What Is Hacking
The Art of exploring various security breaches is termed as Hacking.Computer Hackers have been around for so many years...
Hacking
Hacker is a word that has two meanings:Traditionally, a Hacker is someone who likes to play with Software or Electronic Systems...
Hacker Vs Cracker
What Is the Difference Between a Hacker and a Cracker? Many articles have been written about the difference between Hackers and crackers, which attempt to correct public misconceptions about hacking...
Friday, 3 August 2012
What Is A Malware
09:17
Thomas Rajasekar
29 comments
What is Malware? Malware are tools and
programs that one sets up to infect another’s system and directs them somewhere
else.the latest malware exploit that was created back in November 2011.
In November 2011, a nasty
exploit to computers that redirected DNS Servers was created and used. This
nasty virus was soon diverted by the FBI, in possibly the most friendly and
fair way our government has ever done. For months now the FBI has homed servers
to divert and fix what this malware program caused, but on July 9th 2012 the
FBI announced ending their operation and shut down these servers. The effects
have been estimated to great measures, to the fears that millions of Americans
will lose connection to the internet,and the world going up in flames due to
lack of communication. Since the Feds announcement corporations like Google
have announced programs that have been running now since the 23rd of May. These
programs scan your
computer for this DNS switcher program
"aka the nasty malware program".
Now, it is true most virus
databases are able to track down and delete malware programs on your system,
but in the new world with our new internet based technology, that may not be
the case anymore. So what does this program do? What has been leaked out of the
feds about it? Well you can rest assured our brother was arrested in November
shortly after the release of his program. Due to this fact they are assured
that they have fixed the problem, due to higher thinking we can only think they
have over looked something.
The only thing we can hope
for is that this will only affect a small handful of systems. Common users
mostly. So what is malware? Malware are programs that force you to do what
someone else wants. Malware programs create bot nets, using innocent peoples
computers/common user systems as weapons without there knowledge. For the
longest time apple users were told they wouldn’t have to worry about this
issue. Late April, early May this was proven false which also made all systems
at risk now.
So you’re probably
wondering how one would download one of these programs,which is a really good
question. Back in the dark ages, they had to be installed through third party
programs from the downloads you got for games software from untrusted sources.
Today, in the modern age of technology, these programs, like all viruses, can
be automatically uploaded to your system through cookies and random file
downloads websites through the many games we play online. Many of you readers
are also at risk due to the fact IRC servers send data packets that may contain
such files.
The only luck is that certain ISPs change up there DNS
servers monthly, corporations like Comcast, while they do this they also
release and renew IP address granting you probably the most open and free way
to have anonymous web browsing at least for the first 20 minutes from the
renewal.
Monday, 30 July 2012
Windows User Account Hacking
09:01
Thomas Rajasekar
99 comments
Windows user Account can be Hacked by using Command Prompt.This type of Hacking is done in order to gain illegal access to the user account and steal the data in the system.
Note:This type of Hacking can be done only on User Accounts which have Administrative rights.
Note:This type of Hacking can be done only on User Accounts which have Administrative rights.
Commands Used For User Account Hacking
1.To See all the account present on the Computer.
Net user
2.To change the password of a User account without knowing the old password.
Net user administrator *
3.To make a new user account.
Net user hacker /add
4.To Delete the existing user account.
Net user hacker /delete
5.To make a hidden account in the computer.{Works only with Windows XP}
Net User hacker /add
Net localgroups users hacker /delete
Note:-
To login to this hidden account press
Ctrl+Alt+Delete+Delete
And give the hidden user name in the user name field and password in password field respectively.
The term hacker refers the user name or name of the account.
Counter Measures of Windows User Account Attack
1.Change the Boot sequence in the BIOS setup.Keep Hard Disk as 1st boot drive, then CD\DVD drive as 2nd boot device and Removable port as 3rd boot device.
2.Put the BIOS password.
3.Put the physical lock behind the cabinet of PC. (Put Lock).
