Free Essay

Hackers

In:

Submitted By hajibiong
Words 1120
Pages 5
Hackers have been around for too long, usually associated with dark themes and “the evil side” they represent the minority of IT Gurus that just have too much time on their hands, and a touch of evilness.
Usually represented with a skull or “horrifically” they are iconic in a never ending battle against internet crime.
Your hosting provider should have set up your server with a certain amount of security built-in. However, there’s much you can do yourself to ensure your site stays unmolested.
Hackers play an “unwanted” yet a significant role on the net, it creates thousands if not millions of jobs, in the IT field but they are a menace to webmasters, such as you and me alike.
Not to worry, because the following list of “Ten Tips” aims to tell you a little about the way malicious hackers work, and some ways of protecting your site-and inevitably preserving the privacy of your visitors.
Ten Tips to Prevent Hackers
10) Comment Attacks
Comments are one of most prized features for blogs, and helps create a great relationship between the author and the reader, and also between readers in the wider community. It would also be easy for someone to insert HTML code that causes trouble.
You need to “validate” the form input before it’s accepted, to strip out all but the most basic HTML tags, for example and also if you’re using WordPress – you can utilize the “Keyword Filter” to block out any harsh words that might raise an issue or two.
9) Unsolicited Installation of Scripts
It can be dangerous to install third-party scripts and programs on your website unless you understand what they are actually doing. Even if you don’t fully understand the programming, you can read through the code and look for tell-tale signs such as references to third-party URLS.
You can also visit community forums such as SitePoint and DigitalPoint to ask around for better advice. Avoid Scam/Spammy Websites
In a desperate attempt to get visitors you might consider try extensive viral marketing and other means of gaining the attention, this may cause a few people in the wrong community to raise a few eyebrows.
The last thing you need as a settled web-master is to cause a stir amongst the wrong people. Stay away from websites and especially forums that offer “information” or “get traffic quick” that uses illegal spam lists and such.
7) Clear the Cookies!
Personally, I use a lot of public computers to blog and do other online activities, maybe because it’s convenient or my unreliable ISP crashed on my once more. Inevitable there’s many, many webmasters like me that use public services for either a quick access or regular work.
Just don’t forget to clear out the cookies and cache before you leave! Even if the service provider claims “no tracking of privacy” or anything along those lines, a quick clean before you leave wouldn’t hurt anyone.
6) Prevent illegal farmers’ from “harvesting” your lists
Hacking techniques are used to “harvest” email addresses, which are then used by spammers and other hackers for malicious activities. If you are storing email data on your website, for what-ever required reason, make sure it’s stored in a secure format, such as a MySQL Database.
Most top-CMS such as WordPress and Joomla make this compulsory but there’s many self written CMS’s too. If your script simply writes data to a text called “emails.txt” it won’t be long before someone sniffs it out.
5) Make sure your files are using the correct CHMOD Permissions
CHMOD File Permissions assign a specific value to every file/folder on your server, which allows different levels of access.
CHMOD Permission range from 000 (No access) to 777 (Full access), you must decide which files get what permissions, but be warned that some third party software require higher permissions to operate properly. You need to balance out features with security and make an informed decision.
Using a FTP you can change the permissions given to each file/folder on your server. This is vital to ensure any unauthorized access to your content is comprehensively denied.
Note – Make sure your CHMOD settings work with your current web-hosts. Some hosts prevent ’777′ for security reasons.
4) Don’t use Generic Usernames
Using common words for usernames such as “admin”, “administrator” or “Site Owner” can cause many implications because you are simply making the job of the hacker’s a lot easier. By using such common words for your username, you are incredibly increasing the success rate of the hacker by at least a few points of a percentage, which is consider a lot where only one answer can be right from an unlimited range of combinations.
3) Securing your Ports
To put in simple words, a “PORT” is used to access data from outside the server. It also utilized to transfer data both ways, into the server and also outgoing. Most of this activity is behind closed doors and happens automatically, and only trained professionals tend to play around with such details.
Nevertheless, ports are constantly opened & closed for easy-access, for programs such as a FTP (File Transfer Protocol). This can be favorable for any hackers attempting to access your sensitive files, so make sure any unwanted ports are ‘properly closed.’
2) Updated Security Patches
If your web hosting provider hasn’t already done so, you should check that all the latest security patches for various aspects of the service are properly installed. As you might know, WordPress (self-hosted) is one of the most popular Content Management Systems out there on the market.
It is used by millions- so it’s not surprising to see many hackers working day/night trying to hack it. Updates and patches are regularly released, so keep an eye out for all your plug-ins/core files.
1) Use Strong Passwords!
The number one technique you can possibly implement. Hackers are experts at programming computers to plough through huge amounts of data very quickly. That’s the reason longer passwords are more secure; the number of possible combinations grows exponentially with every extra character added.
Hackers employ a technique called “dictionary attack” where they repeatedly try username and password combinations by running through hundreds of common words, phrases, numbers and combination them till they get lucky. It’s important you use random strings like “j@m13s(!)” instead of perhaps “jamie123″
Lastly, this cannot be a ‘tip’ instead a complusory step in setting up your online community. Make sure your “.htaccess” and “.htpasswrd” is properly formatted with the secure CHMOD of 644. This is important and adds the best out-layer of protection for you and your visitors.

