26 March 2011

Learn To be A Hacker

Hackers with the expertise to see and fix vulnerabilities in computer software;
normally then published openly on the Internet for the system to be better. Unfortunately, few people take the evil use that information to crime - they are usually called a cracker. Basically the world of hackers and crackers are no different from the art world, here we talking art Internet network security.

I hope the science of network security in this paper is used for good things - be a Hacker not a Cracker. Do not until you get karma for using science to destroy property others. Moreover, at present the need for hackers is increasing in Indonesia with dotcommers more who want to IPO in the stock market. Good name and the value of a dotcom could fall even become worthless if the dotcom collapse. In this case, the hackers expected to be a security consultant for the dotcommers it - because the HR party police and security forces in Indonesia is very very weak and pathetic in the field of technology Information & Internet. What may make cybersquad, private cyberpatrol probably need at budayakan for survival dotcommers Indonesia on the Internet.

Various Internet network security techniques can be easily obtained on the Internet, among others, inhttp://www.sans.org, http://www.rootshell.com, http://www.linuxfirewall.org/, http://www.linuxdoc.org,
http://www.cerias.purdue.edu/coast/firewalls/, http://www.redhat.com/mirrors/LDP/HOWTO/. Most
of this technique in the form of books that the number of its several hundred pages that can be taken in
free of charge (free). Some Frequently Asked Questions (FAQ) about network security can
obtained in http://www.iss.net/vd/mail.html, http://www.v-one.com/documents/fw-faq.htm. And for
the experimenter some script / program that is so can be found among others in http://bastille-
linux.sourceforge.net /, http://www.redhat.com/support/docs/tips/firewall/firewallservice.html.
For those readers who wish to gain knowledge about the network can be downloaded free of charge from
http://pandu.dhs.org, http://www.bogor.net/idkf/, http://louis.idaman.com/idkf. Some book-shaped
softcopy can be taken free of charge to the capture of http://pandu.dhs.org/Buku-Online/. We must
especially grateful to the team led by Pandu I Made Wiryana for this. At this time,
I do not know of any place of active discussion Indonesia discuss these hacking techniques -
but may be partly discussed in the mailing list information such as kursus-linux@yahoogroups.com
& Linux-admin@linux.or.id which are operated by the Indonesian Linux Users Group (Ltsp)
The simplest way to see the weakness of the system is by way of seeking information from
various vendors for example in http://www.sans.org/newlook/publications/roadmap.htm # 3b on
weakness of the system they have created yourself. In addition, monitoring the various mailing lists at
Internet which related with security network like in list
http://www.sans.org/newlook/publications/roadmap.htm # 3e.
Described by Front-line Information Security Team, "Techniques Adopted By 'System Crackers'
When Attempting To Break Into Corporate or Sensitive Private Networks, "fist@ns2.co.uk

http://www.ns2.co.uk. A Cracker generally men aged 16-25 years. Based on user statistics
Internet in Indonesia, then in fact the majority of Internet users in Indonesia are children younger
at this age as well. Indeed, this age is the age that is ideal in studying new including
Internet knowledge, very unfortunate if we do not succeed menginternetkan to 25,000 Indonesian school
s / d in 2002 - as the foundation for the future of Indonesia is in the hands of our young kids this.
Well, the young cracker cracking is generally done to improve the ability /
use the resources on the network for its own sake. Generally, the cracker is
opportunistic. Seeing the weakness of the system to carry out the scanner program. After gaining access
root, the cracker will install a back door (backdoor) and close all general weakness
As we know, generally the various companies / dotcommers will use the Internet to (1)
Web hosting their servers, (2) e-mail communication and (3) provide access web / internet to
its employees. Internet and Intranet network separation is generally performed using
engineering / software firewall and proxy server. Seeing the conditions of use of the above, the weakness of the system
generally can penetrate through the mail server for example with external / outside that is used for
easy access to the mail out of the company. In addition, by using aggressive-SNMP
scanner and a program that forced the SNMP community string to convert a router into
bridge (bridge) which can then be used for a stepping stone to get into the network
company's internal (Intranet).
In order for crackers protected during the attack, the technique cloacking (incognito) is done
by jumping from the previous machine has been compromised (conquered) through program
telnet or rsh. At an intermediary machine that uses Windows attack can be performed with
Wingate jumped out of the program. In addition, the jumps can be done through a proxy device
configuration is less good.
After a successful jump and into other systems, usually a cracker to probe against
network and gather the information needed. This is done in several ways,
eg (1) use nslookup to run the command 'ls ', (2) see
HTML file on your web server to identify other machines, (3) to see various documents on
FTP servers, (4) connecting to the mail server and use the command 'expn ', and (5)
her finger users on other external machines.
The next step, the cracker will identify network components that are trusted by the system what
only. These network components are usually the administrator machine and the server that is usually considered
most secure in the network. Start by checking access & NFS exports are critical to various directories
such as / usr / bin, / etc and / home. Exploitation of the machine through the weakness of the Common Gateway Interface (CGI),
with access to the file / etc / hosts.allow.
Next cracker should identify network components that are weak and can be conquered.
Crackers can use the program in Linux like ADMhack, mscan, nmap and many small scanner
other. Programs such as 'ps' and 'netstat' in for a trojan (remember the Trojan horse story? In classical greek story
old) to hide the scanning process. For a fairly advanced cracker can use
aggressive-SNMP scanning to scan equipment with SNMP.
Once the cracker managed to identify the network components are weak and can be conquered, then
cracker will run a program to conquer the weak daemon program on the server. Program
daemon is a program on a server that normally runs in the background (as daemon / demon).

The success of conquering this daemon program will allow a cracker to obtain
access as 'root' (the highest administrator in the server).
To eliminate the trace, a cracker usually perform the cleaning operation 'clean-
up 'operation by way of cleaning the various log files. And add the program to enter
from the back door 'backdooring'. Changing. Rhosts file in / usr / bin for easy access to the machine
that be conquered through rsh & csh.
Furthermore, a cracker can use a machine that has been conquered for their interests
own, such as taking sensitive information that should not be read; mengcracking machine
other by jumping from the machine be conquered; install a sniffer to see / record the various
traffic / communication is passed; can even turn off the system / network by running
command 'rm-rf / &'. The latter will be very fatal consequences because the system will be destroyed at all,
especially if all the software in put in the hard disk. Process re-install the entire system must be done,
would be a headache if it is done on machines that run mission critical.
Therefore all machines & routers that run mission critical should always check
security & on patch by newer software. Backup is very important especially in
machines that perform critical missions in order to be saved from the act of disabling cracker
system with 'rm-rf / &'.
For those of us who wrestle daily on the Internet usually it will greatly appreciate the presence of
hacker (not cracker). Because thanks to the hackers, the Internet is there and can we enjoy such
today, even kept in repair to be a better system. Various weaknesses
system be improved because of cleverness fellow hackers who often times they will be working on improvements.
voluntarily because of his hobby. Moreover, often the result of his hacking distributed free of charge
on the Internet for the purposes of the Internet community. A culture of mutual help values ​​& Noble it grows in cyberspace Internet that usually seem futuristic and far from the social sense.