Task 6A-1.
Posted by carica
| Announcements | Last Post | |
|---|---|---|
 |
SoC Curricula | 09/30/2017 01:08PM |
|
Demarcation or scoping of examinations and assessment | 02/13/2017 07:59AM |
|
School of Computing Short Learning Programmes | 11/24/2014 08:37AM |
|
Unisa contact information | 07/28/2011 01:28PM |
|
Task 6A-1. February 21, 2010 10:32PM |
Registered: 14 years ago Posts: 39 Rating: 0 |
hEY everybody.
7. a)
It is so easy to hack into computers, it helps if you know computer language, like LINUX, OR C++, they make a point on hacking sites that you must be educated in your LANGUAGE software.
But even if you didn’t know it really well, there are video’s and forum’s on these hacking sites, eg.darknet, which show and explains how to hack.
Here are some URL’s which show you how to hack, darknet, has a forum where you can learn from other hackers, and funny enough there slogan is: “don’t learn to hack, hack to learn†Scary stuff.
[www.wonderhowto.com]
[searchsecurity.techtarget.com]
[www.darknet.org.uk]
[www.wikihow.com]
One of the most popular tools is on how to hack is: L0phtCrack (now called LC4). L0phtCrack is a tool, that allows an attacker to take encrypted Windows NT/2000 passwords and convert them to plaintext. NT/2000 passwords are in cryptographic hashes and cannot be read without a tool like L0phtCrack. It works by attempting every alphanumeric combination possible to try to crack passwords.
b)
•Audit your organization regularly! Walk through the company and make sure passwords are not stuck to monitors or under keyboards.
•Set up dummy accounts. Get rid of the administrator (or admin) account or set it up as a trap and audit it for attempts.
•Use strong, difficult to guess passwords, and never leave a console unlocked.
•Backups are necessary in case you are compromised. You need a working set of data, so make sure you have it. Keep the tapes secure too, or the data there will be compromised as well.
•Prevent dumpster diving. Don't throw sensitive information away; shred it or lock it up.
•Check IDs and question people you don't know. When you have visitors, check them out and make sure they belong.
•Educate your end users. Make sure they aren't prone to social engineering and educate and remind internal users of the company's security policies.
c)
Yes, I think it’s very good that these instructions are available on the Internet on how to prevent hacking, because how would people be informed and educated?
Also, everyone will be attacked by a hacker, that is why it is necessary to have Anti-virus software on your computer.
d)
Yes, I think that network administrators should monitor hacking sites, so that they can be aware what is current in the hacking industry, and find better ways to know how to prevent infiltration.
hAPPY HACKING, JOKES!
cARICA
7. a)
It is so easy to hack into computers, it helps if you know computer language, like LINUX, OR C++, they make a point on hacking sites that you must be educated in your LANGUAGE software.
But even if you didn’t know it really well, there are video’s and forum’s on these hacking sites, eg.darknet, which show and explains how to hack.
Here are some URL’s which show you how to hack, darknet, has a forum where you can learn from other hackers, and funny enough there slogan is: “don’t learn to hack, hack to learn†Scary stuff.
[www.wonderhowto.com]
[searchsecurity.techtarget.com]
[www.darknet.org.uk]
[www.wikihow.com]
One of the most popular tools is on how to hack is: L0phtCrack (now called LC4). L0phtCrack is a tool, that allows an attacker to take encrypted Windows NT/2000 passwords and convert them to plaintext. NT/2000 passwords are in cryptographic hashes and cannot be read without a tool like L0phtCrack. It works by attempting every alphanumeric combination possible to try to crack passwords.
b)
•Audit your organization regularly! Walk through the company and make sure passwords are not stuck to monitors or under keyboards.
•Set up dummy accounts. Get rid of the administrator (or admin) account or set it up as a trap and audit it for attempts.
•Use strong, difficult to guess passwords, and never leave a console unlocked.
•Backups are necessary in case you are compromised. You need a working set of data, so make sure you have it. Keep the tapes secure too, or the data there will be compromised as well.
•Prevent dumpster diving. Don't throw sensitive information away; shred it or lock it up.
•Check IDs and question people you don't know. When you have visitors, check them out and make sure they belong.
•Educate your end users. Make sure they aren't prone to social engineering and educate and remind internal users of the company's security policies.
c)
Yes, I think it’s very good that these instructions are available on the Internet on how to prevent hacking, because how would people be informed and educated?
Also, everyone will be attacked by a hacker, that is why it is necessary to have Anti-virus software on your computer.
d)
Yes, I think that network administrators should monitor hacking sites, so that they can be aware what is current in the hacking industry, and find better ways to know how to prevent infiltration.
hAPPY HACKING, JOKES!
cARICA
|
Re: Task 6A-1. March 03, 2010 12:25AM |
Registered: 14 years ago Posts: 4 Rating: 0 |
For 7(a), in addition to what you have found, I've seen a number of sites educating one on the simple commands needed in whichever language that are your shortcuts to hacking. I even found a guide on virus creation http://www.gohacking.com/category/virus-creation. Free software is easy to download and completely free.
