2000/02/01 Morillo Grande, Fernando Iturria: Elhuyar aldizkaria
Heating up Warm up Warm upThe expansion of personal computers has meant in recent years a great global change. One of them has been the invention and skill of many young people and not so young. After exploring almost the whole world by the most prestigious explorers and researchers of the last century, the most exciting of today have discovered within the computer network the most exciting intelligence game. And their weapons, a simple computer and a phone line. They are hackers.
Often they are students who seek divertiments that stimulate them. However, first of all, it is necessary to define a series of concepts. And it is that, often, under this term hacker there can be concepts that can be very different.
On the one hand, we could find them themselves. That is, those who consider the challenge of integrating themselves into the computer systems of others, with a single purpose. The more complex or difficult the system is, the more exciting the action. In general, they leave the system attacked as it was when entering or inform the system administrator of the holes used. They are dressed in some ethics (we will analyze it below) and are usually friends. These would be “good” hackers.
On the other hand, we would have crackers. Although within the word Cracker you can explain many meanings, the most generic would be the long nose that enters different systems where your intentions are totally destructive or, at least, seek your economic benefit. In any case, they do not mind that the attacked system is deteriorated.
From now on, once the existence of these differences is determined, the term hacker will be used primarily for everything, to avoid confusion.
We will try to unravel some concepts about hackers: what are the techniques they use, how to protect themselves from them... Let's prepare our boat.
Ethics of its own
As previously announced, numerous hackers proclaimed their code of honor. Normally, access and padding were positively valued, but without causing damage to anyone.
Being above all young, from the beginning they had a very evident idealism, and for example, they were convincing against the excesses of governments. In this sense, for example, we have the Chaos Computer Club created in Germany in 1981. This group is a pioneer in hacker associations. His organization has often become a real headache for many governments. One of the most significant examples, in addition to the visit to NASA or many banks, was to bring to light the true reports of nuclear pollution that the Russian government had locked up after the Chernobil accident.
Being non-conforming, they go to the limit of the law... at least. The law, in fact, has a diffuse limit in these areas. Therefore, it is not very difficult to move from one side to the other. Under the protection of technology, illustrious figures have appeared. In the hackers would be the hackers, that is to say.
Characters characters characters characters characters characters characters characters characters characters characters characters
The history of the operation, in its brief history, already has its own myths. There are many who through the computer have fulfilled truly memorable actions. Sometimes for good, others for less. We have selected only two names that can be randomly more significant.
Kevin Mitnick (Condor)
Undoubtedly the most famous hacker of all time. At 16 he was trapped in the administrative systems of his institute. Then, investigating the systems surrounding the phone, he managed to make free phone calls (also known as Bond, which ended with number 007). His repeated computer mischief forced him to remain in jail for several short seasons. Brief, because he was not yet 18 years old. He made increasingly daring and harmful accesses (of course for others) and finally went to look for the FBI. They did not find him in his house, since in the police files he saw that they were going to look for him and managed to escape. In three years he embarks on an extravagant and bustling getaway. During these years he continued to access all kinds of associations and government departments, often to the detriment of them. He became the most famous enemy of the FBI. He only made a mistake on his seemingly endless journey: hacking the computer of Tsutomu Shinomura, the greatest computer security expert. It was an honor for Shinomura to arrest Kevin of death or life. He and the FBI, together, worked for two months, until in February 1995 they succeeded in stopping Mitnick. The book Takedown counts the entire hunting season. He was sentenced to twenty years. However, after a hard negotiation of its lawyers, it can reduce the penalty to four or five years. Immediately, therefore, it can be on the street.
Robert Morris (Jr)
Nowadays there is a lot of talk about computer viruses that circulate on the internet. In 1988, Robert Morris, who focused on computer security, wrote: “Only a narrow line separates the “evil guys” who accompany the system administrators and attack them.” He was considered one of the first. On the contrary, Robert Morris had a son of the same name: Robert Morris Jr (junior). This was beyond the narrow line to which his father refers, and in between play, almost without realizing it, he created the greatest mess and internet disaster. Thanks to a terrible security error that the computer network had, it introduced a worm into the system. In addition to copying itself, the worm jumped to other computers and triggered great chaos in the 6,000 large computers. Morris was the first hacker punished by law.
Defenses: adequate passwords
The great experts say that when the good hacker decides to enter a system, there is nothing that makes him renounce his purpose (ask those responsible for NASA, FBI or similar entities - even the Government). In any case, we must be aware that the use of common computers, both in our work and in our home, would make little impact for any type of hacker. On the contrary, and just in case, there are several ways to stop our attack computers.
The first and most important would be to have a good password. In the table on page 32, the procedure for configuring the appropriate lock is described.
In relation to the economic losses generated
The most repeated denunciation that the hackers are accused of is, undoubtedly, that of the losses of money they provoke. In his opinion, that is not entirely true. What's more, it would be totally inverse. After entering banks and governments, they warn them of their insecurities so that the next time they are more prepared.
