Internet Security and hacking
Internet Security and hacking
Cash In Your Annuity for $$ NOW!
Internet Security and hacking
Introduction
Internet has become a very popular tool for people seeking information, communications and even shopping. The internet culture is constantly growing adding to the array of products and services that customers can take advantage off. Internet as we know it has been around only for the past 10 to 15 years and since there are so many people out there that don’t know anything about computers, it makes it a difficult task to protect them from hackers.
Internet security is a very important subject and there are multitudes of programs out there that claim that they can protect computers from virus and hackers. This is only an illusion as most of the programs can only protect against known virus and if a user leaves their computer exposed a hacker will be able to take control of it and even find privet information such as social security numbers or credit card numbers. Securing an internet enabled computer is very important and when one communicates over the internet it’s important to code the information so it can’t be read by others. In this research I will illustrate how vulnerable internet enabled computers are, what has to be done and even present real life cases of computers being hacked.
Intranets and Extranets
Whenever a person thinks of the internet they think of the World Wide Web, but there are in fact at least two types of internet. The first one is called an intranet and is a privet TCP/IP based network confided to one organization. A university network that allows students to research library resources but not anyone else can be considered one of such networks. The second type of internet network is extranets which are large TCP/IP based networks that allow limited access for outsiders. The network should work using a seven-layer model called OSI. The seven-layers of the OSI model are build on top of each other and they define how vendors or businesses should implement their product or service over internet.(1)
Physical Layer (Layer 1)
– This is the first layer of the OSI model and it concerned with the physical delivery of data between computers. This layer involves predominantly hardware such as servers, hard-drives, switches, hubs and cables.(2) This is also the first layer that can be tampered with and expose an entire network to hackers. Because of this it’s very important to keep servers and other hardware out of reach for regular people. For example, university networks often have a firewalls installed around the university network but one only has to walk onto the campus plug their computer into one of the internet plugs and they have already bypassed the firewall. If the hardware that operates the university network is exposed then it only makes it easier for hackers to gain access to all resources that the university has to offer.
Data Link Layer (Layer 2)
– This layers is responsible for transmitting data between different computers on the same network.(3) This layer is also vulnerable for hackers who can duplicate a computers identification number and send a request to another computer. When the request for information is returned to the original computer it doesn’t know what is happening and thus will bounce the information back. This bouncing back and forth between two computers that don’t understand what happen can greatly slow down the network.
Transport Layer (Layer 4)
- this layer is responsible for segmenting and reassembly of data into a data stream. This layer is what allows data to be transmitted from a sender to a receiver.(4) This layer can also be used for security reasons and can be designed in a way to split the information so it travels through different networks. This makes it harder for anyone to receive all the pieces and assemble them back together.
Session Layer (Layer 5)
– this layer is responsible for managing and maintaining a communication session between data applications.(5)
Presentation Layer (Layer 6)
– this is a very important layer because it’s responsible for to work with application layer to provide data representation, formatting, data compression and encryption.(6) In other words this layer makes sure that any data sent will be readable on the other end.
Application Layer (Layer 7)
– This is the top layer of the OSI model and it gives network services to the end user program.
Internet Browsing Security
Applications that allow internet browsing are the first line of defense against security risks. Unfortunately, the often come configured in a way that is too standardized and because of this hackers can take advantage of it. The lowest form of encryption that can be used on the internet for a secure internet connection is 56-bit encryption. This is not a very strong encryption key which can be broken within a few days. Internet Explores already comes with a 128-bit encryption which is much stronger and can be utilized to make credit card purchases over the internet.
Viruses
There are many different types of viruses which fall into 6 main categories. A person browsing internet should use software to protect themselves from them. An internet browser is not a sufficient tool to protect a computer from attacks. Quite to the contrary it’s the one application that is exploited the most to hack another computer.