Similar Documents

Free Essay

Hackers

...Pros and cons to hiring a hacker Nowadays, hackers are people that makes the technology's life to be more interesting. The term hacker has evolved over the years and has been growing. For years they existed a fuzzy distinction between good and bad computer hackers, or we also call them white hat and black hat hackers. Whether they are good or bad, we can't negate they don't have any influence on the development of technology. Hiring known hackers to test the security of a system is an example of this idea. Some companies have the great database which stores information about black hat hackers. It's made and developed by white hackers. These hackers break into systems and report holes that company engineers quickly seal. Companies need to have appropriate way to choose hackers to hire. Another positive aspect to hiring reformed hackers as security consultants is that staying up with the latest security exploits and countermeasures is a full time job. In most companies, the IT staff has an acceptable level of security knowledge, but they must focus most of their attention on the day to day responsibilities of keeping the network up and running. A good security consultant focuses almost solely on security and consequently has a level of security knowledge that goes far beyond that of most other IT professionals. The Cons of hiring so-called good hackers can be minimized by following several basic rules, but the use of hackers with criminal records is not common. With...

Words: 369 - Pages: 2

Premium Essay

Hacker

...Hacking Describe a negative aspect of ICT’s impact on the information society. Describe how ICT has brought this about and what society is has done in response to it. Abstract Hacking has been and still disease different societies suffer from. The essay aims to provide the reader with knowledge regarding the effects hacking caused to our society, and how the society responded and tried to solve or minimize those effects. Different issues regarding hacking are discussed, such as the motivations that were behind guiding hackers who were at first computer professional to perform unauthorized activities, at the same time a discussion about the types of attacks can be found. The society response to hacking attacks lacks till this moment the ability to stop or completely prevent attacks from happening because as long as security tools are developed, more sophisticated hacking attacks are invented. That’s why we should start to think about hacker’s psychology as the main way to prevent and stop attacks by understanding their needs or desires. Introduction The Oxford English Dictionary defines hacking as “cut or chop roughly; mangle: cut (one’s way)”… to its present definition as “gain unauthorized access (to data in a computer)”. Banks (1997:11) defines hacking as “something that boring mainframe computer operators did to improve performance and battle boredom.” Here banks focuses on boredom as the reason of hacking. A more technical definition of hacking according...

Words: 4368 - Pages: 18

Premium Essay

Hacker

...University of Phoenix Alejandro Granados Keeping the Hacker Out CMGT / 440 Oct/3/2011 Keeping the Hacker Out Knowledge is the best way to keep systems secure. According to an article on Security News Week Magazine, knowing what methods the hackers use to attack is the best weapon a CEO can use to protect its company data. And whether or not he can prevent an attack knowing a Hacker “know how” Is the best way to identify future potential treats to a company’s network. According to Terry Cutler in an article posted on Security Week magazine . People responsible of company network are familiar with web defacing and executive spear phishing They have become aware that hackers are waiting and gathering information and concealing themselves Also known as footprinting. When hackers attack it doesn’t just cost millions to a company but also earned reputations can be compromised or destroyed. SIEM or Security Information and Event Management software are necessary automation tools for a company network security, That determine the severity of treats . SIEM is capable of detecting suspicious employee activity which is extremely important. Let’s say a swipe card system identifies an employee entering the company office after business hours in Montreal, then it identifies the same employee entering another company facility 20 miles away. If each entrance occurs within a space of 20 minutes, something is off because it is impossible for one person to travel 20 miles...

