Preparing for an Attack

First, hackers would need a reliable communications link to make sure that Bad Guys are unable to trace them. The protection level of each link is different. In a broadcast network, for successful disguising of the hackers activities it is enough to clone someone else's IP and MAC addresses (that machine must be inactive at the moment of the attack). Provided that no additional equipment for intrusion detection is installed in a LAN, it is practically impossible to detect the hacker. However, if the hacker's system is vulnerable, there is a risk that the honeypot would secretly infect it with a spyware component. Lots of beginners fall into a trap of cookies passed through the browser.

For reliability, experienced hackers prefer to attack the target indirectly, using a chain of several (usually, from three to five) hacked computers, and connect to the Internet using the GPRS protocol and someone else's cellular phone. They will travel as far as possible from their places of residence to avoid the risk of being detected by direction-finding equipment (see Chapter 1 for more details). Connecting to the Internet by establishing a dial-up connection is the equivalent of suicide for attackers ( especially from their home telephone numbers ). No proxy can help conceal hacking activities, because it is impossible to tell for sure whether or not a specific proxy server logs all connections. Among free proxies, there are lots of honeypots installed by law enforcement agencies specially for tracing hackers.