As part of ethical hacking, you should also know the actual dangers and vulnerabilities that your
computer systems and networks face. Next time you connect your computer to the internet or host a
WiFi connection for your friends, you ought to know that you are also opening a gateway (or
gateways) for other people to break in.
In this chapter we’ll look into some of the most common security vulnerabilities that ethical hackers
will have to work with and eventually keep an eye on.
Network Infrastructure Attacks
Network infrastructure attacks refer to hacks that break into local networks as well as on the Internet.
A lot of networks can be accessed via the internet, which is why there are plenty out there that can be
broken into. One way to hack into a network is to connect a modem to a local network. The modem
should be connected to a computer that is behind the network’s firewall.
Another method of breaking into a network is via NetBIOS, TCP/IP, and other transport mechanisms
within a network. Some tricks include creating a denial of service by flooding the network with a
huge load of requests.
Network analyzers capture data packets that travel across a network. The information they capture is
then analyzed and the information in them is revealed. Another example of a fairly common network
infrastructure hack is when people piggyback on WiFi networks that aren’t secured. You may have
heard of stories of some people who walk around the neighborhood with their laptops, tablets, or
smartphones looking for an open WiFi signal coming from one of their neighbors.
Non-Technical Attacks
Non-technical attacks basically involve manipulating people into divulging their passwords,
willingly or not. The term social engineering comes to mind and it is the tool used in these kinds of
attacks. An example of this is by duping (or even bribing) a coworker to divulge passwords and
usernames. We’ll look into social engineering a little later on.
Another form of non-technical attack is simply walking into another person’s room where the
computer is, booting the computer, and then gathering all the information that you need – yes it may
sound like Tom Cruise and his mission impossible team, but in reality these non-technical attacks are
a serious part of hacking tactics.
Attacks on an Operating System
Operating system attacks are one of the more frequent hacks performed per quota. Well, it’s simply a
numbers game. There are many computers out there and a lot of them don’t even have ample
protection. There are a lot of loopholes in many operating systems – even the newest ones around still
have a few bugs that can be exploited.
One of the avenues for operating system attacks is password hacking or hacking into encryption
mechanisms. Some hackers are just obsessed with hacking other people’s passwords just for the
sheer thrill of it.
Attacks on Applications
Apps, especially the ones online and the ones that deal with connectivity, get a lot of attacks.
Examples of which include web applications and email server software applications. Some of the
attacks include spam mail (remember the Love Bug or ILOVEYOU virus back in 2000?). Spam mail
can carry pretty much anything that can hack into your computer system.
Malware or malicious software is also another tool in the hands of a hacker when they try to attack
pretty much everything, especially apps. These software programs include Trojan horses, worms,
viruses, and spyware. A lot of these programs can gain entry into your computer system online.
Another set of applications that get attacked frequently are SMTP applications (Simple Mail Transfer
Protocols) and HTTP applications (Hypertext Transfer Protocols). Most of these applications are
usually allowed to get by firewalls by the computer users themselves. They are allowed access
simply because they are needed by the users or a company for its business operations.
So Why Do You Have to Know All This?
You have to know the threat so you can perform it yourself and provide a way to protect a computer
system from the said attack (or hack). Obviously, you can’t beat an enemy you do not know. You can’t
counter a technique you don’t know how to execute.
Note that this is only an introductory book, specifically designed for beginners. This book won’t be
able to cover all the hacking techniques out there. But at least you’ll have an idea of how it’s done
and what tools you can use for your own systems testing.
The Ethical Hacker Mindset
Since this book will promote ethical hacking, you should become familiar with the white hat hacker’s
code and mindset. These involve some very basic rules of thumb that will help you along the way.
They will also help you not to lose your way as you learn more technical hacking skills.
The first rule of thumb is to work ethically. You shouldn’t have any hidden agendas, even when you
have been given the thumbs up to hack into someone else’s computer. Remember that you were hired
to test for vulnerabilities in your employer’s system. Needless to say, trust is a big tenet of ethical
hackers.
The next rule of thumb is – don’t crash the system. It doesn’t matter if you’re hacking into your own
computer or if you’re trying to break into someone else’s computer system or network. Your goal is to
find the loopholes but not to cause havoc. The system you hack should still be able to function as it
should during and after you do your testing.
The last rule of thumb is to respect the other person’s privacy. Even though you have the power to
poke into someone else’s private data, you’re not supposed to interfere with their privacy. At the end
of the day, you should be reporting any possible attacks on any form of private data.