Words: 629 - Pages: 3

Free Essay

Hacker Techniques

...attacker will use automated or semi-automated tools to conduct security surveys and to generate reports of security-related vulnerabilities. Gaining Access phase is where the actual hacking takes place. Vulnerabilities that were discovered during the reconnaissance and scanning phase are now exploited to gain access. The method of how the hacker was able to exploit a connection can be a local area network (LAN, either wired or wireless), local access to a PC, the Internet, or offline. In Maintaining Access Phase a hacker has already gained access, and wants to maintain that access for future exploitation and attacks. Hackers sometimes harden a system in order to keep other hackers or security personnel out by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. Covering Tracks Phase is where the hackers have been able to gain and maintain access; they cover their tracks in order to avoid detection by security personnel, also to continue to use the owned system, and to remove evidence of hacking, or to avoid legal action. Hackers try to remove all traces of the attack, such as log files or intrusion detection system (IDS) alarms The first step I would take would be from the 5 steps to hacking which is the...

Words: 463 - Pages: 2

Premium Essay

Hiring a Hacker

...With the passage of time, computer hacking is going on at a very high rate. Computer hackers generally succeed by remaining one step ahead of the security administrators of the organization. As peer-to-peer network enable the individual’s computer and files to share among millions of other people across the world, it increases the chances of hacking the system. Some hackers even try to expose the computers to virus and worms. Moreover these persons sometimes specially design worms to distribute in peer-to-peer networks only. The worst can be that a computer cannot be 100% hacker proof but the person concerned can reduce the chances of the attack if any. The employees can regularly have a check on the companies’ secret data by scanning the right newsgroups and mailing lists. As our company wants to more safe and secure against any kind of hacking, hiring a ‘white collar’ hacker will be good decision. But the company has to craft entirely new security policy for the employees and the stakeholders. The best place to look for such a trustworthy person is within the company ranks. It will be more favorable if a group of employees are entitled for this job. Moreover, to have a check on them a team leader can also be positioned. Background checks can also be conducted to see how the hired ones are working. We can say that Information security is a mindset as it is one of the essential factors for any organization. This is due to the fact that if the information which is important...

Words: 331 - Pages: 2

Free Essay

Certified Ethical Hacker

...http://www.ipass4sure.com 312-50 ECCouncil Certified Ethical Hacker http://www.ipass4sure.com/exams.asp?examcode=312-50 The 312-50 practice exam is written and formatted by Certified Senior IT Professionals working in today's prospering companies and data centers all over the world! The 312-50 Practice Test covers all the exam topics and objectives and will prepare you for success quickly and efficiently. The 312-50 exam is very challenging, but with our 312-50 questions and answers practice exam, you can feel confident in obtaining your success on the 312-50 exam on your FIRST TRY! ECCouncil 312-50 Exam Features - Detailed questions and answers for 312-50 exam - Try a demo before buying any ECCouncil exam - 312-50 questions and answers, updated regularly - Verified 312-50 answers by Experts and bear almost 100% accuracy - 312-50 tested and verified before publishing - 312-50 exam questions with exhibits - 312-50 same questions as real exam with multiple choice options Acquiring ECCouncil certifications are becoming a huge task in the field of I.T. More over these exams like 312-50 exam are now continuously updating and accepting this challenge is itself a task. This 312-50 test is an important part of ECCouncil certifications. We have the resources to prepare you for this. The 312-50 exam is essential and core part of ECCouncil certifications and once you clear the exam you will be able to solve the real life problems yourself.Want to take advantage of the Real 312-50...

Words: 1963 - Pages: 8

Free Essay

Hacker Groups

...Hacker Group Submission Christopher Kidd The first hacker group and considered one of the worst I will cover is the group known as the Lizard Squad. This group is mainly known for claims of distributed denial-of-service claims. They targeted to disrupt gaming related services. On September 3, 2014, The group seemingly announced they were disbanding. Later on they seemed to reappear claiming responsibility for attacks on popular websites. Vinnie Omari is the member of the squad that was arrested and then bailed out for fraud by false representation – Fraud Act 2006, conspiracy to steal from another, and unauthorized computer access with the intent to commit other offenses. The first claimed attack from the group was on August 18, 2014. The servers for the game League of Legends were taken offline with a DDoS attack. We will highlight other claims in the following paragraph. On November 23, 2014, Lizard Squad claimed they attacked Destiny servers with a DDoS attack. The PlayStation Network was attacked twice. August 24, 2014 the PlayStation Network was taken down via a DDoS attack, with Lizard Squad claiming responsibility. And again on December 8, 2014, the PlayStation Network was again attacked, purportedly by Lizard Squad. Anyone who attempted to access the PlayStation Store during the time it was down were greeted by the message: "Page Not Found! It's not you. It's the internet's fault." Many others are claimed by them such as Xbox Live DDoS, the Machinima attack...

