Hacker
About Hacker
In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, or challenge. The subculture that has evolved around hackers is often referred to as the computer underground and is now a known community. While other uses of the word hacker exist that are not related to computer security, such as referring to someone with an advanced understanding of computers and computer networks, they are rarely used in mainstream context. They are subject to the long standing hacker definition controversy about the true meaning of the term hacker. In this controversy, the term hacker is reclaimed by computer programmers who argue that someone breaking into computers is better called a cracker, not making a difference between computer criminals (black hats) and computer security experts (white hats). Some white hat hackers claim that they also deserve the title hacker, and that only black hats should be called crackers.
Several subgroups of the computer underground with different attitudes use different terms to demarcate themselves from each other, or try to exclude some specific group with which they do not agree. Eric S. Raymond (author of The New Hacker's Dictionary) advocates that members of the computer underground should be called crackers. Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as one wider hacker culture, a view harshly rejected by Raymond himself. Instead of a hacker/cracker dichotomy, they give more emphasis to a spectrum of different categories, such as white hat, grey hat, black hat and script kiddie. In contrast to Raymond, they usually reserve the term cracker for more malicious activity. According to (Clifford R.D. 2006) a cracker or cracking is to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system". These subgroups may also be defined by the legal status of their activities.
A White Hat (or, more properly, a "computer security specialist" or similar) will NEVER attempt to break into a system that they do not own or do not have explicit permission from the owner to do so. That means, they will usually be hired by a system or software owner to test the security of the said system or software package. They will always report their findings to the owner of the system, though there is somewhat of an ethical responsibility to report any significant (i.e. things that would impact the public) exploits to the community-at-large, if the original owner does not seem to be willing to address the issues - e.g. in case of a coverup of the problem, a White Hat is generally ethically bound to report the problem to the proper authorities, which may include public organizations such as CERT. More concisely, a White Hat is a professional, who abides by professional ethics and performs his or her duties out in the open.
Black Hat folks, of course, are in it for the money (one way or the other). They're targets will never be informed of breaches, and in fact, most BH folks strive to keep their exploits secret from everyone, as it allows them to sneak in and steal information of value undetected. Black Hat folks are pure criminals
Grey Hat
Grey Hat folks generally don't have obvious ill intent (to contradict the previous answer). That is, they're not looking to exploit any problems for personal gain. However, they generally follow an ethic which believes that it is OK to perform intrusion and exploit scans on systems which they DON'T own or have permission to do so. This makes it hard for a target to determine the difference between a Grey and Black Hat hacker, as the initial method of operation looks identical. That said, Grey Hat folks generally report their findings to the target - that is, they'll inform the target as to what security issues they have found. Most Grey Hats will give the target a small window to address the issues; however, a GH will always report the issue to the wider media and security groups, and will NOT consider any information that the target wants to keep private. That is, GH folks seem to see themselves as "defenders of the public good", and that by exposing weaknesses of systems, they will ultimately force folks to be more secure. This is a plausible, but not provably true, scenario. Grey Hat folks are hobbiests and enthusiasts, who generally don't get paid for their work, but pursue it for personal reasons. They generally keep their identities masked (or at least don't usually broadcast them), as much of their work is quasi-illegal.
Elite Hacker
Script KiddieA script kiddie (also known as a skid or skiddie) is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concept—hence the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child—an individual lacking knowledge and experience, immature)
This is a derogatory term for black hat hackers who use borrowed programs to attack networks and deface websites in an attempt to make names for themselves
Hacktivist
Some hacker activists are motivated by politics or religion, while others may wish to expose wrongdoing, or exact revenge, or simply harass their target for their own entertainment.
Phreaker
A phreaker is simply a hacker of telecommunications. An example of this is tricking the phone system into letting you make free long distance calls.
This is someone that tends to focus more on home computing. Such as, modifying existing hardware or software, use software without a license, unlock Apple iPhone.
Spy Hacker
Corporations hire hackers to infiltrate the competition and steal trade secrets. They may hack in from the outside or gain employment in order to act as a mole. Spy hackers may use similar tactics as hacktivists, but their only agenda is to serve their client’s goals and get paid.
Hacking Technique
A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Note that firewalls defend computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented.)
In cryptanalysis and computer security, password cracking is the process of recovering passwords from data that have been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. Another common approach is to say that you have "forgotten" the password and then change it.
The purpose of password cracking might be to help a user recover a forgotten password (though installing an entirely new password is less of a security risk, but involves system administration privileges), to gain unauthorized access to a system, or as a preventive measure by system administrators to check for easily crackable passwords. On a file-by-file basis, password cracking is utilized to gain access to digital evidence for which a judge has allowed access but the particular file's access is restricted.
