Hacking Techniques & Methods to Prevent Hacking- The Secret Behind

Hacking is one of the biggest troubles faced by the IT industry and by anyone who uses a computer system. From government computer systems to individual PC/laptops every system is vulnerable to hacking attempts. Hacking is defined as accessing computer systems without authorization from the owner of the system. Lately there has been a spurt in serious hacking activity and the IT department of every corporate or government organization has been taking steps to beef up their security systems in order to thwart attempts to steal data and avoid loss of precious productive man hours.

1. INTRODUCTION TO HACKING

Hacking is the art of exploiting computers to get access to otherwise unauthorized information. Now that the world is using IT systems to gather, store and manipulate important information there is also a need to make sure that data is secure. However, no system is without problems. Holes are often present within security systems which, if exploited, allow hackers to gain access to this otherwise restricted information. Hacking and security is a constantly updated and fast moving sector of the computing industry and, as such, it is vital that you are up to date with all the details (including the latest exploits, patches and more).

Hacker

In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer or computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, or challenge. 

(i) White Hat Hacker

A white hat hacker breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker. 

(ii) Black Hat Hacker

A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain" 

(iii) Grey Hat Hacker

A grey hat hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked, for example. Then they may offer to repair their system for a small fee.

2 ATTACKS ON NETWORK

A typical approach in an attack on a Internet-connected Computer System is:

a) Network Enumeration: Discovering information about the intended target.

b) Vulnerability Analysis: Identifying potential ways of attack.

c) Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.

In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.

3 PRINCIPLES OF HACKING

In this blog-post, attacks and hacking techniques are two different concepts that are, nevertheless, closely related to each other. An attack typically goes through several steps or phases. In each phase, some attack actions will be carried out by the hacker, and these attack actions will typically involve the use of one or more hacking techniques. The hacking techniques involved in different attack phases could be different. Moreover, an attack or hacking (software) tool may cover several phases of an attack and involve multiple hacking techniques.

4     SEVEN TYPICAL STEPS OF HACKING

No matter how to hack or attack a network, the attacker always takes certain procedures to accomplish his objectives. In general, these procedures fall in one of the following seven steps : Reconnaissance, Probe, Toehold, Advancement, Stealth, Listening Post and Takeover, where each step is enabled or helped by its previous steps and prepares for its following steps. These seven steps can serve as a procedural classification of hacking techniques because the hacking techniques used in each step are for the same purpose and share many common characteristics.

I. Reconnaissance

Reconnaissance is to gather information of the target system or network. The information of interest may include host names, host addresses, host owners, host machine types, host operating systems, network owners, network configurations, hosts in the networks, list of users, etc. An intruder may start with searching the Internet for references to the target in order to find the domain information of the target. Then the intruder can obtain further information about other machines within that domain such as their host names and network addresses. 

II. Probe

Probe is to detect the weaknesses of the target system in order to deploy the hacking tools. After gathering enough information of the target, the intruder begins to probe the perimeter of the system for potential weaknesses. He can utilize remote exploit tools, which enable the intruder to conduct security surveys and automatically collect and report security-related vulnerabilities of remote hosts and networks.  

III. Toehold

Toehold is to exploit security weaknesses and gain entry into the system. Once vulnerability is found, the intruder will first exploit this vulnerability to build a connection (or session) between his machine and the target host, and then remotely execute hostile commands on the target. 

IV. Advancement

Advancement is to advance from an unprivileged account to a privileged one. In this step, the intruder uses local exploit tools to obtain additional information of the target, such as configuration errors and known vulnerabilities of the operating system. Once finding a local vulnerability, the intruder can advance from an unprivileged UID to a root UID. Then, with the highest level of privileges, the intruder can fully control the target system, steal sensitive data, maliciously modify files, and even delete the entire file system.

