Transcript Hackers 101

Hackers 101
Julie Keil
JoAna Swan
John Adamo
John Ponessa
Arturo Jose` Ortiz
1
Types of Assaults on Computers
and Networks
• Spyware-software made by publishers that allow them to snoop on
your browsing activity, invade your privacy, and flood you with those
horrible pop-ups.
• Identity theft• Virus-a software program capable of reproducing itself and usually
capable of causing great harm to files or other programs on the
same computer; "a true virus cannot spread to another computer
without human assistance"
• Worm-a software program capable of reproducing itself that can
spread from one computer to the next over a network; "worms take
advantage of automatic file sending and receiving features found on
many computers“.
2
Types of Assaults on Computers
and Networks
• Trojan Horse-A computer program is either hidden inside another
program or that masquerades as something it is not in order to trick
potential users into running it. For example a program that appears
to be a game or image file but in reality performs some other
function. The term "Trojan Horse" comes from a possibly mythical
ruse of war used by the Greeks sometime between 1500 and 1200
BC
3
Types of Assaults on Computers
and Networks
•
•
•
Social Engineering-An attack based on deceiving users or administrators at
the target site. Social engineering attacks are typically carried out by
telephoning users or operators and pretending to be an authorized user, to
attempt to gain illicit access to systems
Sniffing usernames/passwords-An attacker puts a computer on your
network into "promiscuous mode", listening to every bit of traffic that goes
by on the network and captures all the data. Normally a computer's network
connection ignores traffic that is not addressed to it, but when sniffing the
computer will pick up everything. This is an easy way to pick up clear text
passwords. e-mail programs frequently use clear text passwords. Many
users use the same password for everything. This allows an attacker to
crawl deeper into your network.
Spoofing-Pretending to be someone else. The deliberate inducement of a
user or a resource to take an incorrect action. Attempt to gain access to an
AIS by pretending to be an authorized user. Impersonating, masquerading,
and mimicking are forms of spoofing.
4
The Gathering of Information
• Hard Drive- Hard drive-A rigid nonremovable disk in a computer and the
drive that houses it. Hard disks store more
data and can be accessed quicker than
floppy disks
• Log files-A file that lists actions that have
occurred. For example, Web servers
maintain log files listing every request
made to the server.
• IP address- Internet Address
5
The Gathering of Information
• Caller ID- A telephone service that
provides for subscribers the name and
telephone number of a caller, which
appear on a display as the call being
received.
• Email- A system for sending and receiving
messages electronically over a computer
network, as between personal computers.
6
Protection tactics
• Anti-virus-A software program designed to
identify and remove a known or potential
computer virus.
• Firewall-Computer Science. Any of a
number of security schemes that prevent
unauthorized users from gaining access to
a computer network or that monitor
transfers of information to and from the
network.
7
Protection tactics
• Anti-spyware- ware-software that protects
against spyware.
8
The True Identity Of A Criminal
• Criminals are portrayed as evil and not
sociable
• The true identity of cyber crime is
"Hackers”
• Hackers come in many different types
9
Finance In Cybercrime
• Internet-related stock fraud results in $10 billion
per yearin Fall 2000
• In October 2000 a group of about 20 people,
some of whom were connected to mafia families,
working with an insider, created a digital clone of
the Bank’s online component. It then planned to
use this to divert about $400 million allocated by
the European Union to regional projects in Sicily.
10
Finance In Cybercrime
• In Fall 2000 when a variation of the Love Letter
worm was used in an effort to gain access to
account passwords in the Union Bank of
Switzerland and at least two banks in the United
States.
• 500 companies that responded to a recent FBI
survey, 90 percent said they'd had a computer
security breach, and 80 percent of those said
they'd suffered financial loss as a result.
11
Hackers 101
12