site map  contact us    

 

 

      Home    Bespoke Software    Hardware     Maintenance Contracts     Surveillance Solutions     Network Cabling     Ecommerce     Info

Learn how to protect your network from hackers

We
help network administrators secure there networks better, as well as help other technical minded people who want to be network administrators learn about the techniques and terms that hackers use.


The following information is provided as a guidance

Backdoors

Otherwise known to the n00b' community as "Trojans" due to the techniques resembling the Trojan horse. Backdoors are extremely common and some can be very damaging if put on the right system. These tools are nothing more then stealth servers that run on your system to allow remote access and control over your PC. Backdoors usually are resident malicious server coding that lays in the coding with a legitimate game or application. When you download this application and execute it an advanced backdoor will infect your system somewhat similar to a virus and begin "listening" on a port for the malicious client to take control of your PC, all the while also executing the program you wanted to download fooling you.

We support your business..  We install server software & configure it  We protect your business...

Common Trojan features have CD-ROM open and close options as well as switching mouse buttons, hiding start buttons & menus, and downloading screen shots. More advanced backdoors will enable users to download cached passwords, credit card information, and browse all of your files, move, modify them, as well as upload and execute arbitrary code.

Your best line of defence is a good firewall to stop these connections
and good anti-virus software for picking them up.
  more on firewalls



War-Driving

The market of selling wireless access points and similar related hardware has more then doubled over the last couple years, and is not expected to get smaller in years to come. Many people run wireless access points in there homes and businesses so they do not have to run wires for a wired network. Several businesses and schools are now offering wireless network services to intended employees and people.

What these home users, corporations, and school districts don't know about implementing these wireless networks is the security risks each one poses.

If one where to Survey an average populated suburb area by taking a 15min drive down a main road with the right setup the results may surprise you. You will be amazed of how many access points you will pick up, of which would allow you to hop on and start using the internet and browse there LAN in a matter of seconds with no authentication method.

Although some would use
WEP encryption and possibly MAC address filtering enabled. WEP provides a layer 2 OSI protection for 802.11 wireless networks, it is very insecure. The problem with WEP is that it does not encrypt the 802.11 header, ID packet portions, or the initialization vector between nodes. For those of you that are packet sniffer savvy you can see where this poses a big security problem.

The other attempt to step up security is MAC address control. By using a MAC address client access list only the addresses that are permitted will be allowed to connect to the access point. The problem is with a simple wireless sniffer permitted client MACs can be observed and the MAC address of the attacker can be easily changed to match it. War Driving is the implementation of all the above mentioned techniques and the scanning and plotting of wireless access points.


Cracking

The skill known as "Cracking" has many new script kiddies learning how to use the software that enables even the simple minded to use these password breaking techniques and gain entry to your system. Today with the point and click n00b' environment and not so many shell console utilities, users with basic knowledge can break into legitimate services of people on servers and cause lots of damage.


Cryptography

Today many people keep personal information such as resumes, Social Security Numbers, Passwords, Bank account information, credit card numbers, contact information, and a lot of other media that could be very damaging if the wrong person got hold of it. Don't think because you have an anti-virus and a firewall you are protected from malicious users browsing your files. Make the data on your PC safe with a good encryption method to make the job of a potential attacker or un-authorized user even harder.


Denial Of Service

The availability and common occurrences of DoS' attacks are on the rise at a very rapid pace due to there ease of use and many different techniques to implement them. These are attacks that actually use flaws in TCP/IP and other services to consume resources or bandwidth and prevent other legitimate users from accessing the intended once public service. These types of attacks can be devastating to online businesses causing thousands lost in profit margins due to website and service down time.

To make things even worse these attacks are often on a wide scale including several hijacked PCs with access to high-speed connections to carry out the attacks and the attacker also may spoof IPs rendering the process for finding this malicious user that set out to bring down your server an extremely hard task.


Exploits

Did you know that most organizations and users that get hacked do have a firewall, an IDS, honey pots and other security measures in place? The fact is software errors that allow unauthorized access or the disruption of service known as "exploits" account for a big percentage of server and PC break-ins. These vulnerabilities are also responsible for the worm viruses that you hear in the news that travel around the internet at such high speeds. Why does software have these vulnerabilities? Software has one big security risk involved with its implementation on systems. That risk is the unavoidable human error in coding. As long as humans are programming our software there will always be an exploit out there to use its flaw to a malicious users advantage.


