Thread: Broadly - How does Hacking work ?

You don't need a supercomputer. Just a basic computer, a modem and a modicum of know-how.

Every computer that's connected to the 'net needs to broadcast some basic info, such as it's address. It also tends to broadcast what OS it's using, what browser and a few other things. Various other software, like MSN Messenger and GTalk, UTorrent, Skype, etc., like to advertise their presence as well... all in the name of 'ease of connectivity.' ie. so that other computers know how to talk to yours.

Ever been to a site that said you were running, say, Windows XP using Explorer 5.0 and your IP address is xx.xx.xx.xx? It's just echoing back what your computer is announcing to everyone.

Further, most SW announce what versions they are running. (eg. the Explorer v5.0 mentioned above)

Anybody with a Windows OS knows that updates are frequently announced, along with very general reasons for the update. So, we know that the preceding version has a flaw in the code which may allow access (if you know what the flaw is) and not everybody bothers updating automagically.

So a hacker can just do a quick 'scan' of several hundred/thousand computers and look for which ones are announcing - quite literally - that they still have this bodgey sw installed! ie. it narrows down the field of potential candidates. And assuming that the hacker does know how to exploit the flaw, well...

It doesn't even have to be a SW flaw. Many new computers come with the Operating System installed, but aren't really configured for security. They have all sorts of protocols, etc. installed and running 'just in case the new user wants to use them.' When, in fact, most users don't even know they exist. For example, my latest computer had a file server running in the background with no restrictions. It was open to all and sundry... although it hadn't also been configured to access my filebase, so my computer didn't have anything to send, it still meant people could connect to it without my knowledge.


Then there's the other bug-bear... trojans. Have you ever had a problem with a program refusing to work 'cos it's missing a .DLL or similar file, so gone to the web to find & download the missing file? Or downloaded pirate sw?

That's really, really not a good idea. But people do it every day. Let's be gracious and assume that the vast majority are legitimate... but every now'n'again a hacker will release just such an item with a 'backdoor' built into it. A Trojan. You install it, then the next time you're on the 'net this 'backdoor' quite happily calls home and says "come on in & play."


It's a fun world, innit?

Thanks Skew,

That takes some of the mystery out of it.

I guess that in any big company the IT guys should be right on top of this and making sure that the various computers connected to the internet are not broadcasting too much "come and get me" information.

Reminds me of the plaque we put on a rocket and sent it into outer space - many people said at the time that it was a clever thing to do whilst others said "We are telling the monsters where we are and what we taste like - come and dine"


Regards

Bill

Larger organizations and better security don't always go hand in hand. People break systems - either delibrately or inadvertently.

And anyone who has worked in IT security any length of time, will have more than one war story about how a complex system was circumvented by the simplest of inadvertent illicit or undocumented user behaviour. My favourite one is about the router password written in permanent maker on a whiteboard (it was too important to accidently rub off after all). Govt entity btw!

Remember Hogans Hero's and The Great Escape

Tunneling protocol - Wikipedia, the free encyclopedia

It's basically a race between the discovery of operating system, application and network vulnerabilities and the exploitation of those vulnerabilities by the bad guys.
The vulnerabilities can be caused by bad design and/or programming or by the use of certain features in a way the designer never envisaged.

If a system is connected to the Internet, then it's going to be attacked or at least probed, by someone. The more valuable the prize, the more effort the hackers will put in. There may be nothing of commercial value on your home computer but there is value in being able to hijack it to attack another site, especially if you have a few thousand hijacked PC's to utilise.

I'm glad I'm not involved in computer security any more.

Everything said has been true..but..

The hackers in the story work on a completely different level. They are the type that buy the latest hardware firewalls and security appliances then pull them apart - litterally and figuratively.

They go through the code line by line and look for points of exploitation.
There is an immense amount of effort here, but once an exploit is found they test and record the outcomes.

If it is good, they then a secret way in to many different companies.