Saturday, 21 July 2012
10 Reasons Why PC's crash
10:30
Thomas Rajasekar
14 comments
Fatal error: The system has become unstable or is busy," it says. "Enter to return to Windows or press Control-Alt-Delete to restart your computer. If you do this you will lose any unsaved information in all open applications."
You have just been struck by the Blue Screen of Death. Anyone who uses Microsoft Windows will be familiar with this. What can you do? More importantly, how can you prevent it happening?
1 Hardware conflict
The number one reason why Windows crashes is hardware conflict. Each hardware device communicates to other devices through an interrupt request channel (IRQ). These are supposed to be unique for each device.
For example, a printer usually connects internally on IRQ 7. The keyboard usually uses IRQ 1 and the floppy disk drive IRQ 6. Each device will try to hog a single IRQ for itself.
If there are a lot of devices, or if they are not installed properly, two of them may end up sharing the same IRQ number. When the user tries to use both devices at the same time, a crash can happen. The way to check if your computer has a hardware conflict is through the following route:
* Start-Settings-Control Panel-System-Device Manager.
Often if a device has a problem a yellow '!' appears next to its description in the Device Manager. Highlight Computer (in the Device Manager) and press Properties to see the IRQ numbers used by your computer. If the IRQ number appears twice, two devices may be using it.
Sometimes a device might share an IRQ with something described as 'IRQ holder for PCI steering'. This can be ignored. The best way to fix this problem is to remove the problem device and reinstall it.
Sometimes you may have to find more recent drivers on the internet to make the device function properly. A good resource is www.driverguide.com. If the device is a soundcard, or a modem, it can often be fixed by moving it to a different slot on the motherboard (be careful about opening your computer, as you may void the warranty).When working inside a computer you should switch it off, unplug the mains lead and touch an unpainted metal surface to discharge any static electricity.
To be fair to Microsoft, the problem with IRQ numbers is not of its making. It is a legacy problem going back to the first PC designs using the IBM 8086 chip. Initially there were only eight IRQs. Today there are 16 IRQs in a PC. It is easy to run out of them. There are plans to increase the number of IRQs in future designs.
2 Bad Ram
Ram (random-access memory) problems might bring on the blue screen of death with a message saying Fatal Exception Error. A fatal error indicates a serious hardware problem. Sometimes it may mean a part is damaged and will need replacing.
But a fatal error caused by Ram might be caused by a mismatch of chips. For example, mixing 70-nanosecond (70ns) Ram with 60ns Ram will usually force the computer to run all the Ram at the slower speed. This will often crash the machine if the Ram is overworked.
One way around this problem is to enter the BIOS settings and increase the wait state of the Ram. This can make it more stable. Another way to troubleshoot a suspected Ram problem is to rearrange the Ram chips on the motherboard, or take some of them out. Then try to repeat the circumstances that caused the crash. When handling Ram try not to touch the gold connections, as they can be easily damaged.
Parity error messages also refer to Ram. Modern Ram chips are either parity (ECC) or non parity (non-ECC). It is best not to mix the two types, as this can be a cause of trouble.
EMM386 error messages refer to memory problems but may not be connected to bad Ram. This may be due to free memory problems often linked to old Dos-based programmes.
3 BIOS settings
Every motherboard is supplied with a range of chipset settings that are decided in the factory. A common way to access these settings is to press the F2 or delete button during the first few seconds of a boot-up.
Once inside the BIOS, great care should be taken. It is a good idea to write down on a piece of paper all the settings that appear on the screen. That way, if you change something and the computer becomes more unstable, you will know what settings to revert to.
A common BIOS error concerns the CAS latency. This refers to the Ram. Older EDO (extended data out) Ram has a CAS latency of 3. Newer SDRam has a CAS latency of 2. Setting the wrong figure can cause the Ram to lock up and freeze the computer's display.
Mcft Windows is better at allocating IRQ numbers than any BIOS. If possible set the IRQ numbers to Auto in the BIOS. This will allow Windows to allocate the IRQ numbers (make sure the BIOS setting for Plug and Play OS is switched to 'yes' to allow Windows to do this.).
