|
|
|
Hacking can boomerang!
OVER the last few years security has been a major cause of concern among the computer users. With the recent sharp rise in the hacking occurrences, computer users today are faced with number of problems, one of most important being their privacy.
Techies define hacking as breaking into others computer, either for exuberance, or to thieve someone's personal data. Hackers are proficient at cracking password-protected systems, and they take this task as a challenge. They are e-burglars, who know how to get into your system. Once they break in, they purloin, alter and can even destroy your critical data. This act, all over the world, is considered as a crime.
Apparently, the first hacking episode took place in the late nineteenth century when people broke into the early telephone system. Today, hacker groups are found all over the world. They communicate through web forums where they exchange ideas, publish guides, and make available the latest hacking tools to help their community to improve.
This August saw the world’s biggest hacking convention, “DefCon”, held in Las Vegas, in the US, which has turned out to be the centre of world’s biggest hacking event. Around 5,000 hackers, phreaks and FBI got together to trade tips and discuss business, in DefCon’s tenth conference.
DefCon was started a decade ago by a hacker called “Dark Tangent”. The first DefCon conference was attended by about 110 people. It was held with just a few speakers. Since then, it has come a long way. The event now holds significant importance for hackers and draw them from all parts of the world.
In the society that view hackers as geeks and freaks, DefCon provides a perfect weekend for them to meet and share useful information and understand one another’s passions.
The man behind DefCon, Dark Tangent, says, “Since those early days computer security has gone from some skill learned in the scene to something you can study online for free. You no longer have to break into systems to learn UNIX because there are plenty of free operating systems. It seems that almost every motivation to hack has changed over the last decade. PCs are cheap and UNIX free. Internet access can be had at the cost of four espressos and security information is free online.”
The question is what is going to happen next? In his opinion, “people will continue to not give a thought to security.” They haven’t for ten years so why start now? The people who should really care about it, like the government, the military, hospitals and banks, will continue to have hard times. The market will take four years or more to recover, and there will be a lack of Gen-X jobs all around. He predicts that there will be more politically motivated hacking as DefCon is reaching critical mass for the number of people who can get online and learn to hack and some of these people are going to be motivated by politics.
DefCon also challenges and motivates the individual to work harder. According to Dark Tangent, it has been thinking about how to do more stuff for the scene, and have come up with the following ideas. It will see what works and what doesn’t work online over the next few months. It is going to run a few mailing lists, start a Speak Freely encrypted voice bridge and voice chat server, try to run a small file size anonymous re-mailer, run a JAP remix chain on some of its bandwidth, and rebuild the media server. Basically, it wants to do things that however small, increase people thinking about privacy and freedom.
As a whole, DefCon is a convention for the more “underground” elements of the computer culture. It is geared towards hackers, programmers, phreaks, cyberpunks, open source hackers, civil liberty and privacy advocates, casual bystanders, Feds, reporters, and anyone interested in observing what’s going on in the computer underground today. DefCon continues to grow the network, as well as providing some dedicated servers for attendees to use.
DefCon this year took place in eight main areas. As far as the talks go, there were four main areas each hosting eight talks a day. The majority of the talks revolved around wireless connections, whether it was securing them or the best and quickest ways to exploit them. However, one of the more interesting events was “Advances in Trojans” which showcased a new virus developed by three South African researchers, Roelof Temmingh, Charl van der Walt and Haroon Meer.
Later, a Microsoft spokesman was heard telling people that the company is evaluating the security hole and as it has not been released into the wild, there’s no need to panic just yet. The more malicious side of the event was made apparent in the chill-out area following the last talk of the day. Shouts of frustrations could be heard from users of the wireless network whose connections were being affected by mischievous hackers.
Every minute, or maybe every second, our computer systems are in serious danger thanks to the millions of hackers all around the world. Hacking has no doubt become an illegal act and can be considered a crime. It deprives us of our very personal and valuable information and can cause deep frustration and depression. It makes us feel insecure and vulnerable to anybody and everybody in this world. However, even this has a back door to it. When you run a web server on your machine and stay connected for long enough, you might get some request traffic on your web server and almost all of it can be hacker traffic. An example of automatic hack attempts on your machine is that you may have been running a web server which is vulnerable to these attacks such as, perhaps, an older version of Microsoft IIS and the machine would probably have been compromised. By using the Gnutella network you are making yourself more vulnerable to hackers than usual when connecting to the internet. Firstly you are probably staying online for very long periods of time to download stuff, giving hackers more opportunity to hack into your machine. Secondly, you are may be publishing your IP address to the Gnutella network.
However, it is not difficult to protect your machine and stay linked up to Gnutella. If you are using your machine purely as a single user client machine to read Email and browse the WWW then you shouldn’t be exporting any service, apart from Gnutella itself. If your machine is not exporting any services then you cannot be hacked but you need to be on your guard for worms or viruses.
Exporting a service means running a process on your machine which “listens” for incoming TCP/IP connection requests to a particular port. For example a web server will listen for connections on port 80. To see what services your machine is providing you can use the “net stat” — a command to find ports in the LISTEN state.
If you are using a non open-source operating system such as Microsoft Windows then disabling services may be a bit trickier and you may need to pay for some sort of firewall to secure your machine. A firewall can be used to intercept and block unwanted socket connections.
Moreover, Honeypots are software packages that will emulate features on your computer, like a Web server. The idea is that hackers will come across the system, decide it looks interesting and try a variety of attacks. They can’t do any harm because it's not a real Web server, and because the honey pot records everything the hacker does, you get to learn more about how your systems are initially attacked.
By doing this we may not only defend and safeguard our computer systems but can also feel secure and confident when connecting to the internet and so on. Commit this to memory that hackers have no entitlement of stealing information or breaking into our systems and we must make it our first priority to keep them from doing so.
The writer is a freelance contributor
|
|
|
|