V. Stealth

Stealth is to hide the penetration tracks. During the probing phase, the intrusion actions are likely to be logged by intrusion detection systems, and during the phases of toehold and advancement, the intruder may leave his activities in the system log. Hence, in order to hide, the intruder will access the local log files and modify the corresponding log entries to remove the traces and avoid detection. He may further replace the system binary code with a malicious version in order to ensure future un-logged and undetected access to the compromised system.

VI. Listening Post

Listening post is to install back-doors to establish a listening post. In this step, the intruder inserts some malicious programs into the system, such as a stealth tool, a backdoor tool, and a sniffer. These programs ensure that his future activities will not be logged. They report false information on files, processes, and the status of the network interface to the administrators. They also allow the intruder to access the compromised system through the backdoor. With the sniffer tool, the intruder can capture the traffic on the network interfaces. By logging the interesting network traffic, the intruder can better monitor and control the compromised system.

VII. Takeover

Takeover is to expand control (or infection) from a single host to other hosts of the network. From the listening post, the intruder can sniff a lot of important information about other hosts of the network, such as user names and passwords. The intruder can also obtain information through several other ways. For example, he can check some specific configuration files (e.g., /.rhosts) of the compromised host and find mutually trusted hosts. With this information, the intruder can retake the previous steps to break into other hosts. In this way, he can expand his control to the whole network.

5  OVERVIEW OF HACKING TOOLKITS

In broad sense, hacking toolkits include not only the softwares developed for attacks, but also the human activities for the collection of sensitive information and the penetration into the target system. In the following, we discuss Fourteen Types of representative Hacking Softwares and Approaches:-

1. Vulnerability Scanner

A Vulnerability Scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number.  

2. Sniffers and Snoopers

A SNIFFER monitors and logs network data. The network traffic that passes through a host’s network interface usually contains user name-password pairs as well as other system information that would be useful to an intruder. In a network where data is transmitted without encryption, an intruder with physical access to the network can plug in a sniffer to monitor the network traffic and obtain necessary information to access other hosts in the network. 

A SNOOPER, also known as SPYWARE, monitors a user’s activities by snooping on a terminal emulator session, monitoring process memory, and logging a user’s keystrokes. By watching the user’s actions, an intruder can obtain useful information to attack other users on the computer or even other systems in the network.

3. Spoofing Tools(Phishing)

In a network, a data packet always contains the source address field, which can expose the source of the intruder if he sends malicious packets. Hence, in order to hide and avoid detections, the intruder uses spoofing tools to forge another source address that is usually the address of another host or a nonexistent address. The spoofed address can be an IP address or a physical address, depending on the type of the network. Another usage of spoofing tools is to gain access to a network from outside.  

4. Trojan Horse

A Trojan horse in a computer system is thus defined as a malicious, security-breaking program, which is a piece of executable code hiding in a normal program. When the normal program is opened or executed, the hidden code will perform some malicious actions silently, such as deleting critical system files. The Trojan horse is spread in a disguised way. It presents itself as a game, a web page, or a script that attracts people. It may come from an Email with your friend as the sender or an online advertisement. But if the receiver opens it, the malicious code will commit the unsolicited actions.

5. Password Crackers

A Password Cracker is to find a user’s password. It is used by both computer crackers and system administrators for recovering unknown or lost passwords. There are three major types of crack approaches. The first type is the Smart Guessing Cracker, which infers or guesses the password based on user’s information, such as user name, birthday and phone number. The second type is the Dictionary-Based Cracker, which generates a large set of possible passwords, called dictionary, from a collection of words and phrases. These two types of crackers are smart and quick, but may not work if the password is randomly generated. The third type is to enumerate and test all possible passwords in a Brute-Force Way. 

6. Denial of Service Tools

A DoS (Denial-of-Service) tool is used by an attacker to prevent legitimate users from using their subscribed services. DoS attacks aim at a variety of services and accomplish the objective through a variety of methods. Attackers can flood the target network, thereby throttling legitimate network traffic; can disrupt connections between two machines, thereby denying access to the service; can prevent a particular individual from accessing the service; and can disrupt the service to a specific system or person. 