Words: 742 - Pages: 3

Free Essay

Hackers: Scourge of the Internet, or Information Superhero?

...Hackers: Scourge of the Internet, or Information Superhero? Kyle Gonzalez ITT Technical Institute Introduction “And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencys is sought... a bored is found.” – Hackers Manifesto It can be seen all over the news. Visa and PayPal taken offline by hackers, Sony’s PlayStation Network brought to its knees, a cyber defense contractor named Stratfor had its servers hacked and corporate emails leaked. Everything that people know about hacking can be summed up in news articles written by the uninformed. Hacking is bad, and there is no arguing that… Or is there? Most of what people know of hacking comes from the news or Hollywood movies such as Hackers and Swordfish. What they see is only one facet of this fascinating, yet misunderstood world. Hacking is not the evil act that some make it out to be. Hacking can also be a good thing. Enter the White Hat, or Ethical Hackers. These are the network security professionals in which no movies are based. Ethical hacking is used to help analyze networks for security flaws, stop attacks in progress and help keep companies in compliance with government regulations such as PCI or SOX. What is Ethical Hacking? Ethical hacking sounds like an oxymoron, but it does exist and is a very handsomely paying career field. The average ethical hacker can make anywhere...

Words: 2096 - Pages: 9

Free Essay

Compare and Contrast Hackers, Crackers & Ceh

...others testing the boundaries is given the moniker “hacker," their mens rea is not malicious they simply seek to test, identify and communicate weaknesses in technology systems. The hacker label contrasts with "cracker" who seeks to discover weaknesses for personal or financial gain and is certainly malicious. Newer to the world of hackers and crackers is the certified ethical hacker. The EC-Council, responsible for the certified ethical hacker certification, distances itself from both labels and the negative connotations associated. This document will offer a comparison of crackers, hackers and the certified ethical hacker. The term hacker is said to have evolved out of MIT’s computer culture when the Tech Model Railroad Club hacked model trains to make them run faster. As Universities across the country embraced the hacker concept they remained isolated until the first year of ARPAnet in 1969, “the first transcontinental, high-speed computer network” ("Early Hackers," n.d., para. 3). For better or for worse, hacker has had quite a public history; it is the preferred label describing all activities from security research through credit card theft. For this reason, true hackers consider themselves “interested in the arcane and recondite workings of any computer operating system…Hackers constantly seek further knowledge, freely share what they have discovered, and never intentionally damage data.” ("Difference between hackers and crackers," n.d., para. 5) This definition is...

Words: 880 - Pages: 4

Premium Essay

Hackers For Good: A Bug Bounty Hunter's Path To Our Society

...State your thesis or hypothesis completely. Outline your thesis in Toulmin terms: Despite the negative definition, hacking can be considered both unethical and ethical. -- Claim: Hacking can be ethical. -- Reason(s): There are white-hat hackers who contributed so much to our society. -- Warrant(s): Hacking can be a good thing since there are white-hat hackers. Explain why this argument of definition deserves attention. What is at stake? Why is it important for your readers to consider? When seeing the word “hacker”, the audience automatically picks up the negative vibe. Truth is, not all hackers are bad. The common definition of is that this bad “hacker” gets unauthorized access to someone else’s device. It is this definition that risk ruining...

Words: 475 - Pages: 2

Free Essay

Hackers

...RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis∗ Daniel Genkin Technion and Tel Aviv University danielg3@cs.technion.ac.il Adi Shamir Weizmann Institute of Science adi.shamir@weizmann.ac.il Eran Tromer Tel Aviv University tromer@cs.tau.ac.il December 18, 2013 Abstract Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. These acoustic emanations are more than a nuisance: they can convey information about the software running on the computer, and in particular leak sensitive information about security-related computations. In a preliminary presentation (Eurocrypt’04 rump session), we have shown that different RSA keys induce different sound patterns, but it was not clear how to extract individual key bits. The main problem was that the acoustic side channel has a very low bandwidth (under 20 kHz using common microphones, and a few hundred kHz using ultrasound microphones), many orders of magnitude below the GHz-scale clock rates of the attacked computers. In this paper we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG’s current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed...

