[attachment=11244]
What is hacking?
How to translate the hackers’ language
Who is hacker?
• Hack
– Cut with repeated irregular blows
– Examine something very minutely
• Hacker
– The person who hacks
• Cracker
– System intruder/destroyer
• Hacker means cracker nowadays
– Meaning has been changed
History of hacking
• Telephone hacking
– Use telephone freely
– It’s called phreaking
• Computer virus
– Destroy many computers
• Network hacking
– Hack the important server remotely and destroy/modify/disclose the information
Types of hacking
Hacking accidents
• Internet Worm
– Robert T. Morris made an internet worm. It spread through the internet and crashed about 6000 systems.
• Cuckoo’s Egg
– Clifford Stoll caught the hackers who are the German hackers applied by KGB
• IP Spoof
– Kevin Mitnick was caught by Tsutomu Shimomura who was security expert. Kevin Mitnick uses the IP Spoof attack in this accident
Why do hackers hack?
• Just for fun
• Show off
• Hack other systems secretly
• Notify many people their thought
• Steal important information
• Destroy enemy’s computer network during the war
What do hackers do after hacking?
• Patch security hole
– The other hackers can’t intrude
• Clear logs and hide themselves
• Install rootkit ( backdoor )
– The hacker who hacked the system can use the system later
– It contains trojan ls, ps, and so on
• Install irc related program
– identd, irc, bitchx, eggdrop, bnc
• Install scanner program
– mscan, sscan, nmap
• Install exploit program
• Install denial of service program
• Use all of installed programs silently
What do hackers know?
• Don’t know how to use vi
• Don’t know what unix is
• Don’t know what they do
• Know how to intrude the system
• Know how to crash the system
• Know where the hacking programs are
How can kid hack?
• Kid has much of time
– Kid can search for longer time than other people
• All hacking program is easy to use
• Kid doesn’t have to know how the hacking program works
• These kids are called script kiddies
Why can’t Korean kid hack?
• Almost all Korean kids don’t know English well
• Almost all hacking program manuals are written in English
– However, many hacking program manuals are being translated
How can be a real hacker?
• Study C/C++/assembly language
• Study computer architecture
• Study operating system
• Study computer network
• Examine the hacking tools for a month
• Think the problem of the computer
Why can’t defend against hackers?
• There are many unknown security hole
• Hackers need to know only one security hole to hack the system
• Admin need to know all security holes to defend the system
How can protect the system?
• Patch security hole often
• Encrypt important data
– Ex) pgp, ssh
• Do not run unused daemon
• Remove unused setuid/setgid program
• Setup loghost
• Use switch hub
• Setup firewall
– Ex) ipchains
• Setup IDS
– Ex) snort
• Check unintentional changes
– Ex) tripwire
• How can protect the system? (3)
• Backup the system often
What should do after hacked?
• Shutdown the system
– Or turn off the system
• Separate the system from network
• Restore the system with the backup
– Or reinstall all programs
• Connect the system to the network
• It can be good to call the police