Hacking!!!

Here, I am gonna teach you some basic stuff about hacking. But before I do that, let me ask you a question: when computer was invented, did we think of viruses? Let me tell you my friends, no technology is predictable. Each coin has two sides. Similarly, every technology will have advantages and also dessadvantages. As Adam Smith puts beautifully, "Any new technology is indistinuishable from magic". Undubitably any technology is for the betterment of mankind but we should be cautious about its negative consequences.

So, what exactly is hacking all about? who is a hacker? why should one hack? There are basically two types of hacking; ethical and unethical. Either way of hacking is 'unauthorised access'. Hackers are classified into two categories; Black-hat hackers and White-hat hackers. Hackers know almost everything about the way software or an application works. They find the ways to do the impossible!!! They wont be satisfied with the software or an application as it is. They will try to change it in the way they like. They debog code and use trial and error methods to discover unknown and new tricks and secrets. They do break into systems but have the decency not to cause any damage or steal passwords, etc., but instead they report the hole or vulnerability to the system administrator. I can say that hackers are good people and crackers are not-so-good people.

Hacking is a greatly misrepresented activity as portrayed by the wider media and Hollywood movies. Although many hackers go on from being computer enthusiasts to Warez pirates, many also become system administrators, security consultants or website managers. This does not fit the stereotypical mould that the media likes to portray, but in many cases it is the reality.

Hacking is...

There are many good definitions available, the Concise Oxford English Dictionary for example defines a hacker as:
hacker / n
1. A person who or thing that hacks or cuts roughly.
2. A person who uses computers for a hobby, esp. to gain unauthorised access to data.

This is a simply definition, one which we will have to go beyond to understand.

Firstly, there are in essence two types of hackers, often referred to as 'white-hat' hackers and 'black-hat' hackers.

White-Hat hackers

This type of hacker enjoys learning and working with computer systems, and consequently gains a deeper understanding of the subject. Such people normally go on to use their hacking skills in legitimate ways, such as becoming security consultants. The word 'hacker' was originally used to describe people such as these.

Black-Hat hackers

This is the more conventional understanding of the term 'hacker', one that is portrayed in newspapers and films as being essentially 'chaotic', an obsessive social misfit hell-bent on the destruction of everything good about the Internet. White-hat hackers often call this kind of hacker a 'cracker', as they spend most of their time finding and exploiting system insecurities.

In reality, nobody really fits into either camp neatly. It is down to the individual's set of ethics to decide what path that they will take in their hacking career. Not all of the activities of white-hat hackers may be legal, while not all of the black-hat hackers activities are illegal, so many shades of grey exist.
The likelihood of being a target.

Many people are likely to worry about the likelihood of becoming a target for a hacker. It is common sense that if you have a computer at home and only connect to the Internet once a week for two hours, you are highly unlikely to become a victim of being hacked. Applying this logic it is possible to determine the likelihood of being hacked dependant upon your level of Internet exposure, from high-risk to low-risk:
1) Internet Security firms
2) Media-centered targets
3) Personal web sites(like mine)
4) Always-on broadband collections
5) Dial-up modem connections

Hacking techniques

The depth and variety of hacking techniques employed by hackers to illegally enter a computer system are vast, for this reason I intend to provide a brief overview of some of the more common techniques involved, without going into to much detail on any particular technique.

Hacking a system is a two-step process, Gathering Information and Launching an Attack.

Gathering information

A dedicated hacker may spend several months gathering information on the intended target before launching an attack armed with this new information. Some of the more 'hands-on' hacking techniques involved were discussed in depth in the previous section entitled "Infiltration and Trashing", but there are also more remote methods available to the hacker.

Port Scanning: A port scanner is a program that automatically detects security weaknesses in a remote system. Scanners are TCP port scanners, that attack TCP/IP ports and services (Telnet or FTP, for example), and record the response from the target. In this way, they learn valuable information about the targeted system such as if whether or not the remote system will allow an anonymous user to log in, or indeed if the system is protected by a firewall.

