Shulou(Shulou.com)06/02 Report--

This article is about the common attack methods used by hackers. The editor thought it was very practical, so I shared it with you as a reference. Let's follow the editor and have a look.

Network hackers are people who have superb programming skills, strong desire to solve problems and overcome limitations, people who are good at IT technology, computer scientists, and people who have a high understanding of computer science, programming and design. Common attack methods are: planting viruses, email attacks, network monitoring, looking for system vulnerabilities, backdoor programs, denial of service, and so on.

What is a network hacker?

Network hackers are people who have superb programming skills, strong desire to solve problems and overcome limitations, people who are good at IT technology, computer scientists, and people who have a high understanding of computer science, programming and design.

Hackers, which originated from the English hacker, were praised in the computer industry in the United States in the early days. All are highly skilled computer experts, especially programmers, can be regarded as a general term.

The red guest, who protects the national interests and represents the will of the people of the motherland, loves his motherland, nation, peace, and strives to safeguard national security and dignity.

Blue guest, freedom of belief, patriotic hackers, use their own strength to maintain the peace of the Internet.

Hacker is the transliteration of "Cracker", which means "cracker". Engaged in maliciously cracking commercial software, maliciously invading other people's websites and other affairs. Synonymous with hackers, hackers and hackers are essentially the same, intruders into computer systems / software. There is no clear line between hackers and "Cracker", but as the meaning of the two becomes more and more blurred, it becomes less important for the public to treat the two.

Attack methods commonly used by hackers

Hacker attacks can be divided into two categories: non-destructive attacks and destructive attacks. Non-destructive attacks are generally designed to disrupt the operation of the system, do not steal system data, and usually use denial of service attacks or information bombs; destructive attacks are aimed at invading other people's computer systems, stealing system confidential information, and destroying the data of the target system.

1. Planting virus

Virus programs are latent and will have a long-term impact on personal information security. In the past, viruses were mainly common in computers, but now with the popularity of mobile phones, there are many viruses on mobile devices.

Viruses do not actively attack personal devices, but are often hidden in web pages and software. users are implanted after clicking, installing and other operations. as long as the devices are connected to the Internet, the virus programs will automatically report the collected information to the hackers.

Viruses are also being updated, many advanced viruses are difficult to detect and kill by ordinary software, and even viruses are hidden in regular antivirus software, making it difficult for you to prevent.

2. Email attack

Email attacks are mainly manifested in two ways: one is email bombardment and email "snowball", which is commonly known as email bomb, which refers to sending thousands, tens of thousands or even infinite times of spam to the same mailbox with fake IP addresses and email addresses, causing the victim's mailbox to be "bombed". In serious cases, it may bring danger to the operating system of the email server. Even paralyzed. The second is e-mail deception, in which the attacker pretends to be a system administrator (the email address is exactly the same as the system administrator). Send an email to the user asking the user to change the password (the password may be a specified string) or load viruses or other Trojans in seemingly normal attachments (as far as I know, the network administrators of some units have the obligation to send firewall upgrades to users free of charge. This provides an opportunity for hackers to successfully use this method.), as long as users are vigilant, this kind of deception is generally not too harmful.

3. Network monitoring

Network snooping is a working mode of the host, in which the host can receive all the information transmitted by the network segment on the same physical channel, regardless of the sender and receiver of the information. At this point, if the information communicated by the two hosts is not encrypted, it is easy to intercept the information, including passwords and accounts, by using some network monitoring tools, such as NetXray for windows 95Maple 98Compact NTJ sniffit for linux, solaries and so on. Although the user accounts and passwords obtained by network monitoring have some limitations, the listeners can often obtain all the user accounts and passwords of their network segment.

4. System loopholes

Many systems have Bugs of one kind or another, some of which are inherent in the operating system or application software, such as Sendmail, shared directory password authentication in win98 and IE5. These vulnerabilities are generally difficult to defend against hackers before patches are developed, unless you unplug the network cable. There are also some vulnerabilities caused by misconfiguration by system administrators, such as in the network file system, directories and files are called out in a writable way, and user password files without Shadow are stored in a certain directory in clear code, which will bring opportunities for hackers and should be corrected in time.

5. Backdoor program

When programmers design programs with complex functions, they generally adopt the idea of modular programming to divide the whole project into multiple functional modules, which are designed and debugged respectively, and the back door is the secret entrance of a module. During the program development phase, the back door is easy to test, change, and enhance module functionality. Normally, the backdoor of each module needs to be removed after the design is completed, but sometimes it is not removed due to negligence or other reasons (such as leaving it in the program for later access, testing, or maintenance). Some people with ulterior motives will use exhaustive search to find and use these backdoors, then enter the system and launch attacks.

6. Information bomb

Information bomb refers to the attack means of using some special tools and software to send a large amount of information beyond the system load to the target server in a short time, resulting in overload of the target server, network congestion and system collapse. For example, sending a specific combination of UDP packets to an unpatched Windows 95 system will cause the target system to crash or restart; send a specific packet to a certain type of router and cause the router to crash; send a large amount of spam to someone's email to "burst" this mailbox, and so on. At present, the common information bombs are mail bomb, logic bomb and so on.

7. Denial of service

Also known as distributed D.O.S attack, it is a means of attack that uses a large number of packets beyond the processing capacity of the target to consume the available system and bandwidth resources, and finally paralyzes the network service. As an attacker, we first need to invade and control a website by conventional hacker means, and then install and start a special instruction on the server that can be issued by the attacker to control the process. When the attacker sends the IP address of the attack object as an instruction to the process, these processes begin to attack the target host. This method can concentrate a large amount of network server bandwidth and attack a specific target, so it is very powerful, which can instantly deplete the bandwidth resources of the attacked target and cause the server to paralyze. For example, the hacker attack on the University of Minnesota in 1999 belongs to this way.

Thank you for reading! On what hackers commonly used attack methods are shared here, I hope the above content can be of some help to you, so that you can learn more knowledge. If you think the article is good, you can share it and let more people see it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.