4 Hard disk drives
After a few weeks, the information on a hard disk drive starts to become piecemeal or fragmented. It is a good idea to defragment the hard disk every week or so, to prevent the disk from causing a screen freeze. Go to
* Start-Programs-Accessories-System Tools-Disk Defragmenter
This will start the procedure. You will be unable to write data to the hard drive (to save it) while the disk is defragmenting, so it is a good idea to schedule the procedure for a period of inactivity using the Task Scheduler.
The Task Scheduler should be one of the small icons on the bottom right of the Windows opening page (the desktop).
Some lockups and screen freezes caused by hard disk problems can be solved by reducing the read-ahead optimisation. This can be adjusted by going to
* Start-Settings-Control Panel-System Icon-Performance-File System-Hard Disk.
Hard disks will slow down and crash if they are too full. Do some housekeeping on your hard drive every few months and free some space on it. Open the Windows folder on the C drive and find the Temporary Internet Files folder. Deleting the contents (not the folder) can free a lot of space.
Empty the Recycle Bin every week to free more space. Hard disk drives should be scanned every week for errors or bad sectors. Go to
* Start-Programs-Accessories-System Tools-ScanDisk
Otherwise assign the Task Scheduler to perform this operation at night when the computer is not in use.
5 Fatal OE exceptions and VXD errors
Fatal OE exception errors and VXD errors are often caused by video card problems.
These can often be resolved easily by reducing the resolution of the video display. Go to
* Start-Settings-Control Panel-Display-Settings
Here you should slide the screen area bar to the left. Take a look at the colour settings on the left of that window. For most desktops, high colour 16-bit depth is adequate.
If the screen freezes or you experience system lockups it might be due to the video card. Make sure it does not have a hardware conflict. Go to
* Start-Settings-Control Panel-System-Device Manager
Here, select the + beside Display Adapter. A line of text describing your video card should appear. Select it (make it blue) and press properties. Then select Resources and select each line in the window. Look for a message that says No Conflicts.
If you have video card hardware conflict, you will see it here. Be careful at this point and make a note of everything you do in case you make things worse.
The way to resolve a hardware conflict is to uncheck the Use Automatic Settings box and hit the Change Settings button. You are searching for a setting that will display a No Conflicts message.
Another useful way to resolve video problems is to go to
* Start-Settings-Control Panel-System-Performance-Graphics
Here you should move the Hardware Acceleration slider to the left. As ever, the most common cause of problems relating to graphics cards is old or faulty drivers (a driver is a small piece of software used by a computer to communicate with a device).
Look up your video card's manufacturer on the internet and search for the most recent drivers for it.
6 Viruses
Often the first sign of a virus infection is instability. Some viruses erase the boot sector of a hard drive, making it impossible to start. This is why it is a good idea to create a Windows start-up disk. Go to
* Start-Settings-Control Panel-Add/Remove Programs
Here, look for the Start Up Disk tab. Virus protection requires constant vigilance.
A virus scanner requires a list of virus signatures in order to be able to identify viruses. These signatures are stored in a DAT file. DAT files should be updated weekly from the website of your antivirus software manufacturer.
An excellent antivirus programme is McAfee VirusScan by Network Associates ( www.nai.com). Another is Norton AntiVirus 2000, made by Symantec ( www.symantec.com).
7 Printers
The action of sending a document to print creates a bigger file, often called a postscript file.
Printers have only a small amount of memory, called a buffer. This can be easily overloaded. Printing a document also uses a considerable amount of CPU power. This will also slow down the computer's performance.
If the printer is trying to print unusual characters, these might not be recognised, and can crash the computer. Sometimes printers will not recover from a crash because of confusion in the buffer. A good way to clear the buffer is to unplug the printer for ten seconds. Booting up from a powerless state, also called a cold boot, will restore the printer's default settings and you may be able to carry on.
8 Software
A common cause of computer crash is faulty or badly-installed software. Often the problem can be cured by uninstalling the software and then reinstalling it. Use Norton Uninstall or Uninstall Shield to remove an application from your system properly. This will also remove references to the programme in the System Registry and leaves the way clear for a completely fresh copy.
