Naung83


Main | Knowledge! - Forum | Registration | Login | RSS
[ New messages · Members · Forum rules · Search · RSS ]
  • Page 1 of 1
  • 1
Forum » General » General Forum » Knowledge!
Knowledge!
naung83Date: Tuesday, 2009-01-06, 10:09 PM | Message # 1
Admin
Group: Administrators
Messages: 64
Reputation: 0
Status: Offline
What is hacking?
Hacking is an act of penetrating computer systems to gain knowledge about the system and how it works.

What are Hackers?
Technically, a hacker is someone who is enthusiastic about computer programming and all things relating to the technical workings of a computer. Under such a definition, I would gladly brand myself a hacker. However, most people understand a hacker to be what is more accurately known as a 'cracker'

What are Crackers?
Crackers are people who try to gain unauthorized access to computers. This is normally done through the use of a 'backdoor' program installed on your machine. A lot of crackers also try to gain access to resources through the use of password cracking software, which tries billions of passwords to find the correct one for accessing a computer.

What damage can a Hacker do?

This depends upon what backdoor program(s) are hiding on your PC. Different programs can do different amounts of damage. However, most allow a hacker to smuggle another program onto your PC. This means that if a hacker can't do something using the backdoor program, he can easily put something else onto your computer that can. Hackers can see everything you are doing, and can access any file on your disk. Hackers can write new files, delete files, edit files, and do practically anything to a file that could be done to a file. A hacker could install several programs on to your system without your knowledge. Such programs could also be used to steal personal information such as passwords and credit card information

How do Hackers hack?
There are many ways in which a hacker can hack. Some are as follows –

* NetBIOS
* ICMP Ping
* FTP
* rpc.statd
* HTTP
NetBIOS:
NetBIOS hacks are the worst kind, since they don't require you to have any hidden backdoor program running on your computer. This kind of hack exploits a bug in Windows 9x. NetBIOS is meant to be used on local area networks, so machines on that network can share information. Unfortunately, the bug is that NetBIOS can also be used across the Internet - so a hacker can access your machine remotely.

ICMP ‘Ping’ (Internet Control Message Protocol)
ICMP is one of the main protocols that make the Internet work. It standards for Internet Control Message Protocol. 'Ping' is one of the commands that can be sent to a computer using ICMP. Ordinarily, a computer would respond to this ping, telling the sender that the computer does exist. This is all pings are meant to do. Pings may seem harmless enough, but a large number of pings can make a Denial-of-Service attack, which overloads a computer. Also, hackers can use pings to see if a computer exists and does not have a firewall (firewalls can block pings). If a computer responds to a ping, then the hacker could then launch a more serious form of attack against a computer.

FTP (File Transfer Protocol)

FTP is a standard Internet protocol, standing for File Transfer Protocol. You may use it for file downloads from some websites. If you have a web page of your own, you may use FTP to upload it from your home computer to the web server. However, FTP can also be used by some hackers... FTP normally requires some form of authentication for access to private files, or for writing to files

FTP backdoor programs, such as-

* Doly Trojan
* Fore
* Blade Runner

simply turn your computer into an FTP server, without any authentication.

 
naung83Date: Tuesday, 2009-01-06, 10:11 PM | Message # 2
Admin
Group: Administrators
Messages: 64
Reputation: 0
Status: Offline
rpc.statd
This is a problem specific to Linux and Unix. The problem is the infamous unchecked buffer overflow problem. This is where a fixed amount of memory is set aside for storage of data. If data is received that is larger than this buffer, the program should truncate the data or send back an error, or at least do something other than ignore the problem. Unfortunately, the data overflows the memory that has been allocated to it, and the data is written into parts of memory it shouldn't be in. This can cause crashes of various different kinds. However, a skilled hacker could write bits of program code into memory that may be executed to perform the hacker's evil deeds.

HTTP– HTTP stands for HyperText Transfer Protocol..
HTTP hacks can only be harmful if you are using Microsoft web server software, such as Personal Web Server. There is a bug in this software called an 'unchecked buffer overflow'. If a user makes a request for a file on the web server with a very long name, part of the request gets written into parts of memory that contain active program code. A malicious user could use this to run any program they want on the server.

