1) Web sites visited:
www.searchsecurity.techtarget.com
www.colasoft.com
www.acunetix.com
2) Discussion:
Hacking tools and techniques:
Web application attack / Spyware / Identity theft / SQL injections
ARP attack
Cross-site scripting (XXS)
Content spoofing
Denial of service attacks (DoS):
•Buffer overflows
•SYN attack
•Teardrop attack
•Smurf attack (Ping)
•Viruses
•Physical infrastructure attack
Prevention:
There are many anti-virus and Internet security packages available to the private user. AVG Free can be downloaded at no cost, and will automatically update new versions.
Free scanner software can also be downloaded to prevent Web application attacks that might bypass your Firewall, SSL or lock-down server. Hackers are concentrating their efforts on web-based applications - shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases.
Invest in network analyzer software (like “Capsaâ€) that includes a “network sniffer†to monitor network traffic, analyze protocols, and to detect a backdoor. The software can quickly locate an ARP attack source, and analyze the network utilization rate. It includes 24/7 network - and IM (instant messaging) monitoring. It will find reasons for a slow network, analyze broadcast traffic and diagnose the network with TTL (Time to Live) value.
Cross-site scripting can be prevented if the Web developer carefully filters out the tags, and any other sensitive HTML elements from processed data, before redisplaying it in the user’s browser. Vigilant programming by security-conscious developers is the best solution.
Content spoofing can be prevented by implementing a security filter that will deny all URL’s that are not referencing data from your own Web site.
DoS attacks can be blocked by implemented the following steps:
1. Allow sufficient bandwidth to handle unexpected surges in traffic, a sign of possible malicious activity.
2. Patch all servers and routers against vulnerabilities in the TCP stack and against attacks using fragmented packets.
3. Set up routers and servers with the minimum amount of services required.
Turn off anything unnecessary or easily exploited by a hacker. For example, turn off SMTP on Web servers not used for e-mail.
4. Tune firewalls and routers to block IP addresses from malicious sources that consistently show up in logs.
5. Strong perimeter security, in general, with hardened servers and aggressive firewall rules can divert many DoS attacks before they even reach the guts of your network.
6. A defense-in-depth strategy with IPSs at different points in your network to divert suspicious DoS traffic to several “honeypotsâ€.
7. Buffer overflows can be prevented by using a SecureWave package called SecureStack.
Is it good that such detailed instructions are so freely available on the Internet?
Definitely.
Should network administrators monitor “hacker†sites? Why or why not?
Yes. If administrators are informed of the dangers and possible threats, they can prevent a cyber attack from “infecting†their company’s network. The Internet is manly used as a communication tool, and can enable administrators and ISPs to block servers and networks from potential danger. By passing on a message, users can quickly inform their colleagues, friends and family to be aware and on the lookout for dangerous viruses or attacks. Prevention is better that cure.
