telephone conversation can be done easily. With simulation
following the attack, you will better understand attacks and hackers
how to anticipate them.
You have to protect your PC with a firewall, antivirus and Service Pack?
If so, means your PC becomes more secure from viruses and hacker attacks. However, PCs have not really safe before you install the latest patches. Therefore, do not be surprised if at any time your PC's arrival 'uninvited guests'. Even if you have installed the latest patch, there's no guarantee your PC 100% safe. With 0-Day-Exploits (gap that has not known and in-patch), hackers can penetrate a firewall that seem safe in just a few seconds. Capitalize a CD that has been modified, even the most secure firewalls can be penetrated. Team writer has been practicing and simulating the most dangerous attacks with the latest methods of hackers, including rootkits. Some colleagues selected as a target in a simulated attack.
The result is surprising: If desired, an attacker could take control of your PC with the easy victim. How does it work and what preventive measures effectively protect your PC? Follow the following review.
1. Victims spying
Rule number one for an intruder or hacker that success is to know his enemy well. One effective way to know the victim was to determine behavior when using a web browser. Because 90% of surfers are still using Internet Explorer, task
This becomes much easier. Even more interesting, there are many companies that use Microsoft programs already installed on your PC.
Hackers only need to lure victims to a website which has been prepared for it and exploit weaknesses browser.
Attack: We are planning to take over control of the browser or in other words take over your PC via a buffer overflow exploit. For that, the identity of the victim must be known software. This can be done to lure the victim to browse to an online address that has been designed to be able to identify his browser. Thus, the browser name and version can be known. The more new patches that are installed on the browser, the smaller the chance that browser to attack. Therefore, the identity of victims of the browser you used to know. Fortunately, the browser immediately sends the identity information by reading it later through the web server protocols. Version of the file also needs to be known, because most buffer overflow only work with certain browser versions. Furthermore, we find a 0-Day Exploit versatile-contained in Internet Explorer 6. 0-Day-Exploits be used as a term for the security hole is very new and not yet have a specific patch to fix it.
We obtained additional information from hackers FrSIRT demonstrating the security hole 'Proof of Concept' is. He told exactly where the crack can be used, making it easier to launch an attack.
In the example, simply by running the Windows calculator program, we can sneak a backdoor into the scr i pt it. Backdoor then became the 'entrance' other dangerous tools into the system. scr i pt backdoor needed are widely available on the Internet, so the attack can be done easily by copying and pasting commands like a scr i pt-kiddie. Now we must strive for these victims to open a website that has been prepared. Therefore, we send an e-mail with a special link that will be very interesting victim to click it. With this simple trick, the attack successfully carried out without problems. Once the victim clicks on the link, Internet Explorer opens and immediately crashes. This may indicate a backdoor has been successfully installed in the PC victim.
Antidote: Use an alternative browser like Firefox or Opera. Security experts have discovered vulnerabilities are dangerous in these browsers, but the gap is less frequently used hackers. Usually hackers prefer Internet Explorer because it is more often used.
Caution: Do not open any links in e-mail. Treat e-mails from senders you do not know with extreme caution.
2. Penetrating Firewalls
How to commit fraud and impersonation to perfection is important for a spy. Similarly, hackers who want to sneak a trojan in a CD without causing
suspicion anyone. Thus, users are totally unaware of any danger threatens. Many do not know that a demo CD with the initial appearance and content of interest may contain a trojan.
Attack: This time, we did not install a backdoor to enter a trojan, but utilize the capacity of the media and directly to package a trojan on the CD. The selected tool is the Trojan's classic 'Back Orifice 2000'. The consideration for the open source trojan is easily modified. Enough with the new code and a few other compiler, then this trojan is not detected by most antivirus. In order for the trojan is installed when the CD is inserted into the drive, we used a demo CD that is already available and create a setup routine with free tools scr i ptable Nullsoft Install System (NSIS). Except this time the installation also included a trojan. In addition, we equip it with the function execution the trojan automatically. Thus, the installation process will automatically be activated when the CD is inserted into the drive. Now, the victims were simply need to insert the CD and trojans can direct action. In this example, the trojan can record all keystrokes on the keyboard and report it. This function is useful for hackers who want to know the behavior of the victim and confidential data on the PC. Antidote: There is no perfect antidote to such attacks. However, it applies to e-mail also applies to CDs which do not install programs you do not know. In practice, it is hard to do. A better way is to use a special test PC, where the trojan does not cause damage to the other PC because it does not connect to the network.