On a smaller scale they do the same thing with software - particulalry databases - learning and trying to inject new code back to the database to take control and get data they are not supposed to have. And so on down the stack -(online applications).

The 'way in' through the intrernet is generally secured adequately - some better than others, but if the hacker goes through the security appliance - they can get full access.

It takes a lot of work and knowledge to protect a system from a determined hacker - and it's a cost that a lot of companies are reluctant to pay.

On the plus side - the reward to actively hack a private system is not worth the effort for these people. They might use some automation to utilise common flaws, but itis unlikely they will expend any real effort.

Get yourself a decent antivirus/firewall with a spyware and malware detection and you should be OK. - oh - and make sure they are urned on.

[Edit] I hate it when someone else types what your typing - only faster. But i agree

Having worked at Microsoft and seen all the moving parts to a platform such as .NET / Windows all I can say is there are a variety of reasons for a hack to occur.

The most common one is 3rd party vendors writing bad code, that is to say since Windows Vista and above the exploits made available in the OS have been somewhat minor and not prone to security breaches given the layering that took place post Windows XP to basically prevent even trusted solutions from getting direct access to the Kernel.

In reality products that get installed on an OS generally act as the vulnerable points of fail, given the best hacks are the ones that dont' get advertised and you won't necessarily even hear of a hack until a security agency wishes to brag about their ability to find productX has xyz flaw(s). Most frequently used apps get security audits by 3rd party agencies whether the ISV (Independent Software Vendor) likes it or not and they are typically the ones who do so in order to perk up their own stock in "hack prevention" fear.

An example comes to mind. Did you know Flash is considered a virus internally in Microsoft security database. In that for years Microsoft would release patches to surround Flash given the latency between Macromedia/Adobe was to long for release(s) (hence you saw often updates etc).

The Chinese hackers etc aren't a bunch of kids goofing around sniffing ports for exploits, they will often attack from both within and outside whilst at the same time not having to layer in a lot of groundwork to ensure anonymous cover... they simply brute-force their way into the network(s) which can be a case of running dictionaries over password(s) or leveraging the awesome existence that most people just dont keep cryptic passwords, expose areas within their network that aren't firewall / DMZ etc.

It can also be a case of installing a trojan on a person work computer waiting for the said person to then log in via work network, then extract that data and begin to do the same thing over and over internally until they puddle jump their way into areas of need. That's a bit of an old approach but if you look at some of the sophisticated virus creation out there today it's not a case of "spamming your inbox with viagra" viruses ..they are getting much smarter and quieter about their attachment(s).

Ah yes Bill Gates speaks "Not my fault"

This is true what he says.

So whats does Microsoft have to do with hacks using LINUX or Apple??

There are far fewer successful hacks against Linux or IOS.
This may be in part due to the fact that virus writers go after Windows as it's both an easier target and a larger one.

Once a vulnerability in Linux has been found, the response to it is quick and a patch is soon produced.
I can;t speak for IOS as I've never used it.

Here's the strange part.

Most Motherboards and add on cards and other hardware are made in Asia and yes some have had code installed which allows easy access to your machine once installed. They have been discovered.

USB thumb drives have also be known to come with software installed and code which allows access made where oh yeh Asia.

Software comes with almost every hardware item you have signed by Microsoft or not.

Then of course there is net access itself


Its a case of chase the tail can't have a fix till the leak is found, reported and fixed.

Hello,

I found this

How Chinese Hackers Steal Secrets - Business Insider

Which supposedly details how the recently publicised hacking was done.

I get lost pretty quickly bit some of you more knowledgeable folk will understand it better than me.


Bill

The methods discussed there still rely on having a piece of malware on the target computer.
The most common vector for installation of malware and viruses is still the computer owner/user.

The safeest approach is to consider any software that you install to be suspect unless you absolutely trust the source and can verify it's origins. Even then ...

You can never be too paranoid where your computer is concerned.