI Capture Computer Terrorist" recounts how
Shimomura pinpointed Mitnick's location. Armed with a technician from
the phone company, Shimomura "used a cellular frequency
direction-finding antenna hooked up to a laptop to narrow the search to
an apartment complex." Mitnick was arrested shortly thereafter.
Following the pursuit, Shimomura wrote a book about the incident with
journalist John Markoff, which was later turned into a movie.
Black Hat Hackers
A "black hat hacker" (also known as a cracker) is a hacker who
violates computer security with malicious intent or for personal gain.
Black hat hackers form the stereotypical illegal hacking groups often
portrayed in pop culture, and are "the epitome of all that the public
fears in a computer criminal".
Black hat hackers break into secure networks to destroy data or make
the network unusable for those who are authorized to use the network.
They choose their targets using a two-pronged process known as the
"pre-hacking stage".
1. Kevin Mitnick.(black hat)
Mitnick is perhaps synonymous with
Hacker. The Department of Justice still refers to him as "the most
wanted computer criminal in United States history." His accomplishments
were memorialized into two Hollywood movies: Takedown and Freedom
Downtime.
Mitnick got his start
by exploiting the Los Angeles bus punch card system and getting free
rides. Then similar to Steve Wozniak, of Apple, Mitnick tried Phone
Phreaking. Mitnick was first convicted for hacking into the Digital
Equipment Corporation's computer network and stealing software.
Mitnick
then embarked on a two and a half year coast to coast hacking spree. He
has stated that he hacked into computers, scrambled phone networks,
stole corporate secrets and hacked into the national defense warning
system. His fall came when he hacked into fellow computer expert and
hacker Tsutomu Shimomura's home computer.
Mitnick
is now a productive member of society. After serving 5 years and 8
months in solitary confinement, he is now a computer security author,
consultant and speaker.
2. Adrian Lamo (black hat)
Lamo hit major organizations hard,
hacking into Microsoft and The New York Times. Lamo would use Internet
connections at coffee shops, Kinko's and libraries to achieve his feats
earning him the nickname "The Homeless Hacker". Lamo frequently found
security flaws and exploited them. He would often inform the companies
of the flaw.
Lamo's hit list
includes Yahoo!, Citigroup, Bank of America and Cingular. Of course
White Hat Hackers do this legally because they are hired by the company
to such, Lamo however was breaking the law.
Lamo's
intrusion into The New York Times intranet placed him squarely into the
eyes of the top cyber crime offenders. For this crime, Lamo was ordered
to pay $65,000 in restitution. Additionally, he was sentenced to six
months home confinement and 2 years probation. Probation expired January
of 2007. Lamo now is a notable public speaker and award winning
journalist.
3. Jonathan James (black hat)
At 16 years old, James gained enormous
notoriety when he was the first minor to be sent to prison for hacking.
He later admitted that he was just having fun and looking around and
enjoyed the challenge.
James
hit high profile organizations including the Defense Threat Reduction
Agency, which is an agency of the Department of the Defense. With this
hack he was able to capture usernames and passwords and view highly
confidential emails.
High on
James list, James also hacked in NASA computers and stole software
valued at over $1.7 million. The Justice Department was quoted as
saying: "The software stolen by James supported the International Space
Station's physical environment, including control of the temperature and
humidity within the living space." Upon discovering this hack, NASA had
to shut dow its entire computer system costing taxpayers $41,000. Today
James aspires to start a computer security company.
4. Robert Tappan Morris (black hat)
Morris is the son of a former National
Security Agency scientist named Robert Morris. Robert is the creator of
the Morris worm. This worm was credited as the first computer worm
spread through the Internet. Because of his actions, he was the first
person to be prosecuted under the 1986 Computer Fraud and Abuse Act.
Morris
created the worm while at Cornell as a student claiming that he
intended to use the worm to see how large the Internet was at the time.
The worm, however, reproduced itself uncontrollably, shutting down many
computers until they had completely malfunctioned. Experts claim 6,000
machines were destroyed. Morris was ultimately sentenced to three years'
probation, 400 hours of community service and assessed a $10,500 fine.
Morris
is now a tenured professor at the MIT Computer Science and Artificial
Intelligence Laboratory. His focus is computer network architecture.
5. Kevin Poulsen (black hat)
Frequently referred to as Dark Dante,
Poulsen gained national recognition for his hack into Los Angeles
radio's KIIS-FM phone lines. These actions earned him a Porsche among
many other items.
