Casey’s Paper

This is a paper i wrote a while back that i just finished proofreading.  If you would like a download of the paper, click here.

The Security and Operation of


Computers, the Internet, and


Home and Corporate Networks


Computers can do absolutely incredible things that most people do not know about. They can steal and crack passwords, take down websites, and, if the hacker has a mind to, erase people’s identity completely. These procedures can seem outrageously complicated to most home users, but, in reality, they aren’t really complex at all. Now, this paper is not entitled “How to Hack,” so I recommend to anyone who wanted it to be titled that stop reading right now, and in case anyone decided not to listen to that warning, all the actual programs used to perform these hacks have not been named to protect the innocent. This paper has been written so that the average home user can be protected from the hackers who are out there.

Have you ever noticed that on some days you start up your computer and it seems to go slower that usual? You are probably, among almost all computer users, a victim of viruses and spyware.

Spyware is designed to steal information in the form of your web browsing and keystrokes. A form of spyware, the sole purpose of which is to record your keystrokes, is called a key logger. All kinds of spyware work by installing themselves on your computer, doing their job of collecting the information that they are made to, and sending it back to the creator or distributer of the spyware.

Viruses are programs that are made for malicious purposes. They delete files that are critical to the function of your computer, as well as personal files and settings when told to. There are about 150,000 files on the average computer, about 8,000 of them are required for the computer to function without acting strangely, and about 6,000 are absolutely critical, and viruses have the potential to destroy any of these files. Most of the people who make malicious programs, especially viruses, usually don’t use them immediately; they just like to have the potential to use them.

There are many ways for these programs to get onto your computer. One is for the hacker to send you an email that has a link to a dangerous website, in the hope that you will go to the dangerous website. If you do, the spyware, viruses, or both, will download and install to your computer silently without your knowing. These emails are called spam.

Another method of attack is called phishing, where emails that impersonate a bank or other large company ask you to update your information because of a system upgrade or other excuse. When you go to the webpage, which is really the webpage of the hacker impersonating the company, and you enter your information, the hacker then gets it. That then allows the hacker, if he/she feels so inclined, to go to the bank’s real website and transfer funds from your bank account to other accounts, like his or her own. There are many other methods of distribution that are beyond the scope of this paper.

As you can see, these methods are very reliant that the victim (you) will click the link in the email that you receive, so a good defense for these attacks, or hacks, is to be wary about what you click in your emails. Most email services have built-in spam protection, but this is not an excuse for not being careful.

A defense against all these threats is to use a system cleaner such as Microsoft’s Disk Cleanup, or Piriform’s Ccleaner. It can rid your computer of unnecessary files in folders where these programs may lie.

The difficulty of “hacking” someone’s computer WITHOUT interaction from the victim becomes harder as the distance between the hacker and the victim increases. We are going to go over the methods of hacking someone’s computer if you have physical access to the victim’s computer. One of the more popular methods is using a USB switchblade, which is a set of programs stored on a USB flash drive. When a switchblade is inserted into the victim’s computer, a set of codes automatically runs a set of programs that may install a key logger and may steal the following information, or information about:

  • the computer’s network adapter(s)

  • general system information

  • the external IP address

  • all wireless network passwords

  • all users’ login passwords to the computer

  • all users’ email passwords

  • all remembered passwords in Mozilla Firefox or Internet Explorer

  • all passwords remembered in Microsoft Messenger

  • product keys of all Microsoft applications

  • a list of all Microsoft Updates

  • all running and non-running network services

  • all open and closed ports

  • a list of all the files stored on the computer

  • all the running and non-running drivers

All of these options can be selected and de-selected by the hacker prior to running the switchblade. The installed key logger will now monitor all keystrokes and send them back to the email or FTP account that the hacker specified prior to running the switchblade. All this can be done in less than two minutes, if listing all files on the computer is enabled, and in less than 30 seconds if it is disabled**. It is extremely easy to add other features to a USB Switchblade if the specific feature has not yet been implemented into the Switchblade. For instance, if a hacker would like to be malicious and destroy the computer, he/she could simply tell the switchblade programs to delete certain critical files necessary to the function of the computer.

