[You must be registered and logged in to see this image.]In the present world of high-speed internet,
people have grown curiosity towards HACKING.
Everybody is searching for a secret passage or
method to bypass, extract, get and modify the
information by any means. Among teenagers, the
general tendency of hacking is concentrated to
social media accounts.
Here I will describe all the methods which are
popular in the world of hacking in order to hack
into a computer terminal and online account.
1. Phishing
This is a method where you have to bring the
user to a webpage created by you which appears
to be the same as the interface of the legitimate
one and get him/her to enter the credentials.
Then the redirect page will land somewhere else
and you will get the password in your mail box as
defined inside the php script.
2. Keylogger
Consider a situation; everything you type in the
system is mailed to the hacker! Wouldn’t it be
easy to track your password from that?
Keyloggers perform similar functionalities. So you
have to be cautious while typing anything. Now a
day, remote keyloggers are also used. So before
downloading any executable file keep an eye on
the downloadable element. Also lookout for your
open ports… someone might be looking into it.
Periodically check “netstat” from command
prompt.
3. BruteForcing
This is quite a long and most tiring task. This
method is very useful if you know that the victim
is using his password among a few known
possibilities that you are aware of. If you don’t
know much and the possibilities are more, then
you shouldn’t go for it.
4. Secret Question
According to a survey done by security
companies, it is found that people generally
complain for hacking as per their secret question
answers. This is indeed a much easier method. In
some cases, there are only fixed secret questions,
so it becomes much easier for the hackers. So,
don’t use simple answers, don’t reveal it to
anyone and I would suggest you to use own
secret questions with answers.
5. Social Engineering
This is one of the oldest tricks to hack. Try to
convince the user that you are a legitimate
person from the system or central server and
needs your password for the continuation of the
service or some maintenance or you need to reset
your password to some combination like
‘abc12345’. This won’t work now since most of
the users are now aware about the Scam. But this
Social Engineering concept is must for you to
convince the victim for many reasons. It may
work in some case.
6. Fake Messengers
This is a form of phishing in the application
format. Sometimes, there are some fake
applications which tend the user to enter the
login info in the software and check your mail.
But unknowingly, your login credentials are being
sent to the ftp server destination of the hacker.
7. Viruses And Worms
Viruses and worms are self-replicating programs
or code fragments that attach themselves to
other programs (viruses) or machines (worms).
Both viruses and worms attempt to shut down
networks by flooding them with massive amounts
of bogus traffic, usually through e-mail. So install
a good working antivirus and antispam program
which is capable of handling the potential threats.
8. Back Doors
Hackers can gain access to a network by
exploiting back doors administrative shortcuts,
configuration errors, easily deciphered passwords,
and unsecured dial-ups. With the aid of
computerized searchers (bots), hackers can
probably find any weakness in the network. So
you have to strengthen your security to avoid
unauthorized access.
9. Trojan Horses
Trojan horses, which are attached to other
programs, are the leading cause of all break-ins.
When a user downloads and activates a Trojan
horse, the software can take the full control over
the system and you can remotely control the
whole system. Isn’t it great! They are also
referred as RATs (Remote Administration tools).
Always periodically watch out your open terminals
by checking ‘netstat’.
10. Denial Of Service
DoS attacks give hackers a way to bring down a
network without gaining internal access. DoS
attacks work by flooding the access routers with
bogus traffic (which can be e-mail or Transmission
Control Protocol, TCP, packets).
11. Distributed DoSs
Distributed DoSs (DDoSs) are coordinated DoS
attacks from multiple sources. A DDoS is more
difficult to block because it uses multiple,
changing, source IP addresses. So better to use
upgraded and advanced servers like grid server
etc.
12. Sniffing
Sniffing refers to the act of intercepting TCP
packets. This interception can happen through
simple monitoring or something more wicked. So
it’s better to secure the working network. Also
make sure that, none of your users is giving your
TCP packets to outer network knowingly or
unknowingly. Knowing IP address only also can do
a lot as there is a powerful penetration tool to do
the damage (BACKTRACK OS + METASPLOIT).
13. Spoofing
Spoofing is the act of sending an illegitimate
packet with an expected acknowledgment (ACK),
which a hacker can guess, predict, or obtain by
snooping.
14. SQL Injection
SQL injection is a code injection technique that
exploits a security vulnerability occurring in the
database layer of an application. It uses normal
SQL commands to get into database with
elevated privileges. Some security precautions
need to be taken to handle this attack.
15. Cookie Stealer
Each time you access into an online account, the
sites identify your system and you by your
cookies. If somebody gets the cookie saved by the
sites, then he can easily decode it and can get
the password! This is generally possible in open
networks. So while using open networks always
use https as it makes you enter into secure mode
without leaving the cookie to the network.
Sun Jun 08, 2014 12:37 pm by rhyvanor