Many hackers simply type large amounts of IP addresses into a port scanning program and launch random attacks on many users simultaneously, hoping to strike it lucky with that one system that shows a serious weakness.

Packet Sniffing: A sniffer is a piece of software that grabs information 'packets' that travel along a network. That network could be running a protocol, such as Ethernet, TCP/IP, IPX or others. The purpose of the sniffer is to place the network interface into 'promiscuous' mode and by doing so, capture all network traffic. Looking into packets can reveal valuable information like usernames, passwords, addresses or the contents of e-mails.

Launching attacks

There are many attacks employed by hackers. Here is an overview of just some of the more common:

Denial of service (DOS)

A denial of service attack is basically an act of sabotage against a service running on a port on a targeted system. The aim is to disable the service, for example a web server, in order to prevent people from being able to access that service remotely.
A typical denial of service attack would involve sending hundreds or even thousands of connection requests to a single machine at any one time, causing the machine to crash under the strain. A more advanced approach is to send corrupt connection requests, that exploit a flaw in the service software which fails to recognise the malformed data when it attempts to process it, resulting in a system crash.
Trust relationship exploitation (Spoofing)

A 'spoofing' attack involves the hacker forging their source address, in order to use their machine to impersonate another. These machines may be operating within a 'trusted zone', for example, where each computer will challenge another trying to connect to it to identify itself. If the computer cannot authenticate itself with the computer that it is trying to connect to, the connection will not be allowed. The hacker uses this relationship to impersonate a particular computer in order to gain access, and because the authentication dialog between computers is automatic, the hacker never needs to use a username or password.

Password cracking

A password cracker is a program that attempts to decrypt or otherwise disable password protection. Often simulation tools are used to simulate the same algorithm as the original password program. Through a comparative analysis, these tools try to match encrypted versions of the password to the original. Many password crackers are simply brute-force engines that try word after word from a dictionary, often at very high speeds.

Packet fragmentation attacks

The packet fragmentation attack leads to attacks that bypass many current firewalls, because of the way datagrams reassemble. Datagrams are supposed to be fragmented into packets that leave the header portion of the packet intact except for the modification of the fragmented packet bit and the filing in of an offset in the IP header. This indicates at which byte in the whole datagram the current packet is supposed to start. Once the whole datagram is reassembled, it is processed as if it came in as a single packet.

According to the IP specification, fragmented packets are to be reassembled at the receiving host. This means that an attacker can send a TCP packet to port 80 through the firewall. The host, behind the firewall, starts to reassemble the packet. The attacker then sends a second packet that overwrite the first and gets, for example, telnet access, which was originally forbidden by the firewall.

Packet sequence attacks

In packet sequence attacks, the hacker tries to guess the random sequence number of TCP packets so that he/she can insert their own packets into a connection stream. In this way the hacker can supply new corrupt content between two hosts, while remaining largely anonymous.

Operating system exploits

All operating systems (Windows NT, Unix, Redhat Linux etc.) have their own specific vulnerabilities and bugs that need to be resolved by 'patching' the OS in order to keep it up to date. Unfortunately, many system administrators neglect to do so frequently enough, leaving their systems open to attack. Hackers, however, are very thorough in keeping abreast of all the possible vulnerabilities in all operating systems.

DNS (domain name servers) exploits

In DNS exploit attacks, the DNS cache is corrupted by the hacker. The mapping of DNS domain names and IP addresses can be changed so that traffic is redirected to bogus locations, for example to a pornography site in order to cause embarrassment to the targeted site.

FTP (file transfer protocol) bounce attacks

The main problem with FTP bounce attacks is that the hacker can use the PORT command in active FTP mode in order to establish connections with machines other the original FTP server, effectively allowing the hacker's connection to 'bounce' off the FTP server to another clients machine.

FTP core dumping

FTP core dumping enables the hacker to bring down the FTP service. A core dump may be stored on an FTP readable area, where it can then be retrieved in a following FTP session. The first few lines contain the password file that can be cracked offline. Once the hacker has the password, they can impersonate a legitimate user and remove, update or delete files at will.