Saturday, June 18, 2011

how destructive hackers, go, break into the website


The way a person how hackers penetrate or infiltrate and destroy a site is as follows ini.Teknik techniques that include:

1. IP Spoofing
2. Attack FTP
3. Finger Unix Exploits
4. Flooding & Broadcasting
5. Fragmented Packet Attacks
6. E-mail Exploits
7. DNS and BIND Vulnerabilities
8. Password Attacks
9.Proxy Server Attacks
10. Remote Command Processing Attacks
11. Remote File System Attack
12. Selective Program Insertions
13. Port Scanning
Sequence 14.TCP/IP stealing, Passive Listening Port and Packet
15. HTTPD Attacks


1. IP Spoofing
          IP spoofing is also known as the Source Address Spoofing, namely forgery attacker's IP address so the IP address of the attacker considers the target is the IP address of the host in the network rather than from outside the network. Suppose the attacker has a type A 66.25.xx.xx IP address when the attackers to do this type of attack the network that attacked the attacker will assume the IP is part of networknya 192.xx.xx.xx eg, IP type C.

IP spoofing occurs when an attacker 'outsmart' packet routing to change the direction of data or transmission to different destinations. Packet routing is usually transmitted in a transparent and clear so as to make the attacker to easily modify the data origin or destination of data. This technique is not only used by the attacker but also used by security professionals to download tracing the identity of the attacker.




2. Attack FTP
          One of the attacks carried out against the File Transfer Protocol is a buffer overflow attack caused by malformed command. destination FTP server attack, the average is to get a command shell or to perform Denial of Service. Denial Of Service attacks may eventually lead to a user or attacker to retrieve resources within the network without authorization, while the command shell can make an attacker gain access to the server system and data files that eventually an anonymous attacker could create a root-acces who have the right full against a system even the network being attacked.
 
Never or rarely update the server version and mempatchnya is a mistake often made by an admin and this is what makes the FTP server to be prone to enter. An example is a popular FTP servers on the UNIX family of wu-ftpd that is always on the upgrade twice a day to improve the conditions that allow the FTP exploit bufferoverflow also useful to know the password contained in the system, the FTP Bounce attack (using the ftp server of others to carry out attacks), and knowing or mensniff information residing in the system.


3. Finger Unix Exploits
          In the early days of the Internet, Unix OS finger efficient utility used to download information sharing among users. Due to requests for information on this finger information not blame the rules, many system administrators leave this utility (finger) with a very minimal security, even with no security at all. For an attacker is invaluable utility for information on footprinting, including login names and contact information.

This utility also provides excellent information about user activity within the system, how long the user in the system and how much users care system. Information generated from this finger to minimize effort in penetrating a system cracker. Personal information about users who raised the finger daemon is already enough for a atacker to do social engineering by using social skillnya to utilize the user to 'tell' passwords and access codes to the system.


4. Flooding & Broadcasting
          An attacker could menguarangi speed networks and hosts that are in it significantly by continuing to perform request / demand any information from servers that can handle the classic attacks Denial of Service (Dos), send a request to a port called excessive flooding, sometimes this is also called spraying. When a request is sent to flood all stations that are in this attack dinamakn broadcasting network. The purpose of both is the same attack which makes network resource that provides information becomes weak and finally gave up.

Attacks by flooding depends on two factors: the size and / or volume (size and / or volume). An attacker can cause Denial Of Service by throwing large capacity files or large volumes of small packets to a system. In such circumstances the network server will face congestion: too much information requested and not enough power to push the data to run. Basically a big package requires a greater processing capacity, but it is not normal and the same small package in a large volume of resources will be spent in vain, and the resulting congestion.


5. Fragmented Packet Attacks
          Internet data is transmitted via TCP / IP can be further divided into packages that contain only the first packet whose contents form a major part of information (head) of TCP. Some firewalls will allow to process part of the packages do not contain information on the packet source address first, this will result in some type of system to crash. For example, the NT server will be a crash if the packets are broken up (fragmented packet) enough information to rewrite the first packet of a protocol.


