Sunday, November 29, 2009

Ethical Hacker

An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known as penetration testing, intrusion testing and red teaming. An ethical hacker is sometimes called a white hat, a term that comes from old Western movies, where the "good guy" wore a white hat and the "bad guy" wore a black hat.

One of the first examples of ethical hackers at work was in the 1970s, when the United States government used groups of experts called red teams to hack its own computer systems. According to Ed Skoudis, Vice President of Security Strategy for Predictive Systems' Global Integrity consulting practice, ethical hacking has continued to grow in an otherwise lackluster IT industry, and is becoming increasingly common outside the government and technology sectors where it began. Many large companies, such as IBM, maintain employee teams of ethical hackers.

In a similar but distinct category, a hacktivist is more of a vigilante: detecting, sometimes reporting (and sometimes exploiting) security vulnerabilities as a form of social activism.

Hacking Laws

Computer Hacking Laws: Are These Laws Really Effective?

The news said that another person had their identity stolen. It happened again. You might even know of someone that had it happen to them. We often hear of percentages - and they are surprisingly high.

Enforcement is taking place, but we have to wonder if computer hacking laws are really having any effect against cyber hacking. This article will show what is being done against cyber crime.

Defining Cyber Crime

Hacking has a rather simple definition to it. Basically it is defined as the unauthorized use of a computer - especially when it involves attempting to circumvent the security measures of that computer, or of a network.

Hacking is not difficult to learn. Unfortunately, it may be too easy for someone that has a little time on his hands. This becomes especially obvious when it is found that a number of the hackers, at least those that are caught, are often only in their teens.

Beyond this, there are two basic types of hacking. Some only hack because they want to see if they can do it - it is a challenge to them. For others, however, it becomes an attack, and they use their unauthorized access for destructive purposes. Hacking occurs at all levels and at all times - by someone, for some reason. It may be a teen doing it to gain peer recognition, or, a thief, a corporate spy, or one nation against another.

Effectiveness of Computer Hacking Laws

Like any other law, the effectiveness must be determined by its deterrence. While there will always be those that want to see if they can do it, and get away with it (any crime), there are always the many more who may not do something if they are aware of its unlawfulness - and possible imprisonment.

In the early 1990's, when hacker efforts stopped AT&T communications altogether, the U.S. Government launched its program to go after the hackers. This was further stepped up when government reports (by the GAO) indicate that there have been more than 250,000 attempts to hack into the Defense Department computers. First there were the laws - now came the bite behind it. One of the effects of computer hacking brought about focused efforts to catch them and punish them by law.

Then, more recently, the U.S. Justice Department reveals that the National Infrastructure Protection Center has been created in order to protect our major communications, transportation and technology from the attack of hackers. Controlling teens and hackers has become the focus of many governmental groups to stop this maliciousness against individuals, organizations, and nations.

Hacking definition

Before going to see what is hacking we should now about history Hacking. I mean when does its start's in which it has been implemented at first and who was the founder of hacking.

Hacking is not limited to computers. the real meaning of hacking is to expand the components of any electronic device; to use them beyond the original intentions of the manufacture.

Hacker is a term used by some "a clever programmer" and by others, especially those in popular media, to mean "someone who tries break into computer systems."

History of Hacking

Is Hacking Always Bad?

Although the history of hacking is relatively unknown to most of the public, it's quite interesting to read about it. It doesn't matter if you aren't a computer expert or a system administrator of a big corporation.

Computers are as much part of our history as airplanes and cars, and it should be common knowledge to know how they came to be. It's the only way you can understand the effects of computer hacking in our life.

History of Hacking

Hacking is not limited to computers. The real meaning of hacking is to expand the capabilities of any electronic device; to use them beyond the original intentions of the manufacturer. As a matter of fact, the first hackers appeared in the 1960's at the Massachusetts Institute of Technology (MIT), and their first victims were electric trains. They wanted them to perform faster and more efficiently. So, is hacking always bad? Not really. It only depends on how to use it. But it wasn't until a group of these hackers decided to exert their knowledge in the computer mainframes of the MIT.

