 |
Internet security and Hacking
The security threats to business IT infrastructures have increased severely. Most prominent are the rising number of viruses and similar malicious programs that threaten serious financial loss.
Security is now seen as an important element of business continuity.
Security experts have discovered an instant-messaging tool that could change the way denial-of-service (DoS) attacks are performed.
Combining the open-source tool nmap - a program that discovers devices on a network - with an IM bot, hackers can infiltrate, steal information and carry out denial-of-service attacks on networks, says the director of security for Whitehat UK, Jason Hart.
IM runs over port 80, which is often regarded as a trusted port because internet traffic travels through it. Nmap uses ping requests and port scans to discover network devices.
Hart said: "The bot could send itself to 10,000 addresses, which could then attack one IP address. This means that 'denial-of-service attack' has taken on a whole new meaning. What's worrying is that this would look internal."
If instructed, the nmap bot is capable of a DoS attack by sending a massive amount of pings, a term hackers have dubbed 'the ping of death'.
"IM has always been a major concern," said Hart. "Just imagine the consequences - it can do a ping of death from an internal address, which confuses administrators. And the technology might not know to protect from the inside."
For the bot to run, it must be executed via either a download, an attachment or a .JPEG file - so won't run automatically. However, many of these approaches require little or no social engineering - hence the huge increase in simple phishing attacks. Although the tool is still in its 'proof of concept' stage, Hart said he has been able to make it work in the lab and that it may already have been used in the real world but simply been undetected.
"Between now and Christmas we're going to see some major developments in the hacking world," he added.
Many firms favour IM over email to get around compliance regulations, which require them to log all emails. In this year's SANS top 20 vulnerabilities, threat research director Alan Paller highlighted IM as a major cause for concern.
Whitehat's Hart advised companies to avoid use of IM: "Don't use instant messenger. Anything going over port 80 should be checked and controlled. The easiest way of preventing the bot is by stopping people installing software."
Here are 2004's most popular hacker tools, viruses, remote tools, adware, spyware, trojans and worms.
Hackers and spammers use all the latest software security holes, worms and trojans to attack many businesses and trick Internet users into revealing their personal and financial information. These constant attacks on private and public systems have become more than just a nuisance, they've become an overwhelming financial burden, 10 billion dollars.
Listed below are the most commonly used programs Hacker tools, Key Loggers, RAT: (Remote Administration Tool), Spyware, Spyware cookies, Trojans, and Worms from the year 2004.
Top Ten Hacker Tools
Hacker tools are programs written to access a computer system using known software vulnerability. Most of these programs have been written and are freely distributed from "Hacker" websites. Some of these programs were written for legitimate uses and are abused as a hacking tool.
 Access Diver
LANguard Network Scanner
Cracking Tool
IOpus Password Recovery XP
Key Generator
Personal Antispy
XPKey
Super Scan 3.0
LastBit Password Tools 4.0.0.3175
Aet_network_scanner10
Top Ten Key Loggers
Key Loggers, like the name suggests, are programs that record keystrokes from the computer keyboard and either logs it to the computer or sends it to its maker through a built in e-mail engine. Key logging allows a prospective hacker to gain access to the user name, passwords, and even id numbers entered into sensitive online bank accounts or passwords to remote control programs. Listed below are the top 9 key loggers reported.
KeySnatch
Spyster 1.0.19
ProBot
NetSpy KeyLogger
KeyLogger Pro
Free Scratch and Win
Remote KeyLogger 1.0.1.0
· TrojanSpy.Win32.Briss.d
EVision Megapro
TrojanSpy.Win32.Tofger.x
Top Ten RAT (Remote Administration Tool
RATs are remote administration programs that have been embedded into an unsuspecting victim's computer. This is the most dangerous of all hacking tools as it allows complete and total control of the infected computer.
System Soap Pro
AntiLamer Light
MC 30 Day
SoftEther
ComLoad
NetSlayer
Global Killer 1.0
Zinx-A
B-S Spy 1.90
KrAIMer 1.1
Top Ten Spyware
Spyware as the name suggests is software that is embedded on a computer and records passwords, Internet visits, cookies and can sometimes control computers services and remotely execute commands. Spyware is becoming more popular as husbands and wife's become more concerned with their spouses Internet activity. There are many computer programs offered on the Internet for free that have hidden Trojans with spyware embedded in them. Remember, nothing is really as free as it may seem, there is always a hidden price. Listed below are 10 of the most common Spyware programs:
GAIN
Claria
GameSpy Arcade
Hotbar
Ezula
BonziBuddy
WeatherCast
LinkGrabber 99
TOPicks
Cydoor
Top Ten Trojans
All Trojans are hidden programs that are disguised within another program. This is the largest example of "Freeware" software that has another agenda. It should be stated that most "Freeware" is perfectly legitimate and is contributed freely by the author with good intentions. However, there are still other "Freeware" in the mix that is distributed intentionally and unintentionally for the sole purpose of gaining access to your computer system. Sadly, paranoia is the safest bet if you want to keep out unwanted intruders. Unfortunately, this isn't always effective when there are programs that enter on their own. Below are 10 of the most common Trojan programs of 2003.
KeySnatch
Dropper
MoneyTree
Unknown Trojan
MoneyTree.DyFuCA
System Soap Pro
Spyster 1.0.19
Trojan.Win32.Revop.c
Coulomb Dialer
Unknown Dialer
Top Ten Worms
Many worms use Microsoft Outlook or Outlook Express to propagate. These types of e-mail "Worms" have an attached file that has to be clicked open to be installed. These types of worms typically have a file with a double extension, such as (NAME.BMP.EXE or NAME.TXT.VBS). These extensions are Windows executable files that install a program on your computer. These programs can be Remote control programs, Spyware, Keyloggers or any software used maliciously by a dark hacker. Additional extensions are VBS, SHS, BAT, EXE, CMD and PIF.
I-Worm.Moodown.b
I-Worm.NetSky.q
I-Worm.Bagle.n
Tofger-A
Win32.Holar.G
Worm.RBot.af
Worm.Win32.Sasser.a
W32.Sobig.F@mm
MSBlast.b
I-Worm.NetSky
Email this article | Respond to this article
---------------------------------------------------------------------------------------------------------
|
