It is a big thing for a hacking attempt to appear on the media. Media commonly draws a colorful picture of the attack and describe the hacker as a computer genius who possess extraordinary capabilities. However the exaggeration of the media rarely reflects the truth.
With the help of some basic tools and logical approach, hackers turn web servers into game zones that are yet to be discovered. There is a high chance that the hackers use their findings towards their popularity, monetary gain or simply to harm a website.So as website administrators how can you save your work from security vulnerabilities? In order to achieve the best protection lies on understanding the hackers approach. In other words you need to learn the attack in order to defend your work.
If a hacker thinks that your website is worth attacking, at first he would try to create a chart for his target. This chart would be like a map of the web site describing which blocks the site is comprised of and the relationships of the blocks.Unfortunately even the way the website works can give an idea to the hacker to gather information. For example, if the site has a member access area the hackers would know that there is a database which includes user names and passwords. And this would be a block for the website.
When it comes to online store, there exists many lines of codes to satisfy special needs.In these codes hackers look for vulnerabilities that can be used for their purposes. Besides hackers also check advertisement providers, external feeds and DNS registries of the domain name. DNS registries might be a door to all internet sites with their basic names but DNS servers are also knowledge databases open to public.
Windows and Linux includes tools for DNS inquiries, but they are complicated command line tools. But hackers can use many websites such as “Kloth.net” for their inquiries. Sites like this make it easier for hackers, as they can use the website just like they use google. As the results come through you can see the ip addresses related to the website. If you do a domain search with “www” you can access server information. Using this way you can also inquire about smtp and pop servers. Another important step for inquiries is to use a port scanner like Nmap. This way you can discover the services running on the server.
Using Nmap, hackers can send packets to possibly open ports and study the returned values. This way besides the services active on the server, information on the operating system running on the server can be achieved. This way hackers can shape their attacks according to the knowledge returned from their inquiry.
After hackers have gathered enough information they move onto web applications running on the website. A golden rule of the computer world is that no application is without flaw. Programmers that have not been on the field for long make the same assumptions and similar mistakes.First step is to know how the web site works. As hackers visit the page they gather information on page names, their content, and which pages require membership. This way they gather important information on the structure of the website. The structure gives the hacker information about the abilities of the programmer. Certain structures are used to create a web site, this way hackers can use the known vulnerabilities of the program and attack the website.
Next week I will explain further on how information can be leaked from web applications and how hackers start the attack.
To be continued…