The FBI began
to search for Poulson, when he hacked into the FBI database and federal
computers for sensitive wiretap information. Poulsen's specialty was
hacking into phone lines and he frequently took over all of a station's
phone lines. Poulson also reactivated old Yellow Page escort telephone
numbers for a partner who operated a virtual escort agency. Poulson was
featured on Unsolved Mysteries and then captured in a supermarket. He
was assessed a sentence of five years.
Since
his time in prison, Poulsen has worked as a journalist and was promoted
to senior editor for Wired News. His most popular article details his
work on identifying 744 sex offenders with Myspace profiles
British teenagers criminal hackers
Two British teenagers have been arrested
for stealing the details of more than 65,000 bank accounts from
computers infected with malware and selling them on an underground
carding forum. According to UK authorities more than £8 million ($12
million) have been stolen from the compromised accounts.
-----------NICK
Nick
Webber, 18, of Southsea, Hants, and Ryan Thomas, 17, of Seer Green,
Bucks, have met on a social networking website around two years ago.
After they became good friends, the two computer enthusiasts came up
with a plan to steal banking details by infecting others with
information stealing trojans.
The authorities tracked them
down after reading the ads they posted on a carding forum that was being
monitored as part of an ongoing investigation. The Sun reports that US
bank account details were being sold for $3 a piece, European Union ones
for $5, while UK accounts were the most expensive and cost $7.
In
addition to selling stolen bank account details, the two hackers were
advising their customers on how to abuse them to buy good, wire money or
pay for other services. From the money made, the teenagers were also
living it high. In a photos posted on his Facebook page, Webber is seen
showing off his designer clothes and expensive accessories.
----------RAYAN THOMAS
Maintaining
information stealing botnets is a very lucrative business for
cybercrooks. According toprevious research into the underground economy
from Kaspersky Lab, the details for a stolen bank account can rack
anything between $1 and $1,500, depending on its balance and freshness.
Complete personal information, that can be used for identity theft costs
between $5 and $8 for an American and two or three times more for
Europeans.
The
fact that the two UK fraudsters were very young when they started their
illegal activities is not as shocking if we consider the wide
availability of crimeware toolkits like ZeuS. This type of applications
allow generating customized banking trojans at the push of a button,
making it much more easier for inexperienced individuals to engage in
cybercrime.
The Stepes Of Hacking Which Most hacker follows
- Part 1: Targeting
- The hacker determines what network to break into during this phase. The target may be of particular interest to the hacker, either politically or personally, or it may be picked at random. Next, they will port scan a network to determine if it is vulnerable to attacks, which is just testing all ports on a host machine for a response. Open ports—those that do respond—will allow a hacker to access the system.
- Part 2: Research and Information Gathering
- It is in this stage that the hacker will visit or contact the target in some way in hopes of finding out vital information that will help them access the system. The main way that hackers get desired results from this stage is from "social engineering", which will be explained below. Aside from social engineering, hackers can also use a technique called "dumpster diving". Dumpster diving is when a hacker will literally search through users' garbage in hopes of finding documents that have been thrown away, which may contain information a hacker can use directly or indirectly, to help them gain access to a network.
- Part 3: Finishing The Attack
- This is the stage when the hacker will invade the primary target that he/she was planning to attack or steal from. Many "hackers" will be caught after this point, lured in or grabbed by any data also known as a honeypot (a trap set up by computer security personnel).
Click here to view Orignal Source
Gray Hat Hacker
Grey Hat Hackers
A grey hat hacker is someone who is in between these two concepts. He may use his skills for legal or illegal acts, but not for personal gains. Grey hackers use their skills in
order to prove themselves that they can accomplish a determined feat, but never do it in order to make money out of it. The moment they cross that boundary, they become black hackers.
A grey hat may refer to role a variety of IT-related areas. In the hacking community refers to a skilled hacker whose activities fall somewhere between white and black hat hackers on a variety of spectra. It may relate to whether they sometimes arguably act illegally, though in good will, or to show how they disclose vulnerabilities. They usually do not hack for personal gain or have malicious intentions, but may be prepared to technically commit crimes during the course of their technological exploits in order to achieve better security.Whereas white hat hackers will tend to advise companies of security exploits quietly, grey hat hackers are prone to "advise the hacker community as well as the vendors and then watch the fallout".
In the search engine optimisation community, a greyhat refers a the “questionable” category for search engine optimisation. This is not the against search engine guidelines or generally considered an ethical way to SEO your site, but it is not considered search engine spam, yet. You may be able to get away with Grey Hat tactics and avoid search engine penalties but members of the web community may realise what you are doing and this could effect your online reputation.