Some defense against switchblades is to have one or more antivirus programs with a real-time shield. If you have a real-time shield enabled, it will throw up a warning that will say, “The program —PROGRAM NAME— is trying to run, and it is a threat,” or something along those lines, allowing you to delete the malicious program.

Unfortunately, some USB drives, called U3 drives, are set up in such a way that the computer thinks that the information on a certain portion of that drive is on a CD or DVD. Since most CDs and DVDs are made so the data on the disk cannot be deleted, and the computer thinks that the switchblade programs are on one, the programs cannot be deleted, and the switchblade cannot be stopped unless it is physically un-plugged. Hopefully, if you are close enough to the computer to see this warning, appearing very soon after the hacker, be he or she a co-worker or a tech specialist, you will unplug the drive and send the hacker on his or her way.

Now we are going to go over a scenario of hacking someone’s computer inside the same network, called the LAN. The LAN is normally inside of the same building or within about 500 feet of it, if the building has a wireless network, which most buildings, either corporate or home, do. The LAN may be in other places, under special** circumstances. You would be inside the LAN via a physical ethernet cable connection or via the wireless network. Later we will go more into wireless networks, and methods of hacking them. Remember, this means that we could be on the bottom floor of the building, and our victim could be 50 stories up, and we could still initiate the attack and walk out of the front door if someone notices that we are up to something.

The method we will use here is called ARP poison routing, or APR for short. What is very neat about this technique is that you can use it to hack anyone, or everyone on the network at the same time. What this technique does, is re-route the data going from the victim, to the router, to the internet like it normally would, and having it go from the victim, to you, to the router, and then to the internet.

When this happens, the program that you are using can then scan the information that is going through your computer for passwords, and make a list of the passwords it finds. The passwords that appear are only the usernames and passwords that the victim uses to log in at that moment, onto a certain website; it does not work like a switchblade, stealing all the remembered passwords and other information. This method can also be used to record VOiP calls from programs such as Skype.

If the victim is logging onto a site that uses a type of encryption called HTTPS, the hacker must make a fake electronic certificate to decrypt the data into its readable form. This is not a piece of paper, it is an electronic document. This can take some time, and the program has the data not leave the hacker’s computer until the fake certificate has finished being generated, and can therefore be decrypted into its readable form. This can create delays in the victims web browsing and can sometimes throw up a “certificate error” message that can give you a clue that someone is using APR on your computer.

Another limitation on the APR method is that since all the data is getting transmitted through the hacker’s computer, and it does not have the performance of a router, it can cause considerable network slowdown if you are using APR on a lot of victims, (more than 20 or so). If you suspect that you are the victim of APR, exit the page and stop web browsing, but if you like, login to any in-secure website using a fake username of “Go Away You”, and a password of “ARP Poison Router!!!” or something of the sort. Something implemented into certain programs gives the hacker the functionality to have a remote command line, remote registry access, and other options, remotely on the network.

Usernames are almost always transmitted in a plaintext form, and usually, passwords that are on a website that does not have sensitive information, such as a gaming site. *** If you are on a credit card site, or a banking site, they may encrypt the password using what is called a cryptographic hash function, or Hash for short.

Hashes are a big part of computer security, and will be explained in detail later, but for now, here is a reduced explanation. Hashes are a type of encryption used for encrypting passwords, and for verifying that files were transmitted correctly, either through the internet, or from computer to computer.

Hacking from outside on the network, or from a computer that is hundreds or thousands of miles away can be very difficult if have not had access to the victims computer before, and you plan on hacking their computer without any interaction from the victim, as oppose to sending them an email with a dangerous link, or other methods that require only the victims unknowing participation.

