Hi,

it's a sensitive question so I hope I won't be misundertood... I would like to know more about hacking. It's one of these things you always hear people talking about ('the being-hacked terror') but don't know much about.

I am not asking for anything to hack someone (as you can guess). I am just wondering, at the end of the day, what do we really mean by 'being hacked'? Can one consider being hacked when one's computer is controlled by someone else? virus infected?

I am especially interested in understanding how you can be hacked, no code, just the process.

It's quite an open discussion. But, to bring some focus, I wonder how it is possible that someone can read all my files and stuff like that. I definitly know it is quite a common hacking issue, but I can't figure out how this can happen.

But, to bring some focus, I wonder how it is possible that someone can read all my files and stuff like that.

If you connect to the internet thru broadband and have File and Printer sharing for Microsoft Networks enabled, which BTW, this is enabled by default... anyone on your local area network can view all of your files thru network shares....

I have yet to install SP2 but I would hope that this is one of the things their new Security Console addresses....

.....Willy

I am not asking for anything to hack someone (as you can guess). I am just wondering, at the end of the day, what do we really mean by 'being hacked'? Can one consider being hacked when one's computer is controlled by someone else? virus infected?
I guess you can say your are "hacked" when someone gains unauthorized access to your computer. You might not even realize it becuase they don't do anything that you'll notice. Additionally, it doesn't just have to be your computer that is open to getting hacked. Your PDA or cell phone can be hacked as well, that is why if you get a cell phone or PDA with blue tooth on it to disable it except for when you are using it. I read an article a few months ago about how someone had found a whole in the bluetooth authentication system that would let someone connect without having you authorize the connection. Then they could download your entire database so if you had all your contacts, any sensitive information, etc. on your phone a person could be sitting in a cafe in the middle of a mall and download all your without you even realize it.

I am especially interested in understanding how you can be hacked, no code, just the process.
Well first the person you'd find out what software they were running, then you'd use an exploit in any of the said software. That would get you into the system. That's why most of the cases of hacking that weren't an inside job are the result of the system administrator not keeping up on the latest patches for all their software.

It's quite an open discussion. But, to bring some focus, I wonder how it is possible that someone can read all my files and stuff like that. I definitly know it is quite a common hacking issue, but I can't figure out how this can happen.
It is possible through inadaquate security measures and faulty software. That's why firewalls, anti-virus software for your system and mail software (client and server) and being careful what folders are shared are important.

Well first the person you'd find out what software they were running, then you'd use an exploit in any of the said software. That would get you into the system. That's why most of the cases of hacking that weren't an inside job are the result of the system administrator not keeping up on the latest patches for all their software.

thanks a lot for your reply (and sorry for the late follow up) :)

Ok I can guess how people can find out what soft is used and how to use an exploit...
Now what I don't understand is how they can chose to use that exploit on my comp? Do they use an IP address? an infected email?

Btw, can hacks be done using an IP? Is it secure/unsecure to have a static IP? Does a dynamic IP fully protect you?

Ah. Computer security. what a great topic. I could flex my 1337 skillz here, but I'll refrain and try and keep things much more basic.

Firstly, there *is* a substantial difference in what the media has termed as 'hacking' and what 'hacking' actually is. The media is usually referring to 'cracking'. Think about it for a minute. If you took your telephone, and started disassembling it, checking out all the parts, trying to see how it worked, you'd be hacking it. That's a more true definition of hacking-> the search/quest for knowledge.

Cracking would be more along the lines of gaining unauthorized access to a system (be it a computer, a piece of software, whatever).


Computer Systems Security is a multi-faceted beast, which covers all sorts of access methods. You're limiting your discussion to systems-via-network security with the 'ip address' questions.

An ip addresses is what other computers on a tcp/ip based network use to identify your machine. It's like an address for a house. Sure you can change your address every week (dynamic ip), but your house is still in the same spot. The truth is that your system is vulnerable either way. It's just a bit easier to find on a network if it is static (and the intruder already knows it). But if I run a port scan on a range of ip addresses to find computers (with possible vulnerabilities), then your computer will show up regardless of whether the ip is static or dynamic.