Black Hat SEO refers to illegitimate (against search engine guidelines) and ilegal optimisation tactics and White Hat SEO refers to legitimate and proper ways to optimise your website.
Gray Hat Hacker
Grey Hat Hackers
A grey hat hacker is someone who is in between these two concepts. He may use his skills for legal or illegal acts, but not for personal gains. Grey hackers use their skills in
order to prove themselves that they can accomplish a determined feat, but never do it in order to make money out of it. The moment they cross that boundary, they become black hackers.
For example, they may hack the
computer network of a public agency, let us say, NOAA. That is a federal crime.
If the authorities capture them, they will feel the long arm of justice. However, if they only get inside, and post, let us say, their handle, and get out without causing any kind of damage, then they can be considered grey hackers.
If you want to know more about hackers, then you can attend one of their annual conventions. Every year, hackers from all over the US, and from different parts of the world, reunite and meet at DEF CON. These conventions are much concurred. In the last one, 6,600 people attended it.
If the authorities capture them, they will feel the long arm of justice. However, if they only get inside, and post, let us say, their handle, and get out without causing any kind of damage, then they can be considered grey hackers.
If you want to know more about hackers, then you can attend one of their annual conventions. Every year, hackers from all over the US, and from different parts of the world, reunite and meet at DEF CON. These conventions are much concurred. In the last one, 6,600 people attended it.
Every year, DEF CON is celebrated at Las Vegas, Nevada. However, hackers
are not the only ones who go to this event. There are also computer journalists,
computer security professionals, lawyers, and employees of the federal
government. The event is composed by tracks of different kind, all of them
related, in some way, to the world of hackers (computer security, worms,
viruses, new technologies, coding, etc). Besides the tracks, there are contests
that involve hacking computers, l ock picking and even robot related events.
Ethical hacking, white hat hacking or whatever names
you wish to use, at the end, it has a purpose: to protect the systems of organizations,
public or private, around the world. After all, hackers can now be located
anywhere, and they can be counted by the millions. Soon, concepts like white
hat, linux operating system or grey hat will become common knowledge. A real
proof of how much has our society been influenced by technology.
A grey hat may refer to role a variety of IT-related areas. In the hacking community refers to a skilled hacker whose activities fall somewhere between white and black hat hackers on a variety of spectra. It may relate to whether they sometimes arguably act illegally, though in good will, or to show how they disclose vulnerabilities. They usually do not hack for personal gain or have malicious intentions, but may be prepared to technically commit crimes during the course of their technological exploits in order to achieve better security.Whereas white hat hackers will tend to advise companies of security exploits quietly, grey hat hackers are prone to "advise the hacker community as well as the vendors and then watch the fallout".
In the search engine optimisation community, a greyhat refers a the “questionable” category for search engine optimisation. This is not the against search engine guidelines or generally considered an ethical way to SEO your site, but it is not considered search engine spam, yet. You may be able to get away with Grey Hat tactics and avoid search engine penalties but members of the web community may realise what you are doing and this could effect your online reputation.
Black Hat SEO refers to illegitimate (against search engine guidelines) and ilegal optimisation tactics and White Hat SEO refers to legitimate and proper ways to optimise your website.
Hacking Methods And Prevention
What is phishing and how to be safe from phishing ?
What is Phishing ?
Phishing is one of the type of hacking . It is a method of acquiring sensitive information such as username, password, bank information etc. Phishing page could be saif as an duplicate page of real one. Its look exactly similar as the real page.But when user enter sensitive information on such phishing page his information is send to the E-mail address provided in the phishing page or you can say the one who created that phishing page. Phishing page is mostly send via mail. Target of phishing are mostly social networking sites like facebook, orkut etc. Also Banks website to acquire credit card details,website like yahoo, gmail are also target of phishing.
Example of Phishing scams:
- Email asking you to login to your locked account to unlock it.
- Email carrying a Link to sites like Facebook,yahoo etc and asking you to Login.
- Emails containing some Information of your Interest and asking you to Login to Your Account.
How to be safe from phishing ?
- To prevent From Phishing Use Virus scanner as well as website Scanner For prevention of Phishing attempts.
- Never log in to any of your account through link provided in the Email.
- Go to real website don't click on any link posted anywhere. such as link posted on your Facebook wall by friend or link provided in comments or link to ceratin website on any blog.
- Check the URL of website before entering any sensitive information. Because the URL of phishing page is not same as the URL of real one.
