Juan Manuel Esteban Urbano. Rafael Escribano Zaldivar 2ºC

Transcription

1 Juan Manuel Esteban Urbano Rafael Escribano Zaldivar 2ºC

2 INTERNET The internet was dreamed up about twenty years ago by scientist in Cambridge, UK. Their dream was to be able to share information like data with other scientists from the US and other places. Back then, they knew nothing of multimedia and computer games were still at Pong phase. This dream was carried through and soon speedy connections of 9K/s were commom place between rich universities. The idea was that any PC with a piece of dialing hardware (modem) could connect to another over a telephone cable This was then refined so that "servers" were used. A server would have millions (or ten to begin with) PCs connected to it and would let data flow in between them like an exchange. One server could then be connected to another server, again with its clients so that all the people could "talk" to each other. This concept has been expanded by adding more servers and faster connections, both to the servers from the PCs and also between the servers. Data can flow from PC A to its server then to server and then to PC B. All PCs however need some way of being identified on the internet or data would random ally fly around and nothing would work as some data might end up at PC C rather than PC B. This is when the IP comes into play. An IP is the thing, which identifies your PC, whilst connected to the Internet.

3 It consists of a four part number with a maximum of three digits in each part: (eg ) The first two parts is the identification of your server or ISP (Internet Service Provider) The last two both range between 1 and 255 to show your identity on a server. You may often find that your IP changes as may servers use dynamic IP allocation. This is a security feature that means you IP is picked random ally each time you connect. If you have a fixed cable connection you have a static IP and will always be the same. Every PC on the net has to have a different IP as data wn transmitted is compressed then sent in bursts with an identifier at the begining to show its destination (this identifier is the IP of the target machine) and if two PCs were to have the same IP the data would be sen to both PCs. You might wonder what the IP means. This IP is what is called as the Localhost. It is your PC and is used for internal connections. You will have to use this IP if you wish to connect to yourself with a hacking client if you become infected with a trojan virus. Ports are the things which allow data to travel from your PC to the server much faster than if there were only one. Each port can have data flowing in and out of it at any one time. Most ports are unused an only some ports can be used a any one time. Windows/linux/othe OSes block the other ports and dissallow any data to flow through them for security reasons. Hacking is, technically, the accessing and/or changing of private or public documents/data or information on the internet of LANs or other similar networks. What this means to you and me is getting access to our mates PCs and flipping the screen before stealing some homework. This can also mean getting a numb-nuts in the FBI to run the server and then editing all the criminal records for the past 400 years. One of these two instances will be looked upon with less humor than the other. Guess?!

4 A Trojan Virus makes the life of a hacker so much easier! Before the invention of the first trojan or backdoor virus was invented, not only way a hacker could gain access to ANY files was to get flukey and tap into a weak Telnet server and perhaps even change the coding of a page! (heavy stuff, eh?). Anyway the Trojan virus meant that anyone from Jimbo Jones at the end of the street to the Reverend Peter could hack into the Whitehouse. What a trojan does is use one of the ports (mentioned above) to allow date to get from the victim PC to the hackers PC. Each trojan has a different port on which it works. Sub7 uses but can be configured to run on others. In order to connect to someone else you need to make sure that one of the ports is being held open by a server. IF THERE IS NO SERVER RUNNING YOU WILL NOT BE ABLE TO CONNECT! In the actually the widespread use of Internet and of the electronic mail it make that the anonimity and the individual's intimacy are constantly threatened. When somebody uses the electronic mail, navigates in the Web or participates of any other event in Internet he is revealing, without realizing, sensitive data about his personality that it can be gathered and used by third, in the innocent user's damage. Everybody is aware of the attacks to the confidentiality and integrity of the electronic mail. Nowadays it is simple to make in front of these attacks by means of the cryptographs procedures. However, most of people aren t aware of the quantity of private information that, in an inadvertent and involuntary way, he is revealing at third, when making use of the Internet.

