Cryptography Reference
In-Depth Information
2.
Leet
: This is an abbreviation for
elite
, and is jargon employed by hackers
to refer to themselves or to the sites they visit for the purpose of sharing
pirated software and data.
3.
Rootkit
: This is a basic toolkit for disguising the fact that a computer's
security has been compromised. Such kits might include a substitute for
system binaries
10.18
rendering it impossible to see activities run by the
hacker in the active process tables.
10.19
There are programs such as
rkdet
,
which is a small daemon for detecting someone installing a rootkit or
running a packet sniffer (see
http://vancouver-webpages.com/rkdet/
).
4.
Social Engineering
: We briefly mentioned social engineering attacks on
page 331. Basically, any technique that exploits human weakness or gen-
eral gullibility can be employed. It consists of using nondigital means
to gain digital information from a victim, the most common being mas-
querading as a bank oHcial to get a person's PIN on the claim that it
is needed to fix something concerning the account. Essentially, social en-
gineering attacks involve the obtaining of a person's trust so they will
disclose information to the hacker. See [163] for more information.
5.
Vulnerability Scanner
: This is a tool to scan computers for weaknesses.
This might include
port scanners
, which check the
open
ports on a com-
puter that are available for access. For example, there is the
nessus
scan-
ner (see
http://www.nessus.org
), which employs modules, so it can be
expanded.
Also, we may include in this category,
brute-force password hacking
, which
is software that, given a unix password file or MS Windows registry keys
for authentication, goes through a list of common dictionary words to
reveal any insecure passwords on the system.
Some of the tools mentioned above were designed for legitimate use to dis-
cover security holes in a given system, but as with anything in life, there can be
a “good” use and a “bad” use to which they are put.
Defence
There are numerous techniques to protect computers from hacker attacks.
We list but a few of the more important ones.
10.18
A system's
binaries
are the binary, machine-readable forms of programs that have been
compiled or assembled, but not to the “source” language forms of programs. In other words,
binaries are source code that has been compiled into executable programs. If we are talking
about GNU/Linux (see page 386), there are three possibilities: (1) software is distributed as
source code only; (2) software package includes both source and binaries; (3) software contains
only binary format.
10.19
A
process
is a program in execution, which may have several states: new; active; waiting;
ready; and terminated. An
active process table
is a set of data structures used to represent the
process. Thus, if the active process table is compromised, a sysadmin, for instance, cannot
see the activities of the hacker.
Search WWH ::
Custom Search