Words: 23246 - Pages: 93

Premium Essay

Hackers

...In the series Scorpion, the problem that has been encountered in the Pilot episode is that the entire computer system in the airports was kind of affected by bugs, or maybe taken over by hackers because of it being unusable. The communications to the flying planes are down. There was nothing they could do to reroute the planes and communicate with them while on air. This is not just a usual computer system being down, this causes the three airports in Los Angeles not being able to safely land the planes and passengers. Without these communication services working properly, fifty-six airplanes were not able to land safely. For the system to get back working, there were four geniuses who helped and restored the system back to normal as how it should be working. The problem is resolved when the rescue team was able to find a backup of the uncorrupted, bug-free copy of the system in one of the flying planes. The rescue team on the ground was having a hard time communicating with the people inside the plane with the bug-free software of the system. However, one of the team’s geniuses, Toby, was able to find a way to locate a passenger with his phone turned on. The team was able to communicate with the pilot with the help of the passenger. Commanding the pilot to fly as low as he can as the rescue team need to acquire the uncorrupted software of the system. They have retrieved the copy of the uncorrupted software of the system with the help of Paige. She was able to download the uncorrupted...

Words: 491 - Pages: 2

Premium Essay

Ethical Hacking

...networking 11. Learn diassembler language (its the most basic language for understanding machine language and very useful to ubderstand when anything is disassembled and decoded) 12. Learn to use a Unix os. (a Unix system is generally loaded with networking tools as well as a few hacking tools) 13. Learn how to use Exploits and compile them. (Perl and c++ is must) ETHICAL HACKER Traditionally, a Hacker is someone who likes to play with Software or Electronic Systems. Hackers enjoy Exploring and Learning how Computer systems operate. They love discovering new ways to work electronically. Hacker is a word that has two meanings: 1-Recently, Hacker has taken on a new meaning someone who maliciously breaks into systems for personal gain. 2-Technically, these criminals are Crackers as Criminal Hackers. Crackers break into systems with malicious Intentions An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known as penetration testing, intrusion testing...

Words: 2587 - Pages: 11

Premium Essay

Challenges and Prospects of Ethical Hacking

...Ethical /acking to ensure the sa,ety o, your computer system. /ere is a list o, 0ene,its that you can derive ,rom hiring *hite hat hackers4$. 3hite hat hackers increase the security levels o, computer systems. 1hey help increase your protection against 0lack hat hackers *ho are out to get your personal in,ormation.>. + *hite hat hacker prevents 0lack hat hackers ,rom entering your computer system. 3hite hat hackers employ high level computer science to evaluate and increase the security o, your computer system.?. 3hite hat hackers per,orm Ethical /acking to improve the de,ense mechanism o, your computer system.. 3hite hat hackers evaluate and assess the capa0ility o, your system to ,ind out potential loopholes and cracks that 0lack hat hackers can enter. 1hey make sure that your system is protected ,rom the sneaky techni2ues o, 0lack hat hackers.1hese are some o, the 0ene,its that *hite hat hackers can o,,er. %, *hite hat hackers per,orm Ethical /acking! 0lack hat hackers are their antithesis. Black hat hackers are illegal hackers that *ant to steal your personal in,ormation. Black hat hackers are 0ad ,or your system. 1hey *reck your system and prevent it ,rom per,orming *ell. Black hat hackers leave your system in sham0les. %t is 0est to hire a *hite hat hacker to create a line o, de,ense against 0lack hat hackers. The Ethical Hacker infl"ences processes and techni'"es in various ,ields namely • 'arketing A "ticking to ethical pricing and re,raining ,rom • manipulation o,...

Words: 1053 - Pages: 5

Free Essay

Hacking

...1960s – MIT AI Lab – Ken Thompson invented UNIX – Positive Meaning • 1980s – Cyberspace coined – 414s arrested – Two hacker groups formed – 2600 published • 2001 – In one of the biggest denial-of-service attack, hackers launched attacks against eBay, Yahoo!, CNN.com., Amazon and others. • 2007 – Bank hit by “biggest ever” hack. Swedish Bank, Nordea recorded nearly $1 Million has been stolen in three months from 250 customer account. Types of hackers Knowledge based: • Coders • Admins • Script kiddies Legality based: • Black hat hacker • White hat hacker • Grey hat hacker Script Kiddies: – who use scripts or programs developed by others to attack computer systems and networks and deface websites.[ Phreak – Person who breaks into telecommunications systems to [commit] theft Cyber Punk – Recent mutation of … the hacker, cracker, and phreak White hat hacker who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems. Black hat hacker A black hat is the villain or bad guy, especially in a western movie in which such a character would stereotypically wear a black hat in contrast to the hero's white hat. Gray hat hacker A grey hat, in the hacking community, refers to a skilled hacker whose activities fall somewhere between white and black hat hackers on a variety of spectra Ethical hacking • It is Legal • Permission is obtained from the target • Part of an overall security...

Words: 383 - Pages: 2