Malicious hackers... why do they do it?

pablomakaveli wrote: »

It's to compensate for the fact they are virgins with a tiny penis.

what if they're a woman...they've got a tiny vag, the width of a 2c coin? :eek:

Dazd_N_Confusd wrote: »

For ****s and giggles?

I guess ****ing someone over on the internet isn't as 'bad' as doing it in real life?

The internet is real life. A lot of companies use the internet to survive. A lot of people use the internet on a daily basis for news, taking to family, taking to co-workers and helping them with everything else in their lives.

The internet is not just porn, social websites and games.

RoyalMarineComm wrote: »

The internet is real life. A lot of companies use the internet to survive. A lot of people use the internet on a daily basis for news, taking to family, taking to co-workers and helping them with everything else in their lives.

The internet is not just porn, social websites and games.

Yeah, it's also about illegally downloading huge amounts of music and robbing hard working musicians of their income. I blame Rapidshare!

Dazd_N_Confusd wrote: »

Yeah, it's also about illegally downloading huge amounts of music and robbing hard working musicians of their income. I blame Rapidshare!

why blame a company when its the uploader's who are the one's sharing the files.

rapidshare terms and conditions wrote:

II. Upload Regulations

(1) Basically, users may save any file at RapidShare irrespective of the file format or of the file contents. Excluded, however, are files the possession and/or circulation of which is illegal, such as

* - child pornography content,
* - works the download of which violates third party copyrights;
* - racist or violence-glorifying works,
* - instructions to criminal offences against public peace.

This list is not conclusive.

(2) RapidShare will block access to such contents immediately after obtaining knowledge thereof and will delete them after an examination phase of 14 days. Furthermore, it will delete files which are identical to previously deleted files.

(3) With regard to users who violate these upload regulations, RapidShare is entitled to terminate the contractual relationship without notice , to block the access of the respective users to its services and/or to delete accounts of such users including all contents.

And they do actively delete files!

From Cisco.com. And if you really want to know you will read this;

The Increasing Threat to Security

Over the years, network attack tools and methods have evolved. As shown in the figure, in 1985 an attacker had to have sophisticated computer, programming, and networking knowledge to make use of rudimentary tools and basic attacks. As time went on, and attackers' methods and tools improved, attackers no longer required the same level of sophisticated knowledge. This has effectively lowered the entry-level requirements for attackers. People who previously would not have participated in computer crime are now able to do so.

As the types of threats, attacks, and exploits have evolved, various terms have been coined to describe the individuals involved. Some of the most common terms are as follows:

White hat-An individual who looks for vulnerabilities in systems or networks and then reports these vulnerabilities to the owners of the system so that they can be fixed. They are ethically opposed to the abuse of computer systems. A white hat generally focuses on securing IT systems, whereas a black hat (the opposite) would like to break into them.
Hacker-A general term that has historically been used to describe a computer programming expert. More recently, this term is often used in a negative way to describe an individual that attempts to gain unauthorized access to network resources with malicious intent.
Black hat-Another term for individuals who use their knowledge of computer systems to break into systems or networks that they are not authorized to use, usually for personal or financial gain. A cracker is an example of a black hat.
Cracker-A more accurate term to describe someone who tries to gain unauthorized access to network resources with malicious intent.
Phreaker-An individual who manipulates the phone network to cause it to perform a function that is not allowed. A common goal of phreaking is breaking into the phone network, usually through a payphone, to make free long distance calls.
Spammer-An individual who sends large quantities of unsolicited e-mail messages. Spammers often use viruses to take control of home computers and use them to send out their bulk messages.
Phisher-Uses e-mail or other means to trick others into providing sensitive information, such as credit card numbers or passwords. A phisher masquerades as a trusted party that would have a legitimate need for the sensitive information.


Think Like a Attacker

The attacker's goal is to compromise a network target or an application running within a network. Many attackers use this seven-step process to gain information and state an attack.

Step 1. Perform footprint analysis (reconnaissance). A company webpage can lead to information, such as the IP addresses of servers. From there, an attacker can build a picture of the security profile or "footprint" of the company.

Step 2. Enumerate information. An attacker can expand on the footprint by monitoring network traffic with a packet sniffer such as Wireshark, finding information such as version numbers of FTP servers and mail servers. A cross-reference with vulnerability databases exposes the applications of the company to potential exploits.

Step 3. Manipulate users to gain access. Sometimes employees choose passwords that are easily crackable. In other instances, employees can be duped by talented attackers into giving up sensitive access-related information.

Step 4. Escalate privileges. After attackers gain basic access, they use their skills to increase their network privileges.

Step 5. Gather additional passwords and secrets. With improved access privileges, attackers use their talents to gain access to well-guarded, sensitive information.

Step 6. Install backdoors. Backdoors provide the attacker with a way to enter the system without being detected. The most common backdoor is an open listening TCP or UDP port.

Step 7. Leverage the compromised system. After a system is compromised, an attacker uses it to stage attacks on other hosts in the network.


Threats to Networks

Earlier in this chapter the common computer crimes that have implications for network security were listed. These crimes can be grouped into four primary classes of threats to networks:

Unstructured Threats

Unstructured threats consist of mostly inexperienced individuals using easily available hacking tools, such as shell scripts and password crackers. Even unstructured threats that are only executed with the intent of testing an attacker's skills can do serious damage to a network. For example, if a company website is hacked, the reputation of the company may be damaged. Even if the website is separated from the private information that sits behind a protective firewall, the public does not know that. What the public perceives is that the site might not be a safe environment to conduct business.

Structured Threats

Structured threats come from individuals or groups that are more highly motivated and technically competent. These people know system vulnerabilities and use sophisticated hacking techniques to penetrate unsuspecting businesses. They break into business and government computers to commit fraud, destroy or alter records, or simply to create havoc. These groups are often involved with the major fraud and theft cases reported to law enforcement agencies. Their hacking is so complex and sophisticated that only specially trained investigators understand what is happening.

In 1995, Kevin Mitnick was convicted of accessing interstate computers in the United States for criminal purposes. He broke into the California Department of Motor Vehicles database, routinely took control of New York and California telephone switching hubs, and stole credit card numbers. He inspired the 1983 movie "War Games."

External Threats

External threats can arise from individuals or organizations working outside of a company who do not have authorized access to the computer systems or network. They work their way into a network mainly from the Internet or dialup access servers. External threats can vary in severity depending on the expertise of the attacker-either amateurish (unstructured) or expert (structured).

Internal Threats

Internal threats occur when someone has authorized access to the network with either an account or physical access. Just as for external threats, the severity of an internal threat depends on the expertise of the attacker.

Just too add, before any hacking/attacking takes place. Social engineering is high on the list, and is down on Cisco.com as the number one cause of most hacks, a simple telephone call.