(b) I think one of the most fictionally explored methods of beating hackers is to employ one yourself. Have someone on your own payroll regularly get behind the firewall, so that gaps can be better protected and security is generally tight. I don't know if that would work, but the truth is that most people are so hopeless when it comes to choosing passwords that it's important to educate less computer literate individuals on strong passwords, like you said.
What you said regarding backup is a thought that I had as well; keep regular backups of important data and store it on an external drive where it cannot be accessed through a main server or database.
(c) The fact that people figured out how to hack computer systems all on their own, without any kinds of tutorials shows that there will always be someone trying to find a way in, whether they have a guide or not. However, for those of us who are not so inclined, it gives us a guide on things that we should look out for that we might not have assumed on our own.
(d) I agree that these sites should be monitored, particularly those with instructions on creating viruses. There would be far fewer people who would even consider coding a virus, let alone figure out how without these sites. Were they monitored, it would even be alright if it was only the very harmful viruses, such as trojan horses, that were censored.
(b) I think one of the most fictionally explored methods of beating hackers is to employ one yourself. Have someone on your own payroll regularly get behind the firewall, so that gaps can be better protected and security is generally tight. I don't know if that would work, but the truth is that most people are so hopeless when it comes to choosing passwords that it's important to educate less computer literate individuals on strong passwords, like you said.
What you said regarding backup is a thought that I had as well; keep regular backups of important data and store it on an external drive where it cannot be accessed through a main server or database.
(c) The fact that people figured out how to hack computer systems all on their own, without any kinds of tutorials shows that there will always be someone trying to find a way in, whether they have a guide or not. However, for those of us who are not so inclined, it gives us a guide on things that we should look out for that we might not have assumed on our own.
(d) I agree that these sites should be monitored, particularly those with instructions on creating viruses. There would be far fewer people who would even consider coding a virus, let alone figure out how without these sites. Were they monitored, it would even be alright if it was only the very harmful viruses, such as trojan horses, that were censored.
|
Re: Task 6A-1. March 03, 2010 05:26PM |
Registered: 14 years ago Posts: 4 Rating: 0 |
7a) Many hacking tools are freely avilable online which one can download and use, with step by step guides also available. One of the most popular tools to use as a hacker is L0phtCrack (now called LC4) which allows you to take encrypted Windows NT/2000 passwords and convert it into text.
b) Enforce better encryption and password protection.
Monitor the system for suspicious activity.
c) It is not a good idea for the information on how to hack into documents to be freely available but one must be informed on how easy a hacker can gain access to encrypted documentation and sensitive information with just a few hacking tools and some time on their hands.
d) Network administrators should monitor hacker sites to be aware of any threats which they present and to take action before the hacking gets out of control.
b) Enforce better encryption and password protection.
Monitor the system for suspicious activity.
c) It is not a good idea for the information on how to hack into documents to be freely available but one must be informed on how easy a hacker can gain access to encrypted documentation and sensitive information with just a few hacking tools and some time on their hands.
d) Network administrators should monitor hacker sites to be aware of any threats which they present and to take action before the hacking gets out of control.
|
Re: Task 6A-1. March 09, 2010 11:40PM |
Registered: 14 years ago Posts: 4 Rating: 0 |
Hi you all
7a.) There are so many resources available on the Internet today that it is very easy for some one with some patience and the right tool to break into other peoples systems. Some techniques are password cracking with tools like passwords on sticky notes or under keyboards and more sophisticated tools like L0phtCrack. Protocol analyzers like Sniffer Pro or Etherpeek that inspects all traffic that is transmitted over the network. Internal and external threats exist. Web site defacing is another technique used.
7b.) There are various steps that you can take to prevent the use of some of these techniques against your network. Some are like changing passwords on a regular basis and to use strong password. To monitor all actions on the network and to implement some intrusion detection mechanisms. To deploy strong security policies and to monitor and enforce such policies.
7c.) By having such detail information freely available on the Internet, it is possible for the general user to get in contact with the various methods used and to learn about and to understand the security risks that he/she faces on a daily basis.
7d.) I believe that network administrators should monitor hacker sites, better still, access to such sites via you business network should be restricted. We know that the most security attacks originates from within our networks by our personnel that have access to the networks on a daily basis. By monitoring, the possibilities of early detection is better.
Regards
Martinus
7a.) There are so many resources available on the Internet today that it is very easy for some one with some patience and the right tool to break into other peoples systems. Some techniques are password cracking with tools like passwords on sticky notes or under keyboards and more sophisticated tools like L0phtCrack. Protocol analyzers like Sniffer Pro or Etherpeek that inspects all traffic that is transmitted over the network. Internal and external threats exist. Web site defacing is another technique used.
7b.) There are various steps that you can take to prevent the use of some of these techniques against your network. Some are like changing passwords on a regular basis and to use strong password. To monitor all actions on the network and to implement some intrusion detection mechanisms. To deploy strong security policies and to monitor and enforce such policies.
7c.) By having such detail information freely available on the Internet, it is possible for the general user to get in contact with the various methods used and to learn about and to understand the security risks that he/she faces on a daily basis.
7d.) I believe that network administrators should monitor hacker sites, better still, access to such sites via you business network should be restricted. We know that the most security attacks originates from within our networks by our personnel that have access to the networks on a daily basis. By monitoring, the possibilities of early detection is better.
Regards
Martinus
Sorry, only registered users may post in this forum.