The Mind-set of a Hacker

Hackers can use a variety of tools and techniques to “hack” into a system (that is, gain

unauthorized access to a system). Although these methods vary, the following steps illustrate one example of a hacker’s methodical process for hacking into a system:

Step 1 Learn more about the system by performing reconnaissance. In this step, also known as “footprinting,” the hacker learns all he can about the system. For example, he might learn the target company’s domain names and the range of IP addresses it uses. He might perform a port scan to see what ports are open on a target system.

Step 2 Identify applications on the system, as well as the system’s operating system. Hackers can use various tools to attempt to connect to a system, and the prompt they receive (for example, an FTP login prompt or a default web page) could provide insight into the system’s operating system. Also, the previously mentioned port scan can help identify applications running on a system.

Step 3 Gain access to the system. Social engineering is one of the more popular ways to obtain login credentials. For example, public DNS records provide contact information for a company’s domain name. A hacker might be able to use this information to convince the domain administrator to reveal information about the system. For example, the hacker could pretend to be a representative of the service provider or a government agency. This approach is called pretexting .

Step 4 Log in with obtained user credentials, and escalate the hacker’s privileges. For example, a hacker could introduce a Trojan horse (a piece of software that appears to be a legitimate application but that also performs some unseen malicious function) to escalate his privileges.

Step 5 Gather additional usernames and passwords. With appropriate privileges, hackers can run utilities to create reports of usernames and/or passwords.

Step 6 Configure a “back door.” Accessing a system via a regular username/ password might not be how a hacker wants to repeatedly gain access to a system. Passwords can expire, and logins can be logged. Therefore, hackers might install a back door, which is a method of gaining access to a system that bypasses normal security measures.

Step 7 Use the system. After a hacker gains control of a system, he might gather protected information from that system. Alternatively, he might manipulate the system’s data or use the system to launch attacks against other systems with which the system might have an established trust relationship.