Tuesday, February 22, 2011

Sniffing/Spoofing, DOS/DDOS, Hacker/Cracker- A Briefing

Hello, not long since my last post, I am glad to welcome you yet again. This time my friend at college encountered some terminology and wanted me to clarify as he emailed me the following terms. I had an idea about them, and so I decided to put them here, as they can be universally accessed here by anybody who just needs the overview. Every term is succeeded by an “External Link” for further reading.

 

1. Ethical Hacking: Ethical Hacking means that a computer security expert or analyst attacks a security system on behalf of its owners to find out vulnerabilities, that a malicious hacker could exploit. When the term "ethical" is used, it means that the hacking is done by an attacker on behalf of the owner of the system, and it is legal.

External Link: Read more

Social Engineering: This include those acts that manipulate or befool people (users) in divulging their confidential information to the attackers, without any technical tempering. For example, a rouge email into your inbox might say that you have won a lottery, and may seek your personal information like credit card details, phone numbers, addresses, etc. Most common examples also include phishing websites that sham to be genuine portals or web stores, and gain access to you credit card details.
The attacker dos not applies any technical skill, and is not even bothered about victim’s system, and in most cases, might not even come face-to-face with the victim.
e.g. (i) Pretexting, (ii) Phishing, (iii) Phone-phishing or IVR (Interactive Voice Response), (iv) Diversion Theft, (v) Baiting (Trojan Horse), etc.

External Link: Read more

Network Security Fundamentals: These are the concepts that are designed to provide a network administrator with awareness to various security related issues, and help them to implement essential measures to deploy security in a given network and manage it. Typical concepts are authentication, firewall enforcing policies on what services and how the network is accessed, implementation of anti-malwares (anti-virus, anti-spam software), Intrusion Prevention System (IPS) etc.

External Link Read more

2. System Threat Attacks- Denial Of Service (DOS) or Distributed Denial Of Service (DDOS): They include attempts to make any computer resource unavailable to its intended users, or legitimate users. That means service to legitimate users is denied. It is generally implemented by persons manually or with the help of bots, and which prevents an Internet site or service function inefficiently, or temporarily, or up to an indefinite period. One common method is to blast a phantom traffic to any target machine so that it responds slowly or even fails to respond to its legitimate traffic, and this can be achieved by consuming as much of the computer resources as possible, or by obstruction the communication channel. Other ways might include disrupting system states, blocking of communication channels partly or fully, distorting configuration, etc. More common victims include reputed banks' servers, online payment channels, etc.

External Link Read more

3. Sniffing and Spoofing: Sniffing and spoofing are two threats that target the lower layers of the networking infrastructure supporting application using the Internet. Generally, the users do not interact directly with these low layers, and typically are unaware of the lower layers, or even that they exist.

Sniffing is the use of a network interface to receive data not intended for the machine in which the interface resides. It is a passive security attack that reads data from the network, there is no deception in this case, unlike spoofing. They are of great use to network administrators, as they provide them with a great deal on information regarding data and its flow in the network. But their availability in the common market place means that they are also in the hands of malicious users, who can sniff out confidential data from the network. e.g. Network Analyzers, Token Bridges, etc.

Spoofing is an active security attack in which one machine masquerades as another (different) machine on the network, and may involve in disrupting the data flow, or inject data into the link. This masquer aims to fool other machines on the communication network to accept it as a genuine machine on the network, and try to lure the other machines into sending it intended data, or allow it to alter the data. Some network security attacks use sniffing as a prelude to spoofing, as sniffing can gather sufficient early information.

External Link: Read more

4. Web-based Password Capturing: If the attacker can’t guess your password by hit-&-trial methods, then there are tools available in various types to do the job. In broadcast networks, sniffers may be employed to look at the messages not intended for them. The phishing websites are too dangerous as they can purportedly grab your personal details if you are unaware of their malicious status. Typical tools like screen-loggers and key-loggers are also commonly used in individual systems, and are passed on with sham software products (genuine software after modification) as Trojan Horses, that remain hidden from the user until alerted by the anti-malware products installed. The screen-loggers have the capability to capture whatever is displayed on the screen, while the key-loggers are able to capture whatever keys are pressed on your keyboard. The affected software products also have a backdoor provisioned by the attacker to gain access to gathered data. There are various types of tools, and strategies available.

External Link 1, External Link 2: Read More

5. Hackers and Crackers: There are lots of definitions rolling the Internet, and you will find them contrasting too in many of the cases. The following definitions are after my analysis and personal sense only.

Hackers are those advanced users who are necessarily not great programmers. They analyze the software or system, test, and discover a broad range of possible options to find exploits, vulnerabilities, and might try to fix the flaws or use them to their gains. Hackers may accidentally find technical holes also.

Crackers are those persons who are comfortable with programming up to certain level, generally, and like to debug the software at the assembly level. They dissect the code, fix issues as desired or they may encounter, and then may even reassemble it. They have a proper understanding of the computer system and the technology, and they apply various techniques. The most common example include bypassing License Keys of various software products.

They have a collaboration. If the hacker can not get around a software, then he needs a cracker, although the hacker bears the responsibility for fixing goals.

External Link 1, External Link 2: Read More