The System Registry can be corrupted by old references to obsolete software that you thought was uninstalled. Use Reg Cleaner by Jouni Vuorio to clean up the System Registry and remove obsolete entries. It works on Windows 95, Windows 98, Windows 98 SE (Second Edition), Windows Millennium Edition (ME), NT4 and Windows 2000.
Read the instructions and use it carefully so you don't do permanent damage to the Registry. If the Registry is damaged you will have to reinstall your operating system. Reg Cleaner can be obtained from www.jv16.org
Often a Windows problem can be resolved by entering Safe Mode. This can be done during start-up. When you see the message "Starting Windows" press F4. This should take you into Safe Mode.
Safe Mode loads a minimum of drivers. It allows you to find and fix problems that prevent Windows from loading properly.
Sometimes installing Windows is difficult because of unsuitable BIOS settings. If you keep getting SUWIN error messages (Windows setup) during the Windows installation, then try entering the BIOS and disabling the CPU internal cache. Try to disable the Level 2 (L2) cache if that doesn't work.
Remember to restore all the BIOS settings back to their former settings following installation.
9 Overheating
Central processing units (CPUs) are usually equipped with fans to keep them cool. If the fan fails or if the CPU gets old it may start to overheat and generate a particular kind of error called a kernel error. This is a common problem in chips that have been overclocked to operate at higher speeds than they are supposed to.
One remedy is to get a bigger better fan and install it on top of the CPU. Specialist cooling fans/heatsinks are available from www.computernerd.com or www.coolit.com
CPU problems can often be fixed by disabling the CPU internal cache in the BIOS. This will make the machine run more slowly, but it should also be more stable.
10 Power supply problems
With all the new construction going on around the country the steady supply of electricity has become disrupted. A power surge or spike can crash a computer as easily as a power cut.
If this has become a nuisance for you then consider buying a uninterrupted power supply (UPS). This will give you a clean power supply when there is electricity, and it will give you a few minutes to perform a controlled shutdown in case of a power cut.
It is a good investment if your data are critical, because a power cut will cause any unsaved data to be lost.
Wednesday, 18 July 2012
EMAIL HACKING
10:11
Thomas Rajasekar
357 comments
Email hacking is illegal access to
an email account or email correspondence.Email on the internet is now commonly sent by
the Simple Mail Transfer Protocol (SMTP). This does not encrypt the text
of emails and so intercepted mail can be read easily unless the user adds their
own encryption. The identity of
the sender or addressee of an email is not authenticated and this provides opportunities for
abuse such as spoofing.
Email Spoofing
Email spoofing is a
technique used by hackers to fraudulently send email messages in which the
sender address and other parts of the email header are altered to appear as
though the email originated from a source other than its actual source. Hackers
use this method to disguise the actual email address from which phishing and
spam messages are sent and often use email spoofing in conjunction with Web
page spoofing to trick users into providing personal and confidential
information.
Software is usually used
to collect or generate the email addresses that are spoofed. Hackers may create
a virus that examines the contact information on an infected computer. That
information is collected and sent to the hacker who then uses another piece of
software a mass email program to send
out bogus emails using the addresses collected.
Alternatively, hackers
may use software that generates random email addresses to use to disguise the
actual origin of the message being sent.
Types of email hacking
1.Phishing
2.RATS(remote administration
tools)
3.Key logging
4.Social Engineering(technique
used by attacker by answering security question)
5.Side jacking(Session Hijacking)
6.From the mail server
1.Phishing
Phishing is an e-mail fraud method in which the Hacker
sends out legitimate-looking email in an attempt to gather personal and
financial information from recipients. Typically, the messages appear to come
from well known and trustworthy Web sites. Web sites that are frequently
spoofed by phishers include PayPal,
eBay, MSN, Yahoo, Best Buy, and America Online. A phishing expedition, like
the fishing expedition it's named for, is a speculative venture: the phisher
puts the lure hoping to fool at least a few of the prey that encounter the
bait.
