How To Become A Hacker

The Hacker Attitude

1. The world is full of fascinating problems waiting to be solved.

 

2. No problem should ever have to be solved twice.

 

3. Boredom and drudgery are evil.

 

4. Freedom is good.

 

5. Attitude is no substitute for competence.

 

 

 

 

 

Netcat

• 
  

This simple utility reads and writes data across TCP or UDP network connections. It is designed to be a reliable back-end tool to use directly or easily drive by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need, including port binding to accept incoming connections. The original Netcat was released by Hobbit in 1995, but it hasn't been maintained despite its popularity. It can sometimes even be hard to find a copy of the v1.10 source code. The flexibility and usefulness of this tool prompted the Nmap Project to produce Ncat, a modern reimplementation which supports SSL, IPv6, SOCKS and http proxies, connection brokering, and more. Other takes on this classic tool include the amazingly versatile Socat, OpenBSD's nc, Cryptcat, Netcat6, pnetcat, SBD, and so-called GNU Netcat.

Popularity #8, 4 Rating ★★★★ (1) Latest release 1.10 March 20, 1996 (15 years, 10 months ago) Homepage Wikipedia Outdated/incomplete?

★★★★★   0% ★★★★   100% ★★★   0% ★★   0% ★   0%

Screenshot

Need for Network Security

In the past, hackers were highly skilled programmers who understood the details of computer communications and how to exploit vulnerabilities. Today almost anyone can become a hacker by downloading tools from the Internet. These complicated attack tools and generally open networks have generated an increased need for network security and dynamic security policies. 

 

The easiest way to protect a network from an outside attack is to close it off completely from the outside world. A closed network provides connectivity only to trusted known parties and sites; a closed network does not allow a connection to public networks. 

Because they have no Internet connectivity, networks designed in this way can be considered safe from Internet attacks. However, internal threats still exist. 

There is a estimates that 60 to 80 percent of network misuse comes from inside the enterprise where the misuse has taken place. With the development of large open networks, security threats have increased significantly in the past 20 years. Hackers have discovered more network vulnerabilities, and because you can now download applications that require little or no hacking knowledge to implement, applications intended for troubleshooting and maintaining and optimizing networks can, in the wrong hands, be used maliciously and pose severe threats. An adversary

A person that is interested in attacking your network; his motivation can range from gathering or stealing information, creating a DoS, or just for the challenge of it

Types of attack:

Classes of attack might include passive monitoring of communications, active network attacks, close-in attacks, exploitation by insiders, and attacks through the service provider. Information systems and networks offer attractive targets and should be resistant to attack from the full range of threat agents, from hackers to nation-states. A system must be able to limit damage and recover rapidly when attacks occur.

There are five types of attack:

Passive Attack :-

A passive attack monitors unencrypted traffic and looks for clear-text passwords and sensitive information that can be used in other types of attacks. Passive attacks include traffic analysis, monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Passive interception of network operations enables adversaries to see upcoming actions. Passive attacks result in the disclosure of information or data files to an attacker without the consent or knowledge of the user.

Active Attack :-

In an active attack, the attacker tries to bypass or break into secured systems. This can be done through stealth, viruses, worms, or Trojan horses. Active attacks include attempts to circumvent or break protection features, to introduce malicious code, and to steal or modify information. These attacks are mounted against a network backbone, exploit information in transit, electronically penetrate an enclave, or attack an authorized remote user during an attempt to connect to an enclave. Active attacks result in the disclosure or dissemination of data files, DoS, or modification of data.

Distributed Attack:-

A distributed attack requires that the adversary introduce code, such as a Trojan horse or back-door program, to a “trusted” component or software that will later be distributed to many other companies and users Distribution attacks focus on the malicious modification of hardware or software at the factory or during distribution. These attacks introduce malicious code such as a back door to a product to gain unauthorized access to information or to a system function at a later date. Insider Attack
An insider attack involves someone from the inside, such as a disgruntled employee, attacking the network Insider attacks can be malicious or no malicious. Malicious insiders intentionally eavesdrop, steal, or damage information; use information in a fraudulent manner; or deny access to other authorized users. No malicious attacks typically result from carelessness, lack of knowledge, or intentional circumvention of security for such reasons as performing a task Close-in Attack

A close-in attack involves someone attempting to get physically close to network components, data, and systems in order to learn more about a network Close-in attacks consist of regular individuals attaining close physical proximity to networks, systems, or facilities for the purpose of modifying, gathering, or denying access to information. Close physical proximity is achieved through surreptitious entry into the network, open access, or both.

