1 Abstract
Hacking has become a significant threat to networks exposed to the Internet. In order to
prevent systems from being hacked, the methods used by hackers must be well
understood. Hackers begin by selecting and footprinting a target network. Once the
target network is mapped, hackers proceed to map vulnerabilities and gain access by
cracking passwords, using stack-smashing attacks, or spoofing the IP address of trusted
machines. Hackers can then sniff internal network traffic or find other hosts that contain
vital company secrets. Finally, a hacker can clean up system logs in order to conceal the
fact that an attack occurred. In this paper we explain how each of these attack techniques
is carried out.
prevent systems from being hacked, the methods used by hackers must be well
understood. Hackers begin by selecting and footprinting a target network. Once the
target network is mapped, hackers proceed to map vulnerabilities and gain access by
cracking passwords, using stack-smashing attacks, or spoofing the IP address of trusted
machines. Hackers can then sniff internal network traffic or find other hosts that contain
vital company secrets. Finally, a hacker can clean up system logs in order to conceal the
fact that an attack occurred. In this paper we explain how each of these attack techniques
is carried out.
2 Introduction
The Internet has become a widely used medium for companies, schools, and governments
to share data. Because of the need to exchange electronic information, most computer
networks are connected and exposed to traffic on the Internet. With this exposure comes
security concerns. Hackers are a significant threat because often all that lies between a
hacker and a company’s internal secrets may be a poorly administered firewall or border
router.
How significant is this threat? A sampling of traffic into and out of a network over a few
days will often show hundreds, perhaps thousands of potentially malicious data packets.
Hundreds of hacking web sites have been born over the past years providing information
ranging from how to spoof email to how to gain root access on web servers. Hackers
need not understand the technology behind their methods; they can simply download a
script and go to work. In essence, the threat of a network being attacked is significant
and should not be taken lightly because even the novice hacker is capable of launching a
potentially damaging attack.
How can hackers be stopped? To answer this question, it is important to understand how
a hacker attacks a system. From footprinting to log cleanup, a hacker’s methodology
must be well understood so that firewalls and Intrusion Detection Systems (IDS) can be
built to prevent or detect future attacks.
to share data. Because of the need to exchange electronic information, most computer
networks are connected and exposed to traffic on the Internet. With this exposure comes
security concerns. Hackers are a significant threat because often all that lies between a
hacker and a company’s internal secrets may be a poorly administered firewall or border
router.
How significant is this threat? A sampling of traffic into and out of a network over a few
days will often show hundreds, perhaps thousands of potentially malicious data packets.
Hundreds of hacking web sites have been born over the past years providing information
ranging from how to spoof email to how to gain root access on web servers. Hackers
need not understand the technology behind their methods; they can simply download a
script and go to work. In essence, the threat of a network being attacked is significant
and should not be taken lightly because even the novice hacker is capable of launching a
potentially damaging attack.
How can hackers be stopped? To answer this question, it is important to understand how
a hacker attacks a system. From footprinting to log cleanup, a hacker’s methodology
must be well understood so that firewalls and Intrusion Detection Systems (IDS) can be
built to prevent or detect future attacks.
