How Hackers Attack

Smurf and DOS Attacks

            In a smurf attack, or denial of service (DOS) attack, a hacker floods an Internet service provider with enough useless traffic that no customer can use the service. These attacks have become very popular on the Internet. In order to attack, the hacker send many ping (Packet Internet Groper) packets to a network connected to the Internet. Ping uses the Internet Control Message Protocol, which is a protocol used for things such as determining whether computers are connected to the Internet properly. The network is not being attacked, but it is being used to attack the ISP. The hacker forges the ping packets’ return addresses, to make it that of the ISP. This hides the hacker’s identity, and by making the address the ISP’s, it will flood the ISP with traffic.

            The network’s directed broadcast address is pinged repeatedly, and this address will send the ping request to every computer on the network (which can be hundreds). Every single one of these computers will respond to each ping request. The responses, however, will be sent to the forged ISP’s address and not to the hacker. The ISP is flooded with tens of thousands of ping responses per second, which can exceed more than 5 megabytes of data from one network.

            The hacker can further harm the ISP by sending forged ping requests to other networks, as well. Each network will then respond to the ISP with more than 5 MB of packets per second.

            The ISP’s customers cannot use the Internet because all of the data from the ping packets takes up the ISP’s entire bandwidth.

How Hackers Attack Personal Computers

            There are many ways in which a hacker can use and damage your computer. Before a hacker can use your computer, however, they must gain access to it. A common way of doing that is by using a program called a Back Orifice. Before a hacker can use a Back Orifice, you must have the program on your computer. You can get the program in many ways, such as opening an e-mail attachment, or by receiving it in an Internet chat.

            Hackers can scan computers to see which ones have Back Orifice running on them. They do this by sending out “port probes,” which are packets that check virtual ports computers have when they are connected to the Internet. Back Orifice uses port 31337, so if that port is open, the hacker will be notified by the port probe that he can gain access to that computer.

            When a hacker has control of your computer, he can do almost anything he wants to. Some examples of things the hacker can do include:

• The hacker can copy or delete some or all of the files on your computer.
• The hacker can find out personal information from your files, such as your credit card number, social security number, back account information, etc. He can then use this information as he pleases (illegally, that is).
• The hacker can steal all of your passwords, allowing him to take data on your computer that you have protected by a password, and he can pretend to be you on Web sites.
• The hacker can upload or download any files to or from your computer. He could store illegal copies of software on your computer and allow other hackers to download it.
• The hacker can use your computer to attack large Web sites or corporations. When he attacks them from your computer, the damage would be done, and you would be framed as the criminal.

Internet Independent Study Home Page