Opinion » Cybernaut

Cybernaut

Hack attack

by

comment

"By 2002, approximately 19 million people will have the skills to mount a cyber attack." – DEFCON.org

With hackers being portrayed on TV shows and movies more and more often these days – sometimes vilified, usually glorified – most people have no idea of what a real hacker actually does. Here are a few of my favourite hacker links to help you meet the hackers, understand what hacking is all about, and protect yourself against a hack attack:

www.kevinmitnick.com

Kevin Mitnick is undoubtedly the most infamous hacker in the world. The 1983 movie WarGames starting Mathew Broderick ( http://www.mgm.com/cgi-bin/c2k/title_title.html&title_star=WARGAMES ) was loosely based on the time Mitnick hacked into a NORAD computer in Colorado in 1979. "People make the phones, computers and the networks," said Mitnick, and it was through people that he got most of his information.

He was arrested in February 1995 and held without bail for four and a half years. For eight of those months he was held in solitary confinement, because the government thought that he would be able to activate his computers and wreak havoc if he ever got his hands on a telephone.

He ended up pleading guilty to wire fraud and computer fraud, was released in early 2000 and had to pay $4,000 in restitution instead of the $80 million the US government originally sought for damages.

Other good reading on Kevin Mitnick is The Fugitive Game written by Jonathan Littman (available at http://www.well.com/user/jlittman/game/ ). This book documents Littman’s interactions with Mitnick while he was on the lam from the U.S. Government.

One of Mitnick’s conditions of parole was that he was barred from touching a computer for three years. He’s not even allowed to talk or write about computers. Apparently this is a common restriction for people who are convicted of hacking.

Mitnick went back to court last year to contest these restrictions and won. He is currently working the speaker circuit, leading discussions on computer safety, and is employed as a consultant for companies who need help protecting their networks.

www.2600.com

"2600" is the original hacker magazine. They have been active since 1984 and define themselves as "a loose-knit group of people interested in computer security." Their current major interest is the DVD format and they are engaged in a lawsuit with the Motion Picture Association of America over a program called DeCSS.

DeCSS is software that was created to decipher CSS-encoded DVD movies – CSS (content scrambling system) is the digital encryption system that most commercial DVD manufacturers use.

CSS’s basic function is to stop piracy, but it also functions as a "regional coding" enforcer and ensures that viewers can’t skip the obligatory FBI warning. Regional coding means that a DVD purchased in the U.K., for example, won’t work on North American computers.

Anyhoo, the DeCSS program lets you copy a DVD to your hard drive, but since DVDs are around seven GIGs in size you can’t recopy it to a normal CD… Unless you change it to a different file format. That’s where the problems start to come in.

If you’re concerned that your computer system or network is vulnerable to hackers, here are a few sites that can help you plug up the cracks in your security system.

www.infosyssec.com

If you want to protect yourself against hackers, you’re going to need some professional help. This is the most comprehensive site on computer and network security on the Web, with articles covering everything you could ever want to know.

www.zonelabs.com

Zone Labs makes the ZoneAlarm firewall software for computers. A firewall can be either a software or hardware application whose function is to create barriers in order to prevent unauthorized access to a network.

All Internet communication is accomplished by computers exchanging little bits of information, called "packets." For the information to reach the correct destination properly, each packet must have a destination address and port number, telling it where the information is suppose to go.

Firewalls protect your computer by inspecting all the packets that come to your computer system before it reaches its destination or interacts with any of your software.

Since the firewall gets to "see" the destination information before any other software you can tell it not to reply to packets coming into blocked ports on your computer, and prevent outsiders from making connections to your computer through those ports. Basically it makes your computer look like it is turned off, because it doesn’t reply to unwanted packets.

I have been running ZoneAlarms since I got my ADSL line and it is amazing how well it really works. I block between three and 10 attempts to access to my computer daily.

At the same time, a friend who owns and operates a local server runs a hardware firewall for extra protection (since it is considerably harder to hack hardware than it is to hack software) and he logs over 600 malicious attacks a day.

Installing a firewall is one of the best ways to protect yourself from attacks online. The only thing that is safer is to stay offline, and in today’s world that’s just not an option.