5 Every time that visits one another a place Web, it is given in a routine way an information that can be filed by the administrator of the place. To this, he hasn t problems to discover the address of Internet of the computer from which is operating, the address of the user's electronic mail, what pages he reads and which not, how many pages it has visited, also how operating system and what navigator it uses. Famous hacker Kevin Mitnick is the most famous hacker in history. He has been in prison for more than four years for crimes that, when you get down to it, amount to little more than illegally copying proprietary software belonging to major companies including Motorola, Nokia and Sun. He was made a household name by New York Times reporter John Markoff, who featured Mitnick in a book called Cyberpunk (published in 1991), then wrote a front page story for the Times on July 4, 1994, that portrayed Mitnick as a hacker who could wreak cyberhavoc- -and ruin lives--if not caught by the Feds. Then a funny thing happened. Markoff s friend, Tsutomu Shimomura, claimed that Mitnick had hacked his home computer on Christmas Day, 1994, and went after him, with Markoff in tow. When Shimomura tracked Mitnick down in North Carolina, Markoff was there for the kill. This was documented in subsequent front-page stories and a book called Takedown, for which Markoff and Shimomura shared a 750,000 dollars advance. Expect the movie version soon. Markoff became a journalism star as a result of his crusade. Shimomura's name, in the ultimate geek tribute, is recognized by Microsoft Word98 spell check. Not even Sherlock Holmes can say that.

6 Yet, according to Dale Coddington and Brian Martin, both of whom were hired by the defense to comb through the 9 gigabytes of electronic evidence amassed against Mitnick, there is no proof that Mitnick hacked Shimomura. For all the fanfare it received, it was never contained in the indictment. Yet, the media coverage has had a profound impact on Mitnick's case. Mitnick reads everything written about him and says he often cant believe what he reads. He has seen himself portrayed as a "dark side" hacker intent on toppling civilization; a criminal who as a teenager penetrated computers at NORAD, inspiring the hit flick War Games; a phone phreaker who, just by whistling three tones into a telephone receiver, could launch World War III; and a computer hacker who, merely armed with a computer sans modem, could wreak cyberhavoc from his jail cell. But the reality is a lot less sexy. Kevin Mitnick is a recreational hacker with a compulsiveobsessive relationship to information. He hoarded information, never sold it, and wouldn t even share it with his friends. Although he is portrayed in the upcoming film Takedown as an evil menace to society, Mitnick is really just your average geek who has done some bad things in his life, and has paid the price. To this day, he would like nothing more than to dissect some computer program to see how it works. Says Martin, who often visited Mitnick in prison, "Kevin still wants to look through cellular source code to see how it works. You can see it in his eyes that he'd love to kick back with a printout and just figure it out on his own." Mitnick doesnt trust the media. But he agreed to let Forbes interview him over a span of several evenings recently by telephone.

7 Kevin Mitnick, "America's Most Wanted Computer Outlaw," eluded the police, US Marshalls, and FBI for over two years after vanishing while on probation for his 1989 conviction for computer and access device fraud. His downfall was his Christmas 1994 break-in to Tsutomu Shimomura's computers in San Diego, California. Less than two months later, Tsutomu had tracked him down after a cross-country electronic pursuit. Mitnick was arrested by the FBI in Raleigh, North Carolina, on February 15th, While he was on the run, he broke into countless computers, intercepted private electronic communications, and copied off personal and confidential materials. Among the materials he copied off and stashed in readily accessible locations around the Net were personal electronic mail, stolen passwords, and proprietary software. Much of the stolen software was the trade secret source code to key products in which companies has invested many millions of dollars of development effort in order to maintain their competitive edge. His activities on the systems he broke in to, often altering information, corrupting system software, and eavesdropping on users, sometimes prevented or impeded legitimate use. He tried to stay a step ahead of the law by using cloned cellular telephones and stolen cellular and internet service for many of his intrusions. Mitnick was charged in North Carolina with 23 counts of access device fraud for his activities shortly before his arrest. In order to expedite his return to California, he agreed to plead guilty to one count and have his case consolidated in Los Angeles. In California, he was charged with an additional 25 counts of access device, wire, and computer fraud. On March 16, 1999, Mitnick plead guilty to five of these counts and two additional counts