One popular form of close in attack is social engineering in a social engineering attack, the attacker compromises the network or system through social interaction with a person, through an e-mail message or phone. Various tricks can be used by the individual to revealing information about the security of company. The information that the victim reveals to the hacker would most likely be used in a subsequent attack to gain unauthorized access to a system or network.

Phishing Attack In phishing attack the hacker creates a fake web site that looks exactly like a popular site such as the SBI bank or paypal. The phishing part of the attack is that the hacker then sends an e-mail message trying to trick the user into clicking a link that leads to the fake site. When the user attempts to log on with their account information, the hacker records the username and password and then tries that information on the real site.

Hijack attack:-

Hijack attack In a hijack attack, a hacker takes over a session between you and another individual and disconnects the other individual from the communication. You still believe that you are talking to the original party and may send private information to the hacker by accident.
Spoof attack Spoof attack In a spoof attack, the hacker modifies the source address of the packets he or she is sending so that they appear to be coming from someone else. This may be an attempt to bypass your firewall rules. Buffer overflow
Buffer overflow A buffer overflow attack is when the attacker sends more data to an application than is expected. A buffer overflow attack usually results in the attacker gaining administrative access to the system in a ommand prompt or shell.

Exploit attack:-

In this type of attack, the attacker knows of a security problem within an operating system or a piece of software and leverages that knowledge by exploiting the vulnerability. Password attack
Password attack An attacker tries to crack the passwords stored in a network account database or a password-protected file. There are three major types of password attacks: a dictionary attack, a brute-force attack, and a hybrid attack. A dictionary attack uses a word list file, which is a list of potential passwords. A brute-force attack is when the attacker tries every possible combination of characters.

Imagine a World Without Free Knowledge

Imagine a World Without Free Knowledge For over a decade, we have spent millions of hours building the largest encyclopedia in human history. Right now, the U.S. Congress is considering legislation that could fatally damage the free and open Internet. Learn more.

Wireless tools

Wireless network tools, security, scanners and sniffer tools, articles, guidesand technical documents on wireless security.

DNS Hijacks Now Being Used to Serve Black Hole Exploit Kit

Attackers have been going after various pieces of the DNS infrastructure for a long time now, and it's not unusual for there to be somewhat organized campaigns that target certain vertical industries or geographic regions. But researchers lately have been seeing an interesting pattern of compromises in which attackers somehow add new names to existing domains and use those sub-domains to piggyback on the good reputation of the sites and push counterfeit goods, pills and other junk. And now they're using the attack to push exploits via the Black Hole Exploit Kit.

The attacks have been ongoing for at least a couple of months and while they're fairly simple in theory, researchers haven't necessarily been able to figure out how the attackers have managed to compromise the domains and get access to the DNS records to add their own sub-domains. What's happened is that attackers have been able to alter the domain records of dozens of existing, legitimate sites, including local government agencies, small businesses, community banks and others and then inserted new sub-domain names into the records.

So the new sub-domains might look something like this: payday-loans.smalltownbank.com. This small bank would likely have a good reputation built up in the various blacklisting and reputation systems out there and the attackers are able to ride on top of that and give themselves more credibility in the search-engine rankings. That means more users will find their domains in search results and potentially land on the sites, winding up on an order page for fake Viagra or shady personal loans instead of whatever they were searching for. The folks at the SANS Internet Storm Center have been looking into the attacks and have identified dozens of domains that have been affected and poisoned with the insertion of a slew of skeevy sub-domains pushing fake pharmaceuticals, loans and other Internet spam staples.

"The problem is only slowly starting to surface in the Google search results, but it is plenty evident in passive DNS loggers like RUS-CERT's: http://www.bfk.de/bfk_dnslogger.html?query=91.196.216.50#result The domains affected have been abused for the past several days to push copies of the BlackHole Exploit Kit," Daniel Wesemann of the SANS ISC wrote over the weekend. "The IP range used changes about every three, four days:

188.247.135.37 in use until Dec 2, AS34714, Opticnet, Romania 146.185.245.72 in use until Dec 5, AS43215, Monyson Group, Russia 91.196.216.50 in use since Dec 6, AS43239, Spetsenergo, Russia