Introduction to Hacking

17.1 What Is Network Security?

Security is much larger than just packets, firewalls, and hackers. Security includes:
– Policies and procedures
– Liabilities and laws
– Human behavior patterns
– Corporate security programs and implementation
– Technical aspects- firewalls, intrusion detection systems, proxies, encryption, antivirus
software, hacks, cracks, and attacks
17.2 Hacking
The process of attempting to gain or successfully gaining, unauthorized access to computer
resources for the purpose of help or secure system is called hacking.

 History of Hacking
– 1966 – Robert Morris introduces the concept of safe hacking.
– 1969 – Development in the field of hacking.
– 1990 – Electronic frontier foundation was founded.
– 1995 – Mark Andreessen & Eric release mosaic

 Who is Hacker?
Hacker is not cyber-criminal but he is the very intelligent person who uses his knowledge in
constructive manner to secure system & never damage data. He knows all about the operating
system & different holes in the system.

 Who is cracker?
– Person who enter into other’s system and violet the system, damage the data, create havoc
is called cracker
– Cracker is cyber criminal
– They can be easily identified because their actions are malicious

 Why do crackers exist?

– Crackers exist because human nature is just so, frequently driven by to destroy instead of
create
– They are used for different purposes like for profit, some company use them for disabling
the competitor company, for cracking credit card number

 Difference between hacker & cracker

– Hacker’s programs to check integrity of other programs, thus when hackers create
program it automatically checks remote machine security structure
– They always do constructive work
– Crackers rarely make their own program instead, they steal tool, programs from others
– Crackers creates nothing & destroy much
 Which operating system hacker use
– Sun
– Unix
– Microsoft
Sun
– Hackers use either solaric x86 or sco as a platform.
– This is because these products are licensed ware & they can easily be obtained.
Unix
– Popular platform because they required a low overhead
– We can run linux on a paltray 386 and gain good performance.
– This is reasonable.
Microsoft
– This supports many security tools that can be used to attack remote machine.
– It has advanced tools for networking as well.

18.1 Why Do People Hack?

– Just for fun.
– Show of their knowledge
– Hack other system secretly.
– Destroy enemy’s computer network during the war.
– For profit people pays a cracker.
– Crack for sake of curiosity.

 The Psychology of Hackers

– All information should be free.
– Access to computer should be unlimited and free.
– It can change life for better.
– It can create beauty on computer.

18.2 Types of hacking

There are many types of hacking like:
– Password hacking
– Software hacking
– Net hacking

 Password hacking
There are two types for password hacking. Brute force and dictionary based.
Brute force
– In that case hackers try out all the combination of all keyboard letters .it has greater
success but it takes long time
Dictionary based
– In that they are use predefine password.it is unsuccessful method

 Software hacking
– In that hackers changes the look & execution way of that software

– Change the demo version into full version by decoding the source code

 IP address
– IP address is the address of your computer in the internet. It is unique. Like:

– 192.168.23.45

 Port
It is not physical port but it is logical port in your computer. It is just like hole onto the
system through hacker can enter. There are thousands of ports into computer. The particular
service is running on particular port. Like:
Port 21: ftp
Port 23: telnet

Port 80: http

Port 25: mail

 Hacking tools
There are many tools are available

– Scanners

– Telnet

– FTP

– LAN watch

 Scanners
It is not a photo scanner. Scanner is program that automatically detects security weakness in
remote host. Port scanners are used in hacking. Port scanner can give the whole list of open
port on that system and which service is running on that. It can use almost all operating
system.
 Telnet
Telnet is ultimate hacking tool. It is terminal emulation program that allows us to connect to
remote system.
 Ftp
FTP is one type of protocol but some time it is used as hacking tool, port 21 for the ftp. For
connecting ftp we need some ftp s/w known as ftp client. For connecting ftp server you have
to hammer that server.
  Attacks
There are many types of attacks
– Spoofing attack
– Telnet based attack
– DOS (Daniel of service) attack
– Ping of death
– Distributed dos attack
– Mail bombs

 Need For Security

Some excellent software can provide you best security, like:
– Trojan
– Firewall

 Trojan
Windows Trojans are small aspect of windows security. Trojan is unauthorized program
contained within a legitimate program. This program performs function unknown by user.

 Firewall
Firewall is any device used to prevent outsiders from gaining access to your network. Types
of firewalls are:
– Packet filter
– Application proxy
– Packet inspection

19.2 Common Steps for Attackers

Reconnaissance
– Intelligent work of obtaining information either actively or passively
– Examples:

• Passively: Sniffing Traffic, eavesdropping

• Actively: Obtaining data from American Registry for Internet Numbers (ARIN), whois
databases, web sites, social engineering
Scanning
– Identifying systems that are running and services that are active on them
Gaining Access
– Exploiting identified vulnerabilities to gain unauthorized access
– Examples: Exploiting a buffer overflow or brute forcing a password and logging onto a
system
Maintaining Access
– Uploading malicious software to ensure re-entry is possible
– Example: Installing a backdoor on a system
Covering Tracks
– Carrying out activities to hide one’s malicious activities

– Example: Deleting or modifying data in a system and its application logs