3. Being Invisible.
Third grip in espionage is how to do intrusion while still not visible. In this PC espionage means it needs a rootkit. For that, a simple backdoor should be transformed into a super trojan. Once entered into the system, the trojan is hard to find so it will be even harder to be removed.
The most well-known rootkits for Windows are the 'FU Rootkit'. This rootkit hides destructive program in Task Manager. Thus, the trojan can no longer be stopped. Modern rootkits such as 'Beast' and even more to hide among others on the entry
registry, TCP / IP connection, and files in your hard disk.
Without the special program, an advanced level users even can not find the trojan is, let alone get rid of it. This is due to the rootkit deflect Windows functions and manipulate the answers needed by ordinary Antivirus (see box
Rootkits: The danger that not Seem).
Attack: we modify the 'Back Orifice 2000' with a function rootkit 'FU Rootkits'. This can be done easily as you integrate a plug-in to Photoshop. The only thing to do is install a plugin rootkit and
determine which files which will not be seen by the user. For testing purposes, we hide the trojan and all files created, such as a keylogger file protocol.
Antidote: To deal with this kind of stealth techniques, almost nothing you can do. Once the trojan successfully installed on the system, the trojan can only be removed with special tools, such as Rootkit Revealer from Sysinternals.
In addition, you also must know your system when your PC is properly to be able to find the trojan. This is due, such as the address information storage and functions of Windows should be completely understood. This dilemma encountered in the program that is not harmful,
such as Daemon Tools. Free tool used to create virtual drives is unfortunately also uses techniques such as rootkits to integrate themselves into the system not to be seen.
Rootkits: DANGER DO NOT LOOK
How to trick Hacker Antivirus Rootkit 'entrenched' very deep in the operating system so that general security programs often can not detect it. This sophisticated Trojan is a series of tools that can record passwords, giving access to hackers,
record keyboard input, or intercepting the information in the network without being seen.
Security specialist F-Secure has warned of the dangers that still holds the potential rootkit great to disguise viruses and worms. Even now existing worm that uses the Sony rootkit methods (see box Hacker Protection Method).
The presence of rootkits are often not detected by Antivirus. Unlike the usual malware that work on the user level, rootkits linked him to the Windows API (Application Program Interface). Through the API, the programs, including antivirus and firewall, enable the basic functions of operating systems, such as access to the hard disk or registry.
The next stage, rootkits off any requests and determine which data may be viewed by security applications. If a virus exterminator to find rootkit file name, all entries are filtered from the answer given operating system. Thus the trojan was not found.
How to find a rootkit: Fortunately, most of the rootkit developed Windows is still not perfect. For example trojan 'Slanret' which is designed as systemdriver so it can be seen in Windows Safe Mode. In addition, Slanret also often cause crashes.
Other clues that can be used to determine the presence of rootkits include hard disk capacity is reduced drastically, CPU performance dropped dramatically for no apparent reason, and an Internet connection is not known. The advanced PC users typically use Rootkit Revealer tool to find the API anywhere that deflected. He also can compare the files on your hard disk with a backup "clean" that was created earlier.
How to get rid of rootkits: extreme solution is the most powerful tool to get rid of a rootkit or other hackers is to format the hard disk and installing a new system.
As a preventive step, you also have to replace all the passwords. Special tool to track and remove rootkits like RootkitRevealer (http://www.sysinternals.com) or BlackLight (http://www.fsecure.com) complex to use and more suitable for advanced PC users. Simple tool to get rid of different variants of the rootkit, such as rootkits on Sony Audio CD copy protection, unfortunately not yet available. Rootkits have one thing in common with malware
ordinary: a PC with a firewall and antivirus have been dipatch not be infected by it, provided the user does not carelessly open suspicious email attachments and not to download filefile from an unknown maker.
Info: http://www.rootkit.com
HACKER PROTECTION METHOD
How Companies Use Tricks Hacker Who bought the Sony BMG audio CDs, Xerox printer, or a game from Blizzard Entertainment did not suspect there are tricks of the wily hacker. Unfortunately, what made the big companies is still quite zone 'gray' from a legal standpoint.
