I l @ ve RuBoard |
Among hackers, skill level is the key differentiator. There are those skilled hackers who can write code in their sleep and know UNIX software inside and out. Then there are those "wannabes" who know how to run tools which crack passwords or sniff networks, but are unable to create a new or unique attack. A skilled hacker must have the knowledge of a good system manager, a good network manager, and a good security manager and must understand various aspects of computer technologies, including networking and operating systems. The hacker must understand what a system manager and a security manager look for to see if someone has been prowling. He must be able to tell immediately if a system is well- maintained or not in order to evaluate if the system is a good candidate to attack. He must be able to manage his own system so that when he is discovered , the system manager's task of tracking him down will be as difficult and time-consuming as possible. The hacker must also be a good networker ; that is, he must be able to seek out other hackers and interact with them, feeding their egos and absorbing their knowledge. He will want to learn from their experiences and make profitable trades of information with them. Most hackers also desire the company of others with whom to share their exploits. The hacker will need a good set of hacker tools. He will either need to create these tools or have access to already existing tools. To be a good hacker, he will need to understand and modify these tools to meet his specific needs. There are a variety of categories of the hacker skill levels which can be useful in discussing and classification. Script KiddyA script kiddy is someone with very little technical skill who uses scripts of programs which have been written by someone else to exploit known vulnerabilities. This hacker will often blindly follow an attack script, entering commands that may be inappropriate for the specific system that is under attack. These hackers usually compromise systems for bragging rights among their peers as to how many systems they have compromised and what well-known sites they have hacked. They may deface websites or otherwise mark their conquests, and their inexperience can also lead to inadvertent damage.
Script Kiddies will usually select their target by their ability to compromise it. They will sweep IPs looking for a system which has the known vulnerability which their tool of the day attacks. Once found, the tool will be launched against the system to gain privileged access. Often the entire process will be automated, so the script kiddy will start the program and come back in a day or two to see what he has succeeded in compromising . Dedicated HackerA dedicated hacker will do research. He will know the ins and outs of the operating system, know what auditing and security tools there are, and how to use them to help him get in and out of systems. He will be able to write C code and shell scripts to modify tools for his needs and automate attack procedures. He reads the latest security bulletins from the Computer Emergency Response Team (CERT), the National Institute of Standards and Technology (NIST), and the vendors and the information from the underground about security holes. He will also read the security news groups and mail lists. Sometimes, a dedicated hacker will stay in a system for months or even years , until he achieves his goal.
Skilled HackerThe skilled hacker realizes that to really understand the system he's going to be attacking, he has to know it inside and out and understand concepts and details. This means being able to read the operating system code. For UNIX systems, this is C. So he will get Linux or the UNIX source code and see what makes it tick. He will pay attention to the interaction between systems, such as all the networking tools. It is also very helpful for him to understand the network protocols. It is almost a given that a successful hacker will know more about the internals of the operating system than you do. However, you will know more about what your system does and how it behaves: that is, when you have peak times, what kind of users you have, and what they do on the system. This is your advantage. This is why you must be vigilant in monitoring logs and system utilization, with a lookout for suspicious activity. You will need to know how to configure your system so when something occurs it will notify you. We often see that the hacker has an exceptional ability to write code an manipulate systems, as in this example:
SuperhackerThe superhacker is a hacker who does not brag and does not post information on the bulletin boards ; rather, he watches what others are doing and absorbs the information about new and different ways to compromise a system. He moves freely throughout computer systems taking what he wants without leaving a trace. If he decides that he wants to get on your system, he will eventually get there, and if he decides to crash your system, it will crash without explanation. Many consider the superhacker a myth because there is no evidence of his existence. This is the goal of many hackers. The number of hackers who fall into this category is a microscopic percent, far fewer than those who claim to be superhackers.
|
I l @ ve RuBoard |