- Real gmail page looks like gmail.com while phishing looks different somthing like gmail.anything.com in this phishing page you will found (on address bar) where you tye the web address this page redirects to the unknown or diffrent from G-mail or any social media side. so please alwase keep watch on your browser's address bar Otherwise you will be HACKED....!
To Prevent form phishing or hacking attempts alwase use Web filtering softwere
Silicon Valley startup ZeroVulnerabilityLabs has made available a free program it claims stops malware from exploiting a wide range of software vulnerabilities regardless of whether these flaws are publically known or not.
Available now in a beta version for consumers and non-profits
Security innovations pop up from time to time and this one represents a lateral approach to what has become a major – possibly the major issue – for consumers and businesses alike; how to secure PCs when software flaws crop up on an almost daily basis.
The overwhelming majority of Windows malware attacks now hook into common flaws as a way of infecting their targets with many automated using commercial exploit kits serving attacks from compromised websites. Patching is one answer but this can be exhausting. The number of flaws has become a major overhead even for single consumers.
At the same time it has become apparent that conventional antivirus software isn’t stopping all or even most of this kind of malware which raises an obvious question: what is ExploitShield doing that is different?
The company is keeping its technology to itself but describes the approach as “anti-exploit” or “application shielding,” and claims it was able to block recent high-profile zero-day exploit attacks that hit Internet Explorer and Java.
If ZeroVulnerabilityLabs has come up with software that can do that with any reliability it will become a very hot property indeed.
What it is not, for now, is whitelisting, blacklisting, sandboxing, nor does it fingerprint malware, an approach it rightly identifies as obsolete. Heuristics? The company seems not to like that term either in its online literature.
“When ExploitShield detects a shielded application being exploited it automatically stops the malicious code from executing. Once stopped it will automatically close the attacked application,” the company said on its website.
“ExploitShield does not need to disinfect as it prevents all vulnerability-driven infections in the first place.”
Corporate users will be able to select and manage each protected application individually. The software - verison 0.7 - can be downloaded from the firm's website with beta testers being sought.
DOWNLOAD HERE
The most common methods used by Hackers.
The most common methods used by intruders to gain control of home computers are briefly described below.
- Trojan horse programs
- Back door and remote administration programs
- Denial of service
- Being an intermediary for another attack
- Unprotected Windows shares
- Mobile code (Java/JavaScript/ActiveX)
- Cross-site scripting
- Packet sniffing
Trojan horse programs are a common way for intruders to trick you (sometimes referred to as "social engineering") into installing "back door" programs. These can allow intruders easy access to your computer without your knowledge, change your system configurations, or infect your computer with a computer virus.
On Windows computers, three tools commonly used by intruders to gain remote access to your computer are BackOrifice, Netbus, and SubSeven. These back door or remote administration programs, once installed, allow other people to access and control your computer.
Another form of attack is called a denial-of-service (DoS) attack. This type of attack causes your computer to crash or to become so busy processing data that you are unable to use it. It is important to note that in addition to being the target of a DoS attack, it is possible for your computer to be used as a participant in a denial-of-service attack on another system.
Intruders will frequently use compromised computers as launching pads for attacking other systems. An example of this is how distributed denial-of-service (DDoS) tools are used. The intruders install an "agent" (frequently through a Trojan horse program) that runs on the compromised computer awaiting further instructions. Then, when a number of agents are running on different computers, a single "handler" can instruct all of them to launch a denial-of-service attack on another system. Thus, the end target of the attack is not your own computer, but someone else’s -- your computer is just a convenient tool in a larger attack.
Unprotected Windows networking shares can be exploited by intruders in an automated way to place tools on large numbers of Windows-based computers attached to the Internet. Because site security on the Internet is interdependent, a compromised computer not only creates problems for the computer's owner, but it is also a threat to other sites on the Internet. The greater immediate risk to the Internet community is the potentially large number of computers attached to the Internet with unprotected Windows networking shares combined with distributed attack tools.
Another threat includes malicious and destructive code, such as viruses or worms, which leverage unprotected Windows networking shares to propagate.
There is great potential for the emergence of other intruder tools that leverage unprotected Windows networking shares on a widespread basis.
There have been reports of problems with "mobile code" (e.g. Java, JavaScript, and ActiveX). These are programming languages that let web developers write code that is executed by your web browser. Although the code is generally useful, it can be used by intruders to gather information (such as which web sites you visit) or to run malicious code on your computer. It is possible to disable Java, JavaScript, and ActiveX in your web browser.
