All About Computers: Hacking

WHAT IS HACKING:
Hacking, in the now commonly media-induced recognised term, is an illegal or illicit entry to your computer and related files, enacted by an unauthorised body. In true traditional and technical terms, this word is acutely inaccurate, but that is not important. Hacking is, whether the purists like it or not, the most widely recognised term now used.

Hacking does not require that you be connected to any network, such as the internet, as, strictly speaking, if I were a computer repair man who you hired to just remove a virus from the computer in your living room, but I then commit another act not asked for, I've hacked you. However, it's more typical to be associated with a network attack, of which the Internet is the largest such example of a "network".

I'm working from memory here, so I may not have my numbers acutely accurate, but in a recent study, it was shown that an unprotected computer is typically infiltrated within about fifteen minutes of being connected to the Internet. However, this, I believe, also included "computer worms" (For simplicy sake, a virus.)

So, as you can see, it's a very real and ever-present threat to most typical computer users connected to a network.

MY COMPUTER JUST CONTAINS GAMES SO I'M SAFE, RIGHT?
Wrong. Many hack attempts rely on stealth. If I want to hack the UK Army computers, I don't want to do it from my computer, as that would get me into trouble. Much better is if I use my computer to use your computer, which will then use yet another, and another, and so forth. (Commonly called "hopping")

That way, I get to hide my tracks. At least enough to make tracing me as the culprit very difficult, though never impossible. So, in many cases, it's not really what's on your computer that is important. In fact, one could argue that the less on it the better, as more resource from your computer will be available for me to use it in order to carry out my nasty business.

HOW DO HACKERS FIND ME?
They knock on your front door and wait for an answer. Sounds odd doesn't it, but in computer terms that is exactly what's done. Instead of doors and windows, computers have ports. Several thousand of them. Some ports are always closed, some are always open, some open and close as and when needed.

The hacker sends a request to any one of these ports through the Internet. The port on your computer will send an 'echo' back saying "Hello". The hacker now knows you exist. That's the first part complete. So, if that door was open and someone answered, how many more doors and windows are open? The hacker will then typically begin to investigate, port by port, looking for one or more that is just right for his or her needs. This investigation, despite there being several thousand ports, can be done in seconds.

Different ports are allocated for different purposes, so finding the right one open is a key factor. For example, port number 25 is responsible for sending out emails (SMTP or Simple Mail Transfer Protocol). Therefore, if I want to send out offenseive or spam emails to millions of people, that I don't want tracing back to me, I will use your port 25 to help me.

HOW IS MY COMPUTER IDENTIFIED
Your computer, like your house on the street where you live, has a unique number allocated to it, an IP Address. It might appear like 111.222.333.444, for example. This number is given to you the moment you connect to the Internet. Anything you do, and anywhere you go can be traced back to you, through that number, while it's allocated to you.

For example, you use your computer to download the latest movie illegally. The movie studio need only hire one of many companies to trace back your IP address, who wil see that it belongs to, for example, AOL or NTL, or BT. They then connect either of these ISPs, ask who was assigned to that address at the given time and bang, you're caught.

With that in mind, you hopefully see the importance of protecting that IP Address as best you can, as the last thing you want is hackers appearing to come from your IP Address causing havoc around the Internet, and you getting the blame for it.

Remember, many IP Addresses are dynamically assigned. That is to say that each time you disconnect from and reconnect to the Internet, your IP address is changed by your ISP (Internet Service Provider).

WHAT DO THEY TYPICALLY HACK?
You name it, it's always of some value to someone, somewhere. Things which might seem perfectly useless or harmless to you, may be like gold-dust in the right (or wrong) hands. Passwords, family photos, bank details, bank statements, work documents, and so forth. The list really is endless. However, as stated earlier, it's not usually what is on your computer that is important, so much as what your computer can be used for.

WHO IS MOST AT DANGER?
I suppose, on balance, people like me are. Developers and web professionals who use their computer for hosting their own websites, their own email servers, and so forth, and who leave their computers on twenty-four hours a day, seven days a week. After all, the last thing any hacker wants is to have their evil mission interrupted half way through, when the computer is turned off.