During the 1970's, a different kind of hacker appeared: the phreaks or phone hackers. They learned ways to hack the telephonic system and make phone calls for free. Within these group of people, a phreaker became famous because a simple discovery. John Draper, also known as Captain Crunch, found that he could make long distance calls with a whistle. He built a blue box that could do this and the Esquire magazine published an article on how to build them. Fascinated by this discovery, two kids, Steve Wozniak and Steve Jobs, decided to sell these blue boxes, starting a business friendship which resulted in the founding of Apple.

By the 1980's, phreaks started to migrate to computers, and the first Bulletin Board Systems (BBS) appeared. BBS are like the yahoo groups of today, were people posted messages of any kind of topics. The BBS used by hackers specialized in tips on how to break into computers, how to use stolen credit card numbers and share stolen computer passwords.

It wasn't until 1986 that the US government realized the danger that hackers represented to the national security. As a way to counteract this menace, the Congress passed the Computer Fraud and Abuse Act, making computer breaking a crime across the nation.

During the 1990's, when the use of the internet widespread around the world, hackers multiplied, but it wasn't until the end of the decade that system's security became mainstream among the public.

Today, we are accustomed to hackers, crackers, viruses, Trojans, worms and all of the techniques we need to follow to combat them.

What is Ethical hacking

Keep Out the Bad Guys : Ethical hacking

If you remember the Star Wars movies, there were two sides of the Force. The light side and the dark side. In the world of hacking, ethical hacking is considered the light side of hacking. Why?

Because ethical hackers use their skills and abilities for a constructive matter. Their intention is to offer adequate protection to their clients and assure them that they will be safe from hacker attacks. But it isn't easy to become a certified ethical hacker. You need to gain some reputation along with work experience in security field.

What Is Ethical Hacking?

They dedicate their skills to serve their clients. Instead of spending long nights inside obscure rooms filled with computers looking for some victim, they work inside corporations, finding ways to protect the networks and computer systems.

Who Does This?

A hacker is a person who finds enjoyment in increasing the capacity of any device. When the personal computers appeared, hackers turned their attention to them and a new underground was created. Unfortunately, bad elements within the community and criminal organizations have given a bad reputation to this group. Among the public opinion the media is widely responsible for reporting crackers as hackers. Their lack of knowledge on means adopted by hackers and crackers has brought a bad name to hackers as well.

Nowadays three type of hackers can be found: white, grey and black. White hackers are those who use their knowledge for selling their services to clients who want to protect their networks. Black hackers (also known as crackers) are the ones who attack those networks and try to make some money out of it.

Grey hackers are more ambiguous. They don't do it for the money; they do it for the rush. They want to show the world and their hacker friends how good they are.

So, were does ethical hackers fall? Well, they are inside the white hackers group. But being a white hacker doesn't transform you into an ethical hacker. There are some things that you need to do first.

What Are The Requirements For Ethical Hacking?

The first requirement is to be trustworthy. And for that, you will need to make a name. How? You need to start from the beginning: down. The first step is academic. Most of ethical hackers have written papers on this matter and published through an academic institution. This is an excellent method to show the world how preoccupied you are for computer security and that you have a desire to protect people from the dangers of the internet.

What is Hacker

Hacker is a term used by some to mean "a clever programmer" and by others, especially those in popular media, to mean "someone who tries to break into computer systems."

1) Eric Raymond, compiler of The New Hacker's Dictionary, defines a hacker as a clever programmer. A "good hack" is a clever solution to a programming problem and "hacking" is the act of doing it. Raymond lists five possible characteristics that qualify one as a hacker, which we paraphrase here:

  • A person who enjoys learning details of a programming language or system
  • A person who enjoys actually doing the programming rather than just theorizing about it
  • A person capable of appreciating someone else's hacking
  • A person who picks up programming quickly
  • A person who is an expert at a particular programming language or system, as in "Unix hacker"

Raymond deprecates the use of this term for someone who attempts to crack someone else's system or otherwise uses programming or expert knowledge to act maliciously. He prefers the term cracker for this meaning.

2) The term hacker is used in popular media to describe someone who attempts to break into computer systems. Typically, this kind of hacker would be a proficient programmer or engineer with sufficient technical knowledge to understand the weak points in a security system. For more on this usage, see cracker.

