Understanding the Dangers
Your Systems Face
It’s one thing to know that your systems generally are under fire from hackers
around the world and rogue insiders around the office; it’s another to understand
specific attacks against your systems that are possible. This section
offers some well-known attacks but is by no means a comprehensive listing.
Many information-security vulnerabilities aren’t critical by themselves.
However, exploiting several vulnerabilities at the same time can take its toll.
For example, a default Windows OS configuration, a weak SQL Server administrator
password, and a server hosted on a wireless network may not be
major security concerns separately. But exploiting all three of these vulnerabilities
at the same time can be a serious issue that leads to sensitive information
disclosure and more.
Chapter 1: Introduction to Ethical Hacking 13
Exploits that involve manipulating people — end users and even yourself —
are the greatest vulnerability within any computer or network infrastructure.
Humans are trusting by nature, which can lead to social-engineering exploits.
Social engineering is the exploitation of the trusting nature of human beings
to gain information for malicious purposes.
Other common and effective attacks against information systems are physical.
Hackers break into buildings, computer rooms, or other areas containing critical
information or property to steal computers, servers, and other valuable
equipment. Physical attacks can also include dumpster diving — rummaging
through trash cans and dumpsters for intellectual property, passwords, network
diagrams, and other information.
Network infrastructure attacks
Hacker attacks against network infrastructures can be easy because many
networks can be reached from anywhere in the world via the Internet. Here
are some examples of network-infrastructure attacks:
Connecting into a network through a rogue modem attached to a computer
behind a firewall
Exploiting weaknesses in network protocols, such as TCP/IP and
Flooding a network with too many requests, creating a denial of service
(DoS) for legitimate requests
Installing a network analyzer on a network and capturing every packet
that travels across it, revealing confidential information in clear text
Piggybacking onto a network through an unsecure 802.11 wireless
Operating system attacks
Hacking operating systems (OSes) is a preferred method of the bad guys. OS
attacks make up a large portion of hacker attacks simply because every computer
has one and so many well-known exploits can be used against them.
14 Part I: Building the Foundation for Ethical Hacking
Occasionally, some operating systems that appear to be more secure out of
the box — such as Novell NetWare and various flavors of BSD UNIX — are
attacked, and vulnerabilities turn up. But hackers often prefer attacking operating
systems such as Windows and Linux because they are widely used and
better known for their publicized weaknesses.
Here are some examples of attacks on operating systems:
Exploiting specific network protocol implementations
Attacking built-in authentication systems
Breaking file system security
Cracking passwords and encryption mechanisms
Application and other specialized attacks
Applications take a lot of hits by hackers. Programs such as e-mail server
software and Web applications are often beaten down:
Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol
(SMTP) applications are frequently attacked because most firewalls and
other security mechanisms are configured to allow full access to these
services from the Internet.
Voice over IP (VoIP) faces increasing attacks as it finds its way into more
and more businesses.
Unsecure files containing sensitive information are scattered throughout
workstation and server shares, and database systems contain numerous
vulnerabilities — all of which can be exploited by rogue insiders.
Ethical hacking helps carry out such attacks against your computer systems
and highlights any associated weaknesses. Parts II through V of this book
cover these attacks in detail, along with specific countermeasures you can
implement against attacks on your systems.
Obeying the Ethical Hacking
Every ethical hacker must abide by a few basic commandments. If not, bad
things can happen. I’ve seen these commandments ignored or forgotten when
Chapter 1: Introduction to Ethical Hacking 15
planning or executing ethical hacking tests. The results weren’t positive —
The word ethical in this context can be defined as working with high professional
morals and principles. Whether you’re performing ethical hacking
tests against your own systems or for someone who has hired you, everything
you do as an ethical hacker must be aboveboard and must support the
company’s goals. No hidden agendas are allowed!
Trustworthiness is the ultimate tenet. The misuse of information is absolutely
forbidden. That’s what the bad guys do. Let them be the ones who get fined
or go to prison because of their bad choices.