A malicious web developer may attach a script to something sent to a web site, such as a URL, an element in a form, or a database inquiry. Later, when the web site responds to you, the malicious script is transferred to your browser.
You can potentially expose your web browser to malicious scripts by
following links in web pages, email messages, or newsgroup postings without knowing what they link to
using interactive forms on an untrustworthy site
viewing online discussion groups, forums, or other dynamically generated pages where users can post text containing HTML tags
A packet sniffer is a program that captures data from information packets as they travel over the network. That data may include user names, passwords, and proprietary information that travels over the network in clear text. With perhaps hundreds or thousands of passwords captured by the packet sniffer, intruders can launch widespread attacks on systems. Installing a packet sniffer does not necessarily require administrator-level access.
Relative to DSL and traditional dial-up users, cable modem users have a higher risk of exposure to packet sniffers since entire neighborhoods of cable modem users are effectively part of the same LAN. A packet sniffer installed on any cable modem user's computer in a neighborhood may be able to capture data transmitted by any other cable modem in the same neighborhood.
Using Virus Botnets And Exploits
1)What Is Computer Virus...?
A potentially damaging computer programme capable of reproducing itself causing great harm to files or other programs without permission or knowledge of the user.
Types
of viruses :
The different types of viruses are as follows :
Boot sector
viruses infect either the master boot record of the hard disk or the floppy
drive. The boot record program responsible for the booting of operating system
is replaced by the virus. The virus either copies the master boot program to
another part of the hard disk or overwrites it. They infect a computer when it
boots up or when it accesses the infected floppy disk in the floppy drive. i.e.
Once a system is infected with a boot-sector virus, any non-write-protected
disk accessed by this system will become infected.
Examples of boot- sector viruses are Michelangelo and Stoned.
2) File or Program Viruses :
Some files/programs, when executed, load the virus in the memory and perform predefined functions to infect the system. They infect program files with extensions like .EXE, .COM, .BIN, .DRV and .SYS .
Some common file viruses are Sunday, Cascade.
3) Multipartite Viruses :
A multipartite virus is a computer virus that infects multiple different target platforms, and remains recursively infective in each target. It attempts to attack both the boot sector and the executable, or programs, files at the same time. When the virus attaches to the boot sector, it will in turn affect the system’s files, and when the virus attaches to the files, it will in turn infect the boot sector.
This type of virus can re-infect a system over and over again if all parts of the virus are not eradicated.
NOTE : If you use a computer, read the newspaper,
or watch the news, you will know about computer viruses or other malware. These
are those malicious programs that once they infect your machine will start
causing havoc on your computer. What many people do not know is that there are
many different types of infections that are categorized in the general category
of Malware.
Malware
is Malware is programming or files that are developed for the purpose of doing harm. Thus, malware includes computer viruses, worms, Trojan horses, spyware, hijackers, and certain type of adware.
Backdoor
is A program that allows a remote user to execute commands and tasks on your computer without your permission. These types of programs are typically used to launch attacks on other computers, distribute copyrighted software or media, or hack other computers.
Hijackers
is A program that attempts to hijack certain Internet functions like redirecting your start page to the hijacker's own start page, redirecting search queries to a undesired search engine, or replace search results from popular search engines with their own information.
Spyware
2)What Is Botnet...?
A botnet or robot network is a group of computers running a computer application controlled and manipulated only by the owner or the software source. The botnet may refer to a legitimate network of several computers that share program processing amongst them.
Usually though, when people talk about botnets, they are talking about a group of computers infected with the malicious kind of robot software, the bots, which present a security threat to the computer owner. Once the robot software (also known as malicious software or malware) has been successfully installed in a computer, this computer becomes a zombie or a drone, unable to resist the commands of the bot commander.
2)How Botnet Spread In Systems
Usually though, when people talk about botnets, they are talking about a group of computers infected with the malicious kind of robot software, the bots, which present a security threat to the computer owner. Once the robot software (also known as malicious software or malware) has been successfully installed in a computer, this computer becomes a zombie or a drone, unable to resist the commands of the bot commander.
A botnet may be small or large depending on the complexity and sophistication of the bots used. A large botnet may be composed of ten thousand individual zombies. A small botnet, on the other hand may be composed of only a thousand drones. Usually, the owners of the zombie computers do not know that their computers and their computers’ resources are being remotely controlled and exploited by an individual or a group of malware runners through Internet Relay Chat (IRC)
There are various types of malicious bots that have already infected and are continuing to infect the internet. Some bots have their own spreaders – the script that lets them infect other computers (this is the reason why some people dub botnets as computer viruses) – while some smaller types of bots do not have such capabilities.