The Basics Needed To Become A Hacker

What Are The Basics Needed To Become A Hacker

Everyone has heard of one individual or another that was caught while hacking computers that belonged to this or that organization. Because hacking into computers is highly illegal, it should be mentioned that this article will not mention any real specifics about the subject, and this author would rather gladly encourage you to become a real hacker - professionally.

This article, will however, give a brief overview of criminal hackers, some of their methods, and a few things you can do to make your own computer safer from hack attacks. Here are those things you need to learn on how to become a hacker.
  • Learn Computers
    It should go without saying that the first thing that is needed is to learn about computers. This means study. A lot of reading is involved along with just plain old-fashioned learning how to use a computer. Then, of course, there are the special aspects of computer study. The places where the tips are learned is often two-fold: a friend who has access to a computer, and a variety of places on the Web. But this is also an interesting thing - if a young person has the ability to learn, and wants to learn can use hacking tutorials- then why not take the time to learn the right things - things that can earn him a lot of money in the legit world? Is it possibly that it could be the friend he has that turns him away from the good?

What is White Hat Hacker

White Hat and Grey Hat Hacker – What is the Real Difference?

Thanks to movies and books, our image of hackers has been distorted. What is worse, the public is not able to understand terms like grey hat, white hat, linux OS, or cracker.

However, the truth is that the subculture of the hacker world is more complex than we think. Especially if we consider that, these are very intelligent people.

So, what is ethical hacking white hat and how does it differentiate from grey hackers? The only way to find out is to submerge ourselves in the world of hackers and understand, at least, the most basic concepts.

What Is A White Hat Hacker?

According to Hollywood, a hacker can be a wiz kid who spends too much time with computers and suddenly finds himself submerged in the world of cyber-security or criminal conspirators. On the other hand, he can be a master criminal who wants to obtain huge amounts of money for him, or even worse, dominate the world.

In the movie Matrix, the concept of hackers changed a bit. Although the agents of the Matrix considered them terrorists, the truth is that they were rebels fighting for the liberty of humanity. Things do not need to reach that extreme, though. We are not at war with intelligent ma chines so that kind of scenario is a bit dramatic.

Therefore, a hacker is an individual who is capable of modifying computer hardware, or software. They made their appearance before the advent of computers, when determined individuals were fascinated with the possibility of modifying machines. For example, entering a determine code in a telephone in order to make free international calls.

When computers appeared, this people found a new realm where they could exploit their skills. Now they were not limited to the constraints of the physical world, instead, they could travel through the virtual world of computers. Before the internet, they used Bulletin Board Systems (BBS) to communicate and exchange information. However, the real explosion occurred when the Internet appeared.

Today, anyone can become a hacker. Within that denomination, there are three types of hackers. The first one is the black hacker, also known as a cracker, someone who uses his computer knowledge in criminal activ ities in order to obtain personal benefits. A typical example is a person who exploits the weaknesses of the systems of a financial institution for making some money.

On the other side is the white hat hacker. Although white hat hacking can be considered similar to a black hacker, there is an important difference. A white hacker does it with no criminal intention in mind. Companies around the world, who want to test their systems, contract white hackers. They will test how secure are their systems, and point any faults that they may found. If you want to become a hacker with a white hat, linux, a PC and an internet connection is all you need.

What is Black Hat Hacker

Thanks to Hollywood, black hat hackers have become the iconic image of all hackers around the world. For the majority of computer users, the word hacker has become a synonym for social misfits and criminals.

Of course, that is an injustice created by our own interpretation of the mass media, so it is important for us to learn what a hacker is and what a black hacker (or cracker) does. So, let's learn about black hat techniques and how they make our lives a little more difficult.

What Is Black Hat Hacking?

A black hat hacker, also known as a cracker or a dark side hacker (this last definition is a direct reference to the Star Wars movies and the dark side of the force), is someone who uses his skills with a criminal intent. Some examples are: cracking bank accounts in order to make transferences to their own accounts, stealing information to be sold in the black market, or attacking the computer network of an organization for money.

