Welcome, guest. You are not logged in.
Log in or join for free!
Stay logged in
Forgot login details?

Stay logged in

For free!
Get started!

Text page


How hackers work?

How Hackers Work
When linked to the Internet, you are linked to computers throughoutthe world – and, more important, they are linked to you. It’s not apparent to the computer user, but any link to a site on the Internet is a potential two-way street!
While doing research on the Internet about computer hacking for thisguide, the following invitation appeared on my screen: "Click here to see what I already know about your hard drive." I clicked and found a list ofthe directories on my hard drive. I was shockedto learn that I could open and read, on the Internet, almost all my personal files.
The computer at the other end of that link could have, without my knowledge, used the link to my computer to automatically download all my files. Or to install a"backdoor" on my computer that gives the other computer access to my files at any time inthe future when I am connected to the Internet. That other computer could be located in a foreign country, anywhere in the world, and I would have no way of knowing it. Yes, an Internet connection really is a potential two-way street.
That personal experiencewas on my home computer. At the office, Ilike to assume I am protected by a firewall, encryption, and other security devices, but in the war of wits betweenhackers and computer security professionals, the hackers win too often.
Expert hackers create and pass on to others sophisticated software tools to exploit both human and technical weaknesses in the security of computer systems -- password crackers, war dialers, vulnerability scanners, sniffers, IP spoofers, andothers. Because many of these tools are available on the Internet, relative newcomers can download and use them, raising the level of sophistication of hackers of all types.
The hacker’s first goal is to get access to your network in order to read your files. Ineffective passwords, insecure modems, and what the hackers call "social engineering" often provide the first opening to a system. How this works is shown in Case 1and Case 2. These cases were selected from among many others thatmight be cited because they focus on how hackers exploit common human weaknesses, not just esoteric software weaknesses that only computer experts can understand. They illustrate why computer security is sometimes described as a"peopleware" problem, not just a hardware or software problem.
Once inside the system, the hacker’s second goal is to get what is called"root" access. That usually requires finding a technical weakness. Rootaccess means the hackerhas unrestricted access to the inner workings of the system. With root access the hacker can:
Copy, change or delete any files.
Authorize new users.
Change the system to conceal the hacker’s presence.
Install a "back door" to allow regular future access without going through log-in procedures.
Add a "sniffer" to capture the User IDs and passwords of everyone who accesses the system.
Use the captured User IDs and passwords to attack the networks of other organizations to which the captured User IDs and passwords provide approved access.
As one hacker explained it, "Once you’re on the inside, it’s just payday. You’re in heaven." 1
The initial foothold into the system is the toughest part. Often, thehacker will be working viathe Internet, which is open to everyone, and will be trying to penetrate a network that is protected by a"firewall." A firewall is a series of programs and devices intended to protect a network from outside intruders. A strong firewall will identify and authenticateusers trying to access the network from outside, thus limiting access to authorized persons. Sometimes the hacker is an insider, an employee already behind the firewall who has authorized access to one part of the system and then hacks his or her way into other protected files within thesystem.
The hacker’s success in breaching the firewall often comes from some form of human failure -- especially weaknesses caused inadvertently by lack of computer securityeducation, carelessness, or gullibility of computer users. Technical weaknesses in the system obviously play a role, but even those may be traceable to some form of human error, such as employee susceptibility to "social engineering" or a systems administrator’s failure to update the firewall software promptly each time the hackers expose a weakness and the manufacturer makes a patch available to plug the hole.

Posted by

This page:

Help/FAQ | Terms | Imprint
Home People Pictures Videos Sites Blogs Chat