Thinking that dynamic ip addresses keep you safe is attempting security through obscurity. And unless you're Osama Bin Laden....don't count on it being effective.

Discusssing 'hacks":
Indeed, the most common form of a 'hack' is to exploit a known vulnerability in a system. The hole is already there, why not use it? These 'hacks' can come in MANY, MANY forms. Computer virii that find a buffer overflow in Windows code. A webpage that takes advantage of a bug in Internet Explorer's use of URL addresses. Or it could be as simple as my walking into a computer lab with a disk that gives me unauthorized access (allowing me to reset Administrator password, whatever).

These are all 'hacks.' The hack can come from anywhere. I've been beating my head up over the past 3 or 4 years about a way to 'hack' via the power lines.
Phone companies lost a lot of money from a group of 'hackers' called 'phreakers.' They took a basic understanding of how the telephone system worked, and manipulated it in an unauthorized way (sometimes using things as simple as a penny whistle).

A hack can certainly be used against an ip address. I could run a port scanner on a list of ip addresses. It will query the system for ports on the system that are open for communication. Any of the services listening on these ports could have a known vulnerability. If know how to exploit that vulnerability (using a program, a combination of programs, whatever), then I can 'hack' (read: crack) your computer.

infected emails, whatever. The mediums for exploiting holes are virtually numberless. Floppy disks, email attachments, embedded images in emails, webscripts, programs you download, zip disks, pushing a virus via a network share. Heck, I have a program that lets me remotely install the client on any WinNT/2K/XP machine. Granted I need to know the username/password of an Administrator account on that computer, but guess what? Windows2000 by default....DOES NOT EVEN HAVE A PASSWORD. I could run a scan, determine your computer is running windows 2000, and then attempt to install my remote control software on your machine, all without you even knowing it. (unless you have a firewall). btw, that remote control software is legitimate, and not a nefarious hacking tool, but a commercial product I use at work to remotely administer desktops.

Most people who get hacked aren't being hacked because the hacker has a personal vendetta against them. Heck, they usually don't even know who the victim is! (they usually don't care, either). The original goal of the hacker was to get into a system, look around and see what was where and how things worked, then leave without a trace. This was kinda cool. I remember getting into a remote windows 3.11 for workgroups computer back in the day. I checked out all the files they had on their machine, and then I left. Was kinda neat. Then people started accessing other people's computers and causing damage (deleting/altering files, changing settings, etc). This is not cool. This was defeating the purpose of learning. Indeed knowledge and understanding are the goals of a real hacker, not stealing passwords or credit card numbers. That's theft, and it's just wrong.

Take for instance Adrian Lamo. Now there is a story that really bothers me. He took time to find exploits and vulnerabilities in companies' systems. (on one or two occasions he may have altered info, I'm not sure). He then notified the companies with instructions on how to patch the holes..and now he's in FBI trouble. Seems like law has become more about the letter and not the spirit.

I recently found and tested several vulnerabilites in several different websites. In all cases I anonymously informed the owners on how to fix their problems. All responded to a one-time email addy I gave them, thanking me for my help. All except one....but that's because they were a major political website...and I inadvertedly stopped their webserver from being able to receive donations....but they're democratic, so I didn't care... :P (evil grin...just kidding- no political flames!)

Where did the hacking start? How does a true hacker begin? With a desire to understand how something works. Learn how something works, and then you know how something "doesn't" work. You also learn other methods of making things work. Whenever hacking anything, it is important to understand how the system works. (if creating your own vulnerability). Most 'hackers' today just download programs that exploit the vulnerabilities for them. These are script kiddie lam3rs. They bug the heck outta me. Don't tell me you can hack my system because you're all l33t and then try and run a DoS packet flood on my system, without even knowing how what a SYN packet is. If you know what you're doing, and you can get into my system, by all means....browse around and learn what you can. You earned it. Just don't delete anything ;P

That's my little rant. Let me know if you have any more questions. heh. This is a fun topic....

