Hacking For Dummies. Kevin Beaver
Чтение книги онлайн.

Читать онлайн книгу Hacking For Dummies - Kevin Beaver страница 19

Название: Hacking For Dummies

Автор: Kevin Beaver

Издательство: John Wiley & Sons Limited

Жанр: Зарубежная компьютерная литература

Серия:

isbn: 9781119872214

isbn:

СКАЧАТЬ any way possible. Many hackers call themselves civil libertarians and claim to support the principles of personal privacy and freedom, but they contradict their words by intruding on the privacy and property of other people. They steal the property and violate the rights of others but go to great lengths to get their own rights back from anyone who threatens them. The situation is “live and let live” gone awry.

      Attack styles vary widely:

       Some hackers prepare far in advance of an attack. They gather small bits of information and methodically carry out their hacks, as I outline in Chapter 4. These hackers are the most difficult to track.

       Other hackers — usually, inexperienced script kiddies — act before they think through the consequences. Such hackers may try, for example, to telnet directly into an organization’s router without hiding their identities. Other hackers may try to launch a DoS attack against a web server without first determining the version running on the server or the installed patches. These hackers usually are caught or at least blocked.

       Malicious users are all over the map. Some are quite savvy, based on their knowledge of the network and of how IT and security operates inside the organization. Others go poking and prodding in systems that they shouldn’t be in — or shouldn’t have had access to in the first place — and often do stupid things that lead security or network administrators back to them.

      Although the hacker underground is a community, many hackers — especially advanced hackers — don’t share information with the crowd. Most hackers do much of their work independently to remain anonymous.

      

Hackers who network with one another often use private message boards, anonymous email addresses, or hacker underground websites (a.k.a. the deep web or dark web). You can attempt to log in to such sites to see what hackers are doing, but I don’t recommend it unless you really know what you’re doing. The last thing you need is to get a malware infection or lose sensitive login credentials when trying to sniff around these places.

      Whatever approach they take, most malicious attackers prey on ignorance. They know the following aspects of real-world security:

       The majority of computer systems aren’t managed properly. The computer systems aren’t properly patched, hardened, or monitored. Attackers can often fly below the radar of the average firewall or intrusion prevention system (IPS), especially malicious users whose actions aren’t monitored yet who have full access to the very environment they can exploit.

       Most network and security administrators can’t keep up with the deluge of new vulnerabilities and attack methods. These people have too many tasks to stay on top of and too many other fires to put out. Network and security administrators may fail to notice or respond to security events because of poor time and goal management. I provide resources on time and goal management for IT and security professionals in the appendix.

       Information systems grow more complex every year. This fact is yet another reason why overburdened administrators find it difficult to know what’s happening across the wire and on the hard drives of all their systems. Virtualization, cloud services, and mobile devices such as laptops, tablets, and phones are the foundation of this complexity. The Internet of Things complicates everything. More recently, because so many people are working remotely and often using vulnerable personal computers to access business systems makes, complexity has grown even more.

      Time is an attacker’s friend, and it’s almost always on their side. By attacking through computers rather than in person, hackers have more control of the timing of their attacks. Attacks are not only carried out anonymously, but they can be carried out slowly over time, making them hard to detect. Quantum computing will make these attacks that much faster.

      Attacks are frequently carried out after typical business hours, often in the middle of the night and (in the case of malicious users) from home. Defenses may be weaker after hours, with less physical security and less intrusion monitoring, when the typical network administrator or security guard is sleeping.

      HACKING MAGAZINES

      If you want detailed information on how some hackers work or want to keep up with the latest hacker methods, several magazines are worth checking out:

       2600 — The Hacker Quarterly (www.2600.com)

       (IN)SECURE magazine (www.helpnetsecurity.com/insecuremag-archive)

       Hackin9 (https://hakin9.org)

       PHRACK (www.phrack.org/archives)

      Smart attackers want to remain as low-key as possible. Covering their tracks is a priority, and their success often depends on remaining unnoticed. They want to avoid raising suspicion so that they can come back and access the systems in the future.

      Hackers often remain anonymous by using one of the following resources:

       Borrowed or stolen remote desktop and virtual private network (VPN) accounts of friends or previous employers

       Public computers at libraries, schools, or hotel business centers

       Open wireless networks

       VPN software or open proxy servers on the Internet

       Anonymous or disposable email accounts

       Open email relays

       Infected computers (also called zombies or bots) at other organizations

       Workstations or servers on the victim’s own network

      If hackers use enough stepping stones for their attacks, they’re practically impossible to trace. Luckily, one of your biggest concerns — the malicious user — generally isn’t quite as savvy unless the hacker is a network or security administrator. In that case, you’ve got a serious situation on your hands. Without strong oversight, there’s nothing you can do to stop hackers from wreaking havoc on your network.

      Developing СКАЧАТЬ