7. Stealth and Backdoor Tools

BACKDOORS are programs furtively installed in the target system. They are malicious replacements of critical system programs that provide authentication and system reporting services. Backdoor programs provide continued and un-logged use of the system when being activated, hide suspicious processes and files from the users and system administrators, and report false system status to the users and system administrators. 

8. Malicious Applets and Scripts

A MALICIOUS APPLET or SCRIPT is a tiny piece of CODE, which is written in web compatible computer languages, such as Java, Jscript and Vbscript. The code is embedded in a web page, an email or a web-based application. When a person accesses the web page or opens the email, the code is downloaded to his personal computer and executed. The code may misuse the computer’s resources, modify files on the hard disk, send fake e-mail, or steal passwords.

9. Bombs

A LOGIC BOMB is a piece of code surreptitiously inserted into an application to perform some destructive or security-compromising activities when a set of specific conditions are met. A logic bomb lies dormant until being triggered by some event. The trigger can be a specific date, the number of execution times (of the code), a random number, or even a specific event such as deletion of a specific file. When the logic bomb is triggered, it will usually do something unsolicited, such as deleting or changing files. 

10. Buffer Overflow

A BUFFER OVERFLOW tool launches attacks by inserting an oversized block of data into a program’s input buffer and stack to enable an intruder to execute a piece of malicious code or destroy the memory structure. When a program receives a block of input data, it puts the data into its input buffer. Without the boundary checking, the intruder can write data past the end of the buffer and overwrite some unknown space in the memory. At the same time, the intruder carries the malicious code in the oversized data block.

11. Bugs in Software

A piece of software is vulnerable once it is released. First, it typically contains unknown BUGS. More complex it is, more bugs it may have. If an intruder finds a bug before it is fixed or patched, he can exploit it to hack a system. For example, the unchecked buffer size is a bug for possible buffer overflow attacks. Second, for the purpose of developing software, the developers usually write some codes for debugging. These debugging codes generally give the developers a lot of authorities. In case these codes are not removed from the released version, the intruder can utilize them for attack.

12. Holes in Trust Management

Trust management is crucial for a large-scale security system. Due to the complexity of trust management, mistakes in managing and configuring trust relationships may happen in many cases and leave holes for an intruder to gain an authorized access as an unauthorized user.

13. Social Engineering

Social engineering is a tactic to acquire access information through talking and persuasion. The target person is a user who can access the computer system desired by the intruder. The intruder may pretend to be a salesman, a consultant, a listener, a friend of the user, or whatever roles that the user does not suspect when they are chatting and exchanging information. The intruder thus can obtain valuable information, such as passwords, to gain access to the system. 

14. Dumpster Diving

Trash is not trash in the eyes of a serious hacker. Trash usually contains shattered and incomplete information. The intruder can sift through garbage of a company to find and recover the original information so that he can break into the company’s computers and networks. Sometimes, the information is used as an auxiliary to help intrusion, such as making social engineering more credible.

6 WEB BROWSER HIJACK

“Browser Hijacking" is a type of online fraud. Scammers use malicious software to take control of your computer's Internet browser and change how and what it displays when you're surfing the Web.

How to Know If My Browser Has Been Hijacked?

• Home page or other settings change on your computer.

• Links are added that point to Web sites that you'd usually avoid.

• You can't navigate to certain Web pages, such as antispyware and other security software sites.

• A seemingly endless barrage of ads pops up on your screen.

• New toolbars or Favourites are installed that give you icons and links to Web pages that you don't want.

• Your computer runs sluggishly. Malicious software can slow down your computer.

How to Avoid Browser Hijacking?