Different Types of Bots
Here is a list of the most used bots in the internet today, their features and command set.
XtremBot, Agobot, Forbot, Phatbot
These are currently the best known bots with more than 500 versions in the internet today. The bot is written using C++ with cross platform capabilities as a compiler and GPL as the source code. These bots can range from the fairly simple to highly abstract module-based designs. Because of its modular approach, adding commands or scanners to increase its efficiency in taking advantage of vulnerabilities is fairly easy. It can use libpcap packet sniffing library, NTFS ADS and PCRE. Agobot is quite distinct in that it is the only bot that makes use of other control protocols besides IRC.
UrXBot, SDBot, UrBot and RBot
Like the previous type of bot, these bots are published under GPL, but unlike the above mentioned bots these bots are less abstract in design and written in rudimentary C compiler language. Although its implementation is less varied and its design less sohisticated, these type of bots are well known and widely used in the internet.
GT-Bots and mIRC based bots
These bots have many versions in the internet mainly because mIRC is one of the most used IRC client for windows. GT stands for global threat and is the common name for bots scripted using mIRC. GT-bots make use of the mIRC chat client to launch a set of binaries (mainly DLLs) and scripts; their scripts often have the file extensions .mrc.
Malicious Uses of Botnets
Types Of Botnet Attack
Denial of Service Attacks
A botnet can be used as a distributed denial of service weapon. A botnet attacks a network or a computer system for the purpose of disrupting service through the loss of connectivity or consumption of the victim network’s bandwidth and overloading of the resources of the victim’s computer system. Botnet attacks are also used to damage or take down a competitor’s website.
Fast flux is a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies.
Any Internet service can be a target by botnets. This can be done through flooding the website with recursive HTTP or bulletin-board search queries. This mode of attack in which higher level protocols are utilized to increase the effects of an attack is also termed as spidering.
Spyware
Its a software which sends information to its creators about a user's activities – typically passwords, credit card numbers and other information that can be sold on the black market. Compromised machines that are located within a corporate network can be worth more to the bot herder, as they can often gain access to confidential information held within that company. There have been several targeted attacks on large corporations with the aim of stealing sensitive information, one such example is the Aurora botnet.
Adware
Its exists to advertise some commercial entity actively and without the user's permission or awareness, for example by replacing banner ads on web pages with those of another content provider.
Spamming and Traffic Monitoring
A botnet can also be used to take advantage of an infected computer’s TCP/IP’s SOCKS proxy protocol for networking appications. After compromising a computer, the botnet commander can use the infected unit (a zombie) in conjunction with other zombies in his botnet (robot network) to harvest email addresses or to send massive amounts of spam or phishing mails.
Moreover, a bot can also function as a packet sniffer to find and intercept sensitive data passing through an infected machine. Typical data that these bots look out for are usernames and passwords which the botnet commander can use for his personal gain. Data about a competitor botnet installed in the same unit is also mined so the botnet commander can hijack this other botnet.
Access number replacements are where the botnet operator replaces the access numbers of a group of dial-up bots to that of a victim's phone number. Given enough bots partake in this attack, the victim is consistently bombarded with phone calls attempting to connect to the internet. Having very little to defend against this attack, most are forced into changing their phone numbers (land line, cell phone, etc.).
Keylogging and Mass Identity Theft
An encryption software within the victims’ units can deter most bots from harvesting any real information. Unfortunately, some bots have adapted to this by installing a keylogger program in the infected machines. With a keylogger program, the bot owner can use a filtering program to gather only the key sequence typed before or after interesting keywords like PayPal or Yahoo mail. This is one of the reasons behind the massive PayPal accounts theft for the past several years.
Bots can also be used as agents for mass identity theft. It does this through phishing or pretending to be a legitimate company in order to convince the user to submit personal information and passwords. A link in these phishing mails can also lead to fake PayPal, eBay or other websites to trick the user into typing in the username and password.
Botnet Spread
Botnets can also be used to spread other botnets in the network. It does this by convincing the user to download after which the program is executed through FTP, HTTP or email.
Pay-Per-Click Systems Abuse
Botnets can be used for financial gain by automating clicks on a pay-per-click system. Compromised units can be used to click automatically on a site upon activation of a browser. For this reason, botnets are also used to earn money from Google’s Adsense and other affiliate programs by using zombies to artificially increase the click counter of an advertisement.
Examples of boot- sector viruses are Michelangelo and Stoned.
