When it comes to hackers, it is always so mysterious. In people's eyes, hackers are a group of smart and energetic young people, who are bent on cracking all kinds of passwords in order to sneak into the computer system of the government, enterprises or others without permission and peek into others' privacy. So, what is a hacker?
Hacker comes from the English verb hack, which means "chop, chop" and is extended to "do it beautifully". In the early campus slang of MIT, "hacker" means "prank", especially a clever and skillful prank. In Japan's new hacker dictionary, hackers are defined as "people who like to explore the mysteries of software programs and grow their personal talents from them." Unlike most computer users, they only know a small part of the knowledge specified by others. " From these definitions, we still can't see the meaning of being too derogatory. They usually have advanced hardware and software knowledge and the ability to analyze systems through innovative methods. Hackers can make more networks more perfect and secure. They aim to protect the network and find network vulnerabilities through improper intrusion.
Another type of intruder is someone who uses network vulnerabilities to destroy the network. They often do repetitive work (such as brute force cracking passwords), and they also have extensive computer knowledge, but unlike hackers, their purpose is to destroy. These groups become "hackers". Of course, there is also a class of people who are between hackers and intruders.
It is generally believed that hackers originated in the laboratory of Massachusetts Institute of Technology in 1950s. They are full of energy and keen to solve problems. In the sixties and seventies, the word "hacker" was very meaningful. It was used to refer to computer addicts who thought independently and obeyed the law. They are super intelligent and devoted to computer research. Hacking activity means exploring the maximum potential of computers intellectually freely, which has made great contributions to the development of computer technology. It is these hackers who initiated a personal computer revolution and the current open computer architecture, which broke the previous situation that computer technology was only in the hands of a few people, created personal computers, and put forward the view that "computers serve the people." They are heroes in the history of computer development. At present, the basic techniques used by hackers to invade computer systems, such as password cracking, trap door, back door and Trojan horse, were invented during this period. The experience of hacking has become an indispensable part of the resumes of many computer giants. For example, Steve Jobs, one of the founders of Apple, is a typical example.
In the 1960s, the use of computers was far from universal, and there were few databases for storing important information, not to mention hackers illegally copying data. In the 1980s and 1990s, computers became more and more important, and there were more and more large databases. At the same time, information is increasingly concentrated in the hands of a few people. This "enclosure movement" in the new era has aroused great resentment from hackers. Hackers believe that information should be enjoyed by a few people rather than monopolized, so they turn their attention to information databases involving all kinds of secrets. At this time, the computerized space has been privatized and has become a property owned by individuals. Society can no longer turn a blind eye to hacking, but must take action to control it by legal means. Hacking activities have been dealt an unprecedented blow.
However, the government and company managers are increasingly asking hackers to teach them computer security knowledge. Many companies and government agencies invite hackers to check the security of their systems, and even ask them to design new security programs. After two hackers discovered the flaws in the credit card shopping program designed by Netscape and made an announcement to the business community, Netscape corrected these flaws and announced that it would hold a contest called "Netscape Defect Grand Prix". Those hackers who discover and discover the security vulnerabilities of the company's products will receive a bonus of $65,438+$0,000. There is no doubt that hackers are making contributions to the development of computer protection technology. 2. Hacking attacks
Some hackers often take several methods, but I really want to say that a good hacker will never attack others casually.
1) to get the password.
There are three methods: first, illegally obtaining user passwords through network monitoring, which has certain limitations, but it is extremely harmful. Listeners can often get all the user accounts and passwords of their network segments, which poses a great threat to the security of local area networks. Second, after knowing the user's account number (such as the previous part of email @), use some special software to forcibly crack the user's password. This method is not limited by network segments, but hackers should have enough patience and time; Third, after obtaining a user password file on the server (this file becomes a shadow file), use a brute force cracker to crack the user password. The premise of this method is that the hacker obtains the shadow file of the password. This method is the most harmful of all methods, because it does not need to repeatedly try to log in to the server like the second method, but can easily crack the user's password by comparing the encrypted password with the password in the shadow file locally, especially for those mentally retarded users (users with extremely low password security factor, such as users with zys accounts, whose passwords are zys666, 66666, or simply zys, etc.). ).