Techniques
used within Phishing emails
1.Official
looking and sounding emails
2.Copies
of legitimate corporate emails with minor URL changes
3.HTML
based email used to confuse target URL information
4.Standard
virus/worm attachments to emails
5.A excess
of anti spam-detection inclusions
6.Crafting
of “personalized” or unique email messages
7.Fake
postings to popular message boards and mailing lists
8.Use
of fake “Mail From:” addresses and open mail relays for disguising the source
of the email
An Example of a Fake Gmail Home Page
Things to keep
in mind to avoid Phising attacks
1
Most fake communications convey a sense of urgency by threatening
discontinued service
2.Many fraudulent emails contain misspellings, incorrect grammar,
and poor punctuation.
3
Links within the fake email may appear valid but deliver you to a
fradulent site.
4.Phishing emails often use generic salutations like "Dear
Customer," or "Dear account holder," instead of your nameThe address from which the email was sent is often not one from the
company it claims to be.
An Example Of a Fake Email
2.RATS(remote administration
tools)
A RAT is also a shortcut
called Remote Administrator Tool. It is mostly used for malicious
purposes,
such as controlling PC’s, stealing victims data, deleting or editing some
files. You
can only infect someone by sending him file called Server and they
need to click it.
3.Key logging
Keystroke
logging (more often
called keylogging or "keyloggers") is the
action of tracking (or logging) the keys struck on a keyboard, typically in a secret manner so that the person using the
keyboard is unaware that their actions are being monitored. There are numerous
key logging methods, ranging from hardware and software-based approaches to electromagnetic and acoustic analysis.
Types Of Keyloggers
1.Software-based Keyloggers
1.Software-based Keyloggers
2.Hardware-based Keyloggers
1.Software-based Keyloggers
Software based Keyloggers record each and every keystroke typed with the help of a Software.These keystrokes are stored in a log file.
An example of Keystroke log file
2.Hardware-based Keyloggers
Hardware based keyloggers record each and every keystroke typed with the help of a
Hardware device.
An Example of a typical Hardware Keylogger
An Example of how Hardware Keyloggers are connected to the system.
Countermeasures
Use of Virtual keyboard or On-Screen Keyborad can be an effective method to avoid
keyloggers.But,it will not work under certain circumstances.
4.Social Engineering(technique used by attacker by
answering security question)
Social
engineering is the
human side of breaking into a corporate network. Companies like ours with
authentication processes, firewalls, VPNs and network monitoring software are
still wide open to an attack if an employee unwittingly gives away key
information in an email, by answering questions over the phone with someone
they don’t know or failing to ask the right questions.
Forms of Social Engineering
Social
engineering is not
limited to phone calls; many organizations have reported cases involving
visitors impersonating a telephone repair technician requesting access to a
wiring closet or a new member of the IT department needing help accessing a
file.
People, for
the most part, look at social engineering as an attack on their intelligence and
no one wants to be considered “ignorant” enough to have been a victim. It’s
important to remember that no matter who you are, you are susceptible to a social
engineering attack.
If you
suspect social engineering – don’t be afraid to ask questions
and/or notify your IT department. If a caller requests information that is
technical in nature, please refer them to your IT department.
How to prevent social Engineering
1.usernames;
Administrators should know it or can find out themselves
2.passwords;
Administrators can ask your to enter it into the computer, but don't tell
anyone
3.ID
numbers
4.PIN
numbers
5.server
names
6.system
information
Session Hijacking is an attack by which a hacker exploits a valid
computer session and gains access to a client’s session identifier. Since HTTP
is a stateless protocol, when a user logs into a website, a session is created
on that Web Server for that user, this session contains all this user's
information being used by the
server so the username and password is not needed at every page request. The
server uses a unique identifier(Session Identifier) to authenticate this user
to this session, this session identifier is passed between the web server and
the user's computer at every request. Session Hijacking is an attack by which
the hacker steals this user's session identifier and then sends this session
identifier as their own to the server and tricks the server into thinking they
are that user.
