Hackers, the light and dark side of the force – Part 1

9 April 2010 by , 2 Comments
Hackers, the light and dark side of the force – Part 1

This article will deal with some nice definitions of hackers, and some info on what they do to try gain access to your systems.
Part 2 will be about how you as a client of Gridhost can secure your sites and prevent common security problems occurring.

What are ‘hackers’ and ‘script kiddies’

Like everything in this world, there are 2 sides to each force, an ‘up and down’, a ‘left and right’, a ‘good and evil’.
When speaking about hackers, the same 2 sides exist, they are known as ‘white hats’ and ‘black hats’.
A black hat hacker is the kind we will deal with, the kind that writes malware, and actively looks for vulnerabilities in a site/code segment, to exploit to some end for his own good, in the light cases, it will be to publicize his/her name, or use your site and bandwidth as a source of spam. In more extreme cases, he will hijack a site and insert links, malicious javascripts and other bits of code that will install viruses or trojans on all site visitors computers, or when running an online shop, to hijack credit card details.

A White hat hacker is the kind you want in your employment, his/her abilities as a hacker are used in the fight against evil, he will look for vulnerabilities in sites, and once vulnerabilities found, actively look for solutions to close the holes, this line of work is known as penetration testing. I am of the belief that many white hats were formerly black hats that decided it was more lucrative and safer than writing malware and sending servers crashing to the ground with thinks like DOS and DDOS attacks, eventually, lke most criminals, they get caught.

Script kiddies, how do they affect me?

A script kiddy will always wear a black hat.  If a white hats contribution to the world is to fight the war on black hats, and to keep our sites and companies safe, a black hats contributions are scripts to make hacking easier for other hackers, and often to develop scripts for script kiddies to utilize, there are loads of commonly used scripts and exploits that these script kiddies utilize, names of these are WinNuke applications, Back Orifice, NetBus, Sub7, Metasploit, ProRat, PassJacker, iStealer, Snoopy, Metus and Locust Bot.  Often, they will also take commonly used software intended for legitimate security auditing.

As a webmaster of a site hosted with Gridhost you might find yourself attacked by a script kiddie that has found an exploit to a certain version of WordPress or Joomla or a plugin/theme, and then does a google search for sites running these vulnerable versions, and then runs the script on multiple sites to deface them, most commonly, you will find he inputs something on your blog like “Hacked by XYZ Superkewl l33t hax0r”.

Script kiddies are the low of the low when it comes to hacking, and are more of a nuisance than anything else.
Hacking websites are not only where they stop, they will often be found attempting exploits using madshell and other type systems geared at attacking the physical servers sites are hosted on, this type of script is utilized to try and gain root access to a server to hack all the sites on it from the inside out, Thankfully, at Gridhost, these types of scripts, while attempted several times, have never managed to cause trouble on our servers, thanks to extreme security in the form of suphp, suhosin, general php hardening and firewalling techniques.

What is a DOS Or DDOS attack

DOS Or DDOS attack stands for (Denial of Service) and (Distributed Denial of service), In these cases, the perpetrators will attempt a different kind of damage, where the usual hack is to deface a site for reasons given above, the DOS Attack is simply an attempt to cause a server to overload and crash, preventing sites from displaying.This is purely a malicious attempt at causing trouble, thankfully at Gridhost, our firewalling techniques do a lot to prevent such sort of attacks, and keep your site online with our guaranteed 99% uptime.

This is part 1 of a 2 part series on website security.

WinNuke applications, Back Orifice, NetBus, Sub7, Metasploit, ProRat, PassJacker, iStealer, Snoopy, Metus, Locust Bot

2 Responses to “Hackers, the light and dark side of the force – Part 1”

  1. Muhammad 17 August 2010 at 6:18 pm #

    Nice. That was very interesting to know and will keep that in mind.

  2. Raashid 23 August 2010 at 12:08 pm #

    Good article, great site. But it seems the world still seems to lack sufficient knowledge of the world of hacking.
    Every hacker out there would tell you that media has distorted the name of hackers. It later became apparent that there were good and bad, hence the terms white and black hat. But is this correct? Somewhat, but it is not the true definitions.
    In fact the true definition of a hacker is a person that will try to gain access to a system and at the same time having permission to do so. Hackers are in fact good people that test security of a system or network.
    Crackers on the other hand, also defined wrongly, are the bad ones. People have used the term crackers for people that crack software for pirated use, but in actual fact the term can be and should be used holistically for people that gain access to systems, networks, software etc. without permission.
    That is the difference between the good and the bad.

Page 1 of 11
WordPress SEO