• February 17, 2018

Written by Darren L. Epstein, all rights reserved.  Copyright © 2019 / (DO NOT COPY)

Due to the nature of this article we attempt to inform the general public but not directly provide links to hacking tools and utilities.  Hacking when done for the right purposes is a great thing.  Corporations and the government often hire White Hat hackers to test the vulnerable of systems. 

Hacking:              We all know that word only too well in today’s day and age.  The ability to use a computer to gain unauthorized access to data in a system”.  Manipulation of code, by  focusing on the manipulation of already written code

Cracking:             Very similar to hacking but different.  Cracking is having the ability to remove or disable features which are considered undesirable by the person.  The manipulation of software, a serial number, or a hardware key.

Brute-force:       Brute-force is the term hackers use to get into a secure system.  An automated search for every possible password to a system.  They use hacking tools in order to accomplish this.  The most common hacking tool is the “dictionary-attack”, whereas a subject wanting to gain access connects a BOT to the password field running a digital dictionary against it.  The BOT automates the process of guessing the password.   

*QUESTION:  So why didn’t the FBI use a hacking utility as such to guess the password of the locked iPhone in the 2015-2016 terrorist attack in San Bernardino? The brute-force attack was eliminated and unable to be run, due to a second security feature, (security is best in layers of protection). Apple had installed a security feature that tracks the number of attempts the user enters the password, with it locking down the system and/or erasing the data if guessed incorrectly multiple times. This is how Apple and others protect against the # 1 tool hacks use to crack systems, brute-force.

Black hat:           Black hat hackers engage in hacking for illegal purposes, often for money and notoriety.

White hat:          An ethical hacker.  Someone who hacks and offers their services to a company or government to help make systems more secure and less vulnerable. 

Back doors:        A backdoor or trap door would have been pre-created when a software manufacture created their product.  This would give access to them or possibly the government into your computer.   There are rumors that some manufactures worked closely with government intelligence to build backdoors into their products.

BOT:                     A BOT stands for a “robot”…but a software robot that you can program.  A hacking tool can be a BOT, like a dictionary-attack BOT.  A BOT automates a simple action repeatedly at a very high rate.  Example:  Information brokers that sell company data and email information use to use BOTS that crawled the web gathering this data, many still do.

BOTNET:              It’s the hijacking of an individual computer or a group of computers without the owner knowing and using that computer or group of computers to send out spam or make denial of service attacks.

Phishing:             Tricking someone into giving you their personal information.  The modification of an existing legitimate email or website with a false link to trick the recipient into providing information.

Cookies:              Cookies are text files your Internet browser sends, usually to customize information from a website or recall data.  It helps make the web experience more enjoyable.

DOS Attack:       Denial of service attack (DOS) is used against a website or network to make it temporarily unresponsive.  A hacker would use a hacking tool, like a BOT to send many requests to the website causing the server to overload.  WHAT IS A CONTENT REQUEST:  A Content Request are the instructions sent from your web browser to a website that enables you to see the website.  The hacker is basically overloading the ability causing the server to fail.

Firewall:              A Firewall can be hardware or software.  It gives a level of protection between the outside IP and your internal IP…giving you a safe zoon to surf the web by preventing unauthorized access to a computer.

Hacktivist:          A hacker whose goals are social or political.

IP Address:         An Internet protocol address is a distinctive number that each computer or device on a network has, this way it can communicate with the web.   There are ‘Internal IP’ addresses and ‘external IP addresses’…also known as the ‘non-secure address’.  The external IP is from your ISP which connects to your home (router)…that router or   firewall sends out an ‘Internal IP’ address.  The Internet was setup like this years ago to help in security.  Internal IP’s and External IP’s are always different.

Logic bomb:       A virus secreted into a system that is triggers a malicious action.  Most common version would be the time bomb.

LulzSec:               Is best known when it was used to obtain user information from the website of Sony Pictures and supposedly shutting down the CIA website. 

Hash:                   Generated by an algorithm from a string of characters.  The sender of a message or file can generate a hash and then encrypt it.   The recipient generates another hash, then encrypts it.  If the generated hash are the same, the message or file has almost certainly not been tampered with.

Malware:            Is a software program created to steal, hijack or damage system. Examples include spyware, adware, viruses, key loggers, and many others. 

Logging:              Keystroke logging is software that has the ability to monitor your keystrokes. The tracking of which keys are pressed.  It can be used to grab user ID’, passwords and much more. 

Packet sniffer:   Detect and capture certain types of data. Packet sniffers are designed to detect packets traveling online. Packets are packages of information that contain the destination address and content.

Rootkit:               A set of software programs used to gain administrator-level to a system and set up malware, while camouflaging your work.

Spoofing:            Altering an email, IP, or a phones caller ID…so that the receiver feels the information or call coming is from a different person or system.  A hacker might alter his email header so it seems to be coming from your bank or alike.  IP spoofing in which a packet is sent to a computer with the IP altered to imitate a trusted host in hopes that the packet will be accepted and allow communication between both computers.

Spyware:          A type of malware that is programmed to hide on a computer or server and send back information to the hacker. 

SSL:                      An SSL certificate is created for a particular server in a specific domain for a verified business entity. Like a passport or a driver’s license, an SSL Certificate is issued by a trusted authority, the Certificate Authority (CA). Each SSL Certificate contains unique, authenticated information about the certificate owner. Secure Sockets Layer (SSL) encryption works by encrypting sensitive information during online transactions.

Trojan horse:     A type of malware that masquerades as a desirable piece of software and often installs a back door in the infected machine. 

Virus:                   A virus is a self-replicating malware that injects copies of itself in the infected machine.

Worm:                 Self-replicating, standalone malware. As a standalone it does not report back to a master, and unlike a virus it does not need to attach itself to an existing program. It often does no more than damage or ruin the computers it is transmitted to.  But it’s sometimes equipped with a payload, usually one that installs back doors on infected machine to make a botnet.

Written by Darren L. Epstein, all rights reserved.  Copyright © 2019 / (DO NOT COPY)

Leave a Reply

Your email address will not be published. Required fields are marked *