Sabtu, 19 Februari 2011

The Hacker


To the HackHackers with the expertise to see and fix vulnerabilities in computer software, usually later published openly on the Internet for the system to be better. Unfortunately, few people take the evil use that information to crime - they are usually called a cracker. Basically the world of hackers and crackers are no different from the art world, here we are talking art Internet network security.I hope the science of network security in this paper is used for good things - not be a Hacker Cracker. Do not until you get karma for using science to destroy property of others. Moreover, at present the need for hackers is increasing in Indonesia with more and more dotcommers who want to IPO in the stock market. Good name and the value of a dotcom could fall even become worthless if the dotcom collapse. In this case, the hackers are expected to be a security consultant for the dotcommers it - because the HR police and security forces in Indonesia is very very weak and pathetic in the field of Information Technology & Internet. What may make cybersquad, private cyberpatrol budayakan perhaps necessary for survival dotcommers in Indonesia on the Internet.Various Internet network security techniques can be easily obtained on the Internet, among others, in http://www.sans.org, http://www.rootshell.com, http://www.linuxfirewall.org/, http:// www.linuxdoc.org, http://www.cerias.purdue.edu/coast/firewalls/, http://www.redhat.com/mirrors/LDP/HOWTO/. Some of these techniques in the form of books that the number of its several hundred pages that can be taken free of charge (free). Some Frequently Asked Questions (FAQ) about network security can be obtained at http://www.iss.net/vd/mail.html, http://www.v-one.com/documents/fw-faq.htm. And for the experimenter some scripts / programs which have become available, among others, in http://bastille-linux.sourceforge.net/, http://www.redhat.com/support/docs/tips/firewall/firewallservice.html .For those readers who wish to gain knowledge about the network can be downloaded free of charge from http://pandu.dhs.org, http://www.bogor.net/idkf/, http://louis.idaman.com/idkf . Some books softcopy form that can be taken free of charge to the capture of http://pandu.dhs.org/Buku-Online/. We have to thank especially the Scout team led by I Made Wiryana for this. At this time, I do not really know any place that is active discussion Indonesia discuss these hacking techniques - but may be partly discussed in the mailing list information such as kursus-linux@yahoogroups.com & linux-admin@linux.or.id which operated by the Indonesian Linux Users Group (Ltsp) http://www.kpli.or.id.The simplest way to see the weakness of the system is to seek information from various vendors such as http://www.sans.org/newlook/publications/roadmap.htm # 3b about the weakness of the system they have created yourself. In addition, monitoring the various mailing lists on the Internet related to network security such as the list http://www.sans.org/newlook/publications/roadmap.htm # 3e.Described by Front-line Information Security Team, "Techniques Adopted By 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks," fist@ns2.co.uk http://www.ns2.co.uk. A Cracker generally men aged 16-25 years. Based on the statistics of Internet users in Indonesia, then in fact the majority of Internet users in Indonesia are young children at this age as well. Indeed, this age is the age that is ideal in studying the new science, including the Internet, very unfortunate if we do not succeed menginternetkan to 25,000 Indonesian school s / d in 2002 - as the foundation for the future of Indonesia is in the hands of our young kids this.Well, the young cracker cracking is generally done to improve the capability / use of resources in the network for its own sake. Generally, the cracker is opportunistic. Seeing the weakness of the system to carry out the scanner program. After gaining root access, the cracker will install a back door (backdoor) and close all existing general weakness.As we know, generally the various companies / dotcommers will use the Internet to (1) web hosting their servers, (2) e-mail communication and (3) provide access to web / internet to its employees. Internet and Intranet network separation is generally performed using techniques / software firewall and proxy server. Seeing the conditions of use of the above, weaknesses in the system generally can penetrate through the mail server for example with external / outside that is used to facilitate access to the mail out of the company. In addition, by using aggressive scanners & program-SNMP SNMP community strings that force can change a router into bridge (bridge) which can then be used for a stepping stone to get into the internal corporate network (Intranet).In order for crackers protected during the attack, the technique cloacking (incognito) is done by jumping from