Usually, the only ways to do that is with any program that takes existing holes in programs or programs to use. These holes usually allow the hacker to spawn a reverse command shell, which in English means to have a DOS command prompt on the hackers computer, but the commands he/she executes run f the victims computer, that is why it is very important to PATCH UP, or in other words, install the latest patches for programs that will close security holes that the programs manufacturer has already found.

One of the easiest methods is to use a DOS attack. What a DOS attack is, is the process of sending a specific computer, (it could be a co-workers computer or a server), oversized packets of information very rapidly. When this happens, the victim’s computer internet and programs can slow down or completely crash. This can be remedied with a simple restart, but if the hacker won’t stop, the computer will be non-functional until the hacker stops, or if you move to another network, therefore changing your IP Address, which is what a hacker uses to specify who he/she wants to attack. DOS attacks can be used over the internet, or on the LAN. The only downside to this type of attack is that it is destructive, and no passwords are stolen.

What an IP address is is an address of a computer, so other computers can find you. There are two kinds of IP Addresses, one for on the LAN, and one for on the internet. An IP Address for your computer that is for the internet really corresponds to the network that you are on, like your house, and the IP Address for the LAN, your computer itself, like you. If “Bob’s” computer in Florida wanted to tell “Jane’s” computer in California something, it would look like this.

192.168.0.4 (Bob’s computer on the LAN) on 213:3:21:132 (Bob’s network) is sending information to 192.168.2.11 (Jane’s computer on the LAN) on 56:154:19:37 (Jane’s network)

IP Addresses on the internet range from 0:0:0:0 to 255:255:255:255, and the same on LAN’s, but on a LAN, IP Addresses are usually from 192.168.0.1 to 255:255:255:255. No two IP Addresses on same LAN can be the same, and no two IP Addresses on the internet can be the same. If they are on either networks, the LAN or the internet, it would be a huge mess, data going to all the wrong people, and the data that is supposed to go to the right people might never arrive.

The US uses 256 bit IP Addresses, meaning 256 combinations, 0-255 for each 4 spaces. For the IP Address of Bob’s network, 213:3:21:132, the first space has the number 213, the second, 3, the third space, 21, and the forth, 132. Different Countries might only use 32 bit IP Addresses, so for that country, the IP Addresses would be 0:0:0:0 to 31:31:31:31. For the US’s 256 bit IP Addresses configuration, there are 4,294,967,296 different IP Address combinations; that’s a lot!

Every IP Address has ports; they are like lanes on a highway that different types of data travel. For each IP Address, there are 65536 different ports. Different types of data travel on each port, for example, website data goes through port 80. It would be horribly insecure to have every port open, so mostly 10 or so are open; others are closed so no traffic can go by. In a DOS attack, a hacker has to choose what port to use, and if it is closed, nothing will happen.

Website addresses, such as www.google.com “blanket” an ip address. If you type in a website’s corresponding IP address, the same website will pop up.

We will now talk about hacking a wireless network. What a wireless network is, is simply means of connecting to a network without needing to use any wires, hence the wireless name. There are three ways of having your network set up, one which is un-encrypted and requires no password to connect, and two that are encrypted and do require a password to connect.

One option is to have the wireless network be unencrypted, so anyone can connect to it. In theory, this is a nice gesture to your neighbor because it provides them with free internet, but if your neighbor is a hacker, he or she can start APR or a DOS attack, which would be faster because it is being done over the LAN as oppose to the internet.

The other option is to have the network encrypted with something called WEP. To be very frank, in my opinion, WEP is about as secure as nothing when it comes to hackers. It is more than enough if someone just wants to keep people with little or no technical know-how from using their internet, but when it comes to hackers trying to get the password to a WEP encrypted wireless network, it is like trying to stop a tank with a line of teddy bears armed with feathers. It can be cracked in 10 minutes or less no matter what the password is.