-Celt

i remember about the penny whislte case, it was when AT&T (i think), had a tone for the start and end of call, so they timed to two hoots. So people called one another and then blew the penny whistle, so the call was 10 seconds , yet they continued talking on for free.

BTW, on a side note they have caught the guy behind the sasser worm (http://news.bbc.co.uk/1/hi/technology/3640506.stm)

scroots

Great post Celtboy :thumbsup:

I will have to read it a few times to get it all.

What is port scan? How can one being protected against it?

Now let's say that someone wants to crack a specific computer. I still don't get how someone could find me on a network...

a port scan, just tries ever port form 0001 to say 4,000 to see which is open to communication,and then finds whats running and trys any exploits it knows.

Anyone can find you, you have an IP address, its like someone can mail bomb you if they know your postal address. If they don't they can find it out, if your an admin you can view pc usage and who is on what. At college, all the ip addresses follow a sequence, they all have there room number and then the letter, so its like mc205a is the first pc in room 205 in the mc building.

scroots

Can you close all the ports? Does a firewall protect you against such a scan? Can you see who tried to 'communicate' with your comp?

Can you close all the ports?

Yes, unplug yourself from the network. There is a point to computer security where if you take it too far, you end up locking yourself out of your own system. Some firewalls can do things like block ping responses so if someone tried to ping your IP to see if there is a node using it, it wouldn't recieve any packets back. But that doesn't stop someone from simply using a network scanner and see where traffic is going and find your computer.

And celtboy, I think you got it wrong about Windows 2000, it at least asks you when you install it for a password for the Administrator account. I believe it is Windows XP that doesn't and just leaves it blank but I could be mistaken.

Win2k default admin password is blank, I believe. WindowsXP is also blank, but by default doesn not allow remote access if the admin account is blank. (I think...lol)

win2k asks for a password for the administrator account, but it assumes (by default) that that user is the only one who logs in. That can be chaneged. I believe thats how its set up...


Jason

I understand better the processs of it all. But, if I follwed you correctly OG, no computer can be fully protected... is that right?

i would answer your question, yes, it is true that no computer can be fully protected.

Even if you were to assume that an operating system could be written that was bulletproof, without a single vulnerability. The system still relies on user interaction. Technology can only prohibit so much...the user would have to do the rest...and that....will never happen.

you might concider a computer un hackable if it were not connected to the internet or just flat out not plugged in at all. :D my smart alack responce


Jason

thanks for all these details guys.

:thumbsup:

I have a question, well really many. But right now, I know I have been hacked, and it is an ex friend, i Know all about defamation rights, but when msn, tells you to go to there tech site, and you go to register, and you see that persons name right there, HELLO!

This person and I have talked on the phone and internet for six years on and off, and they have told me they know how to somewhat get into someone computer, but would never. YEah right. I am also having my phone and my friends, and family phones tapped.

I have become very familiar with the system and how if you buy security the hacker steals it.

Here is my recent problem, cause my ex friend is extremely mad, i guess that i know, and they have lied to me all these years.

They hacked my hotmail address yesterday and sent out a letter to everyone on my list saying i am stranded in England and to please send $3000.00 quickly, quite elaborate with an address and how to do it.

Who can i report this to? I mean if just one person on my list believes this, they may send the money.

I did have one friend already believe it.

Its so obvious someone sent it to me, it says its from me to me.

Isnt this a federal law about extortion and the federal mail and also hijacking my internet account? At&T just tells me to get a new computer. Its like the perpertrator has more rights than the victim.

Any advice?

You probably should have created a new thread. If you want to press charges you need evidence. You need to some how prove it is who you think it is. Its possible someone has just harvested your email address and spoofed an email to make think it came from you but never really did. I don't think anyone hacked anything. If you think they did then fine, change your password and DON'T tell anyone. Don't make a weak password either. So the question is HOW do you know you were hacked?