A packet analyzer (also known as a network analyzer, protocol analyzer or packet sniffer, or for particular types of networks, anEthernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network. As data streams flow across the network, the sniffer captures each packet and, if needed, decodes the packet's raw data, showing the values of various fields in the packet, and analyzes its content according to the appropriate RFC or other specifications. Packet capture is the process of intercepting and logging traffic.
Spoffing Attack / Phising
A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.
Rootkit
A rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Rootkits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.
Social Engineering
When a hacker, typically a black hat, is in the second stage of the targeting process, he or she will typically use some social engineering tactics to get enough information to access the network. A common practice for hackers who use this technique, is to contact the system administrator and play the role of a user who cannot get access to his or her system. Hackers who use this technique have to be quite savvy and choose the words they use carefully, in order to trick the system administrator into giving them information. In some cases only an employed help desk user will answer the phone and they are generally easy to trick. Another typical hacker approach is for the hacker to act like a very angry supervisor and when the his/her authority is questioned they will threaten the help desk user with their job. Social engineering is very effective because users are the most vulnerable part of an organization. All the security devices and programs in the world won't keep an organization safe if an employee gives away a password. Black hat hackers take advantage of this fact. Social engineering can also be broken down into four sub-groups. These are intimidation, helpfulness, technical, and name-dropping.
- Intimidation As stated above, with the angry supervisor, the hacker attacks the person who answers the phone with threats to their job. Many people at this point will accept that the hacker is a supervisor and give them the needed information.
- Helpfulness Opposite to intimidation, helpfulness is taking advantage of a person's natural instinct to help someone with a problem. The hacker will not get angry and instead act very distressed and concerned. The help desk is the most vulnerable to this type of social engineering, because it generally has the authority to change or reset passwords, which is exactly what the hacker needs.
- Name-dropping Simply put, the hacker uses the names of advanced users as "key words", and gets the person who answers the phone to believe that they are part of the company because of this. Some information, like web page ownership, can be obtained easily on the web. Other information such as president and vice president names might have to be obtained via dumpster diving.
- Technical Using technology is also a great way to get information. A hacker can send a fax or an email to a legitimate user in hopes to get a response containing vital information. Many times the hacker will act like he/she is involved with law enforcement and needs certain data for record keeping purposes or investigations.
A Trojan horse, or Trojan, is a non-self-replicating type of malware which appears to perform a desirable function but instead drops a malicious payload, often including a backdoor allowing unauthorized access to the target's computer. These backdoors tend to be invisible to average users. Trojans do not attempt to inject themselves into other files like a computer virus. Trojan horses may steal information, or harm their host computer systems. Trojans may use drive-by downloads or install via online games or internet-driven applications in order to reach target computers. The term is derived from the Trojan Horse story in Greek mythology because Trojan horses employ a form of “social engineering,” presenting themselves as harmless, useful gifts, in order to persuade victims to install them on their computers
Viruses
A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously, used to refer to other types of malware, including but not limited to adware and spyware programs that do not have a reproductive ability.
Malware includes computer viruses, computer worms, ransomware, trojan horses, keyloggers, most rootkits, spyware, dishonest adware, malicious BHOs and other malicious software. The majority of active malware threats are usually trojans or worms rather than viruses. Malware such as trojan horses and worms is sometimes confused with viruses, which are technically different: a worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a trojan horse is a program that appears harmless but hides malicious functions. Worms and trojan horses, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious or simply do nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves.
Worms
Like a virus, a worm is also a self-replicating program. A worm differs from a virus in that it propagates through computer networks without user intervention. Unlike a virus, it does not need to attach itself to an existing program. Many people conflate the terms "virus" and "worm", using them both to describe any self-propagating program.
A key logger is a tool designed to record ('log') every keystroke on an affected machine for later retrieval. Its purpose is usually to allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user's password or other private data. Some key loggers use virus-, trojan-, and rootkit-like methods to remain active and hidden. However, some key loggers are used in legitimate ways and sometimes to even enhance computer security. As an example, a business might have a key logger on a computer used at a point of sale and data collected by the key logger could be used for catching employee fraud.
Eric Chabrow (February 25, 2012). "7 Levels of Hackers: Applying An Ancient Chinese Lesson: Know Your Enemies". GovInfo Security. Retrieved February 27, 2012.
Sterling, Bruce (1993). "Part 2(d)". The Hacker Crackdown. McLean, Virginia: IndyPublish.com. p. 61. ISBN 1-4043-0641-2.
Moore, Robert (2005). Cybercrime: Investigating High Technology Computer Crime. Matthew Bender & Company. p. 258. ISBN 1-59345-303-5.Robert Moore
By : Tomy Febri Pradana - 0910961009
No comments :
Post a Comment