Firewalls

A good firewall guarding network gateways and individual PCs plays a critical roll in keeping every node protected against malicious users and worms. Firewalls are also good for regulating what type of traffic may travel off and onto the network and from who. Firewalls ( hence the name; are comparable to those that you find in houses. ) shield network resources and PCs from users that are not permitted to access them. Think of a firewall as a wall between your PC and the internet or network to keep destructive material away from your property. For users who don't have any legitimate public services to offer your firewall should shield all ports from being accessible at any time.  Only permit the services you absolutely need with firewalls and leave the rest blocked off.  
more on firewalls...


keyloggers

The keylogger can be devastating to both home and companies. These stealth applications running in the background as you use your passwords, credit card information, have conversations, and type documents log all these things and more. Most keyloggers now have a way of remotely sending this data to the malicious user who has placed them there. Since they have all the features as a trojan, you could also qualify that type of keylogger as a "backdoor". The most common method data gets sent back to the malicious user is via a listening port or an email. The program is set to send this data back at a certain interval usually by email, and also save a log at this interval.


Phreaking

The art of phreaking is the use of different flaws in technology and equipment incorporated together with other home made devices to crack the telephone network for uses such as free phone calls, hiding identity, and other beneficial reasoning. At one point Phreaking was a respectable act among hackers as an intellectual game of exploiting and exploring the phone system.  Overtime as old technology was put to rest and new tele communication equipment was incorporated into networks the effectiveness of phreak methods fell through the floor. Some "boxes" are still able to work today but a lot of them are dinosaurs of phreaking history. Today phreaking has become an art of stealing phone card numbers and rigging cell phones for free calling capabilities, objectives of a mere criminal. Some true Phreaks still use the boxes for the original purposes, most of the time to just keep there hand in the pool.

We support your business..  We install CCTV networks  We protect your business...

Scanners

These tools are what attackers use to probe your system(s) during the first stages of the attack phase. Vulnerability, Port, and security scanners are usually all used. The vulnerability scanner may check for well known exploits on your system and tell the attacker if it has found a vulnerable one. A simple port scanner is the non-n00bish way to go. A port scanner will simply tell the attacker what logical application pathways are open on the remote system ( ports ). The attacker then has to go and gather banners on his own by connecting to the services and look for headers and other such indications as to what the service software is and the version of it so he can then exploit it. Security Scanners do all the above with even more of the work done for you. This type of scanner looks for vulnerabilities, identifies open ports and there services, as well as pointing out possible security risks and exposures to the attacker, also possibly providing the code already to exploit the system.

Having a good firewall, updated software and operating systems,
not exposing the name or version of the service, and scanning yourself for vulnerabilities and open ports are the best ways to secure yourself and make the attackers job a lot more harder.

SMTP

Simple Mail transfer protocol, probably one of the most buggiest running services on web servers ( besides Microsoft's IIS ;] ). This is the protocol that governs the transfer of your email messages across the internet and private networks. Many fun things can be done with this protocol such as delivering messages that appear to be from other people, mail bombing, and gained entry into servers.

Home Learning Courses

HomeLearningCourses.com is one of the UK`s best known home learning sites. We offer a range of home study courses for people looking to re-train, or progress their personal development. The site lists the latest courses from recognised awarding bodies - Sage, AAT, Microsoft and EDI are all well known brands that are featured.

Home Learning Business & Marketing Courses
 

home | network | software | hardware | internet | contact

 

Copyrights by Sentry Digital Information Systems

 

 

More Categories



Networking Solutions
Software Solutions
Hardware Solutions
Ecommerce Solutions
Online Shopping

Useful Links & Tools
Pinnacle Awards



We help your IT Manager



More Information

How to contact us
How to find us
Latest News
Partnerships & Accreditations
Careers at Sentry Digital




How to get in touch

CLICK HERE to Contact PIS LtdCLICK HERE to Contact PIS Ltd

Recommend Sentry Digital Systems to a Colleague




London Office
1 Ropemaker Street
London,  UK
EC2Y 9HT

Birmingham Office

43 Temple Road
Birmingham
West Midlands, UK
B25 LS



Email:
enquiries@sentrydigital.co.uk

 

j