The last type of encryption is WPA. WPA is much more effective than WEP. It still can be cracked if the password is weak, witch will be explained in detail later in the paper. If the password is strong, with many characters consisting of a password that is not a real word, it could take longer than the universe has been existing, or longer! In other words, it is un-crack able.

Something that many hackers do is called war driving. What war driving is, is where a hacker, or hackers, drive around in a car with a laptop, and find a network that is ideal, with WEP or no encryption. The hacker then cracks the network. Afterwards, he/she could do many things. He/she could start APR and steal passwords, or he/she enters the routers settings, and creates a password on the network, simply to be destructive, and/or to have their own personal wireless network simply to be able to say that he/she does. It would also be nice to have the “convenience” of having a personal wireless network if he/she ever decides to drive by there again, ignoring the fact that that will almost never happen, unless it is at a school where the hacker is routinely, or any other similar circumstance.

The method of cracking a WEP-encrypted wireless network goes like this. The hacker puts his/her wireless adapter in something called “monitor mode.” This is a mode that some wireless adapters support that enables the adapter to listen to all the traffic in the air, as oppose to if the adapter was in a mode called “managed,” in which it is normally. With the card in this mode, the hacker has the option of now seeing all the networks in range. Next, look at all the wireless networks in range and chose which one you want to crack. When you decide which one you want to crack, you begin to capture all the data going back and forth between anyone connected to the network, and any data on the network. The goal is to collect as many packets of information as you can. 20,000-40,000 are needed to crack a network with WEP encryption.

The next step is to make the router think that you are connected to the network. This is enough to make the router do things for you, but not enough to access the internet. What you can then do is have the router send out a lot (about 300/sec) of what are called ARP packets. The only problem is that you need a real ARP packet to go over the network first, before you can begin receiving more from the router. The use of these packets is that you can collect enough to crack the key. At 300 ARP packets a second, you would have 40,000 packets (enough to crack the key) in 3.3 minutes. All you then have to do is start the cracker, and crack the key.

When you crack a WPA, it is a little different. You have to have a person connect to the network if you want to crack the key. Having packets of data on a WPA-encrypted network does not speed up the cracking process at all. You need someone to connect to the network so that you can collect the hash to that network. We will get into hash cracking later in the paper.

It is almost impossible to crack a WEP-encrypted wireless network if no one is connected to the network, but with persistence, and using complex methods, it is possible. It is impossible to crack WPA if no one is connected to the network.

If you have a wireless network and ever find yourself on the internet and suddenly become disconnected, and you can’t reconnect, don’t panic; if it is a war driver, it is very easy to fix. It might just be that the internet is just plain down, but just to be sure, you can, if you feel so inclined, run out your front door with a panicked/mad look on your face and look for any car that isn’t usually there. If there is someone in it with a laptop, in an unusual car, go from panicked/mad face to a furious face and start to march toward the car. It will most likely go skidding away at top speed, fear in its wake.

Afterward, to remedy your faulty wireless network, you can go over to your wireless router and hold down a button with a paper clip that should say “reset”. That will reset the wireless network to something simply called “wireless” or something along those lines, which is un-encrypted.

If you got war driven because you had a WEP-encrypted network, or you had no password, change it to a WPA-encrypted network. If you got war driven and you had a WPA-encrypted network already, use a better password. Passwords will be explained in detail next.

In this portion of the paper, we are primarily going to be talking about the different types of encryption used in encrypting passwords, especially hashes. This portion on the paper is a bit more advanced than before, so be prepared.

