Security

Fundamentals of Hacker Attacks

There is no such thing as a universal method to break into an Internet site or server. Every time, an individual approach must be taken to open the necessary doorway. Although some attacks can overpower any defense, for example, a distributed denial-of-service (DoS) attack or brute-force password guessing, they can be too expensive in terms of time and computer resources to implement. Moreover, these attacks are as smart and subtle as driving a tank up to a bank and blasting the vault open. A hacker who breaks into a server using a brute-force attack to discover the password or who takes it out of commission by launching a distributed DoS attack against it will never be recognized as a professional; thus, these methods are used as a last resort and mostly by beginning crackers.

Why are attacks on computers increasing every year? The information about the security holes and vulnerabilities in computer systems used to be stored on bulletin board systems (BBSs), and only a few people with special privileges had access to it. So, it was hackers among these chosen few who carried out attacks with impunity, because their level of education and experience were quite high. It was difficult, often impossible, for a beginner or someone not belonging to the inner circle to gain access to such BBSs. This means that information about vulnerabilities and programs for implementing attacks were available only to a limited number of people.

Nowadays, this information and the necessary tools are available to anyone; thus, anyone can get into the cracking business. The situation is exacerbated by a host of utilities that automate the break-in process and are available to anyone at a number of Internet sites. With some of these utilities, all you have to do is to enter the address of the site to crack and click the Go button. The rest is done by the computer without any involvement on your part. You will not know how the computer did this, but there are quite a few individuals who could not care less; the only thing they are interested in is the results.

How do viruses spread?

Every executable file has a header. This header contains the entry point: a program address from which it starts its execution. When a virus piggybacks on a program, it adds itself at the program's end and changes the entry point to itself, passing control to the old entry point only after the virus code executes. This way, when an infected executable file starts, the virus code executes first, after which control is passed to the program.

Some especially lazy virus writes do not like bothering with headers. They do it the other way around: They add the executable file to their virus, that is, the virus's body goes first.

This is the main manner of operation of most attachable viruses that were common until about 2000 – MS DOS viruses in particular. The least you can do to protect against this type of malicious code is to check the headers of executable files. A modified header is good cause for alarm, as this may have been done by a virus or a worm. Of course, keeping track of all file headers is a difficult task to carry out manually. At least the size of the main programs, however, can be checked, for it changes when a virus attaches itself to a file.

Input Validation

Input Validation is the primary task for every security specialist and software (web) developer. I will describe the problem using web development because it is my passion. Web programs get data from users using parameters. The parameters it is an entry point to your application. Hackers may impact on the parameters to impact on your application to intrude to your system. Parameters are the gate between your application and users. You have to take the gate protected and your application will be secure.

Input validation is not only security issue but it is the main one. You have to provide proper input data validation to make your system protected. There is no single solution to make the parameters secure. It depends on your application and how you use the data.

Assume all input is malicious. Do not trust to data received from users. Trust only to data received personally from you or your code that already checked the values. Other values must be checked.

Jacking Up Voting Results

Voting systems on different sites are constantly developing and programmers are trying to devise protection against visitors jacking up the voting counters. Suppose that you have decided to take a part in a poll conducted by some site and want your preferred answer to prevail. How can this be done? There are many ways. The one to employ depends on the program used to conduct the polling.

Let's consider one vote-boosting method, using the www.download.com site as an example. Here, visitors can vote for their favorite programs. When you see that your favorite program is way down in the ratings, you naturally want to lift it up and help the developers.

In order to know how to pad the votes, you must know how they are counted. The simplest methods use cookie files. These are files in which web servers save any useful for them information. Each web site has its own file, which only it can read. No site can read cookies created by other site servers. When you cast your vote for some cause or issue, the server saves the information about your vote in a cookie file. Let's consider the steps performed when registering votes:

CyD Web Development Tools 2010 Beta

I want to introduce you a new software product for WEB developers, Security specialists and SEO professionals: CyD Web Development Tools. It is a new product and you can test beta version at this moment. The product will consist of modules for WEB developers and SEO professionals. Some of the modules will be available as part of CyD Network Utilities - Security tools.

At this time the product consist of only one module - search for WEB site vulnerabilities. The program needs improvements but you can try the module absolutely free-of-charge with no limits. Tell me if you have any suggestions for the program or if you found error. Some commands do not work in the program. I'm going to implement the full set of the features as soon as possible.

Port scanning

The only way to protect your system from hacker attacks is to know how hackers carry out these attacks. When considering the fundamentals of hacker attacks, you have to think as a hacker. For example, what should be done first to break into a server or to test it for vulnerabilities? There is no clear answer to this question. Any break-in is a creative process and requires an individual approach. There are no clear-cut rules or ready-made templates. Nevertheless, a few practical recommendations can be given.

The first step in a break-in or vulnerability test is to scan the ports. Why? To find out what services (daemons, in Linux) are installed in the system. Each open port is a service program installed on the server, to which someone can connect and make it do certain things. For example, port 21 is used by the file transfer protocol (FTP) service. If a hacker can connect to this port, he or she will be able to download and upload files from and to the server. The hacker must acquire the corresponding rights to be able to do this, however.

The first 1,024 ports must be scanned initially. Many of them are used by standard services like FTP, hypertext transfer protocol (HTTP), and Telnet. Each open port is like a locked door to the server. The more doors the server has, the more chances there are that the lock on one of them can be picked. Therefore, you should only install those services that are necessary.