8.2 COMPUTERS AND HARDWARE
������������
- most models assume no physical access to hardware, or controlled access.
- prototype intruders
- disgruntled employees (over half)
- problems: leave back doors
- problems: malicious damage
- some technical knowledge
- using general knowledge and holes
- driven by the thrill, fun or peer recognition
- some break into computers to hide their tracks while breaking into other computers
- driven by industrial espionage
- normally don't cause damage but are after information
- security holes
- some flaws can be used to control the system
- How to break into a system (provided for checking your own system)
1. Pick your target / objective.
2. Research the target with publically available resources. Try to get at least the basic network layout
- use www.arin.net to locate information on the sys-admin
- use DNS lookup to find other machines on the net
- check websites, and other public information sources for details. Search engines can be useful here.
- use a program such as 'nmap' to identify the operating system, versions, open services, etc.
- try to determine if any others have access to the machine
- try to determine the physical location of the machine, and possible routes for physical access.
- look for 'backdoors' such as modems
- determine if there are any firewalls
3. (option a) Social engineering - try to convince users or others to give you passwords or access.
3. (option b) Security holes - use known security holes in the operating system to try and break in.
3. (option c) Brute force - try guessing passwords or use auto password generators.
4. Once you have access (as non-root/administrator) use other security holes to boost your privilages to root/administrator.
5. As root/administrator explore the system to see what is available.
6. Install a 'root kit' to allow a backdoor so that you can get back in later, and cover your tracks. These can also silently watch keystrokes and send passwords, etc back later.