• Keep your computer updated with the latest security software and use updated web browser

• Practice Safe Internet Browsing

7 INDICATIONS OF INFECTIONS WITHIN COMPUTER

• Computer stops responding now and then
• Files having double extensions
• Anti-virus programs disabled for no reason
• Strange dialog/message box appears on the screen
• A program disappears from computer and you didn’t uninstall it
• Computer runs very slowly
• Out of memory error appears in-spite of having sufficient RAM
• New programs do not install properly
• Unknown Services running etc…

8 DEFENSIVE MEASURES TO PREVENT HACKING

(i) Network Level Security:

a) Use of Firewall to Filter Incoming and outgoing traffic: Firewall could be Hardware or Software. 

b) Intrusion Detection Services (IDS) is used to detect/recognize the hidden malicious or unauthorized codes during browsing. 

c) Use of Encryption: A Process of converting plaintext (readable data) into cipher text (unreadable characters).To read the data, the recipient must decrypt, or decipher, the data.

(ii) System Level Security

a) Regularly update Operating System: Update Patches/Service Packs regularly 

b) Password Policies: Use Passwords for BIOS, System as well as for your Profile. Use Strong and ‘Hard to Guess’ Password. Longer Passwords provide greater security

c) User Privileges: Provide Appropriate User Privileges and Disable Guest User 

d) Use Software/Personal Firewall: Same as Hardware Firewall. Use in the absence of Hardware Firewall

e) Don’t Install Pirated Software

f) Delete Temporary Files on regular basis

g) Update yourself for OS Vulnerabilities

(iii) Application Level Security

a) Install Antivirus Software:

• Identifies and removes computer Viruses, Worms, Trojans etc.

b) Virus Signature:

• Specific pattern of virus code also called Virus Definition 

• Antivirus programs look for virus signatures to update its Virus database

c) File Password:

• Always give file level passwords for Classified documents

d) Backup:

• Always take backup of your important data

• Use External Storage devices for backup

• Store your backup at physically different place 

(iv) Secure Web Browsing

a) Secure Site Identification:

• Always check the URL of the Site before opening

• Always try to type URL in browser

• Use Virtual keyboards to enter Username & Password 

b) Enable “Block Pop-Ups”

c) Don’t use Peer-to-Peer File Sharing

d) Restricted use of Social Networking Sites 

e) Delete Temporary Internet files, cookies on regular basis

f) Spam Protection:

• Do not open Spam mails

• Always update “Block Sender” list in E-mail

9 COMMON MISTAKES THAT PEOPLE MAKE WHEN CONNECTED TO THE INTERNET

1. Using the “same password” for all their accounts

2. Using simple “easy to guess” passwords

3. Using easy to guess “password recovery options”

4. Opening an “email attachment” in an email of unknown origin

5. Clicking on a link in an email of unknown origin 

6. Failing to update Microsoft Windows and other software

7. Failing to use wireless encryption

8. Connecting to unknown Wi-Fi networks

9. Using HTTP instead of HTTPS

10. Using unknown or unverified sites

Concluding Remarks:

The use of Computers is increasingly spreading, and more and more users are connecting to the internet. The internet is a source for almost anybody to access, manipulate and destroy other’s information. Hackers end debates over the meaning of technological determinism while recognizing that at any one moment we are all always determined by technology. Hackers work constantly within determinations of their actions created by technologies as they also alter software to enable entirely new possibilities for and limits to action in the virtual world. 

The rapid development of the Internet and computer technology globally has also led to the growth of criminal activities directly related to the use of computers, specifically illegal trespass into the computer system or database of another, manipulation or theft of stored data, or  sabotage of systems and data. These crimes have virtually no boundaries and may affect any country across the globe within a fraction of second. 

Cyber Laws alone cannot prevent such activities. As a Computer user we also own the responsibility to do our bit to prevent activities like Hacking which are used as a tool to commit these crimes.

I hope that the above discussion has proven to be useful in gaining an analytical view on the various Security Aspects of Networked Computers.

Blog Author: Sameer