Catch A Hacker Tip 1: Hackers cover their tracks. Experienced hackers cover them more thorougly, but amateur hackers sometimes leave things behind. Don't expect them to leave any really big evidence behind; expect more of little things here and there you might find surprising. For example, if you're writing a term paper and a black hat hacker accidently saved it when he took a paragraph out- that's suspicious. Where did that paragraph go? Well, for one thing, now you know he was in that area. Check the folders surrounding the file- you might find something.Tip 2: Decipher between the type of hackers that are attacking you. Experienced hackers will have a more in depth look around when they penetrate your system. They won't touch much because they know that that won't add too much to their knowledge. But if you know a hacker's been in, and some files are messed with, and you have a log of someone guessing passwords to a file or something of that sort, its probably some newbie who's just starting out. These are the easiest hackers to catch. They usually get so caught up in thoughts like "I'm in!" that they forget the basics, such as work behind a proxy.My friend was setting up a webserver once. His first time too, and he wasn't to anxious to set up some good software to protect against hackers and viruses. He didn't put up one IDS, and before you know it, the obvious happened. But this time, a newbie had struck. The nice log files showed, bluntly across the screen, multiple instances of a foreign IP address that stood out. Some stupid newbie had tried to login as "uucp" on my friend's XP computer, with a password of "uucp." Well, that's great, but he also had tried the same user/pass combination three times, enough to get himself logged nicely. Even a semi-brainless user with some form of neurological system knows that uucp isn't a default XP account. Again, excitement toiled this hacker's brain, and maybe if he hadn't done that, along with a few other stupid things, he wouldn't have gotten caught. What other things did he do? Well, lets see. He opened 35 instances of MS-DOS. He tried to clean the printer's heads, and he edited a .gif in notepad. Then he uninstalled a few programs and installed some html editor, and replaced four files with the words "14P."He might as well have posted his phone number. In a few days, we had tracked him down to asuburban town in Ohio. We let him go, not pressing any charges, because he had done nothing really damaging and had provided me with an example of a moron for this guide.Tip 3: Don't go crazy if you lose data. Chances are, if it was that important, you would have backed it up anyway. Most hackers nowadays wish they were back in 1989 when they could use a Black Box and having a Rainbow Book actually meant something. Most hackers aren't black hat, they are white hat, and some even grey hat. But in the end, most hackers that are in systems aren't satisfied by looking around. From past experiences, I have concluded that many hackers like to remember where've they been. So, what do they do? They either press delete here and there, or copy some files onto their systems. Stupid hackers (yes, there are plenty of stupid hackers) send files to e-mail addresses. Some free email companies will give you the IP of a certain e-mail address's user if you can prove that user has been notoriously hacking you. But most of the time, by the time you get the e-mail id it's been unused for weeks if not months or years, and services like hotmail have already deleted it.Tip 4: Save information! Any information that you get from a log file (proxy server IP, things like "14P", e-mail addresses that things were sent to, etc.) should be saved to a floppy disk (they're not floppy anymore, I wish I could get out of the habit of calling them that) incase there's a next time. If you get another attack, from the same proxy, or with similar e-mail addresses (e.g: one says Blackjack 123@something.whatever and the other says Black_jack_45@something.znn.com ) you can make an assumption that these hackers are the same people. In that case, it would probably be worth the effort to resolve the IP using the proxy and do a traceroute. Pressing charges is recommended if this is a repeat offender.Tip 5: Don't be stupid. If you've been hacked, take security to the next level. Hackers do talk about people they've hacked and they do post IPs and e-mail addresses. Proof? Take a look at Defcon Conventions. I've never gone to one, but I've seen the photos. The "Wall of Shame"-type of boards I've seen have IPs and e-mail addresses written all over them in fat red, dry-erase ink. Don't be the one to go searching the Defcon website and find your e-mail address posted on the Wall of Shame board!Tip 6: Don't rely on luck. Chances are, sometime or another, you're going to be targeted for an attack. Here you can rely on luck. Maybe they'll forget? Maybe they don't know how to do it? If you think this way, a surprise is going to hit your face very hard. Another way you could stupidly rely on luck is by saying this: It's probably just a whitehat. On the contrary, my friend, it's probably just a blackhat. A blackhat with knowledge stored in his head, ready to be used as an ax. It's your data. You take the chance.
Sponser
Subscribe to:
Post Comments (Atom)
Recent Post :
Popular Posts
-
Now you can resume the files u want to download from mediafire.com . Mediafire provide you resume facility but when you shutdown your PC or ...
-
Make a folder in any drive. Click on Start>Run Type "cmd" and click OK. Type Your Drive where is your folder created and press ...
-
This HTML escape tool known as HTML parser or encoder provides you to place adsense code into your post.You can also use HTML or Java Scri...
-
Here is the trick to rename your start button in windows XP. You can rename the taskbar. Download
-
The steps below will add an extra DOT allias in your existing Email ID. Normally yahoo dont allow a dot-id as an profile. The new ID can be ...
-
Chances are over the cause of time you have used many email addresses to communicate with friends, such as those given by your school, colle...
-
ANSI.SYS Defines functions that change display graphics, control cursor movement, and reassign keys. APPEND Causes MS-DOS to look in other d...
-
Who Used Your PC In your Absence? What Did He Do? 1st you Should Go- Start > Run> Type- Eventvwr.msc And you can check who use...
-
Instructions: 1. Put that in the address bar and press enter. 2. Start editing the writing/pics whatever you want. 3. To get rid of it ju...
-
If you want to know that how to turn the pc on in 10 seconds (may vary) just follow the given steps. Right Click on the start button then pr...
Post a Comment