learn to be a hacker

Hackers with expertise can view & fix weaknesses in the computer software, usually later in openly published on the Internet for the system to be better. Unfortunately, few people take the evil use that information to crime - they are usually called cracker. Basically the world of hackers & crackers no different from the art world, here we are talking art Internet network security. 

I hope the science in network security is used for writing things that are good - not be a Hacker Cracker. Do not until you get karma for using science to destroy property of others. Moreover, at this time would need hackers in Indonesia increased by more dotcommers want to IPO in the stock market. Good name & the value of a dotcom could fall even become worthless if the dotcoms in the collapse. In this case, the hacker is expected to be a security consultant for the dotcommers - because human resources of police & security forces Indonesia is very, very weak & pathetic in the field of Information Technology & the Internet. I can not help cybersquad, private cyberpatrol perhaps necessary for survival in the culture dotcommers Indonesia on the Internet. 



Various Internet network security techniques can be easily obtained on the Internet, among others in http://www.sans.org, http://www.rootshell.com, http://www.linuxfirewall.org/, http:// www.linuxdoc.org, http://www.cerias.purdue.edu/coast/firewalls/, http://www.redhat.com/mirrors/LDP/HOWTO/. Some of these techniques in the form of books of his several hundred pages that can be taken free of charge (free). Some Frequently Asked Questions (FAQ) about the network security can be obtained in http://www.iss.net/vd/mail.html, http://www.v-one.com/documents/fw-faq.htm. And for the experimenter some scripts / programs that have become available, among others in http://bastille-linux.sourceforge.net/, http://www.redhat.com/support/docs/tips/firewall/firewallservice.html . 


For readers who want to gain knowledge about the network and can be downloaded for free from http://pandu.dhs.org, http://www.bogor.net/idkf/, http://louis.idaman.com/idkf . Several books softcopy form that can be taken free of charge can be taken from http://pandu.dhs.org/Books-Online/. We have to thank especially the Scout team led by I Made Wiryana for this. At this moment, I do not really know the place Indonesian is an active discussion discuss hacking techniques are - but it may be partly discussed in the mailing list information such as the kursus-linux@yahoogroups.com & linux-admin@linux.or.id operated by Indonesian Linux Users Group (KPLI) http://www.kpli.or.id. 


The simplest way to see the weakness of the system is to seek information from various vendors such as the http://www.sans.org/newlook/publications/roadmap.htm # 3b of the weaknesses of the system they have created yourself. In addition, monitoring the various mailing lists on Internet-related security such as network http://www.sans.org/newlook/publications/roadmap.htm list # 3e. 


Explained by the Front-line Information Security Team, "Techniques Adopted By 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks," fist@ns2.co.uk http://www.ns2.co.uk. A Cracker generally men aged 16-25 years. Based on the statistics of Internet users in Indonesia is in fact the majority of Internet users in Indonesia are young children at this age, too. It's age is an ideal age in the new studying science, including the Internet, very unfortunate if we did not succeed to the 25,000 schools menginternetkan Indonesian s / d in 2002 - because the confluence of Indonesia's future in the hands of young children we are. 


Well, the young cracker cracking is generally done to improve / use of network resources for its own sake. Generally, the cracker is opportunis. Seeing weakness carry out the program with the system scanner. After gaining root access, a cracker will install the back door (backdoor) and close all existing general weakness. 


As we know, most of the company / dotcommers will use the Internet to (1) web hosting of their servers, (2) e-mail communication and (3) provides access to web / internet to its employees. Separation of Internet and Intranet networks generally performed using techniques / software firewall and proxy servers. Seeing the use of the above conditions, the weakness in the system can generally penetrate through the mail server for example with external / outside that is used to facilitate access to the mail out of the company. In addition, by using aggressive-SNMP scanner & a program that forced SNMP community strings can change a router into bridge (bridge) which can then be used for a stepping stone for entry into the company's internal network (Intranet). 


