- March 25, 2016
Hacking, Cracking, Brute-Force…
What does it all mean?
Due to the nature of this article, we attempt to inform the general public, but not directly provide links to hacking tools and utilities. Hacking when done for the right purposes is a great thing. Corporations and the government often hire White Hat hackers to test the vulnerable of their systems.
Hacking: We all know that word only too well in today’s day and age. The ability to use a computer to gain unauthorized access to data in a system”. Manipulation of code, by focusing on the manipulation of already written code.
Cracking: Very similar to hacking but different. Cracking is having the ability to remove or disable features which are considered undesirable by the person. The manipulation of software, a serial number, or a hardware key.
Brute-force: Brute-force is the term hackers use to get into a secure system. An automated search for every possible password to a system. They use hacking tools in order to accomplish this. The most common hacking tool is the “dictionary-attack”, whereas a subject wanting to gain access connects a BOT to the password field running a digital dictionary against it. The BOT automates the process of guessing the password. QUESTION: So why can’t the government do that when dealing with the Apple iPhone in reference to the San Bernardino case? The Brute-Force attack has been eliminated due to a second security software aspect that tracks the number of attempts the user/pass is entered. This is how Apple and others protect against the # 1 tool hacks use to crack systems, Brute-Force.
Black hat: Black hat hackers engage in hacking for illegal purposes, often for money and notoriety.
White hat: An ethical hacker. Someone who hacks and offers their services to a company or government to help make systems more secure and less vulnerable. In February of 2017, the very well known “Anonymous” strikes again… taking down approximately 20 percent of the dark web, which was FULL of child porn!! Anonymous successfully cracked a system thought to be protected by relatively sophisticated barriers. Freedom Hosting II servers hosts many dark web sites. A message from “Anonymous” read… “We have a zero-tolerance policy for child pornography; all your files have been copied and your database has been dumped.”
As you can see… some White-Hat hacking and obvious actions like these are great examples of respectable hacking!
Back doors: A backdoor or trap door would have been pre-created when a software manufacture created their product. This would give access to them or possibly the government access into your computer. There are rumors that some manufactures worked closely with government intelligence sector to build back doors into their products.
BOT: A BOT stands for a “robot”…but a software robot that you can program. A hacking tool can be a BOT, like a dictionary-attack BOT. A BOT automates a simple action repeatedly at a very high rate. Example: Information brokers that sell company data often used BOTS that crawled the web gathering this data.
BOTNET: It’s the hijacking of an individual computer or a group of computers without the owner knowing and using that computer or group of computers to send out spam or make denial of service attacks.
Phishing: Tricking someone into giving you their personal information. The modification of an existing legitimate email or website with a false link to trick the recipient into providing information.
Cookies: Cookies are text files your Internet browser sends, usually to customize information from a website or recall data. It helps make the web experience more enjoyable.
DOS Attack: Denial of service attack (DOS) is used against a website or network to make it temporarily unresponsive. A hacker would use a hacking tool, like a BOT to send many requests to the website causing the server to overload. WHAT IS A CONTENT REQUEST: A Content Request are the instructions sent from your web browser to a website that enables you to see the website. The hacker is basically overloading the ability causing the server to fail.
Firewall: A Firewall can be hardware or software. It gives a level of protection between the outside IP and your internal IP…giving you a safe zoon to surf the web by preventing unauthorized access to a computer.
Hacktivist: A hacker whose goals are social or political.
IP Address: An Internet Protocol (IP) address is a distinctive number that each computer or device on a network has, this way it can communicate with the web. There are ‘Internal IP’ addresses and ‘external IP addresses’…also known as the ‘non-secure address’. The external IP is from your ISP (Internet Service Provider) which connects to your home (router)…that router or firewall sends out an ‘Internal IP’ address. The Internet was setup like this years ago to help in security. Internal IP’s and External IP’s are always different, on a difference serious of numbers.
Logic bomb: A virus sent secreted into a system that triggers a malicious action. Most common version would be the time bomb.
LulzSec: Is best known when it was used to obtain user information from the website of Sony Pictures and supposedly shutting down the CIA website.
Hash: Generated by an algorithm from a string of characters. The sender of a message or file can generate a hash and then encrypt it. The recipient generates another hash, then encrypts it. If the generated hash are the same, the message or file has almost certainly not been tampered with.
Malware: Is a software program created to steal, hijack or damage system. Examples include spyware, adware, viruses, key loggers, and many others.
Logging: Keystroke logging is software that has the ability to monitor your keystrokes. The tracking of which keys are pressed. It can be used to grab user ID’, passwords and much more.
Packet sniffer: Detect and capture certain types of data. Packet sniffers are designed to detect packets traveling online. Packets are packages of information that contain the destination address and content.
Rootkit: A set of software programs used to gain administrator-level to a system and set up malware, while camouflaging your work.
Spoofing: Altering an email, IP, or a phones caller ID…so that the receiver feels the information or call coming is from a different person or system. A hacker might alter his email header so it seems to be coming from your bank or alike. IP spoofing in which a packet is sent to a computer with the IP altered to imitate a trusted host in hopes that the packet will be accepted and allow communication between both computers.
Spyware: A type of malware that is programmed to hide on a computer or server and send back information to the hacker.
SSL: An SSL certificate is created for a particular server in a specific domain for a verified business entity. Like a passport or a driver’s license, an SSL Certificate is issued by a trusted authority, the Certificate Authority (CA). Each SSL Certificate contains unique, authenticated information about the certificate owner. Secure Sockets Layer (SSL) encryption works by encrypting sensitive information during online transactions.
Trojan horse: A type of malware that masquerades as a desirable piece of software and often installs a back door in the infected machine.
Virus: A virus is a self-replicating malware that injects copies of itself in the infected machine.
Worm: Self-replicating, standalone malware. As a standalone it does not report back to a master, and unlike a virus it does not need to attach itself to an existing program. It often does no more than damage or ruin the computers it is transmitted to. But it’s sometimes equipped with a payload, usually one that installs back doors on infected machines to make a botnet.
© 2018, Darren L. Epstein, PI. ALL RIGHTS RESERVED, NOT TO BE COPIED
Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to [Darren L. Epstein] and [Counter-Intelligence.com] with appropriate and specific direction to the original content.