Blog de beton

Sunday, September 19, 2004

Why do hackers hack ?

When someone new to the internet buy a broadband connection, he will have to learn a lot about the ways to protect his computer.

Protect against who ? Who would like to hack me anyway ?
- Dad

This is not only dad's answer to the question. It's everyone unaware of the customs of internet.

The internet gives a wrong feeling of security. The users on the internet think they are anonymous and that their computers are hidden from others. This is not true at all.

Every computer, in order to use the internet has an address. When someone, somewhere around the world, connect to a web site on the other half of the world, his computer gives its address to the web page. This is required in order to send back the information to the computer. It works exactely like houses. Houses all have addresses in order to receive mails (and tax papers sigh).

Back to the question : "Why me ?"

Well, not you... Your computer !

Hackers first broke in computers just for fun. Some geeks sleeping very late at night, living on pizzas and cola and writing their own programs to break in computers. It was challenging, it was "cool"... At least for them.

The reasons have changed. The first type of hacker still exist, but a new type is born. Now, hackers hack for money.

The hacker will use a program on a computer, maybe in a cybercafe, to scan a wide range of IP addresses (the computer's address). He will also use a dictionary of known security issues for different system (the easiest one being windows). The software scan all the assigned addresses and perform some tests on the computers it finds in order to detect security flaws. As soon as it founds one it will alert the hacker.

When the computer will be hacked, the hacker will sell it on the internet to people who wants to spam, make credit card fraud or hack more critical targets (say a bank server).

The main problem concerning IT security is that it is easier to hack than to secure. I'm not a big time hacker, but I can say that I've been able to hack the computers of a few friends. Nothing bad, I just sent them a few very personalized windows error :

Hello xxx, Your computer is being hacked. Continue ? (button Yes | NO)

Opening the CD ROM was quite fun too. The day after at school (I was only in my last year of school) the look on the face of my friend was priceless. He was lucky, because I was able to read his whole disk, and delete any files i want.

Now you may think : "Wait a minute ? how could you hack that guy particularly".

Some softwares are like a bulleye. ICQ, IRC, MSN, YAHOO!Messenger. You see the guy online, you send a few commands and you can have plenty of informations. Because these software creates a direct link between the computers involved.

Try to avoid the use of these software, or use it cautiously. Never chat with someone you don't know and NEVER accept files from someone you don't know.

Another big source of problem : Internet explorer.

Internet explorer has something like 33 known security issues still remaining unpatched. Hackers can have informations on your computer and even launch code on your computer simply by surfing on their webpage. The firewall if you have one will do nothing because the code is launch using internet explorer and internet explorer is not block by the firewall.

To prevent this big problem, connect to the internet using mozilla or firefox instead.

I use firefox since a few weeks now and I love it. It blocks popup, it can open many pages in one window, and you can search a word on google by left clicking it (awesome).

Use a firewall and choose the softwares accessing the internet cautiously : Firefox (you don't use internet explorer remember ?), outlook (try to avoid it too), maybe msn. Nothing more need to access the internet. It is surprising to see how many windows software try to connect to the internet to send informations straight to Bill. YOu can block them happily ! After all, how does it work if your computer don't have internet ?

Use an antivirus and update it at least everyweek. I use AVG antivirus because it's free and it works pretty well.

Finally, use passwords to connect to your computer and use security rights on your folders. Imagine a hacker breaks in your computer. He wants the folder 'My personal stuff'. Bad luck, he don't have the right privilege. He will have to break the password.

Choosing a good password is very important. There are a few rules to respect :

1) A Password must be at least 8 digits
2) A password must not be a word of any dictionnary. Hackers use softwares connected to whole dictionaries and apply every words to the password. It's long but it works.
3) Following letters or numbers or both are useless (ex: abcd, 1234, abcd1234)
4) Do not use names (names dictionaries also exist)
5) Do not us dates
6) A GOOD PASSWORD MIX LETTERS? CAPITAL LETTERS? NUMBERS AND SPECIAL CARACTERS (ex:
Ju#1@Ng12)

At the same time, these passwords are impossible to memorize. So here is a little mnemonic trick :

Use a phrase or a word on which you are going to apply some changes in order to fit to the rule number 6.

"This is a good way to remember" becomes T!s@gW2r*

If you intend to use this technik, never apply the same transformation procedure. If it's always the same (ex:a = @) then a hacker can write a program specially for you.

Finally here are some interesting links to have a better idea:

honeynet. The whitepapers are good. But sometimes a bit technical. The targeted reader is not the normal user here.

Anti-hack. Unfortunately this web site is in french.

Enjoy the web and protect yourself