Boot Sector Viruses:
these are viruses that infect or substituted a copy of their won code either in the DOS boot sector or the Master Boot Record. The MBR resides on the first sector of the hard disk and is read first to tell the computer from which partition to boot the computer. A virus on the boot sector is very dangerous because it will load each time the computer is started.(7)
Executable File Viruses
– these viruses attach to the executable files and can be very dangerous. An executable file is one that has extensions like ‘exe’ or ‘com’ When the file is executed the virus writes itself into the computer memory when it can multiply and infect the entire computer.(8)
Multipartite, Parasitic, Stealth and Polymorphic Viruses
- these are even more dangerous virtues because their main advantage is that they are able to hide from viruses scanning program. They often imitated other viruses and can also change their code each time to make it even harder to detect.(9)
Conventional Macro Viruses
- the most visible characteristic of these viruses is that they can work on multiple OS systems. This virus is also know as meta viruses because they can influence macros used by such programs as Word, Excel and Adobe Acrobat. Macros are just pieces of data that when grouped together allows for retrieval of up to data information over the internet. This task is automated and very useful to end users and this is what makes the macros virus so dangerous.(10)
Trojans and Worms
– the worst of worst viruses which can cause havoc over multiple networks. The most common method of transferring these viruses is as e-mail attachment. Upon download of an infected e-mail attachment and execution of it, the virus begins to cause damage to the computer. Worst of all it will often copy itself using users e-mail books and send itself to other people on the internet. Unsuspected users download the virus and the process repeats itself causing multiple networks to fails.(11)
How do they do it?
All the information up to this points talks about network setup and the different types of viruses and now I will present how real life hackers hack computers. This part of the research is meant to make people aware of how easy it can be to become a victim of a virus attack. Robert T. Morris is considered to be one of the most noticeable hackers to date. At the age of 23 he completed an experimental program that was a worm. The program was designed to exploit security glitches in the Arpanet military information network which connects computer across United States. His motivation for writing this program was to prove that he was capable of doing this, which often the motivation of many hackers. The program was designed to steel passwords off of computers and therefore disguise itself as a legitimate user or administrator. Since Morris motivation was to explore, he designed the program in such a way that it would multiple itself only once and remained invisible.(12)
Unfortunately something went wrong and the program started to multiply at staggering speeds. The worm that Morris designed exploited eccentricities of send mail, scan lists of addresses for weak links, fool investigators into thinking it came from Berkeley, guess passwords from a common list and duplicate itself constantly. The worm was able to fill up memories, disk drives and consume executive resource until machines began to crash. It only took this worm a couple of hours to crash more than 6,000 computer system and affect one-tenth of the Internet. The worm was able to affect such institutions as businesses, universities, federal government, NASA and the Air Force.(13)
Robert T. Morris realized early on that his innocent program was crashing computers and steeling passwords and tried to inform users off it, but to no avail he was unable to stop the havoc that he has released. He was also one of the first people to be convicted under the Computer Fraud and Abuse Act of 1986. Even tough he was facing up to five years in prisons and a fine of $250,000 he got away with a three year probation and 400 hours of community service and a fine of $10,000. The reason for this leniency at his trial come from the fact that the worm didn’t delete or modified any files, still the cost of dealing with this crush are estimated anywhere at $15 million to over $100 million.(14)
Hackers use many different methods to gain access to different systems. Some of the most common methods used by hackers are Trojan horses. Trojan horses are programs that are designed to fool someone into installing a program that will allow the hacker to access their computer through ‘back door.’ A hacker that gains a status of an administrator on anyone’s computer will be able to make any changes they desire and even use the computer in an attack at another network.(15)
Another method is called Back door or remote administration and these programs allows a hacker to gain remote access to a computer. In order to accomplish this hacker’s will use such programs as BackOrifice, Netbus or SubSeven. Once any one of those programs is installed, it will allow hacker to control another person’s computer.(16)
Denial of service has become a famous since hackers have used it to slow down yahoo.com a couple years back. This hacking technique sends out so many requests to a computer that its memory can not process the data and eventually the computer will crash. Another set back of this type of attack is that it often uses the attack computer to send out more denial of service attacks and therefore can very easily overwhelm large networks. Hacker will often use another computer as an intermediary for another attack. In order to accomplish this hacker will install a program that will use the computer as a agent and forward hackers instructions. This is what happened with the denial of service performed on yahoo.com, many computers from different universities were acting as agent to this attack.(17)
One of the dangerous forms of hacking is to use packet sniffing. Programs that allow packet sniffing capture data that is transported over any network and thus allows hackers to look for passwords and user names. Once the hacker is able to capture thousands of passwords, they then can use them to gain access through brute force to other computers.(18)
Hacker will utilize many different methods to gain access to networks and computers. The actual process of cracking a password is lengthy and therefore many hackers will result to human engineering to gain access. For example Kevin D. Mitnick was know for his ability to talk to network administrators and gain network access codes, passwords and privileged status on the system.(19)
Other hackers will also use something called phreaking to gain access to free telephone calls. Phreaking is also very dangerous because it allows user to access multiple and large network and exploited them to steel money as in the case of MOD group. Phreaking is also more hands on job than hacking that only utilizes a computer.
