Anatomy of Computer Hacking Over The Internet - Part 3
In last two issue, I talked about the first two stages of Internet
hacking: reconnaissance and research.
Now comes the fun part - the attack.
The wily hacker's looked over the doorways, rattled door knobs,
and poked and prodded the target computer for weaknesses. He's also
done his homework on all the info he's collected.
He's back with toolbox this visit. If his homework revealed no
one's at home and no one's watching, he got it easy. He can bang
away with a sledge hammer without dropping a single sweat of worry.
But before we getting into what the wily hacker's digging for,
let's look at sample of steps he took to get to this point.
I'm going to pick on Linux Desktop OS just to be different.
Microsoft Window has its flaws and most people run the software,
but Linux security flaws don't get enough spotlight attention. We
can't let Microsoft steal the whole show can we?
Suppose the hacker's scanned the Internet for computers running
"telnet," a command line program that runs on "port" 23.
Remember the past discussion about "ports" and "address?"
Internet addresses are like street address to each computer
(host), and ports are like suite numbers at an apartment at that
street address. Computer programs communicate over the Internet
using "ports."
After his Internet scan, the hacker looks into who and what's at
all the addresses that responded on the target port.
He'll check if Telnet is running on the target computer.
Linux includes telnet by default, so an inexperienced computer
user will unknowingly run this software by default. And generally,
people who run unprotected telnet don't know good computer
security, and they tend to leave the gates wide open. Easy picking!
I like telnet because it's quick and easy to use. Every Unix-based
system administrator or network technician used telnet at some
point in time: however, that's ending. Security professionals don't
like telnet for its weaknesses. There are better choices. But
that's for another time. Telnet simply allows one to log into a
computer and run programs remotely just by typing in commands
lines... no mouse... no Windows... just a black screen and a
blinking command prompt.
Here's the nice thing for the hacker -- it's a freebee if the
target computer is running telnet and its owner is using default
settings, and has used a simple password like say... "password." As
the younger crowd would say -- the victim's been "owned!"
But even before the target computer's "owned," the hacker might
look into who the Internet address belongs to. The hacker might
even find out which version of software the target is running, so
other weaknesses can be found and used later.
The bottom line is the hacker's broken into the victim's computer,
and he's free to roam through files or do whatever. This is the
attack. Sometimes, the hacker simply takes over the computer, and
plants stuff for a later attack on another computer. This is where
it gets real neat. Imagine some stranger using your computer to rob
an online bank or to bring down and government computer system.
It's happened before. Knock knock... FBI... we have a search warrant.
Telnet's just one example of how a hacker can break into a
computer on the Internet. Thousands of security vunerablities exist
today - and many new ones become publicly known all the time.
According to the Common Vulnerabilities and Exposures (CVE), a
security standards web site, 11,454 publicly known software
security flaws alone exist today. But that's not all Microsoft
either. Software security flaws don't even include threats like
computer viruses or misconfigured software.
Any time you plug your computer on the Internet, you take on risk.
The question you must answer is how much risk you wish to accept.
In the final installment of Anatomy of Computer Hacking Over The
Internet, I'll talk about ways to minimizing risk on the Internet.
hacking: reconnaissance and research.
Now comes the fun part - the attack.
The wily hacker's looked over the doorways, rattled door knobs,
and poked and prodded the target computer for weaknesses. He's also
done his homework on all the info he's collected.
He's back with toolbox this visit. If his homework revealed no
one's at home and no one's watching, he got it easy. He can bang
away with a sledge hammer without dropping a single sweat of worry.
But before we getting into what the wily hacker's digging for,
let's look at sample of steps he took to get to this point.
I'm going to pick on Linux Desktop OS just to be different.
Microsoft Window has its flaws and most people run the software,
but Linux security flaws don't get enough spotlight attention. We
can't let Microsoft steal the whole show can we?
Suppose the hacker's scanned the Internet for computers running
"telnet," a command line program that runs on "port" 23.
Remember the past discussion about "ports" and "address?"
Internet addresses are like street address to each computer
(host), and ports are like suite numbers at an apartment at that
street address. Computer programs communicate over the Internet
using "ports."
After his Internet scan, the hacker looks into who and what's at
all the addresses that responded on the target port.
He'll check if Telnet is running on the target computer.
Linux includes telnet by default, so an inexperienced computer
user will unknowingly run this software by default. And generally,
people who run unprotected telnet don't know good computer
security, and they tend to leave the gates wide open. Easy picking!
I like telnet because it's quick and easy to use. Every Unix-based
system administrator or network technician used telnet at some
point in time: however, that's ending. Security professionals don't
like telnet for its weaknesses. There are better choices. But
that's for another time. Telnet simply allows one to log into a
computer and run programs remotely just by typing in commands
lines... no mouse... no Windows... just a black screen and a
blinking command prompt.
Here's the nice thing for the hacker -- it's a freebee if the
target computer is running telnet and its owner is using default
settings, and has used a simple password like say... "password." As
the younger crowd would say -- the victim's been "owned!"
But even before the target computer's "owned," the hacker might
look into who the Internet address belongs to. The hacker might
even find out which version of software the target is running, so
other weaknesses can be found and used later.
The bottom line is the hacker's broken into the victim's computer,
and he's free to roam through files or do whatever. This is the
attack. Sometimes, the hacker simply takes over the computer, and
plants stuff for a later attack on another computer. This is where
it gets real neat. Imagine some stranger using your computer to rob
an online bank or to bring down and government computer system.
It's happened before. Knock knock... FBI... we have a search warrant.
Telnet's just one example of how a hacker can break into a
computer on the Internet. Thousands of security vunerablities exist
today - and many new ones become publicly known all the time.
According to the Common Vulnerabilities and Exposures (CVE), a
security standards web site, 11,454 publicly known software
security flaws alone exist today. But that's not all Microsoft
either. Software security flaws don't even include threats like
computer viruses or misconfigured software.
Any time you plug your computer on the Internet, you take on risk.
The question you must answer is how much risk you wish to accept.
In the final installment of Anatomy of Computer Hacking Over The
Internet, I'll talk about ways to minimizing risk on the Internet.
posted by Henry at 3:36 PM
0 comments
