In the present world of high-speed internet, people have grown curiosity towards HACKING.
Everybody is searching for a secret passage or method to bypass,
extract, get and modify the information by any means. Among teenagers,
the general tendency of hacking is concentrated to social media accounts.
Here I will describe all the methods which are popular in the world of hacking in order to hack into a computer terminal and online account.
1. Phishing
This
is a method where you have to bring the user to a webpage created by
you which appears to be the same as the interface of the legitimate one
and get him/her to enter the credentials. Then the redirect page will
land somewhere else and you will get the password in your mail box as
defined inside the php script.
Consider
a situation; everything you type in the system is mailed to the hacker!
Wouldn’t it be easy to track your password from that? Keyloggers
perform similar functionalities. So you have to be cautious while typing
anything. Now a day, remote keyloggers are also used. So before
downloading any executable file keep an eye on the downloadable element.
Also lookout for your open ports… someone might be looking into it.
Periodically check “netstat” from command prompt.
3. BruteForcing
This
is quite a long and most tiring task. This method is very useful if you
know that the victim is using his password among a few known
possibilities that you are aware of. If you don’t know much and the
possibilities are more, then you shouldn’t go for it.
4. Secret Question
According
to a survey done by security companies, it is found that people
generally complain for hacking as per their secret question answers.
This is indeed a much easier method. In some cases, there are only fixed
secret questions, so it becomes much easier for the hackers. So, don’t
use simple answers, don’t reveal it to anyone and I would suggest you to
use own secret questions with answers.
5. Social Engineering
This
is one of the oldest tricks to hack. Try to convince the user that you
are a legitimate person from the system or central server and needs your
password for the continuation of the service or some maintenance or you
need to reset your password to some combination like ‘abc12345’. This
won’t work now since most of the users are now aware about the Scam. But
this Social Engineering concept is must for you to convince the victim
for many reasons. It may work in some case.
6. Fake Messengers
This
is a form of phishing in the application format. Sometimes, there are
some fake applications which tend the user to enter the login info in
the software and check your mail. But unknowingly, your login
credentials are being sent to the ftp server destination of the hacker.
7. Viruses And Worms
Viruses
and worms are self-replicating programs or code fragments that attach
themselves to other programs (viruses) or machines (worms). Both viruses
and worms attempt to shut down networks by flooding them with massive
amounts of bogus traffic, usually through e-mail. So install a good
working antivirus and antispam program which is capable of handling the
potential threats.
8. Back Doors
Hackers
can gain access to a network by exploiting back doors administrative
shortcuts, configuration errors, easily deciphered passwords, and
unsecured dial-ups. With the aid of computerized searchers (bots),
hackers can probably find any weakness in the network. So you have to
strengthen your security to avoid unauthorized access.
9. Trojan Horses
Trojan
horses, which are attached to other programs, are the leading cause of
all break-ins. When a user downloads and activates a Trojan horse, the
software can take the full control over the system and you can remotely
control the whole system. Isn’t it great! They are also referred as RATs
(Remote Administration tools). Always periodically watch out your open
terminals by checking ‘netstat’.
10. Denial Of Service
DoS
attacks give hackers a way to bring down a network without gaining
internal access. DoS attacks work by flooding the access routers with
bogus traffic (which can be e-mail or Transmission Control Protocol,
TCP, packets).
11. Distributed DoSs
Distributed
DoSs (DDoSs) are coordinated DoS attacks from multiple sources. A DDoS
is more difficult to block because it uses multiple, changing, source IP
addresses. So better to use upgraded and advanced servers like grid
server etc.
12. Sniffing
Sniffing
refers to the act of intercepting TCP packets. This interception can
happen through simple monitoring or something more wicked. So it’s
better to secure the working network. Also make sure that, none of your
users is giving your TCP packets to outer network knowingly or
unknowingly. Knowing IP address only also can do a lot as there is a
powerful penetration tool to do the damage (BACKTRACK OS + METASPLOIT).
13. Spoofing
Spoofing
is the act of sending an illegitimate packet with an expected
acknowledgment (ACK), which a hacker can guess, predict, or obtain by
snooping.
14. SQL Injection
SQL
injection is a code injection technique that exploits a security
vulnerability occurring in the database layer of an application. It uses
normal SQL commands to get into database with elevated privileges. Some
security precautions need to be taken to handle this attack.
15. Cookie Stealer
Each
time you access into an online account, the sites identify your system
and you by your cookies. If somebody gets the cookie saved by the sites,
then he can easily decode it and can get the password! This is
generally possible in open networks. So while using open networks always
use https as it makes you enter into secure mode without leaving the
cookie to the network.
16. DNS Poisoning Or PHARMING
Phishing
is a tough job. Isn’t it? Convincing someone to enter their password at
your page require a lot mind work. What if you don’t have to convince
the person? What if they are directed automatically to your site without
having a clue? DNS poising or Pharming does the same for you.
For details on DNS poisoning –click here.
17. Whaling
This
method gets you the password of the accounts which are used by the
hackers to receive the passwords. So you just have to hack one ID, which
is simplest method and you will have loads of passwords and so loads of
accounts at your mercy..!!!
No comments:
Post a Comment
Hmmmmm... what are you thinking? Do not forget to comment,It helps us to improve this blog and help us to make better. on