I hope the science of network security in this paper is used for good things - there was not the Cracker Hacker. Do not until you got karma for using science to damage the property of others. Moreover, at this point will need hackers are increasing rapidly in Indonesia, with more and more dotcommers who want to IPO in the stock market. Good name and the value of a dotcom could fall even become worthless if the dotcom collapse. In this case, the hackers are expected to be a security consultant for the dotcommers is - because the HR police & security forces Indonesian extremely weak and pathetic in the field of Information Technology & the Internet. What may make cybersquad, private cyberpatrol perhaps necessary for survival in the culture of Indonesian dotcommers on the Internet.
Various Internet network security techniques can be easily obtained on the Internet, among others, in http://www.sans.org, http://www.rootshell.com, http://www.linuxfirewall.org/, http:// www.linuxdoc.org, http://www.cerias.purdue.edu/coast/firewalls/, http://www.redhat.com/mirrors/LDP/HOWTO/. Some of these techniques in the form of books that the number of its several hundred pages that can be taken free of charge (free). Some Frequently Asked Questions (FAQ) about network security can be obtained at http://www.iss.net/vd/mail.html, http://www.v-one.com/documents/fw-faq.htm. And for the experimenter some script / program that have become available, among others, in http://bastille-linux.sourceforge.net/, http://www.redhat.com/support/docs/tips/firewall/firewallservice.html .
For readers who wish to gain knowledge about the network and can be downloaded freely from http://pandu.dhs.org, http://www.bogor.net/idkf/, http://louis.idaman.com/idkf . Some books softcopy form that can grab a free can take from http://pandu.dhs.org/Buku-Online/. We have to thank especially the Scout team led by I Made Wiryana to this. At this point, I do not really know the existence of an active place of discussion Indonesia discuss these hacking techniques - but it may be some further discussed in the mailing list as kursus-linux@yahoogroups.com & linux-admin@linux.or.id is operated by the Indonesian Linux Users Group (KPLI) http://www.kpli.or.id.
The simplest way to see the weakness of the system is by way of seeking information from various vendors such as http://www.sans.org/newlook/publications/roadmap.htm # 3b about the vulnerability of the system they have created yourself. In addition, monitoring the various mailing lists on the Internet relating to the security of such networks in the list http://www.sans.org/newlook/publications/roadmap.htm # 3e.
Front-line described by the Information Security Team, "Techniques Adopted By 'System Crackers' When Attempting To Break Into Corporate or Sensitive Private Networks," fist@ns2.co.uk http://www.ns2.co.uk. A Cracker generally men aged 16-25 years. Based on the statistics of Internet users in Indonesia, then in fact the majority of Internet users in Indonesia is the young kids at this age as well. Indeed this age is the age that is ideal in the draw include the new science of Internet science, it is very regrettable if we did not succeed menginternetkan to the Indonesian school 25 000 s / d in 2002 - as a future cornerstone of Indonesia in the hands of our young kids this.
Well, the young cracker cracking is generally done to improve / use of resources in the network for its own sake. Generally, the cracker is opportunistic. Seeing the weakness of the system with mejalankan scanner program. After gaining root access, a cracker installs a back door (backdoor) and close all existing general weakness.
As we all know, generally the various companies / dotcommers will use the Internet to (1) web hosting of their servers, (2) e-mail communication and (3) provide access to the web / internet to its employees. Internet and Intranet network separation is generally performed using techniques / software firewall and proxy server. Seeing the conditions of use of the above, weaknesses in the system generally can penetrate through the mailserver for example with an external / outside that is used for easy access to the mail out of the company. In addition, by using the agressive-SNMP scanner & programs that forced the SNMP community string can change a router into a bridge (bridge) which can then be used for a stepping stone for entry into the company's internal network (intranet).
To be protected at the time of cracker attacks, techniques cloacking (incognito) is done by jumping from the machine that had previously been in compromised (conquered) via telnet or rsh program. At an intermediary machine that uses Windows attack can be done by jumping from Wingate program. In addition, the jump can be done through a proxy device is configured poorly.
After a successful jump and into other systems, crackers usually do probing of the network and collect the information needed. This is done in several ways, for example (1) use nslookup to run the command 'ls', (2) view the HTML file on your webserver to identify other machines, (3) to see various documents on the FTP server, (4) link themselves to mail server and use the command 'expn', and (5) to finger users on other external machines.
The next step, a cracker will identify the network components that are trusted by whatever system. These network components and server administrators are usually the engine that normally is considered the most secure in the network. Start by checking access & NFS exports are critical to various directories like / usr / bin, / etc and / home. Exploitation of the engine through the weakness of the Common Gateway Interface (CGI), with access to the file / etc / hosts.allow.
Furthermore cracker should identify the network components are weak and can be conquered. Crackers can use the program in Linux like ADMhack, mscan, nmap and many other small scanner. Programs like 'ps' and 'netstat' on the make trojan (remember the Trojan horse story? In the classic story of ancient greek) to hide the scanning process. For a fairly advanced cracker can use aggressive-SNMP scanning to scan equipment with SNMP.
After the cracker managed to identify the network components are weak and can be conquered, then the cracker will be running courses to conquer the weak daemon program on the server. Program on the server daemon is a program that usually runs in the background (as daemon / demon). Success of the conquest of this daemon program will allow a cracker to gain access as 'root' (the highest in the server administrator).
To eliminate the trace, a cracker usually do clean-up operation 'clean-up' operation by cleaning the various log files. And add the program to enter from the back door 'backdooring'. Changing. Rhosts file in / usr / bin for easy access to a machine in the conquests through rsh & csh.
Furthermore, a cracker can use a machine that has been conquered for his own benefit, eg retrieve sensitive information that should not read; mengcracking another machine by jumping from a machine in the conquered; install the sniffer to see / record the various traffic / communication is passed; even disable the system / network by running the command 'rm-rf / &'. The latter will be extremely fatal because the system will be destroyed at all, especially if all the software in put in the hard disk. Process re-install the entire system must be done, will spin if this is done on machines that run mission critical.
Therefore, all routers that run the engine & mission critical should always check the security & the patch by the newer software. Backup is very important especially on machines that run mission critical in order to be saved from the act of a cracker that disable the system with 'rm-rf / &'.
For those of us who wrestle daily on the Internet usually it will greatly appreciate the presence of the hacker (not cracker). Because hackers thanks to the Internet is there and can we enjoy today, even kept in repair for a better system. Correct weaknesses in the system because intelligence colleagues hackers who often do repairs TSB. voluntarily because of his hobby. Moreover, it is often the result of hacking at the spread freely on the Internet for the purposes of the Internet community. A mutual cultural values & Noble actually growing on the Internet virtual world that usually seems futuristic and far from the social sense.
Development of the hobbiest hackers has become critical to the sustainability / survival in the vehicle dotcommers Indonesian Internet. As one of fact, in the near future God willing, around mid-April 2001 will be held hacking competition on the Internet for breaking into a server that has been determined beforehand. Hacking competition is led by the young Indonesian Linux Users Group (KPLI) Semarang who moved the young people like Kresno Aji (masaji@telkom.net), Agus Hartanto (hartx@writeme.com) & Lekso Budi Handoko ( handoko@riset.dinus.ac.id). Like most other young children, they are generally capitalized, insufficient - support & sponsorship of course be very useful and anticipated by this young fellow.
Hopefully this will all add to the spirit of readers, especially young readers, to move in the world of exciting and challenging hackers. If Captain Jean Luc Picard said in the film StarTrek Next Generation, "Nowhere To boldly go no one has gone before".
No comments:
Post a Comment