the previous machine has been compromised (conquered) through telnet or rsh. At an intermediary machine that uses Windows attack can be done by jumping from program Wingate. In addition, the jumps can be done through a proxy device that the configuration is not good.After a successful jump and into other systems, usually a cracker to probe the network and collect the information needed. This is done in several ways, for example (1) use nslookup to run the command 'ls', (2) view HTML files on your web server to identify other machines, (3) to see various documents on the FTP server, (4) connecting to mail server and use the command 'expn', and (5) shows the user's finger in other external machines. The next step, a cracker will identify the components of a network that is trusted by whatever system. These network components are usually the administrator machine and the server that is usually considered the most secure in the network. Start by checking access & NFS exports are critical to various directories like / usr / bin, / etc and / home. Exploitation of the machine through the weakness of the Common Gateway Interface (CGI), with access to the file / etc / hosts.allow.Next cracker should identify network components that are weak and can be conquered. Crackers can use the program in Linux like ADMhack, mscan, nmap and many other small scanner. Programs such as 'ps' and 'netstat' in for a trojan (remember the Trojan horse story? In the classic story of ancient greece) to hide the scanning process. For cracker advanced enough to use aggressive-SNMP scanning to scan equipment with SNMP.Once the cracker managed to identify the network components are weak and can be conquered, then the cracker will run a program to conquer the weak daemon program on the server. The program on the server daemon is a program that usually runs in the background (as daemon / demon). The success of conquering this daemon program will allow a cracker to gain access as 'root' (the highest administrator in the server).To eliminate the trace, a cracker usually perform the cleaning operation 'clean-up' operation in a way to clean a variety of log files. And add the program to enter from the back door 'backdooring'. Changing. Rhosts file in / usr / bin for easy access to a machine be conquered through rsh & csh.Furthermore, a cracker can use a machine that has been conquered for his own benefit, eg retrieve sensitive information that should not be read; mengcracking another machine by jumping from the machine be conquered; install a sniffer to see / record the various traffic / communications that pass, even they can turn off the system / network by running the command 'rm-rf / &'. The latter will be very fatal consequences because the system will be destroyed at all, especially if all the software in put in the hard disk. Process re-install the entire system must be done, would be a headache if it is done on machines that run mission critical.Therefore all machines & routers that run mission critical should always check the safety & the patch by newer software. Backup is very important especially on machines that run mission critical in order to be saved from the act of crackers that disable the system with 'rm-rf / &'.For those of us who wrestle daily on the Internet usually it will greatly appreciate the presence of the hacker (not cracker). Because thanks to the hackers, the Internet is there and can we enjoy today, and even continued to be improved to become an even better system. Various weaknesses in the repair system because intelligence fellow hackers who often times they will be working on improvements. voluntarily because of his hobby. Moreover, often the result of his hacking distributed freely on the Internet for the purposes of the Internet community. A culture of mutual aid & Noble actually grew up in an Internet virtual world that typically seem futuristic and far from the social sense.Development of the hobbiest hackers has become critical to the sustainability / survival in vehicle dotcommers Indonesian Internet. As one of fact, in the near future God willing, around mid-April 2001 will be held hacking competition on the Internet to break into a server that has been determined beforehand. The hacking competition at hatched by young children in the Indonesian Linux Users Group (Ltsp) Semarang driven by young people like Kresno Aji (masaji@telkom.net), Agus Hartanto (hartx@writeme.com) & Lekso Budi Handoko (handoko @ riset.dinus.ac.id). Like many other young children, they generally have capital tight budget - help & sponsorship would be very useful and expected by this young fellow.Hopefully all this will add to the spirit of readers, especially young readers, to move in a world of exciting and challenging hackers. If Captain Jean Luc Picard said in the film StarTrek Next Generation, "To boldly go Nowhere no one has gone before".
♂Azisbay. Diberdayakan oleh Blogger.