Today we will think about how easy could be to hack a server.
When I say "server", I mean an enterprise server, not your home ftp server to upload two files a week.
If you have minimal knowledge about servers and hacking servers you will know that there are two major paths to hack a server.
Non social hacking and social hacking.
The main difference between them is the path which follows the first connection between the hacker and the objective. The first one, the hacker is trying to access the server; in the second one, the objective opens the communication with the hacker without knowing it.
Today we will talk a little about "traditional" hacking (non-social), this means using scripts: brute forze scripting, dictionary attacks, using critical exploits with security holes...
Any way that lets you a server console without interacting without hacking any person (without "social" hacking and/or social hacking, like pishing)
Nowadays, I think from my point of view that this way is really deprecated because there are faster, more powerful and easier ways.
This is hacking type has the easiest way to protect your systems: try to keep updated your SO, try to use encrypted transmissions like https, to connect by VPNs, to use firewalls, DNSSec and/or IPSec...
From the point of view from the IT personal of a company, it would be so easy to protect systems to this type of hacking.
Keep this in your mind: "If a hacker is trespassing the door is due to you forgot to close it"
Will be easy to protect to the brand new hacking? Will see in the next post.
"We are legion"
Next Post: "How easy is to hack a server part 2"
I hope you feel identified with my stories and thoughts about Computer Security
Subscribe to:
Post Comments (Atom)
Popular Posts
-
(Now you can access to the Spanish version of this post | Ya está disponible la versión en Español de este post) Hi there! Today we wil...
-
Today we will talk about differences between DDoSing a service and hacking a server. If you don't know what't DDoS and DoS, go to ...
-
(There is a Spanish version of this post | haga click aqui para acceder a este post en Español ) Just a few months ago we heard: "WP...
-
Hola de nuevo Hacía ya mucho tiempo del último post, muchos cambios en mi vida ultimamente pero estoy de vuelta :) Hoy estamos aqui para...
-
(Esta es la versión en Español de un post reciente | This is the Spanish version of a previous post ) Hace unos meses se escucho: ...
-
(Visit the brand new version of this old post in Spanish) Today we will write about "WifiWay". WifiWay is a free open linux d... -
(There is another post in Spanish | Puedes acceder a la versión de post en Español aqui ) Today, here we are with the next post about a kin... -
(Esta es la versión en Español de un post previo en ingles | This is the previous version of a post in English ) Hoy estamos aqui con ...
-
Today we will write about Nessus (from my point of view) the best vulnerability scanner. There are many network scanners: * nmap : a ver...
-
(Now you can access to the Spanish version of this post | Puede acceder a la versión en Español de este post) Hi there! Long time ago fro...
bubbles
ReplyDeleteI think I don't understand this short comment.
ReplyDeleteDo you refer that http://en.wikipedia.org/wiki/Bubble_(computing) ?
plz illustrate it more, make root on server like article, this is not good,sorry2say.
ReplyDeleteThis is an old post, we will back to this topic later with further information and tools.
Delete