- CD Audio Calling to Home
To protect music from piracy, Sony BMG uses a copy protection that is not common. If you want to hear his music on a Windows PC, a player that is contained in the CD you need to install. The problem is, there are other things that kept secret
to the user. Together player, also installed a rootkit that hides files copy protection from pirates. This was revealed after a programmer Mark Russinovich of Sysinternals publish. The so-called XCP copy protection is causing the operating system unstable and make connections to the Internet.
For just went, Blizzard read the title bar of each program are active and forward it to the game server. The danger, if the time it opens a window into online banking, information will also be forwarded.
- ID Hidden on Xerox Printer
Do not ever print an important document or secret with Xerox color printer. The problem is, on each printed sheet is also printed code that is almost invisible. This finding was first published by nongovernmental EFF (Electronic Fronter Foundation) in the U.S.. The code contains a serial number and other ID numbers (date, time). Thus, without the owner's name was a result of mold can be unknown origin. Code size of several mm, which consists of small yellow dots are only to be found, if we know where to look. Furthermore, the code needs to be enlarged under a microscope 10x.
Which side gets the benefit is unclear. The speculation ranging from Xerox to support the U.S. secret service. After the EFF publish such information, Xerox immediately held a press conference. They argue, that method is used to prevent the practice of counterfeiting documents.
4. Phone Tapping
Listen to everything and not tell you anything is the fourth rule. Intercepted telephone conversations are no longer a privilege of the old secret service. If a few years ago the number of gaps in the installation of ISDN attract the hackers, the goal is now switching to VoIP phone wiretapping on the Internet.
Attack: For demo purposes, we run the tool 'Cain & Abel' which is on the Internet. This tool not only has general hacking function, such as dismantling the password, but also lets you record your most visited websites and record conversations
phone as a WAV file. Condition is just hackers must connect with the path through which all data.
The trick is via a connection (W) LAN or a trojan on your PC one of the victims. We started with an attack 'man-in-the-middle' and tap the flow of data on victims. For that, the Trojans should be instructed to send its data to the first CHIP. After successfully blocking the (tap), the data is directly forwarded to the destination PC. The victims (sender and receiver) itself were completely unaware of the wiretapping.
Antidote: the easiest step that can be immediately implemented is secure LAN with MAC address filtering and Antivirus installed to counteract the trojan. Also, now available solutions for encrypting VoIP conversations, such as Zfone tool from the inventor of PGP, Phil Zimmerman.
The problem lies only in the aspect of compatibility. Not all providers support multiple versions of Zfone so that users lose their privacy.
5. Sending Data Out
Last and most important rule is do not get caught while spying.
Installing a trojan then half the trip because without a return connection, the most advanced trojan also no use. Therefore, network infrastructure victim is not clearly known, we must be ready to face various types of firewalls, especially desktop firewall that can block any active program, and an IDS (Intrusion Detection System)
which analyzes the contents of each package. That is, not enough to simply send data from your PC. The information also must be disguised so well that for inconspicuous security program.
Tool 'Back Orifice 2000' almost did not provide the right free plugins for that purpose. The only plugin 'SCTP' indeed encrypt the data so well that there is no recognizable pattern. Unfortunately this method also was characterized as a communication
trojan. For a hacker reliably with the 'stock' method of smuggling sufficient data,
firewalls can be penetrated.
Attack: The most popular is to utilize the protocol that seem harmless such as HTTP, SMTP or DNS. We chose the DNS tunnel to pass all tests for safety in the network without arousing suspicion. That is, the information is packed into a package Domain Name that is not flashy. Packages of this type are not blocked by more than 90% of the firewall because the protocol control is absolutely necessary to create a connection
Internet. We encrypt the information and send a little bit package for IDS might not know it.
An exchange of excessive Domain Name package would become suspicious and known by the IDS.
To cope with desktop firewall protection, we use this type of injection attack. That is, we chose a program that can be guaranteed not to be blocked by a firewall, for example a standard browser. Whatever, if the browser is Internet Explorer or Firefox.
You can easily find out via the Windows registry are read by sebuh specific trojan. Now, we just have to wait until the victim is unaware that activate the program and load it into memory (RAM). When this is done, the trojan associate themselves into the proper process and use it for a particular purpose.
