Twenty Year Anniversary


Posted Aug 17, 1999


tags | paper
MD5 | cd379ff35a623341947b39879a1a4d16


Change Mirror Download
<TITLE>The Hack FAQ: Attack Basics</TITLE>
<LINK REL="next" HREF="hackfaq-3.html">
<LINK REL="previous" HREF="hackfaq-1.html">
<LINK REL="contents" HREF="hackfaq.html#toc2">
<BODY BGCOLOR="black" VLINK="gray" TEXT="white" LINK="gray" HLINK="red">
<A HREF="hackfaq-3.html">Next</A>
<A HREF="hackfaq-1.html">Previous</A>
<A HREF="hackfaq.html#toc2">Contents</A>
<H2><A NAME="attackbasics"></A> <A NAME="s2">2. Attack Basics</A></H2>

<H2><A NAME="ss2.1">2.1 What are the four steps to hacking?</A>

<P>While there is no hard and fast rule to hacking, most system intrusions can
be divided into four steps. Depending on techniques involved, there could be
less or more, but you should get the basic idea.
<LI> Learn as much as possible about your target before the attack. The
techniques involved can be passive to bordering on mini-attacks themselves.
And plan out your goals. Using your knowledge gained develop a plan, no matter
how small or quick the hack is.</LI>
<LI> Initial access to the system. No doubt about it, this is the real attack
part. This could be anything from ftp access to a sendmail bug to logging in
as a "regular" user. It should either create an opportunity for indirect or
direct access.</LI>
<LI> Full system access. At this level most goals developed can be carried
out -- password file retrieved for cracking, trojan installed, secret file
copied, etc. So this stage usually involves either taking advantage of a bug
that allows higher priviledges to be obtained, taking advantages of misconfigured
system parameters, or a combination of both.</LI>
<LI> Tracks are covered and backdoors installed. System logging is doctored
to remove traces of the attack and what was done during the attack, and either
defenses are lowered or files are tampered with to allow quicker and easier
access. Some experienced hackers even patch the system to keep less experienced
hackers out of the system (who might possibly tip off a Sys Admin through
clumsiness). Once step four is complete, hackers will refer to this system
being owned.</LI>
<P>Of course some steps might be repeated, especially step two. Or maybe an entire
series of mini "1 2 3 4" "1 2 3 4" attacks are used in concert to obtain access
to a system or achieve a goal.
<A HREF="hackfaq-3.html">Next</A>
<A HREF="hackfaq-1.html">Previous</A>
<A HREF="hackfaq.html#toc2">Contents</A>


RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    1 Files
  • 18
    Nov 18th
    1 Files
  • 19
    Nov 19th
    3 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By