After
gaining access to a client’s session identifier for a website, the hacker then
injects the client’s session identifier into his/her browser. From then on,
when that attacker connects to that website, since his session identifier is
the same as the authentic user, he will be logged in as that userand will have
access to all of that user’s information and privileges on that website. Note -
attackers cannot get a user’s password using session hijacking.
1. Use
Secure Connections (Achieved through Secure Socket Layer(SSL) as much as
possible, since SSL creates an encrypted connection between the client and
server, any data the attacker steals during this transfer would be useless to
them. However, SSL does not fully secure against this attack, and hackers can
still use session hijacking even over HTTPS
2. Regenerate
user's session identifier often, therefore, even though the attacker may manage
to steal a user's session identifier, when it is regenerated, the Session
Identifier he stole would be useless.
3. You
can implement an IP Address Check to match a user's Session Identifier to
his/her IP Address. However this may have its limitations.
6.From the mail server
Sunday, 8 July 2012
Working of an ethical hacker
09:32
Thomas Rajasekar
22 comments
Every Ethical Hacker must follow few basic principles. If he do not follow, bad things can happen. Most of the time these principles get ignored or forgotten when planning or executing ethical hacking tests. The results are even very dangerous.
Working ethically
The word ethical can be defined as working with high professional morals and principles. Whether you’re
performing ethical hacking tests against your own systems or for someone who has hired you, everything you do as an ethical Hacker must be approved and must support the company’s goals. No hidden agendas are allowed!Trustworthiness is the ultimate objective. The misuse of information is absolutely not allowed. That’s what the bad guys do.
performing ethical hacking tests against your own systems or for someone who has hired you, everything you do as an ethical Hacker must be approved and must support the company’s goals. No hidden agendas are allowed!Trustworthiness is the ultimate objective. The misuse of information is absolutely not allowed. That’s what the bad guys do.
Respecting privacy:
Treat the information you gather with complete respect. All information you obtain during your testing — from Web application log files to clear-text passwords — must be kept private.
Not crashing your systems
One of the biggest mistakes is when people try to hack their own systems; they come up with crashing their
systems. The main reason for this is poor planning. These testers have not read the documentation or
misunderstand the usage and power of the security tools and techniques.
systems. The main reason for this is poor planning. These testers have not read the documentation or
misunderstand the usage and power of the security tools and techniques.
You can easily create miserable conditions on your systems when testing. Running too many tests too quickly on a system causes many system lockups. Many security assessment tools can control how many tests are performed on a system at the same time. These tools are especially handy if you need to run the tests on production systems during regular business hours.
Executing the plan:
In Ethical hacking, Time and patience are important. Be careful when you’re performing your ethical hacking tests.A Hacker in your network or an employee looking over your shoulder may watch what’s going on. This person could use this information against you. It’s not practical to make sure that no Hackers are on your systems before you start. Just make sure you keep everything as quiet and private as possible.
This is especially critical when transmitting and storing your test results. You’re now on a reconnaissance mission. Find as much information as possible about your organization and systems, which is what malicious Hackers do.Start with a broad view of mind and narrow your focus. Search the Internet for your organization’s name, your computer and network system names, and your IP addresses. Google is a great place to start for this.
Don’t take ethical hacking too far, though. It makes little sense to harden your systems from unlikely attacks. For instance, if you don’t have a internal Web server running, you may not have to worry too much about. However,don’t forget about insider threats from malicious employees or your friends or colleagues!
Thursday, 5 July 2012
Prevention from Hackers
10:18
Thomas Rajasekar
11 comments
What can be done to prevent Hackers from finding new holes in software and exploiting them? Information security research teams exist to try to find these holes and notify vendors before they are exploited. There is a beneficial competition occurring between the Hackers securing systems and the Hackers breaking into those systems. This competition provides us with better and stronger security, as well as more complex and sophisticated attack techniques.Defending Hackers create Detection Systems to track attacking Hackers, while the attacking Hackers develop bypassing techniques, which are eventually resulted in bigger and better detecting and tracking systems. The net result of this interaction is positive, as it produces smarter people, improved security, more stable software,inventive problem-solving techniques, and even a new economy.Now when you need protection from Hackers, whom you want to call, “The Ethical Hackers”. An Ethical Hacker possesses the skills, mindset, and tools of a Hacker but is also trustworthy. Ethical Hackers perform the hacks as security tests computer systems.