We will start with hashes. Hashes are a method of encryption almost always used on passwords. There are about 10 different types of hash encryptions. Here are the 10 different hash encryptions for the word “hash”:

MD2

899C488DD5399A548A341FB082CFAA3B

MD4

258DEF5E78A5F18E3477FCFC55104F2E

MD5

0800FC577294C34E0B28AD2839435945

SHA-1

2346AD27D7568BA9896F1B7DA6B5991251DEBDF2

SHA2 (256)

D04B98F48E8F8BCC15C6AE5AC050801CD6DCFD428FB5F9E65C4E16E7807340FA

SHA-2 (384)

E8D286840C4A846976DEC3B5FD54B712DC90657ADC277882308DA1B776B8F2A397AFCF64C153E8D02357BAE1C457441F

SHA-2 (512)

30163935C002FC4E1200906C3D30A9C4956B4AF9F6DCAEF1EB4B1FCB8FBA69E7A7ACDC491EA5B1F2864EA8C01B01580EF09DEFC3B11B3F183CB21D236F7F1A6B

RIPEMD-160

73045E2E25B9531D5CB676CF73FFF291D4A1EE6D

LM

43154416D62F6C2A

NT

A6FC5832600E16F030DC788E922124F4

We are primarily going to use the most popular hash type, which is MD5. For MD5 encryption, there are 340,282,366,920,938,463,463,374,607,431,768,211,456 (about three hundred forty thousand, thousand, thousand quintillion) different combinations before you might start seeing duplicates, so pretty much there is no chance you will ever see a duplicate. For the word “hash”, the corresponding MD5 is;

0800FC577294C34E0B28AD2839435945

All hashes are different for different words, but the encryption technique is the same. No matter what you do. If you hash the word “hash”, using MD5 encryption, it will always end up as…

0800FC577294C34E0B28AD2839435945

…always. The hash is always different for different words, but it will always be the same format. An MD5-encrypted word will always be 32 characters long and always consist of upper-case letters and numbers. In this example, the word “paper” corresponds to this MD5 hash:

7E3F660480AB1640DE8024C200B5A4D3

The phrase “This research paper is entitled ‘Computer and Network Security,’ and it is about different types of methods that hackers use to, basically, hack” corresponds to:

47CB9DCB3A6EF136E2E88CC4282807B1

It is always in the same format, always. The specific purpose of a hash is to encrypt a password so a hacker can’t get the password easily. Let’s say that our password is “g”. The hacker is on his/her computer, and the victim logs into his/her email. Let’s also say a hacker was on a network using APR, and got a username of emailaddress@gmail.com and a password of “B2F5FF47436671B6E533D8DC3614845D” when we logged in. The hacker would put it into what is called a “brute forcer.” What this would do, is as simple as trying every combination within your parameters. For instance, your parameters could be to try every lower-case word up to, say, five characters. When the brute forcer started, it would do the first try, which, would be “a”.

a=0CC175B9C0F1B6A831C399E269772661

the hash, “0CC175B9C0F1B6A831C399E269772661”, does not match the hash we are trying to crack, witch is “B2F5FF47436671B6E533D8DC3614845D”. It then moves on to the next try, “b”

b=92EB5FFEE6AE2FEC3AD71C777531578F

Again, it does not match the hash we are trying to crack, so it goes on.

c=4A8A08F09D37B73795649038408B5F33

Result: does not match B2F5FF47436671B6E533D8DC3614845D

d=8277E0910D750195B448797616E091AD

Result: does not match B2F5FF47436671B6E533D8DC3614845D

e=E1671797C52E15F763380B45E841EC32

Result: does not match B2F5FF47436671B6E533D8DC3614845D

f=8FA14CDD754F91CC6554C9E71929CCE7

Result: does not match B2F5FF47436671B6E533D8DC3614845D

g=B2F5FF47436671B6E533D8DC3614845D

Result: does match B2F5FF47436671B6E533D8DC3614845D

Plaintext of B2F5FF47436671B6E533D8DC3614845D is “g”

Password for emailaddress@gmail.com is “g”

The hacker now knows that your password is “g”. That can seem pretty secure, taking into account that no one uses a password of “g” and that it took so long to read. Here is the catch, though: Computers can try about 4,000,000 passwords a second. That means that it would take 0.0000065 seconds to crack your password if it were “g”. Quite comforting, isn’t it? Now, these estimations are assuming that your password is “z”, because that’s when the brute force attack will be over, because it goes, a, b, c, d, etc., all the way to z. Then the attack is over.

