Hacker

1
Hacker
2
Hacker, Cracker?!

• Are they the same?

3
No!!!
4
Hacker

• programmers
• intensely interested in the arcane and recondite
  workings of any computer operating system.
• advanced knowledge of operating systems and
  programming languages.
• know of holes within systems and the reasons for
  such holes. Hackers constantly seek further
  knowledge, freely share what they have
  discovered, and never, ever intentionally damage
  data.

5
Cracker

• breaks into or otherwise violates the system
  integrity of remote machines, with malicious
  intent.
• having gained unauthorized access, destroy vital
  data, deny legitimate users service, or basically
  cause problems for their targets.
• can easily be identified because their actions
  are malicious.

6
Tools for hacking

• Scanners
• Trojan Horses
• Packet sniffing
• Password Cracker

7
Scanners

• In Internet security, no hacking tool is more
  celebrated than the scanner.
• good TCP port scanner is worth a thousand user
  passwords.

8
What Is a Scanner?

• program
• automatically detects security weaknesses in a
  remote or local host.
• important to Internet security
• reveal weaknesses in the network

9
How Do Scanners Work?

• Every PC has 65535 port
• TCP port scanners programs which
• attack TCP/IP ports and services (Telnet or FTP,
  for example) and record the response from the
  target.
• glean valuable information about the target host

10
What Will a Scanner Tell Me?

• reveal certain inherent weaknesses within the
  target host.
• These might be key factors in implementing an
  actual compromise of the target's security.

11
What Won't a Scanner Tell Me?

• A step-by-step method of breaking in
• The degree to which your scanning activity has
  been logged

12
Password Cracker

• Program
• can decrypt passwords or otherwise disable
  password protection.
• Most of them need not decrypt anything.Real
  encrypted passwords cannot be reverse-decrypted.

13
Packet sniffing

• program
• captures data from information packets as they
  travel over the network.
• data may include
• user names, passwords, and proprietary
  information that travels over the network in
  clear text.
• With perhaps hundreds or thousands of passwords
  captured by the packet sniffer, intruders can
  launch widespread attacks on systems.
• Installing a packet sniffer does not necessarily
  require administrator-level access.

14
Trojan horse

• program
• containing hidden functions
• can exploit the privileges of the user running
  the program, with a resulting security threat.
• does things that the program user did not intend
• rely on users to install them
• can be installed by intruders who have gained
  unauthorized access by other means.

15
What do Trojan horses do?

• can do anything that the user executing the
  program has the privileges to do.Include
• deleting files that the user can delete
• transmitting to the intruder any files that the
  user can read
• changing any files the user can modify installing
  viruses
• installing other Trojan horses

16

• installing other programs with the privileges of
  the user
• programs that provide unauthorized network access
  
• executing privilege-elevation attacks

17
Example of Trojans

• Back Orifice
• NetBus

18
The most common attack

• DDoS

19
DDoS

• DDoS(distributed denial-of-service)
• DoS
• is called a attack(denial-of-service DoS)
• causes your computer to crash or to become so
  busy processing data that you are unable to use it

20
Ping of Death

• Sending too large ping request.
• Fragmentation allow to send this large packet.
• When packet re-combine,this will overload the
  buffer.

21
SYN Flooding

• Send tons of SYN(SYNchronize) request to server
• When server send SYN-ACK(ACKnowledge) response,it
  cant send the last acknowledgment request.
• Result- use up the network buffer.

22
Contributes of hacker??

• Linux is written by hacker!!

23
The End