This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Hacking generally refers to the act of a person abusing computer access, breaking into other computers, or using computers without authorization. It could be referred as an attack which is the attempt of an individual or group to violate a system through some series of events. The attack can originate from someone inside or outside the network.
Hacker is a term used to describe different types of computer experts. The meaning of the term, when used in a computer context has changed somewhat over the decades since it first came into use, as it has given clashing meanings by the new users of the word.
Currently, "hacker" is used in two main ways, one positive and one pejorative. It is used in the computing community to describe a brilliant programmer or technical expert. In popular usage and in media, however, it generally describes computer intruders or criminals. Due to which many hackers dislike the usage of the word in negative sense. They advocate the usage of the words like as "cracker" or "black-hat" to depict the unethical hackers.
2. Categories of Hackers
The hacker community is broadly divided into three categories. Although these categories are partially overlapping.
White hat hackers
This type of hackers enjoy learning and working with computer systems, and consequently gains a deeper understanding of the subject. Such people normally go on to use their hacking skills in legitimate ways, such as becoming security consultants. The word hacker was originally used to describe people such as these. Bill Joy -- Co-founder of Sun Microsystems and author of many fundamental UNIX utilities is a white hat hacker..
This is a more conventional understanding of the term than that is portrayed in newspapers and films as being essentially ââ‚¬Ëœchaoticââ‚¬â„¢, an anti-social element which destroys everything good about the Internet.
In reality, nobody really fits into either camp neatly. It is down to the individual's set of ethics to decide what path that they will take in their hacking career. Not all of the activities of white-hat hackers may be legal, while not all of the black-hat hackers activities are illegal, so many shades of gray exist.
Hacker: Intruder And Criminal
The most common usage of "hacker" in the popular press is to describe those who subvert
computer security without authorization. This can mean taking control of a remote computer through a network, or software cracking. This is the negative sense of hacker, also called cracker or black-hat hacker in order to preserve unambiguity.
Hacker : Security Expert
There is a third meaning which is a kind of fusion of the positive and pejorative senses of hacker. The term white hat hacker is often used to describe those who attempt to break into systems or networks in order to help the owners of the system by making them aware of security flaws, or to perform some other altruistic activity. Many such people are employed by computer security companies (such professionals are sometimes called sneakerââ‚¬â„¢s).
White hat hackers often overlap with black hat depending on your perspective. The primary difference is that a white hat hacker claims to observe the hacker ethic. Like black hats, white hats are often intimately familiar with the internal details of security systems, and can delve into obscure machine code when needed to find a solution to a tricky problem without requiring support from a system manufacturer.
Whether this is good or bad may depend on whether you respect the letter of the law, but is considered by some in the computing community to be a white hat type of activity. Some use the term grey hat to describe someone on the borderline between black and white
4. Hacking Techniques
4.1 Overview of Hacking techniques
The depth and variety of techniques employed by hackers to illegally enter a computer system are vast, for this reason I intend to provide a brief overview of some of the more common techniques involved, without going into too much detail on any particular technique. Hacking a system is a two-step process, Gathering Information and Launching an Attack.
4.2 Gathering Information
A dedicated hacker may spend several months gathering information on the intended target before launching an attack armed with this new information, but there are also more remote methods available to the hacker.
Port Scanning: A port scanner is a program that automatically detects security weaknesses in a remote system. Scanners are TCP port scanners, that attack TCP/IP ports and services (Telnet or FTP, for example), and record the response from the target. In this way, they learn valuable information about the targeted system such as if whether or not the remote system will allow an anonymous user to log in, or indeed if the system is protected by a firewall.
Packet Sniffing: A sniffer is a piece of software that grabs information 'packets' that travel along a network. That network could be running a protocol, such as Ethernet, TCP/IP, IPX or others. The purpose of the sniffer is to place the network interface into 'promiscuous' mode and by doing so, capture all network traffic. Looking into packets can reveal valuable information like usernames, passwords, addresses or the contents of e-mails.
4.3 Launching Attacks
There are many attacks employed by hackers. Here is an overview of just some of the more
Denial of Service (DOS): A denial of service attack is basically an act of sabotage against a service running on a port on a targeted system. The aim is to disable the service, for example a web server, in order to prevent people from being able to access that service remotely. A typical denial of service attack would involve sending hundreds or even thousands of connection requests to a single machine at any one time, causing the machine to crash under the strain. A more advanced approach is to send corrupt connection requests that exploit a flaw in the service software which fails to recognize the malformed data when it attempts to process it, resulting in a system crash.
Password Cracking: A password cracker is a program that attempts to decrypt or otherwise disable password protection. Often simulation tools are used to simulate the same algorithm as the original password program. Through a comparative analysis, these tools try to match encrypted versions of the password to the original. Many password crackers are simply brute-force engines that try word after word from a dictionary, often at very high speeds.
