Log inHacker need to know
Page 1 of 1
Hacker need to know
Rynn Tue Dec 04, 2007 11:31 pm
Hackers have to know at least the 16 issues
Q: What is network security?
A: Network Security refers to the network system hardware, software and system data to be protected, not because of accidental or malicious destruction of reasons vary, leaks, the system can be reliable for normal operations, network services are not interrupted .
Q: What is the computer virus?
A: Computer Virus (Computer Virus) refers to computer programs in preparation to insert functional damage or destroy computer data, the impact of computer use and to be self-reproduction of a group of computer instructions, or code.
Q: What is the Trojan horse?
A: A Trojan is a malicious nature of the remote control software. Trojan generally consists client (client) and server-side (server). The client is the local use of various orders console, the server is running to give others, only running a server computer can be completely controlled. Trojan did not like to virus infection documents.
Q: What is the firewall? It is how to ensure network security?
A: The use of firewall (Firewall) is a way to ensure network security. The firewall is set up in different networks (such as the trusted enterprise intranets and the public networks is not credible) or between the network security domain of a series of components portfolio. It is different networks or network security domain information between the only entrances, according to corporate security policy control (permission refused, monitoring) access network information flow, and itself has strong anti-attack capability. It is to provide information security services, network and information security infrastructure.
Q: What is the back door? Why would there back door?
A: The back door (Back Door) means a bypass security and access control system for access to procedures or methods. In software development stage, software programmers in the regular backdoor so that we can create deficiencies in the amendment procedure. If other people know that the rear gate, or not prior to delete the software, then it becomes potential safety problems.
Q: What is meant by intrusion detection? ?
A: Firewall Intrusion Detection is a reasonable added that the help system against network attacks, system administrators to expand the security management capacity (including safety audit, surveillance, attack recognition and response), improving information security infrastructure integrity. From its computer network system in a number of key points to collect information and analyze the information to check whether there are violations of network security strategy behavior and the signs were attacked
Q: What is meant by monitoring data packets? What is the role of it?
A: packet monitoring can be considered tapping telephone lines in a computer network in the equivalent. When a person "monitoring" network, they actually read and interpret the data sent over the network packets. If you need the computer on the Internet by sending an e-mail request or downloaded from a web page, so that these data will operate through your destination and data between many computer. These transmission of information through computer can send data to see you, and packet monitoring tool allows a person to see it and intercepted data.
Q: What is NIDS?
A: NIDS is the acronym for Network Intrusion DetectionSystem, network intrusion detection systems, mainly for detection Hacker Cracker through the network or the invasion of behavior. NIDS There are two ways of running, one is running on the target host to monitor their own communications information, and the other is in a separate machines running on network equipment to monitor all communications information, such as Hub, routing device.
Q: What is meant by SYN packets?
A: TCP connection to a bag, a very small data packets. SYN attacks included a large number of such packages, as these packages look from the actual site does not exist and therefore can not be effectively treated.
Q: encryption technology refers to what?
A: encryption technology is the most commonly used means of security and confidentiality, the use of technical means to important data into garbage characters (encryption) transmission, arrive at their destinations before using the same or different means of reduction (decrypted).
Encryption technology includes two elements: algorithm and key. The algorithm is general information or understandable information and a bunch of figures (key) combined have to understand the text of the steps, the key is used to decrypt data coding and an algorithm. In security, through the appropriate key encryption technology and management mechanisms to ensure that the information and communication network security.
Q: What is the worm?
A: worms (Worm) from the first in the spread of the virus on the network. In 1988, 22-year-old Cornell University graduate student Robert Morris (RobertMorris) sent through a network specifically for the attack UNIX system defects, called "worms" (Worm) virus. The worm caused the 6000 system paralyzed, it is estimated that losses from 2 million to 60 million US dollars. Since the birth of this worm, the Internet has formed a special computer emergency response team (CERT). Now worm family have grown to tens of thousands of species, and this 10 million kind of worm out most of the hands of hackers.
Q: What is the operating system of the virus? What harm it?
Answer: that the virus will use its own procedures to replace part of the operating system or operating system to work, and highly destructive, it can cause paralysis of the entire system. And because infected with the operating system, this virus at runtime, the program will use their own operating system to replace the legitimate fragmentation process module. According to the characteristics of the virus itself and the operating system was legitimate alternative procedures module in the operating system running in the status and role of the operating system and virus replace replace mode, the operating system sabotage. At the same time, the system of this virus infection of the document also very strong.
Q: What is the Morris worm? What are the characteristics of it?
