NCJ Number
185002
Journal
White Paper Volume: 14 Issue: 5 Dated: September/October 2000 Pages: 11-35
Date Published
2000
Length
4 pages
Annotation
This article explains how computer "hacking" tools work, where hackers get their tools, hacking prevention measures, software tools available to fight hackers, how anti-hacking tools work, and the future of hacking and hacking countermeasures.
Abstract
Hacking (gaining unauthorized access to a computer or computer network) is proliferating in the quickly expanding Internet environment. A hacking tool is a two-part mechanism that consists of a server and a client. The server is installed on the victim's computer, and the client operates from the hacker's computer to send commands to the server, which provides a "silent" back door into the victim's computer. A hacking server usually is sent to the victim as an innocent-looking e-mail attachment or file transfer during an Internet chat session. It can be named anything: virtual carracining.exe, flowers.exe, or even fraudtips.exe. There are numerous hacking programs available on the Internet, mostly for free distribution by various sites. This article lists a few hacking tools with their port numbers and protocols. Some standard measures for preventing hackers' access to a computer include verification of the source of an attachment file, selection of software with adequate security features, use of a firewall, and surfing only trusted or known web sites. The latest versions of most popular anti-virus programs now identify "Trojans" when a particular hacking server file is clicked or any other interfacing happens with that file. Unfortunately, most of the anti-virus programs cannot clean, delete, or move these servers once identified. Usually these files must be quarantined and manually deleted by technical support personnel. The growth of hacking tools is faster than the development of anti-hacking programs and firewalls. Consequently, fraud examiners must arm themselves with the required knowledge and skills to prevent clients' computer networks from becoming slaves to unknown "cyber masters."