Earlier computer hackers were a respected lot—they were the gurus of the latest technologies and knew how to utilize these to maximum effect. They were a level above power users and could use technology to obey their every wish and command.

A movie called "Wargames" changed all that. The movie showed a young hacker breaking into a high-security defense facility using a computer and almost setting off World War III. Overnight, the meaning of "hacker" changed into a dark and evil computer genius who could wreak havoc due to irresponsibility or malice. Although not entirely accurate, we’ll continue with this interpretation of the term in this article.

Clear and present danger

Hacking has become a big threat to all network and Website administrators, as hackers try to gain access to corporate networks as well as commercial Websites. Nowadays, they try to bring down a site just to show how weak the security is. There are many ways of doing this and there are many examples of hacked sites too. I’ll introduce you to some of these methods and also how to protect yourself from them. Some of the tools and programs I mention in this article are freely available on the Web and some only at underground sites.

Without reiterating what has been said, published, or broadcast a million times already, it simply suffices to say that TCP/IP is the standard network protocol for most places. And there are a lot of ways one can exploit a TCP/IP-based network.

Port-scanning tools are one of the easiest ways of finding out whether a computer can be hacked. Did you know that the default installations of most popular OSs leave enough holes in the system to make Swiss cheese look positively solid? Both Windows 2000 and Linux open a lot of insecure ports by running services like a Web, FTP or telnet server. So, every time you connect to the Net, you’re a possible target for hackers.

"But my system doesn’t have anything of value" is not an excuse to leave it unprotected. Hackers can use your open machine as one node in a Distributed Denial of Service (DDoS) attack against some other site. This is exactly what happened in the recent attack on Yahoo and other Websites. Use a personal desktop firewall like ZoneAlarm or any of the ones reviewed in the PC Quest November 2000 issue.

There are a lot of tools available that’ll tell you how vulnerable your system or network is. My favorite is a tool on Linux called nmap. This tool can do a variety of diagnostic tests and provide a lot of information about the vulnerabilities found and how they can be corrected. It can even guess the OS running and its version with a very high degree of accuracy. In fact, this ability alone can let hackers use the known bugs in that OS to get in. Nmap is a weapon in the hands of both the hacker and the administrator. Check for the latest news and updates at nmap’s site (www.insecure.org/nmap) regularly. For people who don’t like console programs, there are a lot of GUIs available for nmap too.

The November issue of PC Quest carried a lot of information about using a proxy server and a firewall to let your network be isolated from the Internet. But many people don’t realize that systems like a corporate Web or DNS server can also be kept within the firewall. All it requires is some smart configuration on the firewall, so that the services continue to run, and are also free from the threat of hacking. Both Linux and Windows based firewall setups allow you to forward incoming requests to a system on an internal network.