A: It is the authors of the United States Cornell University first-year postgraduate Lott Morris. This procedure only 99 firms, the use of Unix System of shortcomings with Finger orders on-line users search list, and then encode user passwords, using Mail system reproduction, dissemination of their own source files, compilers generate code again.
The initial network worm when the network is designed to spare, in the computer program "loitering" and not bring any harm. When the machines are overloaded, the procedure can spare computer "borrow resources" to achieve the network load balancing. The Morris worm is not "borrow resources", but "exhausted all resources."
Q: What is DDoS? It would lead to what consequences?
A: DDoS is distributed denial of service attacks. It uses the common denial of service attacks the same way, but the attack is the source of many. Usually attackers use downloaded tool infiltration unprotected server, the mainframe is obtained from the appropriate access rights, the attacker installed in the mainframe software services or process (hereinafter referred to agents). These agents maintain sleep until from their host to receive the instruction, the goal of the designated launch denial of service attacks. With our strong against the widespread use of hacking tools, distributed denial of service attacks can be launched on a target thousands of attacks. Individual denial of service attacks on the power of bandwidth may not affect a wide site, and distributed in thousands of attacks worldwide will have fatal consequences.
Q: internal LAN ARP attack refers to what?
A: ARP is the basic functions of the device through the IP address goals, objectives equipment for the MAC address, to ensure that communication process.
Based on the ARP of this work, the hackers sent to the other computer fraud nature of the ARP packets, packet contains a duplication of equipment and the current Mac address, the text of each other in response to the report, due to a simple address to repeat mistakes The result can not engage in normal network communication. Under normal circumstances, ARP attack by the computer will be about two phenomena:
1. Constantly pop up "XXX of this machine and network hardware addresses of the XXX address conflicts." Dialog box.
2. Normal computer can not access, a network interruption symptoms.
Because of such attacks is to use ARP request text of "deceit" and therefore will mistakenly think that the firewall is a normal request packet, no interception. Therefore it is difficult to resist ordinary firewall such attacks.
Q: What is meant by deception attacks? Which it attacks?
A: Network deception technologies are: HONEYPOT and distributed HONEYPOT, deception space technology. The main methods are: IP deception, ARP spoofing, DNS deception, deceit Web, e-mail deception, deceit Source Routing (through designated routes, the other a fake identity and mainframe legitimate communication or send false message to a mainframe attacks the wrong moves), the address spoofing (including forged source addresses and forged Intermediate Site)
Q: What is network security?
A: Network Security refers to the network system hardware, software and system data to be protected, not because of accidental or malicious destruction of reasons vary, leaks, the system can be reliable for normal operations, network services are not interrupted .
Q: What is the computer virus?
A: Computer Virus (Computer Virus) refers to computer programs in preparation to insert functional damage or destroy computer data, the impact of computer use and to be self-reproduction of a group of computer instructions, or code.
Q: What is the Trojan horse?
A: A Trojan is a malicious nature of the remote control software. Trojan generally consists client (client) and server-side (server). The client is the local use of various orders console, the server is running to give others, only running a server computer can be completely controlled. Trojan did not like to virus infection documents.
Q: What is the firewall? It is how to ensure network security?
A: The use of firewall (Firewall) is a way to ensure network security. The firewall is set up in different networks (such as the trusted enterprise intranets and the public networks is not credible) or between the network security domain of a series of components portfolio. It is different networks or network security domain information between the only entrances, according to corporate security policy control (permission refused, monitoring) access network information flow, and itself has strong anti-attack capability. It is to provide information security services, network and information security infrastructure.
Q: What is the back door? Why would there back door?
A: The back door (Back Door) means a bypass security and access control system for access to procedures or methods. In software development stage, software programmers in the regular backdoor so that we can create deficiencies in the amendment procedure. If other people know that the rear gate, or not prior to delete the software, then it becomes potential safety problems.
Q: What is meant by intrusion detection? ?
A: Firewall Intrusion Detection is a reasonable added that the help system against network attacks, system administrators to expand the security management capacity (including safety audit, surveillance, attack recognition and response), improving information security infrastructure integrity. From its computer network system in a number of key points to collect information and analyze the information to check whether there are violations of network security strategy behavior and the signs were attacked
Q: What is meant by monitoring data packets? What is the role of it?
A: packet monitoring can be considered tapping telephone lines in a computer network in the equivalent. When a person "monitoring" network, they actually read and interpret the data sent over the network packets. If you need the computer on the Internet by sending an e-mail request or downloaded from a web page, so that these data will operate through your destination and data between many computer. These transmission of information through computer can send data to see you, and packet monitoring tool allows a person to see it and intercepted data.
Q: What is NIDS?