2) Place Trojan horse program
Trojan horse programs can directly invade users' computers and destroy them. It is often disguised as a utility program or a game, which induces users to open email attachments with Trojan horses or download them directly from the Internet. Once users open these email attachments or execute these programs, they will stay in their computers like trojans left by soldiers outside enemy cities, and hide a program in their computer systems that can be quietly executed when windows starts. When you connect to the Internet, this program will inform hackers to report your IP address and preset port. After receiving this information, hackers can use this latent program to modify the parameter settings of your computer, copy files, peek into the contents of your entire hard disk and so on. Feel free to control your computer.
Deception technology of WWW
Online users can use IE and other browsers to visit various websites, such as reading newsgroups, consulting product prices, subscribing to newspapers, e-commerce and so on. But the average user may not think of these problems: the web page being visited has been tampered with by hackers, and the information on the web page is false! For example, a hacker rewrites the URL of a web page that a user wants to browse to point to the hacker's own server. When users browse the target web page, they actually send a request to the hacker server, and the hacker can achieve the purpose of cheating.
4), mail attack
E-mail attacks are mainly manifested in two ways: one is e-mail bombing and e-mail "snowballing", also known as e-mail bomb, which refers to sending thousands, tens of thousands or even unlimited times of spam with the same content to the same mailbox with forged IP addresses and e-mail addresses, resulting in the "bombing" of the victim's mailbox, which may bring danger or even paralysis to the operating system of the e-mail server in serious cases; The second type is email spoofing, in which an attacker pretends to be a system administrator (the email address is exactly the same as the email address of the system administrator) and sends an email to the user, asking the user to change the password (the password may be a specified string) or load a virus or other Trojan horse program in a seemingly normal attachment (as far as I know, network administrators in some units are obliged to send firewall upgrade programs to users free of charge on a regular basis, which provides an opportunity for hackers to successfully use this method). As long as users are vigilant, this kind of spoof will generally not do much harm.
5) Attacking other nodes through one node.
After a hacker breaks through a host, he often attacks other hosts based on this host (hiding its intrusion path to avoid leaving clues). They can use network monitoring methods to try to destroy other hosts in the same network; You can also attack other hosts through IP spoofing and host trust relationship. This kind of attack is cunning, but because some technologies are difficult to master, such as IP spoofing, it is rarely used by hackers.
6), network monitoring
Network monitoring is a working mode of the host computer. In this mode, the host can receive all information transmitted on the same physical channel, regardless of the sender and receiver of the information. At this time, if the communication information between the two hosts is not encrypted, then using some network monitoring tools, such as NetXray for windows 95/98/nt, sniffit for linux, solaries, etc., you can easily intercept information including passwords and accounts. Although the user accounts and passwords obtained by network monitoring have certain limitations, listeners can often obtain all user accounts and passwords of their network segments.
7), looking for system vulnerabilities
Many systems have bugs, some of which are in the operating system or the application software itself, such as Sendmail vulnerability, password verification vulnerability of * * * directory in win98, IE5 vulnerability and so on. Before the patch is developed, these vulnerabilities are generally difficult to defend against hackers unless you unplug the network cable; Others are vulnerabilities caused by system administrator configuration errors. For example, in the network file system, calling out directories and files in a writable way and storing shadowless user password files in a directory in clear text will bring opportunities to hackers and should be corrected in time.
8), using the account to attack.
Some hackers will use the default account and password provided by the operating system to attack. For example, many UNIX hosts have default accounts such as FTP and Guest (the password and account name are the same), and some even have no password. Hackers use the commands provided by Unix operating system, such as Finger and Ruser, to collect information and constantly improve their attack ability. This kind of attack can generally be overcome as long as the system administrator is vigilant, closes the default account provided by the system or reminds users without passwords to increase their passwords.
9), stealing privileges
Various Trojan horse programs, backdoor programs and programs written by hackers themselves that cause buffer overflow are all used to attack. The former can enable hackers to gain full control of users' machines illegally, while the latter can enable hackers to gain super-user rights, thus having absolute control over the whole network. This means of attack, once effective, is extremely harmful.