RSS Feed

Reconnaissance

Posted by WeBlogShare Label:

Merupakan fase pertama dalam kegiatan hacking, sering disebut juga dengan istilah Footprinting, dimana hacker mencoba mendapatkan berbagai informasi mengenai target seperti nama domain, alamat IP, lokasi fisik, teknologi yang ada dan yang digunakan, kontak organisasi, dan informasi lainnya.

Fase ini terbagi menjadi dua, active reconnaissance dan passive reconnaissance. Tujuan pada fase ini adalah untuk memetakan sistem dan jaringan milik target. Hacker akan mencoba untuk menyusun semua sistem yang ada di dalam jaringan milik target, lalu mencoba untuk menyusun semua celah yang tersedia di dalam sistem tersebut.

Dalam rangka memetakan jaringan milik target, hacker akan mencoba untuk melakukan :
- ping : mencari host atau komputer yang hidup.
- nslookup : mengkonversi nama domain ke alamat IP atau sebaliknya.
- whois : mendapatkan informasi domain seperti nama pemilik domain, alamat IP, dlsb.
- tracert : menunjukkan rute yang dilewati suatu paket untuk mencapai suatu tujuan.

Beberapa tools yang dapat mempermudah aktivitas di atas adalah sebagai berikut :
- Neo Trace
- Visual Route
- Sam Spade

Tipe-Tipe Reconnaissance :
- Internet Reconnaissance
- Intranet Reconnaissance
- Remote Access Reconnaissance

Setelah hacker memiliki daftar dari sistem milik target, hacker akan mencoba memindai (scanning) untuk mencari entry point yang dapat dijadikan sebagai pintu masuk ke dalam sistem target.

Hacker Classes

Posted by WeBlogShare Label:

- Black Hats
Individuals with extraordinary computing skills, resorting to malicious, or destructive activities. Also known as crackers.

- White Hats
Individuals professing hacker skills and using them for defensive purposes. Also known as security analysts.

- Grey Hats
Individuals who work both offensively and defensively at various times.

- Suicide Hackers
Individuals who aim bring to down critical infrastructure for a "cause" and don't worry about facing 30 years in jail for their actions.

Types of Hacker Attacks

Posted by WeBlogShare Label:

- Operating System Attacks
- Application Level Attacks
- Shrink Wrap Code Attacks
- MisConfiguration Attacks

Phases of Malicious Hacker Do

Posted by WeBlogShare Label:

1. Reconnaissance
- Active reconnaissance involves interacting with the target directly by any means. For example, telephone calls to the help desk or technical department.
- Passive reconnaissance involves acquiring information without directly interacting with the target. For example, searching public records or news releases.

2. Scanning
Scanning refers to the pre-attack phase when the hacker scans the network specific information on the basis of information gathered during reconnaissance. Scanning can include use of dialers, port scanners, vulnerability scanners, network mapping, sweeping, and so on.

3. Gaining Access
Gaining access refers to the penetration phase. The hacker exploits the vulnerability in the system. The exploit can occur over a LAN, the Internet, or as a deception, or theft. Examples include buffer oveflows, denial of service, session hijacking, and password cracking. Influencing factors include architecture and configuration of the target system, the skill level of the perpetrator, and the initial level of access obtained.

4. Maintaining Access
Maintaining access refers to the phase when the hacker tries to retain his or her ownership of the system. Hacker may harden the system from other hacker as well (to own the system) by securing their exclusive access with Backdoors, RootKits, or Trojans. Hacker can upload, download, or manipulate data, applications, and configurations on the owned system.

5. Covering Tracks
Covering tracks refers to the activities that the hacker does to hide his or her misdeeds. Reason include the need for prolonged stay, continued use of resources, removing evidence of hacking, or avoiding legal action. Examples include steganography, tunneling, and altering log files.

Elements of Computer Security

Posted by WeBlogShare Label:

- Confidentiality
The concealment of information or resources.

- Integrity
The trustworthiness of data or resources in terms of preventing improper and unauthorized changes.

- Availability
The ability to use the desired information or resources.

- Authenticity
The identification and assurance of the origin of information.

Essentials Terminologies of Computer Security

Posted by WeBlogShare Label:

- Target of Evaluation
An IT system, product, or component that is identified to require security evaluation.

- Vulnerability
Existence of a weakness, design, or implementation error that can lead to an unexpected and undesirable event compromising the security of the system.

- Threat
An action or event that might compromise security. A threat is a potential violation of security.

- Attack
An assault on the system security that is derived from an intelligent threat. An attack is any action that violates security.

- Exploit
A defined way to breach the security of an IT system through vulnerability.