Now, let’s take another password, say, “apple”. There are some things that we have to know before we start trying to crack the password. We first need to know its charset, which is short for “character set,” which tells us what characters we will use in the attack. If we used a numeric charset against the password “apple”, we will never crack it, because we are not trying any letters, and there are letters in the password “apple”. If we try to crack the password “apple”, we would use lowercase letters, up to five characters. (Normally the hacker wouldn’t know what characters to use, but for this paper, we will just assume that we do know what charset to use.) If we try to crack “apple”, there would be 12,356,630 combinations, which would take about 3.1 seconds. Remember, that is assuming that the password is zzzzz, but they are used, because it can tell you that if you are using the right parameters, your hash will be cracked in that amount of time. Again, definitely not secure.

Now, if you just add a “1” to the original password, it will become “apple1”. To crack this, there would be 2,238,976,116 combinations, now taking 9.3 minutes to crack. Better, but still not good enough.

If we make the password even harder to crack, we would change it to, “Apple1”, with a capital “A”. By doing this, it now has 57,731,386,986 combinations, taking 4 hours! Now, this still is not enough; you want something that will exceed your lifetime, plus some more in case the hacker has a faster computer. Let’s now make our password “Apple123”. For that, there are 221,919,451,578,090 combinations, taking 1.8 years! Still not good enough, so we change it to, “Apple123*”. When we do that, there are 85,718,519,097,865,888 combinations, taking a whopping 679.5 years! Now THAT is secure. A graph with bars to represent the numbers would be provided, but these numbers are so big, the graph would have to be huge to make any impression, but we can provide a numbered graph.

All these time values are assuming that you are using MD5 encryption. If you were trying to crack WPA encryption, it would take much longer, because the brute forcing can calculate only 115 passwords a second, so the password “apple123” without the capital “A”, would be more than enough because it would take 800 years to crack.

Now, it sometimes does not make sense to be trying passwords like “zX29e”, or “trZ39g”, so another option is to use a wordlist. A wordlist is a collection of real words that are tried against a hash. This makes sense because you are not trying unnecessary words that are not real and are, therefore, taking less time. The downside to using a wordlist is that if the password is not in the wordlist, you won’t crack it; the upside is that you can try any word you want, without its taking so long.

Here is a complex quote from the help file of the program originally made by Massimiliano Montoro.

“A Brute-Force attack is method of breaking a cipher (that is, to decrypt a specific encrypted text) by trying every possible key. Feasibility of brute force attack depends on the key length of the cipher, and on the amount of computational power available to the attacker. [Program Name’s] Brute-Force Password Cracker tests all the possible combinations of characters in a pre-defined or custom character set against the encrypted passwords loaded in the brute-force dialog.

“The key space of all possible combination of passwords to try is calculated using the following formula:

KS = L^(m) + L^(m+1) + L^(m+2) + …….. + L^(M)

where

L = character set length

m = min length of the key

M = max length of the key

“For example, when you want to crack an half of a LanManager passwords (LM) using the character set “ABCDEFGHIJKLMNOPQRSTUVWXYZ” of 26 letters, the brute-force cracker have to try KS = 26^1 + 26^2 + 26^3 + …… + 26^7 = 8,353,082,582 different keys. If you want to crack the same password using the character set “ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()-_+=~`[]{}|\:;”‘<>,.?/”, the number of keys to try rises at 6,823,331,935,124.

“Exhaustive key search cracking could take a very long time to complete however if the character set is the right one the password will be cracked; its only matter of time.”

Now, there is an alternative to the long waiting needed for brute forcing, and it is called rainbow tables. Rainbow tables are files that assist in cracking hashes without needing to wait. When you use rainbow tables, you trade time for storage, so, for instance, let’s say that you make a rainbow table that uses MD5 encryption, has a password length of six characters, and uses lowercase letters and numbers. These are the parameters that you would use to brute force the password “apple1”, witch would take 9.3 minutes if it was brute forced.