In order for crackers are protected at the time of the attack, the technique cloacking (cover) is done by jumping from the previous machine has been compromised (defeated) via telnet or rsh program. At intermediate machines using Windows attack can be done by jumping from Wingate program. In addition, the jump can be done through a proxy device that the configuration is less good. 


After a successful jump and into other systems, a cracker like to probing the network and gather information needed. This is done in several ways, such as (1) use nslookup to run the command 'ls', (2) view HTML files on your web server to identify other machines, (3) to see various documents on the FTP server, (4) relate to the mail server and use the command 'expn', and (5) to a user finger on machines other external. 


The next step, a cracker will identify a trusted network component by whatever system. Network components are usually machine and server administrators who are usually considered the most secure in the network. Start by checking the access & NFS export to a variety of critical directories like / usr / bin, / etc and / home. Exploitation of the machine through the weakness of Common Gateway Interface (CGI), with access to the file / etc / hosts.allow. 


Next cracker must identify the network components that are weak and can be conquered. Crackers can use in Linux programs like ADMhack, mscan, nmap and many other small scanner. Programs like 'ps' & 'netstat' on the make trojan (remember the Trojan horse story? The classic story of ancient Greece) to hide the scanning process. For cracker advanced enough to use aggressive-SNMP scanning to scan equipment with SNMP. 


After the crackers have identified a weak network components and can be conquered, then the cracker will run programs to conquer the weak daemon program on the server. Daemon program is a program on a server that normally run in the background (as daemon / demon). The success of the program conquer this daemon will allow a Cracker to gain access as 'root' (the highest administrator in the server). 


To remove tracks, a cracker usually do clean-up operation 'clean-up' operation by cleaning the log files. And add the program to enter from the back door 'backdooring'. Changing file. Rhosts in / var / bin for easy access to the machine via rsh conquests & csh. 


Furthermore a cracker can use a machine that had conquered for his own benefit, such as taking sensitive information that should not be read; mengcracking another machine with a jump from the machine in the conquered; install the sniffer to see / record the traffic / communications passing; can even turn off the system / network by running the command 'rm-rf / &'. The latter will be very fatal consequences because the system will be destroyed at all, especially if all the software on the hard disk Lay. Process re-install the entire system must be done, will be confusing if it is done on machines that run mission-critical. 


Therefore, all machines & routers critical missions should always check the security & the patch by the newer software. Backup is very important especially on machines that run mission critical behavior that was saved from a cracker that disable the system with 'rm-rf / &'. 


For those of us who wrestle daily on the Internet are just going to really appreciate the existence of hackers (not Cracker). Because hackers thanks to the Internet is there and can we enjoy today, even kept in repair for a better system again. Various weaknesses in the system due to improved intelligence colleagues hackers often they will be working on improvements. voluntarily because of his hobby. Moreover, often the result of his hacking distributed freely on the Internet for the purposes of the Internet community. A cultural values & Noble mutual cooperation instead grow in the Internet virtual world that typically seem futuristic and far from the social sense. 


Development of the hobbiest hackers become critical to the sustainability / survival of the spacecraft Internet dotcommers Indonesia. As one of fact, in the near future Inshallah around mid April 2001 will be held hacking competition on the Internet to break into a server that has been in the first set. Hacking is in Motori competition by young children in Indonesia Linux User Groups (KPLI) Semarang is mobilized by young people like Kresno Aji (masaji@telkom.net), Agus Hartanto (hartx@writeme.com) & Lekso Budi Handoko (handoko @ riset.dinus.ac.id). Like most young kids the other, they are generally capitalized, insufficient - support & sponsorship would be very useful and awaited by the young fellow is. 


Hopefully this will add to the spirit of readers, especially young readers, to move in the exciting world of hackers and challenging. If it says Captain Jean Luc Picard in the movie startrek Next Generation, "To boldly go where no one has gone before". 


Author: Ali Akhmad Syah 

article learn to be a hacker was presented by Click-Kanan.com. Visit the Click-right.com for information about computers and the Internet. 
Posted by hackers at 01:18 Reaction: 

0 comments Links to this post