Some famous cases of black hat hacking include Kevin Mitnick, who used his black hat hackers skills to enter the computers of organizations such as Nokia, Fujitsu, Motorola and Sun Microsystems (it must be mentioned that he is now a white hat hacker); Kevin Poulsen, who took control of all the phone lines in Los Angeles in order to win a radio contest (the prize was a Porsche 944 S2); and Vladimir Levin, which is the handle of the mastermind behind the stealing of $10'000,000 to Citigroup.

Differences Between White Hat And A Black Hat Hacker

The difference between black hat and white hat hackers is that white hat hacker uses their skills and knowledge as a way to defend someone from attackers. That means that white hat hackers offer their services to corporations, public organizations and educational institutions.

These services include a complete revision of their computer network security, implementation of new security systems (they may be hardware or software), user training and future recommendations. All these measures will be able to combat unauthorized hacking; black hat hackers, however, will continue trying.

What is Cracker

A cracker is someone who breaks into someone else's computer system, often on a network; bypass password or licenses in computer programs; or in other ways intentionally breaches computers security. A cracker can be doing this for profit, maliciously, for some altruistic purpose or cause, or beacuse the challenge is there. Some breaking-and-entering has been done ostensibly to point out weaknesses in a site's security system.

The term "cracker" is not be confused with "hacker". Hackers generally deplore cracking. However, as Eric Raymond, compiler of The New Hacker's Dictionary notes, some journalists ascribes break-ins to "hackers."

A classic story of the tracking down of a cracker on the internet who was breaking into U.S. military and other computers is told in Clifford Stoll's The Cuckoo's Egg.

What is Hacktivism

Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose. The individual who performs an act of hacktivism is said to be a hacktivist.

A hacktivist uses the same tools and techniques as a hacker, but does so in order to disrupt services and bring attention to a political or social cause. For example, one might leave a highly visible message on the home page of a Web site that gets a lot of traffic or which embodies a point-of-view that is being opposed. Or one might launch a denial-of-service attack to disrupt traffic to a particular site.

A recent demonstration of hacktivism followed the death of a Chinese airman when his jet fighter collided with a U.S. surveillance plane in April 2001. Chinese and American hacktivists from both countries hacked Web sites and used them as "blackboards" for their statements.

Whether hacktivism is a crime may be debated. Opponents argue that hacktivism causes damage in a forum where there is already ample opportunity for nondisruptive free speech. Others insist that such an act is the equivalent of a protest and is therefore protected as a form of free speech.

Hacker Tricks And Prevention Techniques

In movies or TV series where hackers are involved, we may have seen them apply their computer knowledge in order to perform certain hacker tricks that saved the day.
From "The Matrix" to "Swordfish", hackers have been able to elevate themselves to the level of heroes with only a keyboard and a mouse. However, hackers attacks and hacker prevention is more difficulty, and complex, in real life.

Hollywood has a tendency to oversimplify things so the general public can understand them. After all, only a small percentage of the population has enough skills to perform this kind of demonstrations. So, if you want to prevent hacking there are some basics that need to be learned first.

Tricks And Techniques Employed By Hackers To Break Into Your System

The first most common technique used technique used by hackers is scanning. Hackers have created tools that scan computers for weak spots. It can be an operating system that hasn't been upgraded or a port in the computer that it is open without the knowledge of the user.

Hackers use this "open window" to get inside your computer in order to do whatever they want to do. The interesting thing about this is that these hacker tools are available for free in the Internet. So, with a couple of hours of instructions, almost every computer user can become a hacker.

Another way that hackers can access your machine is through malware: programs designed to capture vital information from your computer, like login users and passwords. Malware could be hidden in a PowerPoint presentation sent by email or even in an innocent Instant Messenger message window.

How To Prevent Hacker Attacks

Hackers are always looking for a way to get into computers of other persons. It can be something as simple as phising confidential information (like credit card or bank account numbers) to complex hacking routines that use your computer as a repository for illegal content (like music or movies with copyright).

Unfortunately there is no magical software to prevent hackers; and it will never exist. It doesn't matter how much money or resources you invest in designing the perfect system, someone will find the way to crack it. Even the biggest government agencies like NASA, CIA and NSA have been victims of hackers. And the same thing happens in the private sector with companies like Citigroup or Wal-Mart.