Ethical Hacking
Also known as Penetration Testing or White-Hat Hacking involves the same Tools, Tricks and
Techniques that Hackers use, but with one major difference 'Ethical hacking is Legal '.Ethical hacking is performed with the target’s permission. The intent of Ethical Hacking is to discover
vulnerabilities from a Hacker’s viewpoint so systems can be better secured. Ethical Hacking is part of an overall information Risk Management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.As Hackers expand their knowledge, so should you. You must think like them to protect your systems from them.You, as the ethical Hacker, must know activities Hackers carry out and how to stop their efforts. You should know what to look for and how to use that information to thwart Hackers’ efforts.You don’t have to protect your systems from everything. You can’t.
Techniques that Hackers use, but with one major difference 'Ethical hacking is Legal '.Ethical hacking is performed with the target’s permission. The intent of Ethical Hacking is to discover
vulnerabilities from a Hacker’s viewpoint so systems can be better secured. Ethical Hacking is part of an overall information Risk Management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.As Hackers expand their knowledge, so should you. You must think like them to protect your systems from them.You, as the ethical Hacker, must know activities Hackers carry out and how to stop their efforts. You should know what to look for and how to use that information to thwart Hackers’ efforts.You don’t have to protect your systems from everything. You can’t.
The only protection against everything is to unplug your computer systems and lock them away so no one can touch them—not even you.
That’s not the best approach to information security. What’s important is to protect your systems from known Vulnerabilities and common Hacker attacks.It’s impossible to overcome all possible vulnerabilities of your systems. You can’t plan for all possible attacks especially the ones that are currently unknown which are called Zero Day Exploits. These are the attacks which are not known to the world. However in Ethical Hacking, the more combinations you try — the more you test whole systems instead of individual units — the better your chances of discovering vulnerabilities.
That’s not the best approach to information security. What’s important is to protect your systems from known Vulnerabilities and common Hacker attacks.It’s impossible to overcome all possible vulnerabilities of your systems. You can’t plan for all possible attacks especially the ones that are currently unknown which are called Zero Day Exploits. These are the attacks which are not known to the world. However in Ethical Hacking, the more combinations you try — the more you test whole systems instead of individual units — the better your chances of discovering vulnerabilities.
Tuesday, 3 July 2012
Google At A Glance
07:44
Thomas Rajasekar
3 comments
Click here to Download a Powerpoint Presentation about Google
Ethical Hacking
04:55
Thomas Rajasekar
70 comments
Ethical Hacking is testing the resources for a good cause and for the betterment of technology. Technically Ethical Hacking means penetration testing which is focused on Securing and Protecting IT Systems.
Ethical Hacker
The term 'Ethical Hacker' refers to Security Professionals who apply their hacking skills for Defensive purposes.Types of Hackers
04:46
Thomas Rajasekar
20 comments
Coders
The Real Hackers are the Coders, the ones who revise the methods and create tools that are available in the market. Coders can find security holes and weaknesses in software to create their own exploits. These Hackers can use those exploits to develop fully patched and secure systems.Coders are the programmers who have the ability to find the unique vulnerability in existing software and to create working exploit codes. These are the individuals with a deep understanding of the OSI Layer Model and TCP/IP Stacks.
Admins
Admins are the computer guys who use the tools and exploits prepared by the coders. They do not develop their own techniques, however they uses the tricks which are already prepared by the coders. They are generally System Administration, or Computer Network Controller. Most of the Hackers and security person in this digital world come under this category.Admins have experience with several operating systems, and know how to exploit several existing vulnerabilities.A majority of Security Consultants fall in this group and work as a part of Security Team.
White Hat Hacker
A White Hat Hacker is computer guy who perform Ethical Hacking. These are usually security professionals with knowledge of hacking and the Hacker toolset and who use this knowledge to locate security weaknesses and implement counter measures in the resources.They are also known as an Ethical Hacker or a Penetration Tester. They focus on Securing and Protecting IT
Systems.
