This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Abstract: System hacking means to hack system password within the operating system. Many hacking attempts start with attempting to crack passwords. However, passwords are the key piece of information needed to access a system. Users, while creating a password, often select password that are prone to being cracked. Passwords may be cracked manually or with automated tools such as dictionary or brute-force method, each of which are discussed in this paper.
1. INTRODUCTION TO SYSTEM HACKING
Scanning and enumeration is the first part of ethical hacking and contains the hacker target systems . Enumeration is the follow-on step once scanning is complete and is used to identify computer names, usernames, and shares. Scanning and enumeration are discussed together because many hacking tools perform both.
The system hacking cycle consists of six steps:- a. Enumeration
b. Cracking Passwords c. Escalating Privileges
d. Executing Applications
e. Hiding files
f. Covering tracks
Enumeration occurs after making the IPv4 protocol independent of the physical network, the designers decided to make the maximum length of the IPv4 datagram equal to 65,535 bytes. This makes transmission more efficient if we use a protocol with an MTU of this size. HowÂ ever, for other physical networks, we must divide the datagram to make it possible to pass through these networks. This is called fragmentation. The source usually does not fragment the IPv4 packet. The transport layer will instead segment the data into a size that can be accommodated by IPv4 and the data link layer in use. When a datagram is fragmented, each fragment has its own header with most of the fields repeated, but with some changed. A fragmented datagram may itself be fragmented if it encounters a network with an even smaller MTU. In other words, a dataÂgram can be fragmented several times before it reaches the final destination. In IPv4, a datagram can be fragmented by the source host or any router in the path although there is a tendency to limit fragmentation only at the source. The reassembly of the datagram, however, is done only by the destination host because each fragment becomes an independent datagram. Whereas the fragmented datagram can travel through different routes, and we can never control or guarantee which route a fragmented dataÂ gram may take, all the information is provided by other means such as the hop-by-hop options or other protocols. In its simplest form, a flow label can be used to speed up the processing of a packet by a router. When a router receives a packet, instead of consulting the routing table and going through a routing algorithm to define the address of the next hop, it can easily look in a flow label table for the next hop. In its more sophisticated form, a flow lab
Many hacking attempts can initialize with to attempt crack passwords. Passwords are the important information which is required to login a system. Users, when creating passwords, often select passwords that are difficult to guess.
Passwords are stored in the Security Accounts Manager (SAM) file on a Windows system and in a password shadow file on a Linux system.
Manual Password cracking involves attempting to log on with different passwords. The hacker follows these steps:
1. Find a valid user account for password test.
2. You can create list of possible passwords.
3. Arrange the passwords according to possibility
4. Try each password.
5. Try and try for correct password.
In its simplest form, a flow label can be used to speed up the processing of a packet by a router. When a router receives a packet, instead of consulting the routing table and going through a routing algorithm to define the address of the next hop, it can easily look in a flow label table for the next hop.
In its more sophisticated form, a flow label can be used to support the transmission of real-time audio and video. Real-time audio or video, particularly in digital form, requires resources such as high bandwidth, large buffers, long processing time, and so on. A process can make a reservation for these resources beforehand to guarantee that real-time data will not be delayed due to a lack of resources. The use of real-time data and the reservation of these resources require other protocols such as Real-Time Protocol (RTP) and Resource Reservation Protocol (RSVP) in addition to IPv6.
To allow the effective use of flow labels, three rules have been defined:
1. The flow label is assigned to a packet by the source host. The label is a random number between 1 and 224. A source must not reuse a flow label for a new flow while the existing flow is still active.
2. If a host does not support the flow label, it sets this field to zero. If a router does not support the flow label, it simply ignores it.
3. All packets belonging to the same flow have the same source, same destination, same priority, and same option.
2. ACCOUNTING MANAGEMENT
The Internet is a wonderful thing. It allows knowledge to be shared with the world. But what if you want to use the Internet to share knowledge with just one person? When web pages, e-mail, and even passwords are transferred across the Internet, they are free to be seen by anyone who cares to look. You may ask, 'Who is going to be looking, anyway?' The answer, in most cases, is nobody. Anonymity can be your security. This is especially true of your Internet presence from home.
However, the situation changes when you use your credit card over the Internet, or when you are a business on the receiving end of a credit card transaction. In such cases, anonymity clearly doesn't provide enough security. Furthermore, what if you receive a sensitive document, but you are unsure if the person who sent it really is who they claim to be? How do you know that this same document wasn't tampered with between the time it was sent and the time you received it? And what if you need to protect sensitive data on your web site, or perhaps you want to protect the data in transit to the user, or authenticate the user with a stronger authentication method?
