tailieunhanh - Bảo mật hệ thống mạng part 39

PHƯƠNG PHÁP CỦA hacker nhắm mục tiêu Hacker nhắm mục tiêu là cá nhân không phải tìm kiếm tiếp cận thông tin cụ thể hoặc các tổ chức nhưng thay vì tìm kiếm bất kỳ hệ thống mà họ có thể thỏa hiệp. Mức độ kỹ năng của cá nhân đó thay đổi từ hoàn toàn không có kỹ năng để rất lành nghề. Động cơ của tin tặc nhắm mục tiêu dường như là thách thức chủ yếu của tiếp cận với hệ thống. Có thể có một số động cơ thúc đẩy sự tham lam trong số này tin. | 249 Chapter 13 Hacker Techniques METHODS OF THE UNTARGETED HACKER Untargeted hackers are individuals who are not looking for access to particular information or organizations but instead are looking for any system that they can compromise. The skill level of such individuals varies from completely unskilled to very skilled. The motivation of untargeted hackers appears to be primarily the challenge of gaining access to systems. There may be some greed motivation among these hackers but what they are trying to acquire by their actions remains a mystery. Targets Untargeted hackers look for any system they can find. There are not normally any pre-identified targets. Occasionally a network or domain name may be chosen to search for targets but these choices are considered to be random. Reconnaissance Reconnaissance for the untargeted hacker can take many forms. Some perform no reconnaissance whatsoever and just begin the attack without even determining if the systems that are being attacked are actually on the network. When reconnaissance is performed it is usually done from systems that the hacker already has compromised so that the trail does not lead directly back to the hacker. Most often the untargeted hacker will perform a stealth scan also called an IP half scan against a range of addresses to identify which systems are up. A stealth scan is an attempt to identify systems within an address range. It may also identify the services being offered by the identified system depending on how the scan is performed. The stealth scan may be used in conjunction with a ping sweep of the address range. A ping sweep is simply an attempt to ping each address and see if a response is received. When a hacker performs a stealth scan he sends a normal TCP SYN packet to the address and waits for the TCP SYN ACK response. If a response is received the hacker sends a TCP RST packet to close the connection before it actually completes see Figure 13-7 . In many cases this prevents .

TỪ KHÓA LIÊN QUAN