2) File or Program Viruses :
Some files/programs, when executed, load the virus in the memory and perform predefined functions to infect the system. They infect program files with extensions like .EXE, .COM, .BIN, .DRV and .SYS .
Some common file viruses are Sunday, Cascade.
3) Multipartite Viruses :
A multipartite virus is a computer virus that infects multiple different target platforms, and remains recursively infective in each target. It attempts to attack both the boot sector and the executable, or programs, files at the same time. When the virus attaches to the boot sector, it will in turn affect the system’s files, and when the virus attaches to the files, it will in turn infect the boot sector.
This type of virus can re-infect a system over and over again if all parts of the virus are not eradicated.
Ghostball was the first multipartite virus,
discovered by Fridrik Skulason in October 1989.
Other examples are Invader, Flip, etc.
Other examples are Invader, Flip, etc.
4) Stealth Viruses :
These viruses
are stealthy in nature means it uses various methods for hiding themselves to
avoid detection. They sometimes remove themselves from the memory temporarily
to avoid detection by antivirus. They are somewhat difficult to detect. When an
antivirus program tries to detect the virus, the stealth virus feeds the antivirus
program a clean image of the file or boot sector.
5) Polymorphic Viruses :
5) Polymorphic Viruses :
Polymorphic viruses have the ability to
mutate implying that they change the viral code known as the signature each
time they spread or infect. Thus an antivirus program which is scanning for
specific virus codes unable to detect it's presense.
6) Macro Viruses :
6) Macro Viruses :
A macro virus is
a computer virus that "infects" a Microsoft Word or similar
application and causes a sequence of actions to be performed automatically when
the application is started or something else triggers it. Macro viruses tend to
be surprising but relatively harmless.A macro virus is often spread as an
e-mail virus. Well-known examples are Concept Virus and Melissa Worm.
Malware
is Malware is programming or files that are developed for the purpose of doing harm. Thus, malware includes computer viruses, worms, Trojan horses, spyware, hijackers, and certain type of adware.
Backdoor
is A program that allows a remote user to execute commands and tasks on your computer without your permission. These types of programs are typically used to launch attacks on other computers, distribute copyrighted software or media, or hack other computers.
Hijackers
is A program that attempts to hijack certain Internet functions like redirecting your start page to the hijacker's own start page, redirecting search queries to a undesired search engine, or replace search results from popular search engines with their own information.
Spyware
is A program that monitors your activity or information
on your computer and sends that information to a remote computer without your Knowledge.
Adware
is A program that generates popups on your computer or
displays advertisements. It is important to note that not all adware programs
are necessarily considered malware.
There are many legitimate programs that
are given for free that display ads in their programs in order to generate
revenue. As long as this information is provided up front then they are
generally not considered malware.
Dialler
is A program that typically dials a premium rate
number that has per minute charges over and above the typical call charge.
These calls are with the intent of gaining access to pornographic material.
Trojan
is A
program that has been designed to appear innocent but has been intentionally
designed to cause some malicious activity or to provide a backdoor to your
system.
Worm
isA program that when run, has the ability to spread
to other computers on its own using either mass-mailing techniques to email
addresses found on your computer or by using the Internet to infect a remote
computer using known security holes.
2)What Is Botnet...?
A botnet or robot network is a group of computers running a computer application controlled and manipulated only by the owner or the software source. The botnet may refer to a legitimate network of several computers that share program processing amongst them.
Usually though, when people talk about botnets, they are talking about a group of computers infected with the malicious kind of robot software, the bots, which present a security threat to the computer owner. Once the robot software (also known as malicious software or malware) has been successfully installed in a computer, this computer becomes a zombie or a drone, unable to resist the commands of the bot commander.
2)How Botnet Spread In Systems
Usually though, when people talk about botnets, they are talking about a group of computers infected with the malicious kind of robot software, the bots, which present a security threat to the computer owner. Once the robot software (also known as malicious software or malware) has been successfully installed in a computer, this computer becomes a zombie or a drone, unable to resist the commands of the bot commander.
A botnet may be small or large depending on the complexity and sophistication of the bots used. A large botnet may be composed of ten thousand individual zombies. A small botnet, on the other hand may be composed of only a thousand drones. Usually, the owners of the zombie computers do not know that their computers and their computers’ resources are being remotely controlled and exploited by an individual or a group of malware runners through Internet Relay Chat (IRC)
There are various types of malicious bots that have already infected and are continuing to infect the internet. Some bots have their own spreaders – the script that lets them infect other computers (this is the reason why some people dub botnets as computer viruses) – while some smaller types of bots do not have such capabilities.
