interview question and answer

October 2, 2012

Hacking - Early History:


During the 1960s, the word "hacker" grew to prominence describing a person with 
strong computer skills, an extensive understanding of how computer programs worked,
 and a driving curiosity about computer systems. Hacking, however, soon became nearly
 synonymous with illegal activity. While the first incidents of hacking dealt with breaking 
into phone systems, hackers also began diving into computer systems as technology 
advanced.

Hacking became increasingly problematic during the 1980s. As a result, the Computer 
Fraud and Abuse Act were created, imposing more severe punishments for those caught
 abusing computer systems. In the early 1980s, the Federal Bureau of Investigation 
(FBI) made one of its first arrests related to hacking. A Milwaukee-based group known
 as the 414s was accused of breaking into 60 different computer systems including 
the Memorial Sloan-Kettering Cancer Center and the Los Alamos National Laboratory. 
Later that decade, the infamous Kevin Mitnick was arrested and sentenced to 
one year in jail for damaging computers and stealing software. He was arrested 
again in 1995 for computer fraud and put in jail for hacking Motorola Inc., 
Sun Microsystems Inc., NEC Corp., and Novell Inc. to steal software, product plans,
 and data. Mitnick eventually cost the firms a total of roughly $80 million.

As negative publicity surrounding hackers continued to grow, those who considered
 themselves true hackers-computer programming enthusiasts who pushed computer 
systems to their limits without malicious intent and followed a hacker code of ethics-grew
 weary of the media's depiction of hackers. As a result, several hacker groups coined
 the term 'cracker' in 1985 to define a person who broke into computer systems and 
ignored hacker ethics; however, the media continued to use the word hacker despite 
the fact that although most early hackers believed technical information should be freely
 available to any person, they abided by a code of ethics that looked down upon destroying,
 moving, or altering information in a way could cause injury or expense.

AT&T Corp., Griffith Air Force Base, NASA, and the Korean Atomic Research Institute all
 fell prey to hackers in the early 1990s. Federal World Wide Web sites, including those of 
the U.S. Department of Justice, the U.S. Air Force, and the CIA, were also attacked by 
hackers and defaced. During 1995 alone, U.S. Defense Department computers dealt with 
250,000 hacker attacks. As technology advanced and business transactions conducted 
over the Internet increased, malicious hackers became even more destructive. Popular 
Web sites such as Yahoo!, America Online, eBay, and Amazon.com were hacked, costing 
millions and leaving online shoppers doubtful about security on these sites; a 16-year-old 
Canadian boy operating under the name Mafia boy was arrested for these attacks, as well 
as for breaking into both Harvard's and Yale's university computer systems. Under the terms 
of his parole, Mafia boy was not allowed to use the Internet or go into stores that sold 
computers, and his computer use was limited to that which was supervised by a teacher 
at school.


Types of Hacking


Hacking Types


1) Inside Jobs - Most security breeches originate inside the network that is under attack. 
Inside jobs include stealing passwords (which hackers then use or sell), performing industrial
 espionage, causing harm (as disgruntled employees), or committing simple misuse. Sound
 policy enforcement and observant employees who guard their passwords and PCs can thwart
 many of these security breeches.

2) Rogue Access Points - Rogue access points (APs) are unsecured wireless access points
 that outsiders can easily breech. (Local hackers often advertise rogue APs to each other.) 
Rogue APs are most often connected by well-meaning but ignorant employees.

3) Back Doors - Hackers can gain access to a network by exploiting back doors�'
administrative shortcuts, configuration errors, easily deciphered passwords, and 
unsecured dial-ups. With the aid of computerized searchers (bots), hackers can probably
 find any weakness in your network.

4) Viruses and Worms - Viruses and worms are self-replicating programs or code 
fragments that attach themselves to other programs (viruses) or machines (worms). 
Both viruses and worms attempt to shut down networks by flooding them with massive
 amounts of bogus traffic, usually through e-mail.