8 from the Northern District of California. He was sentenced to 46 months and three years probation, to be served in addition to eight months for his North Carolina plea and 14 months for his probation violation. He was released from prison on January 21, 2000, being eligible for early release after serving almost 60 months of his 68 month sentence. This site contains technical details of the break-in and pursuit, including actual analysis of the original break-in, voice messages left after the break-in, live transcripts of some of Kevin Mitnick's sessions, conversations, and much more. FTP Hacking and FTPcracker FTP hacking is a part of hacking that nobody raelly want to go. Mainly because it is very hard to hack. Especially nowadays! There use to be admin bugs in FTP servers so you could type DIG and it would let you in but those days have passed and the only way that you can get in to modern servers is if you have the password. Without the password you cant get in so what do you do...find the password! To do this you will need to try thousands of different password to get the right one as different people have different preferences.

9 FTPcracker is a program which trys a FTP server (using one specified login) against a list of passwords.the list that comes with FTPcracker has been modified so that you get the most out of your searches! For FTPcracker to work you need to specify the FTP server and login. For this you will need to have a target site to hack, which you know is on FTP. After the you need to know of one of the accounts on the server. The more privilledges you have on the server the better but most accounts are stuck with basic stats. You then begin and let FTPcracker try and login using the passwords for the given login name. When this is finished use a FTP client like CUTE FTP to login to the FTP site and you should have full access. This is their world now, the world of the electron and the switch, the beauty of the baud. They exist without skin colour, nationality, or religious biases, yet we are the criminals. You wage wars, lie, and cheat telling us it s for our own good yet they are the criminals. I think that they are criminals! Their crime is that of curiosity.. You can stop one hacker but you can t stop all. There are over 9 million hackers on the internet at any given time. Well it shouldn t. As a hacker, here write a few tips on securing the computer effectively. So you ask, How do I keep a hacker off of my computer? The answer is a program known as a firewall. Most firewalls are very robust and have an extensive array of abilities. This program can block any unauthorized connections to and from our computers. This is very useful. For example, You were infected with a virus that steals all of the passwords on your computer and then s them to its author. If you have firewall intercepted and blocked this communication, rendering it useless. A firewall will also put your computer into stealth mode, which causes your computer to be 100% invisible to anyone else on the Internet. I

10 have personally tested it for reliability and it held strong. Downloading and installing a firewall is the number one defense you have against a hacker. How can they hack into your computer if they can t even confirm that you are online? They can t and so your security should be greatly enhanced with just one little step. Last week, a large vulnerability was found in the popular Netscape Navigator browser. This vulnerability allows a malicious website to view and download any of your files. This brings us to the second most important technique to lockdown your computer. Visit the websites of any Internet software that you have and look for security updates or just download the newest version of the software. The newest version of Netscape addresses and fixes the problem mentioned above. If you are using old out of date software then hackers could use literally thousands of commonly known exploits to obtain access to your computer. Spend about minutes a month updating your software and remember that an ounce of prevention is worth a pound of cure. Pretend that you are a top government official and that a super hacker breaks into your computer to steal important information. What do you do now that they are in so that they cannot view your important files? Encryption is the act of scrambling files using a mathematical algorithm based on a password. This way, they can t make any sense of your documents. If you are a businesses user and want the strongest encryption available, I recommend that you buy the Steganos Security Suite II. It not only encrypts files with the same encryption websites use to encrypt your credit cards, it also has the option to hide your files within another file rendering it untraceable. This security suite has a file shredder, which will shared files so that they cannot be recovered using undelete software. With these three security measures in place, you will be approximately 95% less likely to have your computer hacked into. This is our world now. If everyone does their part, it might be a bit safer for you and even me. Do yourself the favor and follow a few of these basic guidelines. Then you will be much less susceptible to the gaping mouths of hackers

11 BIBLIOGRAPHY