There are two more parameters that you can change, and they are the “chain length” and the “chain count”. We will call them “L” and “C”. When you increase the “L” parameter, the time to crack the hash goes up, and the probability of cracking the hash goes up, but the size of the table stays the same. If you increase the “C” parameter, the size of the table goes up, the probability of cracking the hash goes up, but the time to crack the hash stays exactly the same.

Here is an example. If you were trying to crack a hash that was an MD5 with 1-6 characters, using lowercase letters and numbers, with an “L” value of 4000, and a “C” value of 4,000,000, the probability of cracking the hash would be 95% in 4.8 seconds. That means that when the rainbow table was done, it would take 4.8 seconds to crack the hash, as opposed to the 9.3 minutes that it would take to brute force it, and you would have a 95% chance that it would get cracked in those 4.8 seconds. The only catch is that it would take 2.6 hours to generate the table, but you must remember that you can reuse the rainbow table as many times as you want, as long as they are in the parameters of the rainbow table. One could crack any of the following:

apple7, gorge8, pie212, cat982, 837750, paper1, report, 1, abc, 123456.

This specific rainbow table could not crack passwords like “1234567”, “advg&”, “jhm*”. The reason for this is that one is too long, and the other two have invalid characters. (***Where does it explain about invalid characters?)

The other advantage of using a rainbow table is that it can be generated by a person, and then that person, if he/she feels so inclined, can post it up for download, so someone else can use it without needing to generate them. There are distributed projects where people generate small rainbow tables, taking only 30 minutes or so to generate, and then uploading them to the website where they are combined into large, functional Rainbow Tables that can then be downloaded, free of charge.

Very quickly, while on the subject of encryption, for someone with a laptop, one can encrypt the entire computer with a program called “TrueCrypt”. TrueCrypt encrypts the entire computer with AES encryption, which is used by the government for up to “top secret” digital media. One could also use two of the finalists for the government’s main encryption algorithm, called “Twofish” and “Serpent”, or even use combinations of all three, encrypting it with AES, and then Twofish, and then Serpent. To decrypt your computer and use it, simply type in your password, and the computer is decrypted in about 10 seconds. There are no hashes that can be found in the computer in order to try to crack the password. If a hacker did use the only program available to try to hack a TrueCrypt password for a “file container”, it would calculate at only four passwords a second. At that rate, it would take 35 days to crack the password “apple”, as opposed to 9.4 seconds, which is as long it would take to crack that password if you were trying to crack an MD5 hash.

There is no such thing as a perfectly secure network, or any computer system, so it is important to be careful. No computer program replaces common sense. In conclusion, here are some tips for staying safe from hackers:

  • Never open emails from people you don’t know.

  • If something seems too good to be true, it probably is. Shooting the duck on your computer screen will not get you a free iPod.

  • Do regular virus and spyware scans with the programs of your choosing.

  • Use long and complex passwords that are not real words.

  • Always patch up!

  • Be careful who you allow to use USB drives on your computer.

  • If you ever get “Certificate Error” warnings when you are web browsing, exit the page and try again later. You are almost definitely a victim of APR.

Thanks for reading, and be safe!

Glossary

There were some terms that were used in this paper that were not explained fully if they were not needed for the complete understanding of the paper. These words were in bold and are listed here by order of appearance.

Hacker: A person or persons whose goal it is to steal another person’s data.

Virus: A program that is created with malicious intent, to delete files or settings or both.

Spyware: A program that is designed to steal the victim’s personal data in the form of web browsing and key strokes.

Key loggers: A program specifically designed to record the keystrokes of the victim, and send them back to the hacker.

Ethical hacker: A hacker who hacks to show the gaps in security in networks and other computer systems.

