HACKERS AND HACKING

1
HACKERS AND HACKING
PRESENTATION by Gagan Deep Singh
2

• WHY IS IT SUCH A CRUCIAL TOPIC-
• The vast size of our systems
• The investments we make in our systems
• Confidential systems like military
• The kind of losses we can incur
• Multi domains like banks, healthcare, tourism
• Our ever increasing dependability on our systems

• SOLUTION-
• The concept of thief and theft applies here. The
  best thing possibly is to hire them to fight
  against themselves.

3
How hackers
evolved

• The best way to discuss this will be to check out
  their generations.
• First generation- Talented students, programmers
  and scientists (mostly from MIT). Their main
  motive was to tweak the code to produce more
  efficient or elegant program.
• Second generation- Theological radicals. They had
  this forward thinking from mainframe to personal
  systems.
• Third generation- Young people who embraced
  personal computers. They basically started making
  illegal copies of games like software and
  developed the crack codes.
• Fourth generation- This is the current
  generation, those embracing criminal activity as
  if it is some sort of game of sport. When the Mac
  was attacked by its first virus, the hacker
  claimed the Mac was wrong that it is completely
  attack proof. He also added that he did it as a
  challenge.

4

Success RateReliability of our
systems has been an issue forever but today it is
a bigger and a more important than before because
our dependencies on the computer systems is on an
all time high compared to before. There is almost
no task now that we dont need computer systems
in. The crashing of a system can cause a bigger
damage than ever before.
5
Success Rate
factors

• The best way to discuss these factors will be to
  compare them versus the security professionals.
  Just like in a war, an enemy on top of the
  mountain has a definite advantage, hackers have
  an upper hand over security professionals.
• Relative mobility- The hacker is often not fixed
  to a particular location in the cyberspace. It
  becomes very hard for the security professionals
  and the victims as well the law makers to get
  hold of them. Also they always have the power to
  surprise by doing something absolutely new.
• Higher level of knowledge- They are very
  accomplished in sharing their knowledge and tools
  of trade. Their ethics are loosely defined and
  they always have an advantage of making the first
  move.
• More hours Less money- Hackers usually are
  prepared to spend many more hours in conducting
  their attack then most security professionals are
  willing in securing their systems. Even though
  hackers are under funded, they have displayed a
  whole lot of passion to compensate it.

6
Technical side of Hacking
Hacking is usually a technical activity, although
that does not necessarily mean that attackers are
always technically capable. There are a few ways
to get into a target system and to exploit this
as a full scale hacking activity.

• Remote access has been biggest thrust in the
  success of hacking and
• all the future programmers and developers
  should keep that in mind.

7
Technical side of
Hacking

• There are three main ways to intrude into the
  system
• Physical Intrusion- This kind of intrusion
  happens when the intruder has physical access to
  the target machine. For example- booting with a
  special floppy or taking the system apart
  physically( eg- removing the hard drive)
• System Intrusion- The intruder already has low
  level privileges on the system. They then exploit
  un-patched security vulnerabilities in order to
  escalate their privileges to administrative
  level.
• Remote Intrusion- The attacker gets into the
  system through the network. This is the hardest
  and yet the most common form of intrusion. IDS is
  installed to prevent such intrusions. Having the
  root access to the system, the intruder can
  manipulate it in whichever way he wants.

8
Unauthorized
Access

• Before attackers can exploit a system they need
  to gain access to it. They following techniques
  are used for gaining access.
• Acquiring password- One way to get into the
  system illegally is by figuring out the password
  of a valid account. After looking for account
  names attacker can try to crack their passwords
  which are often too weak or poorly protected.
• Clear text sniffing- Several protocols such as
  telnet, FTP and HTTP basic do not encrypt the
  password all as it is passed from the client to
  the server.
• Encryption sniffing- There are many tools
  available for this purpose, such as, L0phtcrack3
  (LC3), which performs dictionary, brute force and
  hybrid cracks.