Where and how to start Hacking ?
After you get yourself a good scanner, scan some prefixes and find some cool dialups, then do the following:
First Method:

* From your terminal, dial the number you found.
* You will hear a series of Beeps. (Telling you that you are connecting to a remote computer.
* After few seconds you will hear something like “CONNECT 9600”.
* It then identifies the system you are on.
* If nothing happens after it says “CONNECT 9600” try hitting ENTER a number of times.
* If you get a bunch of garbage adjust your parity, data bits, stop bits etc. until it becomes clear.
* Now when you get connected to the server you can apply either of the above mentioned methods.

Second Method:
The TELNET way

* Get your local dialups.
* Then you dial the number from your terminal & connect.
* Press Enter and wait for a few seconds.
* Then it will say “Terminal =”.
* Type your terminal emulation.
* If you don’t know what it is hit ENTER.
* It will give you a prompt @.
* Type ‘c’(connects to the host)
* Type NAU (Network user address) that you want to connect.
* Find out the type of system you are on UNIX, VAX/VSM, PRIME.

Here is a list of some Telenet commands and their functions.

* c Connect to a host.
* stat Shows network port.
* Full Network echo.
* half Terminal echo.
* Telemail Mail. (need ID and password)
* mail Mail. (need ID and password)
* set Select PAD parameters
* cont Continue.
* d Disconnect.
* hangup Hangs up.
* access Telenet account. (ID and password)

 
naung83Date: Wednesday, 2009-01-07, 6:36 AM | Message # 3
Admin
Group: Administrators
Messages: 64
Reputation: 0
Status: Offline
TROJAN
A Trojan is a program that is sent to a user that allows an attacker to control functions of the target computer, recover information from the target or to delete or damage files on the target. The name Trojan is given because the program will usually come attached to some other program or file that entices you to run it. There are a wide variety of Trojans any number of which can be programmed to capture passwords as they are typed and to email or transmit them to a third party. To protect yourself against Trojans, you should never execute or download software or files that are not from a trusted source. It is critical that anyone working on internet use a virus protection program (which should catch most Trojans.) Note that since a Trojan requires the password to be typed or stored in order to be recovered, this is not an effective way to recover your own password. It could explain, however, how someone could lose their password to a hacker. Sending someone a Trojan program is certainly illegal and we do not recommend or condone this activity. A Trojan is unlikely to be effective in recovering a particular account password since it requires the target to install it. However, hackers will often bulk mail Trojans to thousands of people in the hope that a small percentage will get caught. Legitimate account holders who may have been caught by a Trojan and can authenticate themselves should contact their service provider to have their account passwords res

SNIFFING

If two people do not share the same computer, but do share the same network, it may be possible for one to sniff the others' packets as they sign-on. The traffic between your computer and the internet site you are accessing may be able to be recorded and decrypted or "played-back." This is not a simple attack to execute, but is possible if two people are close to one another and share a hub. Again, this is likely to be illegal and we do not condone this activity.

LOCALLY STORED PASSWORDS
Most browsers, including Internet Explorer® and Netscape®, the AOL® client, and Windows® Dial-Up Connections allow you the option to store passwords. These passwords are stored on the local machine and (depending upon where and how it is stored) there is usually a method of recovering these passwords. Storing any password locally is insecure and may allow the password to be recovered by anyone who has access to the local machine. While we are not currently aware of any program to recover locally stored AOL® passwords, we do not recommend that these are secure. Software does exist that can recover most of the other types of locally stored passwords.

Alternatives used
Besides social engineering, hackers can obtain your password through other means, like worms, viruses or Trojans. Once a hacker is inside your computer, he will look for those files
were your login names and passwords are stored. That's they reason why it isn't considered
safe to store them inside your computer. Even when the provider tells you that it is safe. Remember than there isn't a more secure place for keeping your password than your mind.

 
Forum » General » General Forum » Knowledge!
  • Page 1 of 1
  • 1
Search:

Friday, 2024-03-29, 1:25 PM
Welcome Guest
Login form
Site friends
Our poll
Rate my site
Total of answers: 8
Tag Board
200

Copyright MyCorp © 2024