Free
Message: Hack Attack
6
Apr 18, 2010 03:07PM
Hack Attack
.
Did you know that a hacker could be watching you right at this very moment, reading exactly what you are reading right now, and you didn't even know they were there or how they got in?

A hacker can get into your bank account if you save your password on your PC. They can "break" your password using commonly available programs and then change your passwords to your banking accounts and PC effectively locking you out. But they don't even need to "break" your password, if they load the right program on your PC.

They can, and do ...
..steal and delete files,
..load dangerous programs onto your PC,
..involve you in computer crimes.

True story:
A woman gets up in the middle of the night and notices her PC operating all by itself, an invisible hand is controlling her mouse and opening up applications. Thinking that her PC is malfunctioning, she calls the PC manufacturer the next day. Of course, now, the PC is behaving normally. She finds that she has been infected with a commonly available trojan, and she had witnessed the hacker rummaging through her system.

Continue reading and you will learn how they get in ........

These are the 5 steps to a successful "hack".

1. Hackers look for easy targets and find out information about them and their systems.

2. Breaking into your system.

3. Getting authority to control everything on your system.

4. Hiding the evidence of their break-in.

5. They load programs and passwords on your PC to give them easy access in the future.

Scoping Their Target

Every computer that connects to the Internet is assigned an IP (Internet Protocol) address. This is very similar to a telephone number in many ways. If you have a DSL connection or cable modem connection your IP address stays the same and is "always on". If you have a "dial-up" account, then your IP address is dynamic (it changes each time you connect), and your ISP (Internet Service Provider) cuts you off after a certain amount of time of inactivity.

Dial-up accounts are less hacker friendly because your IP address changes each time you are on. This makes it impossible for the hacker to make repeat visits unless he has tricked you into loading a program on your PC that tells him when you are on-line and gives him your current IP address.

"Always on" connections are just that, always connected and open for attack. The hacker can take his time getting to know your system and it's weaknesses, searching until he finds a way in. Your only safety is in the vast numbers of open, unprotected systems.

There are many ways for the hacker to find out what your IP address is. Some of the more common methods are through chat rooms, by looking up domain names on a domain name registrar site, or by running programs that can create a log of all valid addresses.

Chat rooms are the easiest way for hackers to find out your IP address. All they have to do is right click on your chat id and they have your IP address. With your IP address in hand they can start testing your system for weaknesses.

You would be amazed at what information is available from a domain name registrar like Network Solutions. Anyone can type in the name of a domain, for example, Yahoo.com, and find out employee names, phone numbers, fax numbers, physical addresses and IP addresses.

Breaking In

A hacker wants to know your IP address and what operating system you are running. Most home PCs run Windows, so home PC hacking is easy because there are many known Window "bugs" that can be taken advantage of. Most home users have never worried about computer security.

Hackers look for commonly know system weaknesses (bugs or holes in software). The operating system, like Windows, has bugs, as do other software like browsers, such as Microsoft's Internet Explorer. They scan your open ports looking for a running program that they can take advantage of. Scanning is like a burglar who checks all the doors and windows of your house to see if any are unlocked.

Windows 95 and 98 often have File and Print Sharing option on. This allows someone to access your hard drive and load any program they want on your hard drive or delete or change any file they want on your PC. (the next page, Cyber Defense will show you how to turn this off). This access makes it very easy for a hacker to use your PC as his own.

Hackers often use trojans to break into and control home computers.

One of the most famous hackers, Kevin Metnick, used social engineering to obtain needed information to break into systems. Social engineering is where a person wants to find out information about you, so they call you and trick you into to telling them what they want to know. They then use that information to break into your or your company's system.

Basically, hackers don't need to know much of anything about you to get into your system. They are counting on the public being uninformed and use that lack of knowledge to gain access to many computers.

Getting Total Control

You may be thinking...
"I don't have to worry, my PC is password protected."
Not true!

PCs used at home did not need a lot of security features before the Internet. They were designed for convenience, not security. Windows 95 and 98 are very insecure. It takes about 10 seconds to bypass any password you have to "lock out" other people from your home PC. Don't make the mistake of thinking that because you have password protected your PC, that it is safe. IT IS NOT SAFE!

Hackers use specialized programs to "crack" passwords. Your password at work or to your bank account can give a hacker much greater control over your life or company than you realize. Choose your password carefully. Please take the time now to read about how hackers "crack" passwords and how to create a good password."

Disposing of the evidence
One way that hackers camouflage their dirty work is by changing the name of their programs to look like program names of legitimate system programs. Or they will create a hidden folder to keep all their programs in.

What is left behind

The most dangerous trojan is a "back-door" trojan. A trojan horse program is a way of tricking you to load a program onto your PC that gives a hacker access to your computer.

The name comes from the legend of Troy. Ulysses, enemy of the Trojans, leaves a wooden Trojan horse outside the gates of Troy. The Trojans believing that it is a sacrifice to the gods, bring it inside the walls of the city. What they did not know was that inside the belly of the trojan horse were Greek soldiers. At night, the Greek soldiers snuck out and opened the gates of Troy to the Greek army who then defeated the Trojans.

Software trojans are more clever, often arriving from friends who do not know what is in the cute little program that sings Merry Christmas to you. While you are enjoying the show, a nasty little trojan program could be loaded.

A "back door" trojan gives hackers complete access and control over your PC. They can see your screen, just as if they were sitting in front of it. They can watch every move you make with your mouse, every word you type, like a spy standing over your shoulder. And you will have no idea that they are there. These programs run in stealth mode, silent and deadly.

"Back door" programs are commonly available. They can be tools used to administer remote systems and are used on a daily basis in a legitimate way by system administrators.

When your PC asks you if you would like to save your password to your bank account or other important accounts, SAY NO! This little convenience of not having to remember and type in your password might give a hacker complete access to your bank account.

More often than not, the hacker is not interested in you or your system. He just wants to control your PC to hack into much larger, profitable, head-line creating sites, like government, bank, and popular sites.

One technique hackers use to attack web sites is called "denial of service attack". The hacker might send signal to all the PCs he has infected with specialized software. The software, which could be running on hundreds of PCs, simultaneously sends problem messages to the target web server and ties up all it's connections so no one new can connect, or crashes the web server, or overloads the mail server with junk mail. The effect is that legitimate customers can no longer access a service or web site. This can cost companies millions of dollars.

If your PC is used in a "Denial of Service" attack your PC is called a "ZOMBIE". When the targeted site starts to investigate who is attacking their network, they will find your IP address and your computer, not the hacker's. (At least initially) You might be held legally responsible.

Share
New Message
Please login to post a reply