Spam: Any email message that is considered unnecessary to the person receiving it.

Phishing: The art of making a website that appears completely legitimate at first glance, but the code imbedded into the webpage is really set up to send the typed information back to the hacker.

Victim: The computer or person the hacker is trying to hack.

Hacks: Any programs or methods that aid a hacker in completing his/her goal.

Hacking: When a hacker is actually trying to hack.

Hack: The art of gaining unauthorized access into any type of computer system.

USB Switchblade: A USB drive with certain hacks on it, designed normally to steal information.

USB Drive: Any storage device that connects to a computer via a USB cable or plug.

System Information: Technical information about the components that make up a computer.

External IP Address: The address of a computer outside of the LAN.

Wireless Network: Any means of connecting to a network without connecting to a physical cable.

Login passwords: The password(s) that you use to log in to an account on a computer and allow the computer to function.

Firefox: A web browser made by the Mozilla Corporation that it normally considered better than Internet Explorer.

Internet Explorer: A free web browser made by the Microsoft Corporation.

Microsoft Messenger: An instant-messaging program designed by the Microsoft Corporation.

Product keys: A unique set of numbers and letters that is attached to every copy of certain products that is required during installation to limit widespread piracy.

Microsoft Update: A method used by Microsoft to keep their products up to date with patches as they are needed.

Patches: Programs that remedy security gaps as they are found which can be downloaded when you are notified via the internet.

Ports: Different lanes by which different data travels. There are 65,536 different ports, many of witch are normally closed.

Drivers: Software that tells the operating system how to use the hardware for which the driver is made. For example, without a driver for your speakers, your speakers would not work. Many drivers are included with Windows XP and Windows Vista.

FTP: File Transfer Protocol. A type of method used to transfer files over the internet. FTP data goes over Port 21.

Antivirus: Any program designed to delete viruses and spyware programs used by hackers.

Real Time Shield: A feature sometimes used with antivirus programs which alerts you if a virus is running or installing onto your computer. This enables you to stop the virus before it runs.

U3 Drives: A type of USB flash drive that can make a part of the drive look like it is on a CD or a DVD.

CD: A type of disk that has the capacity of about 700 MB.

DVD: A type of disk that has the storage capacity of 4,200 MB

Network: Any computers that are connected to other computers.

Ethernet cable: A cable that connects networking hardware.

ARP Poison Routing: The method of re-routing data between one or more computers or devices in order to intercept the information being transmitted on that network.

APR: See ARP Poison Routing.

Router: A device used to provide the option of connecting computers or devices to each other by providing multiple ports to plug in the ethernet cable(s).

VoIP: Voice over Internet Provider. A type of protocol used to make phone calls to regular telephones over the internet.

Encryption: The method of making a plain-text password or set of data into a format that is not readable.

HTTPS: HyperText Transfer Protocol Secure. A type of web browsing that encrypts all information transferred between the website and you. Almost all banking websites use HTTPS on their websites.

Plaintext: Any data that can normally be read and understood.

Cryptographic Hash Function: A method of encryption used mostly on passwords and for file verification.

Hash: See Cryptographic Hash Function.

DOS Attack: Denial of Service Attack. A type of attack that sends oversized packets of information to the victim.

Server: A computer dedicated to “serving” other computers information, the most popular being web servers.

Packets: Packages of information that are transferred over a network.

WEP: Wired Equivalent Privacy. A type of wireless encryption not as secure as WPA.

WPA: Wifi Protected Access. A type of wireless encryption much better than WEP.

War Driving: The method of cracking a wireless network, normally in a car, in order to steal passwords or lock users out of a network.

Rainbow Tables: A reusable file that can be used to crack an encrypted hash.

File Container: A method used by TrueCrypt to have data hidden inside any type of file which can then be added and removed when the file container is “mounted,” just like any other drive.

  1. No comments yet.
(will not be published)
  1. No trackbacks yet.