Different Types of Bots
Here is a list of the most used bots in the internet today, their features and command set.
XtremBot, Agobot, Forbot, Phatbot
These are currently the best known bots with more than 500 versions in the internet today. The bot is written using C++ with cross platform capabilities as a compiler and GPL as the source code. These bots can range from the fairly simple to highly abstract module-based designs. Because of its modular approach, adding commands or scanners to increase its efficiency in taking advantage of vulnerabilities is fairly easy. It can use libpcap packet sniffing library, NTFS ADS and PCRE. Agobot is quite distinct in that it is the only bot that makes use of other control protocols besides IRC.
UrXBot, SDBot, UrBot and RBot
Like the previous type of bot, these bots are published under GPL, but unlike the above mentioned bots these bots are less abstract in design and written in rudimentary C compiler language. Although its implementation is less varied and its design less sohisticated, these type of bots are well known and widely used in the internet.
GT-Bots and mIRC based bots
These bots have many versions in the internet mainly because mIRC is one of the most used IRC client for windows. GT stands for global threat and is the common name for bots scripted using mIRC. GT-bots make use of the mIRC chat client to launch a set of binaries (mainly DLLs) and scripts; their scripts often have the file extensions .mrc.
Malicious Uses of Botnets
Types Of Botnet Attack
Denial of Service Attacks
A botnet can be used as a distributed denial of service weapon. A botnet attacks a network or a computer system for the purpose of disrupting service through the loss of connectivity or consumption of the victim network’s bandwidth and overloading of the resources of the victim’s computer system. Botnet attacks are also used to damage or take down a competitor’s website.
Fast flux is a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies.
Any Internet service can be a target by botnets. This can be done through flooding the website with recursive HTTP or bulletin-board search queries. This mode of attack in which higher level protocols are utilized to increase the effects of an attack is also termed as spidering.
Spyware
Its a software which sends information to its creators about a user's activities – typically passwords, credit card numbers and other information that can be sold on the black market. Compromised machines that are located within a corporate network can be worth more to the bot herder, as they can often gain access to confidential information held within that company. There have been several targeted attacks on large corporations with the aim of stealing sensitive information, one such example is the Aurora botnet.
Adware
Its exists to advertise some commercial entity actively and without the user's permission or awareness, for example by replacing banner ads on web pages with those of another content provider.
Spamming and Traffic Monitoring
A botnet can also be used to take advantage of an infected computer’s TCP/IP’s SOCKS proxy protocol for networking appications. After compromising a computer, the botnet commander can use the infected unit (a zombie) in conjunction with other zombies in his botnet (robot network) to harvest email addresses or to send massive amounts of spam or phishing mails.
Moreover, a bot can also function as a packet sniffer to find and intercept sensitive data passing through an infected machine. Typical data that these bots look out for are usernames and passwords which the botnet commander can use for his personal gain. Data about a competitor botnet installed in the same unit is also mined so the botnet commander can hijack this other botnet.
Access number replacements are where the botnet operator replaces the access numbers of a group of dial-up bots to that of a victim's phone number. Given enough bots partake in this attack, the victim is consistently bombarded with phone calls attempting to connect to the internet. Having very little to defend against this attack, most are forced into changing their phone numbers (land line, cell phone, etc.).
Keylogging and Mass Identity Theft
An encryption software within the victims’ units can deter most bots from harvesting any real information. Unfortunately, some bots have adapted to this by installing a keylogger program in the infected machines. With a keylogger program, the bot owner can use a filtering program to gather only the key sequence typed before or after interesting keywords like PayPal or Yahoo mail. This is one of the reasons behind the massive PayPal accounts theft for the past several years.
Bots can also be used as agents for mass identity theft. It does this through phishing or pretending to be a legitimate company in order to convince the user to submit personal information and passwords. A link in these phishing mails can also lead to fake PayPal, eBay or other websites to trick the user into typing in the username and password.
Botnet Spread
Botnets can also be used to spread other botnets in the network. It does this by convincing the user to download after which the program is executed through FTP, HTTP or email.
Pay-Per-Click Systems Abuse
Botnets can be used for financial gain by automating clicks on a pay-per-click system. Compromised units can be used to click automatically on a site upon activation of a browser. For this reason, botnets are also used to earn money from Google’s Adsense and other affiliate programs by using zombies to artificially increase the click counter of an advertisement.
please help me to bypass my deep freeze password cause i forget my password
ReplyDelete