Internet security can basically be broken into two separate areas: client-side security (i.e. you and me), and server-side security (web servers, LAN servers etc.). For the purpose of this discussion I will focus on client- side security, as this is the area that affects the majority of Internet
5.1 Server-side Security
Server-side security is a large and very complex area, and generally falls within the domain of the system administrator. Server-side security only becomes a major issue for the average Internet user when their privacy is violated by sloppy server security, for example, if their e-mail server is hacked, or the server hosting their web site is hacked. It is the system administrator's responsibility to ensure that all measures that can be taken have been put in place to ensure that such eventualities do not take place.
5.2 Client-side Security
Personal security on the Internet is a real issue, one that is unfortunately overlooked or not taken seriously enough by the majority of Internet users.
This tutorial will be broken into four main areas:
1. Anti-virus security.
2. Personal firewall.
5.2.1 Anti-virus security
Anti-virus software resides in the active memory of your computer, and takes control of your machine to alert you if an active virus is present on your machine. If the software cannot repair the infected file, it will quarantine the file or give you the option of safely deleting the file from your system. Anti-virus software may also be used to scan your hard disk, floppy disks, zip disks or CD ROMS. It may also be used to scan attachment files in e- mails, which is one of the main sources of viruses. The important thing to remember is that new viruses are being discovered daily, so if you have anti-virus software installed then you need to make sure that you keep its library of known viruses up-to-date, otherwise you will have no protection against the latest batch of viruses.
General Virus Prevention Methods:
There are many other methods to prevent your computer files from becoming infected, most of which are common sense. Here are some of the more important ones:
Always be wary of unsolicited e-mails, especially ones of an 'unsavory' nature such as pornography related e-mails.
Any .exe (executable) files should not be opened unless you trust the source 100%.
Steer clear of 'Warez' (pirate software).
Finally, and most importantly, backup all of your important data onto floppies, zip disks or ideally CD ROMs. That way if the worse does happen, and you need to wipe your computer's hard disk (or the virus does it for you!), then at least all of your hard work is stored in a safe location.
5.2.2. Personal firewall
Firewall technology is nothing new; it has been present on most Internet and LAN servers for many years. What is new is that firewall technology is now available on a smaller scale for the single user with one computer connected to the Internet. While not as immediately important as anti-virus software, if you are serious about your security and protecting your privacy online, you might consider buying a firewall. Firewall software acts as a secure barrier between your computer and the outside world. It monitors all traffic to and from your computer, and decides whether or not this is normal Internet activity or an unauthorized security risk. To the hacker, firewall gives the impression of your computer not being there, or at very least being difficult to locate. Furthermore firewall provides additional protection against Trojan horses, as it will block the Trojan horse's attempt to do so.
Like anti-virus software, there are many brands of firewall software on the market. Many companies now offer anti-virus and firewall technologies bundled together at a reduced price, which generally prove to be excellent value for peace of mind.
Let us assume that you are infected with a Trojan horse that e-mails off the contents of your 'My Documents' directory, or your e-mail server is hacked and some of your e-mail attachments are stolen, your privacy has now been utterly violated, right? But what if the files that fell into the hackerââ‚¬â„¢s hands were encrypted using a powerful algorithm combined with long, complex password that the hacker could never crack? In theory, the integrity of your data should still be secure in this 'worse-case scenario', provided you have taken these precautions.
Encryption programs basically 'scramble' the original file so that it is unreadable to anyone without the correct password to de-scramble the file. Apart from the many commercial products available, there are many reputable encryption engines available online for free. These allow the user to encrypt all types of data files at will (Word documents, JPEGs, databases etc.), some even allow the user to create self-extracting zipped archives that are also encrypted, which provide an excellent means of transferring important data files via e- mail in a safe and secure way.
The main appeal of the Internet to me is the ability to communicate complex ideas in a fast, cheap and creative way. This may include e-mail, web design or even chat rooms and message boards. No other media in the history of the industrialized world provides such a level playing field, where the individual like you or I may compete with the giant corporations to have our voices heard online.
I am certainly not saying that the threat does not exist, which would be irresponsible, but what I am saying is that a level-headed approach should be taken by all Internet users to protect their privacy and security online, and to ensure that they educate and inform themselves of the more serious risks involved in maintaining any kind of Internet presence.
My belief is that "hacking" deserves to be put on the map as a viable method for the creation of construction of information systems and software artifacts. It should be studied alongside other system development methods, and practitioners in the field of system development should be aware of its applicability and able to take advantage of its "bag of tricks" when appropriate.