What You Need to Know About Protecting Yourself From Hackers


What's a hacker?

"Hacker" is one of those terms that has a different meaning depending on who uses it. Thanks to Hollywood, most people think that a hacker is a person who gets illicit access to a computer, steals objects or breaks into military networks and throws missiles for fun.

Nowadays, a hacker does not have to be a geek from a big university that interferes with banking and government systems. A hacker can be anyone, even the kid next door.

With a regular laptop, anyone can download simple software on the Internet to see everything that comes in and comes out of a computer on the same network. And those who do it do not always have the best intentions in the world.

A brief history of hackers

Nowadays, the word "hacker" has become synonymous with people sitting in dark rooms, anonymously terrorizing the Internet. But it was not always like that. The original pirates were benign creatures. In fact, they were students.

For anyone attending the Massachusetts Institute of Technology in the 50s and 60s, the term "hacking" simply meant an elegant or inspired solution to a given problem. Many of the early MIT hacks tended to be practical jokes. One of the most extravagant has seen a replica of a police car campus located at the top of the Dome of the Institute.

Over time, the word has become associated with the burgeoning scene of computer programming at MIT and beyond. For these early pioneers, a hack was a feat of prowess in programming. These activities were greatly admired as they combined expert knowledge and creative instinct.

Why a hacker?

The pirates & # 39; motivations vary. For some, it's economical. They make a living from cybercrime. Some have a political or social agenda – their goal is to vandalize high-level computers to make a statement. This type of hacker calls a cracker because its main purpose is to break the security of high profile systems.

Others are doing it for the pure thrill. When the SafeMode.org website asked him why he was destroying web servers, a hacker replied, "A high-level image gives me a shot of adrenaline, and after a while I need to another shot, that's why I can not stop. "(1)

These days, we are facing a new type of hacker – your immediate neighbor. Every day, thousands of people download simple software tools that allow them to "sniff out" wifi connections. Some just do it to listen to what others are doing online. Others are doing it to steal personal data in an attempt to steal an identity.

The most common attacks

1. SideJacking / Sniffing

Lateral hacking is a web-based attack method in which a hacker uses packet detection to steal a session cookie from a website you just visited. These cookies are usually returned to unencrypted browsers, even if the connection to the original website was protected via HTTPS. Anyone listening can steal these cookies and then use them to access your authenticated web session. This has recently made headlines, as a programmer has released a Firefox plug-in called Firesheep, which allows an intruder sitting near you on an open network (such as a public wifi point) to divert many sessions popular websites. For example, a sidejacker using Firesheep could support your Facebook session and access all your sensitive data. It could even send viral messages and posts on the wall to all your friends.

2. DNS cache poisoning

In case of DNS cache poisoning, the data is entered into the Domain Name System (DNS) name server cache database that does not come from authoritative DNS sources. This is an unintended result of a misconfiguration of a DNS cache or a malicious attack on the nameserver. A DNS cache poisoning attack effectively modifies the entries of the copy of the victim's DNS name server. Thus, when he enters a legitimate site name, he is instead sent to a fraudulent page.

3. Attacks of the middle man

An interceptor attack, a bucket brigade attack or a Janus attack is an active form of espionage in which the attacker establishes independent connections with the victims and transmits messages between them, thus making them believe that They talk to each other directly. other via a private connection, while the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages exchanged between the two victims and inject new ones. For example, an attacker located within reach of an unencrypted wifi access point can register himself as a man in the middle. An attacker can also pretend to be a bank or an online merchant, letting the victims register via an SSL connection. He can then connect to the real server using the victim's information and steal his credit card numbers.

4. Smishing

Packet sniffers allow eavesdroppers to passively intercept data sent between your laptop or smartphone and other systems, such as web servers on the Internet. This is the simplest and simplest type of wireless attack. Any email, web search or file that you transfer between computers or open from network locations over an unsecured wireless network can be captured by a nearby hacker with the help of a sniffer. Detection tools are readily available for free on the Web and there are at least 184 YouTube videos that show budding pirates how to use them. The only way to protect yourself from wifi sniffers in most public access points is to use a VPN to encrypt anything that is sent over the air.

5. Mass mesh

Also called massive SQL injection, it is a method by which hackers illegally poison a javascript redirection from legitimate websites previously infected and controlled by hackers. These javascripts redirect the visitor's computer to servers containing additional malware that may attack a user's computer.

The most common targets

Hackers are interested in many types of computers on the Internet. The following list describes different types of targets and their appeal to hackers. (2)

1. Company networks

Business computers are often very sophisticated, so hacking hides a high cachet. Behind the enterprise firewalls, there are repositories of information about customers, product information and sometimes, in the case of a software publisher, the product itself .

2. Web servers

Web servers are computers containing websites. Some contain financial information about customers, but web servers are usually targeted by vandals because they can be hidden to display information that the hacker chooses for the public.

3. Personal computers

With the increasing use of wifi, laptops are becoming one of the most hacked devices. All that a person visiting online can be exposed to someone using software to "sniff" that connection. The URL of the website, the passwords used to connect to an online banking account, Facebook photos, tweets and an instant messaging conversation can be exposed. This is the simplest hacking form as it requires little skill.

4. Tablets and Palm Top Devices

Tablets, cell phones and other devices compatible with mobile devices are just as popular as laptops in Wi-Fi hotspots. A hacker in a public hotspot can see a mobile device, as well as any incoming and outgoing data from it, as easily as it can with a laptop.

How to protect yourself

The simple truth is that anyone connecting to the Internet is vulnerable to hacking. It is therefore necessary to be proactive to protect yourself from such attacks.

Sniffing attacks are the most dangerous because firewalls and antivirus can not help you. Only a personal VPN can protect a person against a sniffer. The potential victim, if connected to a personal VPN, sees all of their data routed through a secure server, preventing hackers from sniffing. A user with a secure virtual private network can surf as he was invisible to him. the hackers . Private WiFi provides such a VPN service.


1. cs.utah.edu/~elb/folklore/afs-paper/node3.html

2. informit.com/articles/article.aspx?p=425380

Comments are closed.