A: NIDS is the acronym for Network Intrusion DetectionSystem, network intrusion detection systems, mainly for detection Hacker Cracker through the network or the invasion of behavior. NIDS There are two ways of running, one is running on the target host to monitor their own communications information, and the other is in a separate machines running on network equipment to monitor all communications information, such as Hub, routing device.
Q: What is meant by SYN packets?
A: TCP connection to a bag, a very small data packets. SYN attacks included a large number of such packages, as these packages look from the actual site does not exist and therefore can not be effectively treated.
Q: encryption technology refers to what?
A: encryption technology is the most commonly used means of security and confidentiality, the use of technical means to important data into garbage characters (encryption) transmission, arrive at their destinations before using the same or different means of reduction (decrypted).
Encryption technology includes two elements: algorithm and key. The algorithm is general information or understandable information and a bunch of figures (key) combined have to understand the text of the steps, the key is used to decrypt data coding and an algorithm. In security, through the appropriate key encryption technology and management mechanisms to ensure that the information and communication network security.
Q: What is the worm?
A: worms (Worm) from the first in the spread of the virus on the network. In 1988, 22-year-old Cornell University graduate student Robert Morris (RobertMorris) sent through a network specifically for the attack UNIX system defects, called "worms" (Worm) virus. The worm caused the 6000 system paralyzed, it is estimated that losses from 2 million to 60 million US dollars. Since the birth of this worm, the Internet has formed a special computer emergency response team (CERT). Now worm family have grown to tens of thousands of species, and this 10 million kind of worm out most of the hands of hackers.
Q: What is the operating system of the virus? What harm it?
Answer: that the virus will use its own procedures to replace part of the operating system or operating system to work, and highly destructive, it can cause paralysis of the entire system. And because infected with the operating system, this virus at runtime, the program will use their own operating system to replace the legitimate fragmentation process module. According to the characteristics of the virus itself and the operating system was legitimate alternative procedures module in the operating system running in the status and role of the operating system and virus replace replace mode, the operating system sabotage. At the same time, the system of this virus infection of the document also very strong.
Q: What is the Morris worm? What are the characteristics of it?
A: It is the authors of the United States Cornell University first-year postgraduate Lott Morris. This procedure only 99 firms, the use of Unix System of shortcomings with Finger orders on-line users search list, and then encode user passwords, using Mail system reproduction, dissemination of their own source files, compilers generate code again.
The initial network worm when the network is designed to spare, in the computer program "loitering" and not bring any harm. When the machines are overloaded, the procedure can spare computer "borrow resources" to achieve the network load balancing. The Morris worm is not "borrow resources", but "exhausted all resources."
Q: What is DDoS? It would lead to what consequences?
A: DDoS is distributed denial of service attacks. It uses the common denial of service attacks the same way, but the attack is the source of many. Usually attackers use downloaded tool infiltration unprotected server, the mainframe is obtained from the appropriate access rights, the attacker installed in the mainframe software services or process (hereinafter referred to agents). These agents maintain sleep until from their host to receive the instruction, the goal of the designated launch denial of service attacks. With our strong against the widespread use of hacking tools, distributed denial of service attacks can be launched on a target thousands of attacks. Individual denial of service attacks on the power of bandwidth may not affect a wide site, and distributed in thousands of attacks worldwide will have fatal consequences.
Q: internal LAN ARP attack refers to what?
A: ARP is the basic functions of the device through the IP address goals, objectives equipment for the MAC address, to ensure that communication process.
Based on the ARP of this work, the hackers sent to the other computer fraud nature of the ARP packets, packet contains a duplication of equipment and the current Mac address, the text of each other in response to the report, due to a simple address to repeat mistakes The result can not engage in normal network communication. Under normal circumstances, ARP attack by the computer will be about two phenomena:
1. Constantly pop up "XXX of this machine and network hardware addresses of the XXX address conflicts." Dialog box.
2. Normal computer can not access, a network interruption symptoms.
Because of such attacks is to use ARP request text of "deceit" and therefore will mistakenly think that the firewall is a normal request packet, no interception. Therefore it is difficult to resist ordinary firewall such attacks.
Q: What is meant by deception attacks? Which it attacks?
A: Network deception technologies are: HONEYPOT and distributed HONEYPOT, deception space technology. The main methods are: IP deception, ARP spoofing, DNS deception, deceit Web, e-mail deception, deceit Source Routing (through designated routes, the other a fake identity and mainframe legitimate communication or send false message to a mainframe attacks the wrong moves), the address spoofing (including forged source addresses and forged Intermediate Site)
Rynn- lvl 50
- Posts : 314
Join date : 2007-12-03
Age : 35 -
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum