What exactly is hacking

The term probably originated in the 1960s when the modern computing system was evolving and people were studying computers in the labs of the Massachusetts Institute of Technology (MIT). There were a few people who could make the system work faster or differently and they were called hackers. These people were programmers who could simply break into a computer to see its code — the statements written by the original programmers to specify the actions to be performed by a computer.

Most of these early hackers were visionaries who would later shape the computer industry in the way we see it today. But in the 1970s this word started getting a bad reputation after the emergence of phone hackers. The most remarkable of them was John Draper, who devised the technique of breaking into regional and international phone networks for making free calls. He was later convicted and soon the word started getting its present day meaning — unauthorized access of computers and computer networks.

When did hackers start building communities or groups?

The early '70s witnessed hardwiring of neighbourhood computers and a community memory was created, which was nothing but an electronic bulletin board where the users can teletype their messages and retrieve the messages meant for them.

By the early '80s, the system was improved resulting in the evolution of a more efficient electronic bulletin board system (BBS). Users could now use usernames to hide their identities and the BBS became a place to boast of hacking accomplishments as well as trading stolen passwords and credit card numbers. The BBS witnessed the formation of the first hacking groups and groups like Legion of Doom and Chaos Computer Club were formed in the US and Germany respectively.

The 1983 film 'War Games' is considered the first mainstream film which introduced the general public to the world of computer hacking. In the same year, six teenagers, known as the 414s, were arrested for breaking into dozens of high profile computer systems. The event got widespread publicity and the image of hackers as being young and intelligent got established in society.

When did hacking start gaining notoriety?

Although it started in the early '70s, the first case to get international publicity was the cyber espionage of 1989 when four German hackers led by Karl Koch hacked US military computers and sold the information to the KGB. Koch, who confessed to his role in the hacking, was later found burnt to death in a forest.

By now the hacking community had got divided into two groups — black hats or crackers who worked to exploit computer systems, and white hats or hackers who were hired by companies to do ethical hacking for improving network security. The crackers included Jonathan James, who cracked into Nasa computers, stealing software worth approximately $1.7 million, or people like Adrian Lamo, who used to break into the websites of big corporations like Yahoo, Bank of America and Citigroup to find the network hole which he would later inform the company about.

Lamo was arrested after hacking the systems of the New York Times and his excuse that he was doing penetration testing did not work. Similarly, in 1993, Kevin Poulsen managed to hack into the system of a radio station in Los Angeles. Along with his friends, he rigged the station's phone system so that only their calls were received. This helped them win two Porsches, vacation trips and cash worth $20,000.

6 Jebakan yang Dipakai Hacker untuk Mencuri Password Facebook

Salah satu kemudahan yang ditawarkan Facebook adalah bisa diakses di mana pun Anda berada. Dengan semua konektivitas ini, ada tanggung jawab penting yang harus dijaga yaitu keamanan account pribadi.

Untuk mencegah terjadinya pembajakan akun Facebook, Anda baiknya Anda tahu trik-trik yang dipakai hacker dalam mencuri akun. Berikut ini adalah trik yang biasanya dipakai hacker untuk membajak akun/ mendapatkan password Facebook seseorang.

1. Aplikasi Facebook dan Iklan
Berhati-hatilah saat sudah login ke Facebook. Jangan sembarangan meng-klik iklan atau aplikasi yang Anda sendiri tidak familiar. Banyak pengguna Facebook terkena virus dari iklan di Facebook atau terjebak memberikan data pribadi mereka tanpa sengaja ketika menggunakan aplikasi tertentu.

2. Halaman Phishing Login Facebook
Hacker umumnya selalu mengeksploitasi topik-topik populer. Spammer menggunakan berbagai macam cara dan metode agar Anda terjebak dan memberikan account Anda. Facebook sendiri belakangan ini banyak dijadikan target serangan spam lewat teknik phishing. Ketika kita mengklik link yang terdapat pada Facebook, kita akan digiring ke sebuah halaman yang seolah-olah halaman login Facebook, padahal halaman tersebut adalah halaman yang dirancang spammer untuk mencuri password Facebook.

Salah satu cara untuk menghindari seperti jebakan ini adalah dengan tidak sembarangan meng-klik URL pada email. Lebih baik mengetikkan URL situs yang ingin dikunjungi langsung pada browser. Sebenarnya sangat mudah untuk mengenali URL palsu. Jika URL yang tertulis bukan Facebook.com, maka URL tersebut adalah palsu.

Encryption

 
John Edwards

For many people, the word "encryption" invokes images of spies, clandestine operations and World War II code breakers feverishly working to decipher enemy messages. Actually, encryption is a priceless security tool that any business can easily use to keep sensitive information confidential and safe from prying eyes.

Unfortunately, many businesses fail to take advantage of encryption technology, fearing that it's too complex and difficult to use on a routine basis. In reality, encrypting vital data isn't much more difficult than running a virus scanner or a data-backup program. Here's how to get started.

The Basics

There are two basic ways to encrypt data. One approach is to use asymmetric PKI (public-key infrastructure) encryption. PKI cryptography is based on a pair of cryptographic keys: One is private and known only to the user, while the other is public and known to the opposite party in any exchange.

PKI technology provides privacy and confidentiality, access control, proof of document transmission, and document archiving and retrieval support. While most security vendors currently incorporate some type of PKI technology into their software, differences in design and implementation prevent interoperability between products.

The other method of encrypting data is symmetric key protection, also known as "secret-key" encryption. Generally speedier yet less secure than PKI, symmetric encryption uses the same key to both encrypt and decrypt messages. Symmetric technology works best when key distribution is restricted to a limited number of trusted individuals. Since symmetric encryption can be fairly easy to break, it's primarily used for safeguarding relatively unimportant information or material that only has to be protected for a short period of time.

Applying Encryption

The easiest way to use encryption is to purchase a business application or a hardware product that incorporates some form of encryption technology. Microsoft's Outlook Express email client, for example, provides built-in encryption support. Meanwhile, vendors such as Seagate Technology LLC and Hitachi Ltd. have started incorporating encryption technology into their hard drives.

Since most software applications and hardware products don't include any type of internal encryption technology, business owners and managers need to look for stand-alone encryption products. This can be a confusing process, one that's best approached by first determining the business's precise security requirements, then finding an encryption product that fits each need.

Microsoft Vista Enterprise and Ultimate users can take advantage of BitLocker Drive Encryption, a full disk tool that offers powerful 1024-bit encryption. Another Windows offering is EFS (Encrypting File System), which uses symmetrical PKI technology to provide file encryption.

Beyond Microsoft, leading encryption vendors and products include PGP, open-source TrueCrypt, DESlock+, Namo FileLock and T3 Basic Security.

What to Encypt

So how do you know what to encrypt? Here are some places to start:

Firewall LAB on Juniper

--> Proteksi router: DOS, warm
--> Limitasi akses: illegal access

Task:
1. deploy suatu rule dimana PC1 hanya bisa melakukan telnet ke R2 saja


tambahkan route R2 untuk advertise route dari PC1
set routing-options static route 10.10.10.0/24 next-hop 172.10.160.1

Pastikan PC1 bisa ping dan telnet R1 dan R2
Ping 192.168.1.1 rapid count 100
Ping 192.168.1.2 rapid count 100
telnet 192.168.1.1
telnet 192.168.1.2

Pastikan PC1 hanya bisa telnet R2
R1
set firewall filter no-telnet term 1 from source-address 10.10.10.2/32
set firewall filter no-telnet term 1 from destination-address 192.168.1.1/32
set firewall filter no-telnet term 1 from port telnet
set firewall filter no-telnet term 1 then reject
set firewall filter no-telnet term 2 then accept

Apply policy no-telnet pada interface face to PC1

set interfaces em3 unit 0 family inet filter input no-telnet

Redistribution Overview

- Redistribution rules and guidelines:
 -- Redistributed routes cannot be redistributed again on the same router (RIP > OSPF > EIGRP)
 -- Manual Split-Horizon - Never redistribute a prefix injected from domain-A into domain-B back to  domain-A.

-- You cannot change the EIGRP external AD (170) per-route. It can only be done for all prefixes or none.
--  Sub-optimal routing in the lab is not a problem unless specified, as long as there is full reachability.
-- The redistribute command redistributes only routes which are in the router’s current IP routing table (RIB).
-- Before enabling any redistribution, make sure each protocol have full reachability within itself.
-- The metric assigned using the "redistribute metric" command takes precedence over metrics assigned with the "default-metric" command.