To determine the success or failure of smuggling the data, we instruct the trojan to send Word documents belong to the victim. Of course, unbeknownst to their owners and the firewall.
Antidote: The competition between security companies and hackers will look like a 'vicious circle'. Firewall, Antivirus, and IDS is getting better at detecting and blocking attacks, but attacks are increasingly sophisticated hackers. The better hackers know the target, the more difficult it identified. The problem is, for every mechanism of protection
usually there are tricks to overcome them. Therefore, a vital means to an administrator
to keep the PC and its security programs to keep current.
http://www.rootkit.com: Website by topic
The most popular rootkits. There you will get a lot of news about the rootkit and technical information.
http://www.bo2k.com: Website remote network administration tool that was developed based on the classic trojan Back Orifice.
http://www.securityfocus.com: This website provides news about the latest PC security and reviews the details of the expert.
Hacker-Tool Tool
Anticipation of hacker attacks by knowing how it works. Here are the tools that can be used to secure your network.
Nmap: With this scanner port, all open ports and IP addresses in the network can
known. Thus, any security holes can be closed.
Tip: To check all the PC and port in your network, type the following command.
nmap - v - sS-O 192 168 .*.*
If no port is a frequent target of hackers open, closed immediately to avoid the attack.
SwitchSniffer: PC connected to the switches in the network receives data packets addressed to him. With this tool you can 'membelokkan'paket it.
Tip: To protect yourself from such tools SwitchSniffer, use the command line
follows:
arp-s 192.168.0.1 00-aa-00-62-c6-09
The above command set definitively, the MAC addresses owned by a specific IP address. In the example used the address of a router (as a link to the Internet) are often deflected.
Ethereal: SwitchSniffer distort the data, but can not display it. With this tool
You dapatmelakukannya.
Tip: In order for your data is not 'wrong address', if necessary, use an encrypted connection such as HTTPS or SSH.
Netcat: With this command line tools, you can establish a connection without protection
or to copy files over a network with ease, for example, to simulate a server.
Tip: Only with a single line, this tool can provide a web-server functionality.
Create an index.html own and run the server with the following entries:
netcat-l-p 80
ALL-IN-ONE SECRETMAKER 4.2.7 - freeware
http://www.secretmaker.com
Complete, practical, powerful, free: The number of security software on the market today certainly makes you confused to choose the best. However, all problems would be solved with software All-in-One Secretmaker 4.2.7.
This software offers several key tools such as Security Watchdog, Intruder Blocker, Spam Fighter, Pop-up Blocker, Banner Blocker, Movie Blocker, Privacy Protector, History Cleaners, Worm Hunter, Cookie Eraser, and much more. Security Watchdog will keep your computer from intruders. Intruder Blocker can protect your computer from spyware, trackware, and virus.Spam Fighter will clean up spam, and also can work on a POP3 e-mail client. Banner Blocker reduces the ads that appear while you surf. Movie Blocker counteract the Flash ads that can slow down your surfing activity. Pop-up Blocker stops unwanted popup. Privacy Protector hides your identity when surfing. Finally, Cookie Eraser and the History Cleaner will remove a variety of cookies and trail after you surf in cyberspace.
Is HDTV can be recorded? It turned out that HDTV has to dicrack!
The film industry is trying to equip all formats of HDTV with HDCP copy protection. Thus, no HDTV broadcasts can be recorded and could only watch. However, this blockade has been penetrated by a Korean minibox with the name 'DVIHDCP'.
He converts the signal into VGA protected and can be recorded without problems. Actually,
minibox is not designed for piracy, but to display HDTV through a beamer / projector.
The developers of Firefox have integrated the function to remove the traces of which still linger in Firefox after surfing. Open the "Tools | Clear private data", and on the "Clear the Following items now", enable any type of file to be deleted, such as "Cookies" and "Cache." Next, you simply press the "Clear private data now".
While the "Privacy" in the menu "Tools | Options" still available. On the tabs "browsing History", "Saved Passwords", "Saved Form information", "Download History", "Cookies" and "Cache" buttons provided to remove.
However, this procedure requires many clicks. So, if you want to delete all data, the method of "Clear Private Data" is just much more practical.
just share
0 comments:
Post a Comment
komentar anda sangat penting utk kemajuan blog ini.trimakasih utk kunjungannya...