As for the computer industries, it is said that the problem is somewhat more complex. Hackers, copying and displaying the programs that separate them, appear to cause terrible damage. But the key is elsewhere. These companies are fully aware that most people are not able to buy original programs economically. However, with the launch of programs of great power and development (and therefore expensive), what they get is to delay the computer equipment of people. Consequently, what is “lost” in the software would be recovered in excess on the hardware, with the need to acquire new computers to use the programs.
And as for the most powerful governments, what they often do is hire the hackers themselves to, in a possible war, destroy the enemy's computer systems (and protect those themselves from attacks by enemy hackers, of course). There are those who say that in the war of the future, a good hacker would be much more effective than the entire army. The "scientists" of computers begin to be very appreciated.
In these pages we have tried to clarify some concepts about the most blind fans to computers. They are children of the future, young, curious, well-prepared, who have fascinated the brightness of the computer. Hackers. The last pirates of the cyberocean.
Procedures for access to external computers
Hackers and crackers, to prevent them from pursuing their traces of exploits, follow various procedures. Some of them are:
The operative system (operative system) is the resource that we use to manage the computer and organize the files. The most used would be Windows 95/98. But it is not the only one: We also have UNIX, LINUX, Macintosh OS, MS-DOS, or OS/2, among others. UNIX is the most hit by hackers and crackers to connect to other computers via Telnet.
When you own multiple computer passwords (see box “How to build the most suitable password” to know how to make the key more appropriate), through these connections hackers jump. If possible, they choose computers that are located in different locations so they do not know where they are from. On the contrary, with this, you try to remove all traces of your path to avoid even more. Then they go to a safe computer (at least as possible), which does not accumulate motion, not direction (usually ancient prototypes). Finally, they build their true attack: they begin to acquire the password of the computer to which they were directed. They can do so in various ways. By appropriate programs, dealing randomly with thousands of keys, for example (for this reason, having adequate password); accessing by the possible security holes of the system (see bug); by sniffer; by means of the key obtained in a chat... These are some of them. There are a thousand and one ways to attack the computer.
Being inside, the next step would be to get a total control, that is, a level of overuse. To do this, it will attach to the system a program that will monitor all passwords entering and leaving the server. Through it you can obtain many other keys and be accessible to other systems. Victims of the future.
Work of the guards
One of the ways to avoid these attacks is to wait. Wait for the return of the computer pirate and surprise. In addition, traps can be placed in the system so that the hacker can think they are holes and fall into the segment.
How to build the most appropriate password
To prevent the access of visitors not admitted to our computers, we have one of the first and most important barriers, the password. That is the first obstacle to overcome any type of pirate, both malignant and simply playful. Therefore, it is better to develop the safest key possible. Just in case.
On the contrary, although it seems complicated, with a few simple steps, it can be easier to protect our data with the appropriate key that can cause breakdown problems. We have only to follow a few simple tips to keep out unauthorized strangers (although the real hacker, with the time it needs, although we have to be clear that it would enter anywhere, with the following steps we would become very difficult to work to most). Let's put a practical example at the end so that the steps are easier to understand.
- The most common technique used by the hacker is to test combinations of words and numbers obtained from different dictionaries. Especially focusing attention on possible communications related to the user. Therefore, the first step would be immediate: DO NOT use the normal word as a password, let alone if it is related to us. For example, the special name (the worst option! ), dates of birth or similar. They are very easy to break. Once the most basic is clarified, we present the following logical steps.
- The appropriate minimum length should be 8 characters.
- It seems that a combination of senseless letters is preferred which cannot be found in any dictionary.
- It should be a mixture of capital and lowercase, numbers and special signs.
- It should be easy to remember so you don't have to write anywhere.
- It must be changed from time to time.
Seen an example
We chose the part of a song. For example: «If I had cut the wings, it would have been mine, I would not have abandoned». We collect the initials of each word and put them together: “hebnizezae”. We will put the first and last letter in capital letters: E. E. Since “b” and “z” can be assimilated to 6 and 7 respectively, we substitute: He6ni7e7ae. To make it difficult, we replace the “a” with the @. Finally: He6ni7e7@e. 10 characters, including rare numbers and signs, meaningless, catchy and difficult to imagine. A small treasure.
- Person fascinated by the programming and computer technology of the Hacker Computers. In addition to programming, explore operating systems and programs until you know how they work. It takes as a challenge the access to external systems and overcome the difficulties encountered. Many have ethical code.
- Bug Errata in the world of computing. The narrative function affects the system. Pirates take advantage of the “holes” created by Bug to perform unauthorized penetrations.
- Cracker Some “bad” hacker. It does not matter the destruction of the teams of others if it is considered necessary for their own benefit.
- Communication protocol that allows the user Telnet to connect to the remote computer that can be in a network.
- Sniffer Fingerprints or usnantes. They listen to the movement of data that circulates through the network. Many times, although users do not know it, they detect their passwords as they fly from cyberspace.
- Chat Berriketa, in English. From the different connected computers, the zones that are used to “speak” by email.
- Har Copying over and over again, reduce or exhaust system resources.
- Software Computer Programs. Instructions that use the computer to handle data.
- Material components of a Computer Hardware System. In short, the team itself that uses the computer.
Gai honi buruzko eduki gehiago
Elhuyarrek garatutako teknologia