In searching who hackers target as their victims, one must notice that it is everybody. The public only hears about hackers when they actually hit something that is a large business such as AT&T, Bank of America, TRW, military networks, Pentagon or Citibank.(20) The last one was especial notices since the hacker was able to gain access through many different firewalls and gain access to remotely transfer money to different accounts.
Most of the new hackers will not target large networks because they are very well protected. Instead they will concentrate on the computers of privet user or will hack smaller program on the networks such as AIM instant messenger. Through this they will be able to practice how to obtain passwords, user names and thus will be able to prepare themselves to attack a larger network. Many other hackers also don’t even need to conduct attack over the internet. Some of them concentrate their effort on breaking computer programs protection. The windows OS system must be one of the most hacked systems in the world. Hackers will exploit many loopholes to allow user to change their setting that were originally locked by the program. Some hackers will also use programs to generate passwords that allow users to crack programs registration process and use the programs for free.
It seems that there are many hackers around the world and that they efforts are making them very dangerous. Fortunately, security agencies are able to catch them even though their methods are not that well developed yet. The methods used to catch hackers are not that much different from methods used to catch criminals. For example, a group called Masters of Deception was the first one to be coughed by the FBI using wire taps.(21)
One of the most intriguing cases of hackers being caught was the 75-cents discrepancy. Clifford Stoll was called in to check out a computer system that showed a discrepancy of 75-cents and found out that there was a group of hackers that gave themselves administrative privileges. Even though Stone could have changed their status, he decided to monitor their traffic on the network. Once he knew what they wanted, Stone used fake files that supposedly contained military data as bate. The hackers have requested the files to be delivered by mail. Once the address was known, the local police, FBI and CIA got involved in the cases and as it turned out it was a group of young German men that wanted to sell military secretes to KGB.(22)
I believe that in most cases hackers get caught because of their culture. In their world, the only thing that counts is their reputation and therefore hackers constantly talk about their accomplishments. They will do it in their forum or even among their friends. Once they do something that catches the attention of the FBI, it is simple to track them because of their bragging. Also, many hackers will leave finger prints as they hack. They will not delete the proper files and the administrator will be able to see their ip addresses. Once they know their ip address they are able to ask the internet service provided for the address.
(1) Schweitzer 2
(2) Schweitzer 2
(3) Schweitzer 3
(4) Schweitzer 3
(5) Schweitzer 3
(6) Schweitzer 3
(7) Knowledge Base 2005
(8) Schweitzer 48
(9) Schweitzer 47
(10) Schweitzer 48
(11) Schweitzer 49
(12) Liberto
(13) Byte Magazine
(14) Byte
(15) Armor2net
(16) Armor2net
(17) Armor2net
(18) Armor2net
(19) Byte Magazine
(20) Byte Magazine
(21) Byte Magazine
(22) Byte Magazine
Bibliography
Schweitzer, Douglas. Internet Security: Made Easy Amacom, New York 2002
Knowledge Base. What are boot sector Viruses, and how can I prevent them? October 21, 2005. Retrieved: 11/27/2005 from: http://kb.iu.edu/data/ahll.html
Libero. Student hacker that closed down military networks. Retrieved: 11/27/2005 from: http://digilander.libero.it/zagorjr/I%20VIRUS%20INFORMATICI/ing3.htm
Byte Magazine. Noted & Notorious Hacker Feats. September 1995. Retrieved: 11/27/2005 from: http://www.byte.com/art/9509/sec7/art25.htm
Armor2net Home Page. The most common methods used by Hackers. 2002. Retrieved: 11/27/2005 from: http://www.armor2net.com/knowledge/hackers_methods.htm
Disclaimer
The above essay was written by a college student and merely states opinions of a college student. However, if you feel strong about responding to the opinions stated, please write to articles@directorym.com and express your concerns.
Educational Content
Home