Social Engineering

I l @ ve RuBoard

Social Engineering is the process of getting someone to divulge information through the process of using a false pretense. Most social engineering is done by people who will use a variety of tactics to get the target to divulge information. Some of these tactics include playing on the victim's sympathies, using intimidation , expressing that it is an urgent situation, and using the 5-til-5 syndrome, which is contacting the victim just before it is time to go home in hopes that he will hurry through with the request, skipping security checks, etc., so that he can get it done and get home soon.

There are also programs which use social engineering tactics to get information or to gain privileges.

Spoofs

A spoof is a program that impersonates another program in order to gather information. A spoof is generally used to gain information by fooling a user or another computer into volunteering information. A spoof that simulates the login sequence can be planted by logging onto a terminal and running the program with the exec command. It will then appear to be a login session. After the victim enters his user ID and password, the program will tell him that the login is incorrect and will exit leaving the real login to reprompt. A careful eye will notice that most login spoofs do not prompt three times for login and password before the banner is reissued.

To limit this type of spoof, users should get in the habit of hitting the break key before logging on. Simple spoofs will not reissue a login after a break is sent. It may also be advisable to hit the return key a few times before logging on to be sure that the login process is acting properly.

There have been numerous login spoofs written and published in hacker publications . They vary from simple shell scripts to very involved programs that utilize the original source code.

Trojan Horse

A Trojan horse is a program that appears to be a useful program, and often is, but it actually has an alternate purpose. It works by getting someone to run the program unknowingly.

Recent Trojan horses are arriving at your computer as e-mail allegedly from someone you know offering you an interesting attachment. However, the attachment is actually malicious code. The effects of the malicious file are activated only when the file in question is executed. These attacks have used "VBS/OnTheFly" malicious code ” a VBScript program that spreads via email.

The most famous of these is probably the "Anna Kournikova" Trojan. It purports to contain naked pictures. When the malicious code executes, it attempts to send copies of itself, using Microsoft Outlook, to all entries in each of the address books. So far these Trojans have only caused congestion on networks and e-mail servers. [54]

[54] "VBS/OnTheFly (Anna Kournikova) Malicious Code," FedCIRC Advisory FA-2001-03 , 12 February 2001.

Some Trojan horses get victims to run them by having the same name as a known program or being advertised as a program that would be difficult to live without. Trojan horses are often touted to be useful utilities or games .

I l @ ve RuBoard


Halting the Hacker. A Practical Guide to Computer Security
Halting the Hacker: A Practical Guide to Computer Security (2nd Edition)
ISBN: 0130464163
EAN: 2147483647
Year: 2002
Pages: 210

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net