Black Hat Hacker
A Black Hat Hacker is computer guy who performs Unethical Hacking. These are the Criminal Hackers or Crackers who use their skills and knowledge for illegal or malicious purposes. They break into or otherwise violate the system integrity of remote machines, with malicious intent. These are also known as an Unethical Hacker or a Security Cracker. They focus on Security Cracking and Data stealing.
Grey Hat Hacker
A Grey Hat Hacker is a Computer guy who sometimes acts legally, sometimes in good will, and sometimes not.They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.They are hybrid between White Hat and Black Hat Hackers.
Hacker vs. Cracker
04:29
Thomas Rajasekar
28 comments
What Is the Difference Between a Hacker and a Cracker?
Many articles have been written about the difference between Hackers and crackers, which attempt to correct public misconceptions about hacking. For many years, media has applied the word Hacker when it really means Cracker. So the public now believe that a Hacker is someone who breaks into computer systems and steal confidential data. This is very untrue and is an insult to some of our most talented Hackers.
There are various points to determine the difference between Hackers and crackers
Hacker
Definition - A Hacker is a person who is interested in the working of any computer Operating system. Most often,Hackers are programmers. Hackers obtain advanced knowledge of operating systems and programming languages. They may know various security holes within systems and the reasons for such holes. Hackers constantly seek further knowledge, share what they have discovered, and they never have intentions about damaging or stealing data.
Cracker
Definition - A Cracker is a person who breaks into other people systems, with malicious intentions. Crackers gain unauthorized access, destroy important data, stop services provided by the server, or basically cause problems for their targets. Crackers can easily be identified because their actions are malicious.
Whatever the case, most people give Hacker a negative outline. Many malicious Hackers are electronic thieves.Just like anyone can become a thief, or a robber, anyone can become a Hacker, regardless of age, gender, or religion. Technical skills of Hackers vary from one to another. Some Hackers barely know how to surf the Internet,whereas others write software that other Hackers depend upon.
Hacker
04:13
Thomas Rajasekar
172 comments
Hacker is a word that has two meanings:Traditionally, a Hacker is someone who likes to play with Software or Electronic Systems. Hackers enjoy Exploring and Learning how Computer systems operate. They love discovering new ways to work electronically.Recently, Hacker has taken on a new meaning — someone who maliciously breaks into systems for personal gain.Technically, these criminals are Crackers as Criminal Hackers. Crackers break into systems with malicious intentions.They do it for Personal gain, Fame, Profit and even Revenge. They Modify, Delete and Steal critical information,often making other people's life miserable.Hacking has a lot of meanings depending upon the person’s knowledge and his work intentions. Hacking is an Art as well as a Skill. Hacking is the knowledge by which one gets to achieve his Goals, anyhow, using his Skills and Power.Most people associate Hacking with breaking law, therefore calling all those guys who engage in hacking activities to be criminals. We agree that there are people out there who use hacking techniques to break the law, but hacking is not really about that. In fact, hacking is more about following the law and performing the steps within the limits.
What Is Hacking
02:03
Thomas Rajasekar
6 comments
The Art of exploring various security breaches is termed as Hacking.Computer Hackers have been around for so many years. Since the Internet became widely used in the World, We have started to hear more and more about hacking. Only a few Hackers, such as Kevin Mitnick, are well known.In a world of Black and White, it’s easy to describe the typical Hacker. A general outline of a typical Hacker is an Antisocial, Pimple-faced Teenage boy. But the Digital world has many types of Hackers.Hackers are human like the rest of us and are, therefore, unique individuals, so an exact profile is hard to outline. The best broad description of Hackers is that all Hackers aren’t equal. Each Hacker has Motives, Methods and Skills. But some general characteristics can help you understand them. Not all Hackers are Antisocial, Pimplefaced Teenagers. Regardless, Hackers are curious about Knowing new things, Brave to take steps and they are often very Sharp Minded.