Hacker Attack

Figure of hacker who a limp computer crazy man is doesn't match anymore. By existences of internet anybody with little desire and to shiver can becomes hacker. Now hacking already being activity to spend our free time, especially for amateur hacker being as script kiddies.

To protect our computer while surfing internet we need to knowing hacker method to gain the system, simply we can take a look for the diagram below:

Hacking is an art which searching for small pieces of information spreading anywhere and seem not connected each other. Below are the steps:

1. Footprinting. Searching for details of information about systems targeted, including information searching using search engine, whois, and DNS zone transfer.
2. Scanning. To targeted systems, looking for vulnerable door to enter it. Using ping sweep and port scan.
3. Enumeration. Intensive to targeted systems, looking for user account, network resource and share, and application to gaining which one account it has a weak protection.
4. Gaining Access. Gathering more data to starting accessing targeted system. Including guessing password and doing buffer overflow.
5. Escalating Privilege. If the attacker has got a user password in previous step, in this step the attacker try to get privilege of network administrator account by cracking the password or exploiting it with tools such getadmin, sechole, or lc_messages.
6. Pilfering. Process to collect information, start to identified mechanism to get access to a trusted system. To enter evaluate trust and searching clear text password in registry, config file and user data.
7. Covering Tracks. When the hacker has got full system control, then close (covering track) becomes first priority. Including cleaning network log and using hide tool like rootkits and file streaming.
8. Creating Backdoors. Back doors has been made at many part of system to make the hacker enter the system easily by creating a fake user account, schedule batch job, change startup file, put remote service and monitoring tool, and change application with trojan.
9. Denial of Service. If all effort above failed, the last effort is the hacker can make the targeted systems lame, by SYN flood, ICMP technique, Supernuke, land/latierra, teardrop, bonk, newtear, trincoo, smurf and others.

Related Post: Hacker Attack Part II