It prevents users from monopolizing limited network resources.
It prevents users from using the system inefficiently.
Network managers can do short- and long-term planning based on the demand for network use.
Integrated Windows authentication is the most secure method of authentication, but it is available only with Internet Explorer. This authentication type had been known previously as NTLM authentication and Windows NT Challenge/Response authentication. In Integrated Windows authentication, the user's browser proves itself to the server using a cryptographic exchange during the authentication process.
Integrated Windows authentication supports both the Kerberos v5 and the NTLM (NT LAN Manager) protocols for authentication through the Negotiate package. If you are using Active Directory, and the browser supports it (IE 5 or above with Windows 2000), Kerberos is used; otherwise, NTLM is used. Both Kerberos and NTLM have limitations on their use. Interestingly enough, each one's strength is the other's weakness. Kerberos generally works with proxy servers, but it tends to have a hard time with firewalls. NTLM generally works through firewalls, but it tends to have a hard time with proxy servers.
1. A manager checks an agent by requesting information that reflects the behavior of the agent.
2. A manager forces an agent to perform a task by resetting values in the agent database.
3. An agent contributes to the management process by warning the manager of an unusual situation.
3. PASSWORD INTEGRITY
Authentication is an important feature of any secure web site. Every time a client browses to a web site, it needs to be authenticated before it can access the resources it is requesting. By default, that authentication all takes place on the server, and the client isn't even involved. Some authentication settings can make for easy access to a web site, but sometimes you want to limit who sees what information on your site. This is where more restrictive types of authentication come in.
If your computer is renamed, the Internet Guest Account does not change and continues to use the old machine name. Because user accounts use security identifiers (SIDs) to identify themselves, changing the computer name doesn't affect the account name. When IIS receives a request, it automatically attempts anonymous authentication first. If anonymous authentication fails, it attempts to log on the user using another logon method. If no other authentication methods are enabled, IIS sends a "403 Access Denied" HTTP error message to the client. You can use any user account that you wish for anonymous access, including the Administrator account. You can change access settings in the item's Properties window's Directory Security tab, accessible by right-clicking the item in the IIS Microsoft Management Console (MMC) snap-in and choosing Properties. (By the way, even though you can do it, don't use the Administrator account for anonymous access.)
Basic authentication is a widely accepted means of authentication. Because all the information is presented and transmitted in clear text, it's easy to use and makes for easy program interoperability, but the passwords can be found out faster than you can say security risk. Both the web server and FTP server components in IIS support Basic authentication. Here's how it works in IIS:
The user enters a username and password for authentication.
The web browser Base64-encodes the password and sends it to the server.
IIS verifies that the username and password are valid, and that they have access to the resources.
Since Basic authentication is built into the HTTP specification, most browsers support it, which gives Basic authentication an edge when you're dealing with non-Microsoft browsers. You can get around the clear text password problem by using the Secure Socket Layer (SSL) protocol to encrypt all the traffic as it moves across the network.
Internet Explorer (IE) versions 2.0 and later will attempt to use Integrated Windows authentication before using Basic authentication
IIS keeps a token cache for logons using Basic authentication. When you log on to a Windows server, an access token is created with all the SIDs for all the groups of which you are a member. This token is stored in the token cache, and IIS impersonates this token when accessing objects. This cache is used so that IIS doesn't have to authenticate you every time you access something. While this improves performance for IIS, it can be a security risk, because someone could gain access to that token in the token cache before it falls out of the cache. The default Time to Live (TTL) for a token is 900 seconds.
You can reduce this risk in two main ways:
Don't log on using Basic authentication with any user account that has elevated rights, especially Administrator rights.
Set the UserTokenTTL setting in the registry to a lower value so that tokens expire more frequently. You can even set it to 0 so that tokens are not cached at all.
Obviously, not caching tokens causes a performance hit. You need to weigh this against the need to have Administrator accounts that access the server.
The simplest and the oldest method of entity authentication is the password, something that the claimant possesses. A password is used when a user needs to access a system to use the system's resources (log-in). Each user has a user identification that is public and a password that is private.
We can divide this authentication scheme into two separate groups: the fixed password and the one-time password.
In this group, the password is fixed; the same password is used over and over for every access. This approach is subject to several attacks.
www.ankitfadia.in for ethical hacking and password guessing techniques.