Hacking – A Fullstop On E-system
Passion or Madness: Now days, it has become a passion to learn how to hack. Some of us do it for the sheer challenge, some for the sheer love for learning and new technologies. Regardless of what the reason is, with every hack someone is trying to improve the technology we rely on.
There are many hacking related skills one can learn, depending on the person and the type of hacking they want to do. As there are many opportunities and facets to the hacking world, it makes it complex to learn all things related to it.
But, it is never too late if you have the right information and the right techniques. In order to make sure that you have all the information you need, you can always study and learn hacking. The best part of it all is that, for all you know, you can be the next hacker that redefines the way we think about security.
Mentoring: There are many opportunities available for collaboration and snooping on hackers. If you have an interest in snooping on hackers or have the opportunity to learn from them, consider taking a class or participating in a workshops. You might be surprised how much knowledge they have about the technologies they use… and you can use what you’ve learned and put it to good use.
Sniffer: We have tools now that can let us track IP addresses. We can also tell how far away the IP address is from us, and we can sniff for firewalls, viruses, and other threats. We can also reveal a lot of other information about the person/company that we are dealing with.
Cache: We refer to the temporary files that store all the information that has been fetched over the net. Actually, the term ‘cache’ is a bit misleading. The information is not stored in order and there is no order to it. The information is usually stored in memory and while it is loading it is also stored in a temporary location so that it is not immediately discarded. The temporary location is emptied when the request for the information is finished and then the information is discarded.
Many hacking tools use a variety of modes of communication Protocols (Speakers, Morse code, Direct Sensing, etc.)
Protocols
•http which is a general term used for HTTP/ActiveX and often used by many InternetBrowsers, presents significant security risks. It is a specification supported by the Internet Engineering Task Force (IETF) and is responsible for the functioning of the World Wide Web. The primary concern of the IETF is the transfer of files and processes over the Internet.
The subsequent technologies, which are often but not always classified, follow between HTTP and TCP/IP and SPI.
Internet Protocol (IP)
•IP over SSL
• Internet Protocol (IP) is a set of protocols that offers Internet users the ability to communicate online using the TCP network. The IP protocol applies resource sharing and addressing methods among the computers on a network and is responsible for the flow of information exchanged during online transactions. Online users consists of computers that have been granted access by an Internet service provider (ISP).
Online Systems Management (OSMP)
•http://security.symantec.com/sscv6chery/hosts.htm
•http://www.cert.org/vul_notes/VN219|
o Virus Bulletin No. 9110 provides updates on viruses that are specific to the Microsoft IIS 5.0 Extended Validation SSL Certificate. This Microsoft SSL certificate enables you to secure private data that pass through, including documents, e-mail messages, and on to databases, which store user credentials and other private information. This certificate also enables your site to display a secured page now and later, when your users click a protected link.
The CSR data must be verified and properly transformed in the digital object before it can be authenticated and then encrypted. Therefore, to access the signed certificate, the user must have the Bit-Authentication turned on for the Microsoft Exchange 2007 Online Explorer (E), which comes with the SSL functionality.
Effects of Certificate Fraud
A fraudulent Certificate could cause several problems for the user. The certificate could be fraudulent in the sense that the name of the sender or any essential part of the signature block is misrepresented or false. Physical inspection of the AIA may also be performed by an authorized third party, such as an auditor, in order to confirm the fact that the web site is legitimate. If SSL authentication is possible and has been enabled on the site, the browser will display a padlock and indicate that an SSL certificate is secured.
Reasons to Prevent Certificate Fraud
The instances of certificate fraud may be reduced if users and businesses implement evolving strategies and are informed about how the security process & monitoring mechanisms work.