5) Trojan Horses - Trojan horses, which are attached to other programs, are the
 leading cause of all break-ins. When a user downloads and activates a Trojan horse, 
the hacked software (SW) kicks off a virus, password gobbler, or remote-control SW 
that gives the hacker control of the PC.

6) Denial of Service - DoS attacks give hackers a way to bring down a network without
 gaining internal access. DoS attacks work by flooding the access routers with bogus 
traffic (which can be e-mail or Transmission Control Protocol, TCP, packets).
Distributed DoSs (DDoS5) are coordinated DoS attacks from multiple sources. 
A DDoS is more difficult to block because it uses multiple, changing, source IP addresses.

7) Anarchists, Crackers, and Kiddies - Who are these people, and why are they 
attacking I your network?Anarchists are people who just like to break stuff. 
They usually exploit any target of opportunity.Crackers are hobbyists or professionals
 who break passwords and develop Trojan horses or other SW (called warez). 
They either use the SW themselves (for bragging rights) or sell it for profit.
Script kiddies are hacker wannabes. They have no real hacker skills, so they 
buy or download warez, which they launch.Other attackers include disgruntled 
employees, terrorists, political operatives, or anyone else who feels slighted, 
exploited, ripped off, or unloved.

8) Sniffing and Spoofing - Sniffing refers to the act of intercepting TCP packets. 
This interception can happen through simple eavesdropping or something more sinister.

Spoofing is the act of sending an illegitimate packet with an expected acknowledgment
 (ACK), which a hacker can guess, predict, or obtain by snooping.

As the cost of hacking attacks continues to rise, businesses have been forced to increase
 spending on network security. However, hackers have also developed new skills that allow
 them to break into more complex systems. Hacking typically involves compromising 
the security of networks, breaking the security of application software, or creating malicious
 programs such as viruses.

The most popular forms of network hacking are denial of service (DoS) attacks and 
mail bombs. DoS attacks are designed to swamp a computer network, causing it to crash.
 Mail bombs act in a similar fashion, but attack the network's mail servers. When eBay was
 attacked in February 2000, its Web server was bombarded with fake requests for Web pages,
 which overloaded the site and caused it to crash. Network hackers also try to break into 
secure areas to find sensitive data. Once a network is hacked, files can be removed, stolen,
 or erased. A group of teens in Wichita, Kansas, for example, hacked into AOL and 
stole credit card numbers that they then used to buy video games.

Application hackers break security on application software-software including word 
processing and graphics programs-in order to get it for free. One way they gain access
 to software that requires a serial number for installation is by setting up a serial number
 generator that will try millions of different combinations until a match is found.
 Application hackers also sometimes attack the program itself in an attempt to remove 
certain security features.

Hackers that create viruses, logic bombs, worms, and Trojan horses are involved in perhaps
 the most malicious hacking activities. A virus is a program that has the potential to attack
 and corrupt computer files by attaching itself to a file to replicate itself. It can also cause 
a computer to crash by utilizing all of the computer's resources. For example, e-mail systems
 were inundated with the "ILOVEYOU" and the "Love Bug" viruses in May of 2000, and
the damage to individuals, businesses, and institutions was estimated at roughly $10 billion. 
Similar to viruses, logic bombs are designed to attack when triggered by a certain event like 
a change in date. Worms attack networks in order to replicate and spread. In July of 2001, 
a worm entitled "Code Red" began attacking Microsoft Internet Information Server (IIS) 
systems. The worm infected servers running Windows NT 4, Windows 2000, Windows XP, 
and IIS 4.0 and defaced Web sites, leaving the phrase "Welcome to www.worm.com 
Hacked by Chinese!" Finally, a Trojan horse is a program that appears to do one thing, 
but really does something else. While a computer system might recognize 
a Trojan horse as a safe program, upon execution, it can release a virus, worm, 
or logic bomb.

No comments: