Pages

Please leave a comment as often as you see fit.. :)

Wednesday, December 28, 2011

What does a malicious Hacker do?

Hackers typically approach an attack using five common phases. Reconnaissance, Scanning, Gaining Access, Maintaining Access and Clearing Tracks. After erasing tracks the hacker terminates the connection. This information is useful for network administrators, and essential for network security consultants.






Reconnaissance(rattling the door knobs" to see if someone is watching and responce)
This is the Preparatory Phase. Attacker seeks to gather as much information about the target before launching the attack. They perform routine and detailed reconnaissance.

There are two types of reconnaissance; Passive reconnaissance are Active reconnaissance

Passive reconnaissance: Acquiring information without directly interacting with the target
Example:  Google Searching, Searching Public Records

Active reconnaissance: Acquiring information interacting with the target directly.
Example: Telephone call to the help desk or technical department (Social Engineering), Dumpster Diving

Scanning
This is the Pre-attack Phase. Hackers want to learn more about network mapping, phone system structure, and internal informational architecture of the target. Using gathered information during reconnaissance, the hacker scans the network for more specific information.
In this phase they use some tools for scan vulnerabilities of the system.

Gaining Access
This is the Penetration Phase. This phase of attack is the most important and the most dangerous. The hacker exploits the vulnerabilities in the system. Open ports can lead to a hacker gaining direct access to services and possibly to internal network connections.

Maintaining Access
Hackers may choose to continue attacking and exploiting the target system, or to explore deeper into the target network and look for more systems and services. In this phase the hacker tries to retain his ownership of the system. The hacker has compromised the system. Hacker may harden the system from other hackers as well by securing their exclusive access with Backdoors, Rootkits, or Trojans.


Clearing Tracks
In this phase the hacker clears his footprints and tracks. He undertakes to remove evidence for hide his misdeeds.

The more the hacker learns about your internal operations means the more likely he will be intrude and exploit. So be Secure.

I hope this post will help you and please leave a comment.
Posted by at
Labels: ,
Location: Colombo, Sri Lanka

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)