6. E-mail Exploits
          Peng-exploitasian e-mails occurred in five forms namely: Floods mail, manipulation commands (command manipulation), the attack rate of transport (transport-level attack), enter the various codes (inserting malicious code) and social engineering (utilizing physically socialization). E-mail attack could cause the system to crash, opened and re-write even execute application files, or also makes access to the functions command (command function).


7. DNS and BIND Vulnerabilities
          Recent news about the vulnerability (vulnerabilities) on the application Berkeley Internet Name Domain (BIND) in various versions illustrate the fragility of the Domain Name System (DNS), which is a crisis that is directed at the basic operation of the Internet (basic Internet operation).


8. Password Attacks
          Password is a common thing when we talk about security. Sometimes a user does not care about the pin number they have, such as online transaction in the cafe, even transact online at home was extremely dangerous if not equipped with security software such as SSL and PGP. Password is one of the security procedures that are very difficult to attack, an attacker might have many tools (technically or in social life) only to open something that is protected by a password.

When an attacker managed to get a password that is owned by a user, then he will have the same powers to the user. Train employees / users to remain vigilant in protecting the password of social engineering can at least minimize the risk, except in case of social enginering practices organizations must also be alert to this in a technical way. Most of the attacks carried out against the password is to guess (guessing), brute force, cracking and sniffing.


9.Proxy Server Attacks
          One function of proxy servers is to speed up response time by bringing together processes from multiple hosts in a trusted network. In most cases, each host has the power to read and write (read / write), which means what can I do in my system I can also be done in your system and vice versa.


10. Remote Command Processing Attacks
          Trusted Relationship between two or more host provides the facility of information exchange and resource sharing. Similar to a proxy server, trusted relationship gives all members equal access to power networks at one and the other system (the network).
Attacker will attack a server that is a member of the trusted system. Just as latency to the proxy server, when access is received, an attacker would have the ability to execute commands and access the data available to other users.


11. Remote File System Attack
          Protocols to transport data from the Internet-backbone-is the level of TCP (TCPLevel) with a mechanism that has the ability to read / write (read / write) between the network and host. Attacker can easily obtain the information traces of this mechanism to gain access to the file directory.


12. Selective Program Insertions
          Selective Program Insertions are done when the attacker attacks put destroyer programs, such as viruses, worms and trojans (maybe the term is already familiar to you?) On the target system. These programs are often also called the destroyer of malware. These programs have the ability to damage the system, file destruction, theft of passwords to open up a backdoor.


13. Port Scanning
          Through port scanning an attacker could see the functions and how to survive a system from various ports. A atacker can get access to the system through an unprotected port. Sebaia example, scanning can be used to determine where the default SNMP strings opened to the public, which means information can be extracted for use in remote command attack.

Sequence 14.TCP/IP stealing, Passive Listening Port and Packet

Interception TCP / IP Sequence stealing, Passive Listening Port and Packet Interception walk to collect sensitive information to access the network. Unlike active attack or brute-force attacks that use this method to have more stealth-like qualities.


15. HTTPD Attacks
          Vulnerabilities contained in HTTPD webserver or there are five kinds: buffer overflows, bypasses httpd, cross scripting, web code vulnerabilities, and the URL Floods.

HTTPD buffer overflow can occur because the attacker to add errors to the port used for web traffic by entering the lot carackter and overflow the string to find a suitable place. When a place for overflow is found, an attacker would insert the string that will be a command that can be executed. Buffer-overflow attacks may give attackers access to the command prompt.

HOW TECHNIQUE Hackers Penetrate (attacking) the Site or the web server, 2008, http://www.colonel.web.id, Computer Networking Security

No comments:

Post a Comment

thank you for commenting on our blogs