- When redistributing into RIP and EIGRP:
-- The metrics must be set via configuration as RIP and EIGRP have no default values.
-- RIP cannot use a 0 metric, the hop count must be between 1 and 16.
-- The 0 metric is also incompatible with the EIGRP multi-metric format.

- When redistributing into OSPF:
-- By default, routes are redistributed into OSPF as external type-2 (E2) routes, with a metric of 20.

- These logical steps happen when redistribution is enabled:
-- The router ONLY looks at the routing table to get the routes that are to be redistributed.
-- Not all the routes that the redistributed protocol sends to the routing table, will be redistributed.
-- Verify what routes, with "sh ip route " before redistribution is enabled.
-- The router takes all connected subnets matched by that routing protocol’s network commands.
-- Verify these interfaces, by looking at the redistributed protocol's network statements OR look at the individual routes with "sh ip route x.x.x.x" as listed with "advertised by".
-- Passive-interfaces for the redistributed protocol ARE included when redistributing.
-- This hidden step is the equivalent of the following: (Hidden: H>)
#router ospf 1
#redistribute rip subnets
    >redistribute connected subnets route-map NAME
    >route-map NAME permit
    >match interface fa0/0 s0/1 <--- All the RIP enabled interfaces
-- If ever asked to redistribute specific interfaces, ALWAYS INCLUDE the interfaces that the redistributed
protocol runs on.
- Mutual Router Redistribution
-- Redistributing from a low AD protocol(eg OSPF) to a higher AD protocol(eg RIP) won’t cause feedback as the lower AD is always preferred.
-- But redistributing from a high AD protocol to a low AD protocol could create problems, because the high AD protocol routes might prefer the redistributed low AD routes to a destination.

SQL Injection

SQL Injection is a technique where an attacker creates or alters existing SQL commands (by using some special symbol) to gain access to unintended data or even the ability to execute system level commands in the server. SQL injections are the result of Poor Input Validation and can be blocked by proper input validation.

Application that do not correctly validate and/or sanitize the user input, can potentially be exploited in several ways:

· Changing SQL values.
· Concatenating SQL Values.
· Adding Function calls & stored Procedures to a statement.
· Typecast and concatenate retrieved data.
· Adding system functions & procedure to find out critical information about the server.

Peeking at a Sniffer

Let's begin by peeking into a Wireshark (Ethereal) capture file http://www.milw0rm.com

Looking at this for the first time might be overwhelming. However, let's take that deep breath, examine the packet capture line by line and implement our knowledge in TCP/IP.

Packet 1: ARP Broadcast. We've attempted to send a packet to the Internet, and before our computer can actually send it, it needs to identify the default gateway on the local network. The default gateway IP address is configured on the requesting machine, but the default gateway MAC address is unknown. My

machine sends a broadcast to the whole network, asking “Who has 192.168.0.1?,

Tell 192.168.0.186”.

Packet 2: All computers on the local subnet receive this broadcast and check whether 192.168.0.1 belongs to them. Only 192.168.0.1 responds to this ARP broadcast and sends an ARP unicast reply to 192.168.0.186, informing it of the MAC address requested.

Packet 3: Now that our computer knows where to send its packets in order for them to reach the internet, we need to resolve the IP of www.milw0rm.com. Our computer sends a DNS query to the DNS server defined in our TCP/IP settings and asks the DNS server for the IP address of www.milw0rm.com.

Packet 4: The DNS server replies and tells our computer that the FQDN www.milw0rm.com is an alias for milw0rm.com.

Packet 5: Our computer insists on an answer and asks the DNS server, once again, for the IP address of milw0rm.com (notice, no www).

Packet 6: The DNS server replies and tells our computer that the IP address for milw0rm.com is 213.150.45.196.

Packet 7: Armed with this information, our computer attempts a 3 way handshake (remember that buzzword from TCP/IP?) with 213.150.45.196 on port 80 and sends a SYN request.

Packet 8: The web server responds with an ACK and sends a SYN to our machine.

Packet 9: We send a final ACK to the web server and complete the 3 way handshake.

Packet 10: Now that the handshake is complete our computer can start talking with the service using a specific protocol. Since we are using a web browser, our computer sends an HTTP GET request which retrieves the index page, and all linked images, to our browser.

Packets 11 – end: The main page of milw0rm.com, including all linked images, are loaded in our browser.

After analyzing this dump we can see that sniffers actually make sense and can provide us with detailed information about what goes on in our network.

(Continued)