We are the type to have the most active ports open. Therefore, providing the most opportunity for success over a greater variety of objectives.

However, absolutely nobody can claim they are of no use to any hacker. It's simply mindless to even think along those lines.

One thing I should clarify here, up to this point I've focused more on computer to computer hacking. However, equally evil is information hacking through "spoofing".

A very common "spoof" is to send email out to particular banking customers, stating that some personal information has been lost or needs to be updated. For all intents and purposes, these emails look very genuine. They will then point you to websites, which again look EXACTLY like your bank's website.

You then login to what you think is your bank account, and the damage is done. The hacker has just scooped up your username and password, and is now ready to visit your real bank account, and spend on-line until your funds run out.

DO NOT, UNDER ANY CIRCUMSTANCE, RESPOND TO THESE EMAILS. COMPANIES JUST DO NOT ASK FOR THIS SORT OF INFORMATION BY EMAIL. THOSE IRRESPONSIBLE ONES THAT STILL DO SHOULD KNOW BETTER. Just because a few dinosaur banks and companies might be stupid, it doesn't follow that you should be too. Question any such email by phone or letter if you are in any way suspicious. Making sure, of course, to use a phone number and address that you have received on an official bank statement or other letter through the post.

SO HOW DO I PROTECT MYSELF AGAINST HACKERS?
As always, there's good news. It's really very easy to protect yourself from almost all computer to computer hacking attempts, by using what is called a "Firewall".

A Firewall acts like a concierge at all of your doors and windows (ports), either questioning each and every person who knocks for some identification, or just completely snubbing them and pretending not to exist.

So with a Firewall active, the hacker sends out a request to your port. Ther firewall sees it, and in many cases, ignores it. It doesn't even respond with a "Closed" echo, as that would tell the hacker that at least a computer exists there. No, it just completely snubs the request, so as far as the hacker is concerned, nothing exists at that IP address.

Most firewalls will alert you when there is a knock at the door, and most are intelligent enough to only bother you with important or suspicious knocks, while allowing normal traffic to flow in and out, so that your computer can operate normally.

One such Firewall is ZoneLabs, which has a free version available, and which really is very good and incredibly easy to use.

Zone Labs Zone Alarm
http://www.zonelabs.com/store/content/company/products/

When using Zone Alarm, it's important to note that often when firing up an application for the first time, it will query whether it's safe to do so. This is because some trojans left by hackers can fire up applications, such as email clients, to fire off a million emails. This is normal behaviour and if you wanted to open the application, just confirm that it's safe.

You may get quite a few notifications during everyday use, that x, y, or z has been blocked. That's good so don't panic!

Great Post GSDLover

Zonealarm is a good start for your average user, which incidentally is shutting down its 7.1 version soon, and so people need to update to 7.5

http://free.grisoft.com/doc/5390/lng/us/tpl/v5


there are a few freebie firewalls out there, so just do a search on google

Wow that's really scary I've got the Zone Alarm firewall but sometimes it asks you whether to allow things and how do you know whether you should or not

I have got the free versions of spybot and adaware. Are these OK or should I go onto this other one? I did click on it but it didn't take me into it properly.
I run spybot and adaware just before I log off every time and sometimes before I log in as well.

Adaware and SpyBot are for a different purpose. They are really designed to protect you from illicit sites which set cookies that can monitor your activity. (Particularly useful for advertising companies who read the cookies on various sites to feed you with particular ads.)

Advertisers also have a nasty habit of planting extra software on your systems, sometimes in the guise of harmless free software, such as browser toolbars. They, in turn, then start generating pop-up adverts on your computer.

Adaware and Spybot both aim to protect you from this particularly, in my view, nasty exercise.

I can't see a free version on the zone labs, there is a free trial but not a free version, where do I find that?

http://www.zonelabs.com/store/conten...=staticcomp_za

thanks am in the middle of a scan as we speak, I thought I was safe with adaware and spybot and didn't realise there was a massive difference.

lots of thanks...I am now safe and secure. It has already blocked 2 attempts from somebody to get in in the first few minutes!!!

Yeah, that sounds about right. Though you can get too paranoid too. Much of it can be harmless echo requests, but always better safe than sorry.