9
Unauthorized
Access

• Replay Attack- Sometimes the attackers do not
  need to decrypt the password at all. By
  reprogramming the client software, they can use
  an encrypted password to log into the system.
• Password File Stealing- In most databases, the
  entire user database (including the passwords) is
  stored in a single file, such as /etc/passwd (IN
  UNIX) or SAM- Security Accounts Manager (in
  WinNT).
• Observation- You should never be hesitant telling
  a person not to if he is looking over your
  shoulder when typing the password .
• Social Engineering- It is the term used to
  describe cracking techniques that rely on
  weakness of WetWare ( human users attached to the
  system). It is surprising how effective social
  engineering can be. There is a book called
  Mitnicks book to illustrated that.

10
How do hackers work

• Socially- Socially speaking, the activity of
  spreading malicious code is highly worrying
  because the number of targets that can be easily
  harmed by email transmitted code which is
  absolutely huge.
• Alteration experts- Once a virus has entered a
  public domain, it is a much simpler task to alter
  the existing virus rather than to invent a
  completely new one. Just like it is easier to
  rebuild and redesign an existing car model than
  researching and developing a whole new one.
• Groups- The common misconception is that the
  hacker generally is one person only. This is not
  true. They do work in groups as well. They do
  research, learn about systems, write forums and
  teach each other. Infact, their working in groups
  and sharing information is a significant part of
  the problem.

11


Motivations .
Whenever there is a robbery or a murder, there is
a motive behind it or otherwise its just an
accident (which is a rare case). In a similar
manner hackers have motivations behind the work
they do. There is a survey called Citing
Chantlers survey that demonstrates the top
motives as follows-
12

Motivations

• Talking of percentage wise-
• 49 - were positive aspects beneficial to
  discovery learning, such as challenge, knowledge
  and pleasure
• 24 - were recognition, excitement (of doing
  something illegal), and friendship as their
  motives.
• 27 - were self gratification, addiction,
  espionage, theft, profit, vengeance, sabotage and
  freedom. (As not expected, profit is not the
  biggest factor)

13

A simple GOOGLE hacking code- public class
GoogleBotMain public static void
main(Strings args) throws Exception
GoogleBot bot new GoogleBot(GoogleBot)
bot.setVerbose(true) bot.connect(irc.freen
ode.net) bot.joinChannel(irchancks)

• HACKING CAN BE USED POSITIVELY- Hacking although
  has become an illegal activity punishable by law
  can be used in a positive direction as well. The
  above code does nothing but restricts google to
  perform only a certain number of searches that
  you can do per day.
• Lately modifications have been done in which the
  page you require will open directly without
  giving a list of pages.

14
basic measures
Protection
Caution
Updation
Just like prevention is better than cure
protection upfront is important and should be
implemented on every system. Paid softwares
generally better at this.
Always keep your systems up to date with the
latest security measures like patches and virus
definitions. There are a number of commercial
software's available.
We should always implement caution in whatever we
do. Always keep your eyes open and dont exchange
any information that you are not sure of.
Keep your eyes open and dont let anybody take
over your privacy.
15
how do we know

• The following are the ways we can say the system
  might have been hacked-
• Hosts running unnecessary services- The number
  one way of telling is if there are unnecessary
  services running on your machine. Sometimes you
  even try to kill a process and you are unable to
  do it because the process is running in an
  infinite loop.
• Too many resources being consumed- Sometimes the
  system becomes hindered percent occupied even
  though there are not too many programs running.
  Most of the time the root directory is effected
  in such a case.
• System very sluggish- The execution speed of the
  system might become drastically slow despite its
  good configuration. In that case there might be
  malicious software in the system or it has been
  hacked.

16

execution speed
It is no hidden fact that the same program may
have different execution speeds when running in
different environments. How does the execution
speed change the performance of the machines? An
affected system will always run like it has a
load on its shoulders.
The above chart shows how the execution speed
becomes highly sluggish when the system has been
attacked.
17

Things to do..
Be very careful when you do anything online. Once
you google you cant un-google. Realistically
speaking its very hard to do it and your
information might stay there for years and years.
You may well be listed in any number of online
directories, such as Anywho Whitepages.com Switch
board.com and so on. Acxiom is a major US
vendor. You can ask Acxiom to remove your data
by sending email to optout_at_acxiom.com or calling
1-877-774-2094.
18
Questions?

19
THANKS

• THANKS