I was on surfing the internet looking for songs that I can download for free since my mom banned me from using Kazaa, a software program used to share music and files over the internet. After about an hour of searching with “Google”, I came across a site that looked like it was the real deal. It was titled “Warez”, so I clicked the link and it took me to a website that had even more links to tons of other websites. Each link had a specific type of music genre on them. I decided I wanted to download some Techno music, so I clicked the link, and it opened up a new window. This new window had the address of www.iwantsearch.com. I advise you, the reader, to never go to this site. It was a trick website that immediately downloaded adware, spyware, malware, and free links to win big cash now! In case you don’t know, these are basically just ads like the kind on TV, only these slow down your computer and get annoying fast.
Without delay, I ran a spyware remover program called “SpyBot – Search and Destroy”. The program immediately found hundreds of brand new spyware that had just been downloaded without my consent. I ran the program to delete all the adware, but my computer crashed because there was too much adware installed. After I restarted my computer, the program ran automatically, knowing that it accidentally crashed before. It deleted most of the files, but I had to delete some of the other files on my own.
I was so jaded, I couldn’t take it. My evil side got the better of me, and told me to hack the place that gave me the adware. I ran a CD I bought that had some hacking programs on it, and I began to work at hacking and destroying the website and its server. The end of this story comes later, but now this whole thing leads to a few questions: Why do hackers do what they do? And: How can hackers affect the world of computers? And an even scarier question like: Could hackers gain control of our government’s systems?
People don’t know that hackers are actually the good guys. They are on the side of justice and peace. All the things about hackers getting into the government’s computers, creating and releasing viruses, destroying websites and so on, are just media hype! The media should really be referring to the people who do such damage, as “Crackers”. This was the original name used for the bad hackers. To put it simply, Hackers were and still are, the good guys; they help keep internet security in its place. But there are many more names for hackers who hack different things: Phreaker – Phone hacker, Programmers – people who write programs, Coders- people who write code for programs, and many more.
Some of the first hackers in history were nascent hackers, maybe even Phreakers. The brand-new Bell Telephone, just practical jokers, teenage boys hired to run the switchboards that had an unfortunate predilection for disconnecting and misdirecting calls. Now you know why the first transcontinental communications network hired female operators. (http://TLC.discovery.com)
Thats just all about Phreakers though and some history on the first hackers. This day in age, hackers have to keep up with the technology advances as do the crackers. The good news is that they are always at least one step ahead of the Crackers. Another thing I should mention is this: the original term of hacking came along decades ago. It was a technical term explained thusly: To hack into something is to manipulate it in a way that was not meant to be. The term Crackers came from people trying to crack passwords and codes to get into restricted areas. As you now are probably aware of, Crackers are the bad guys: they try to get into your computer system, release viruses, and try to hack things for the malicious purposes of destroying them. And yes, it is true that people often mistake crackers for hackers.
Crackers have been around for decades as well as hackers. The official definition of Crackers can be defined as, “Someone who trys to gain unauthorized access to a computer, either for fun or malicious or fraudulent purposes.” (www.thocp.net). This answers our first question about why a “hacker”, now called a Cracker, does what he does. Crackers either want to just have fun, are curious, want get back at someone, or just do damage to someplace on the net. The second earliest recorded history of hackers is in 1960, when the MIT technologies institute became a breeding ground for hackers. They were programmers who just learned about all this new technology and knew it was going to be big.
Referring back to the hackers always being a step ahead of crackers is this motto: A hacker’s job is never done. “Hacking used to be considered almost identical to the Protestant Ethic” – The Hacker Ethic pg. 8. A hacker’s job is to look for loopholes, or exploits in all types of things: programs, software, networks, and many other things. It is also to protect against viruses, worms (mainly like an e-mail virus), Trojans (named after the Trojans that took over Troy, these can sneak into your computer without you knowing), and even worse: Nukes (One of these being set off on your computer and it is like a digital nuclear bomb going off).
As Hubert H. Humphrey said from Steal This Computer Book 3, “Freedom is the most contagious virus known to man.”(73). Although freedom is a virus I am willing to fight for, one specific type of virus is less wanted by Americans: computer viruses. Many people don’t know what they are and how they can affect the performance of a computer. They are bad but not malicious, unless it was programmed to do something like slow down you computer or other damage to make you lose data that you need. Trojans however, can be terrible. They can give someone else control of your computer so they could delete important files, steal information, and the most amusing thing I’ve heard of so far, opening and closing your CD drive. As you sit there and watch your CD drive opening and closing, you just have to laugh. Although Trojans are not nearly as funny as this next thing sounds. It could also slow down your memory, delete some files slowly, or just be there on your computer shutting it down just because it feels like it. On a scale of one to ten, Trojans are at a level 8 meaning it’s a real pain to take off your system, but it may, notice I said may, not do harmful damage. Nukes, however, are by far, the worst. Nukes work as a program that can literally fry a hard drive. When you run it, it overloads the hard drive with data. After the program has completed its task, you can see a small sizzle of smoke come out of your computer and that means your computer will never turn on again. Yes literally, a small little smoke cloud will bellow out from your case.
Luckily for us all, there are people out there fighting against such travesties. Virus hunters, Microsoft employed trackers, and others are scanning viruses and searching for the creator’s everyday. They are called reverse engineers, who are people who disassemble a program and look for weaknesses and the produce an update to fix that weakness to prevent viruses and threats. “It’s just persistence and curiosity,” Carrera said (Contra Costa Times). When a new virus is released by email or over the internet, the virus hunters try to track down where it came from while at the same time companies, such as Symantec, are searching for a cure fast.
Companies are hiring hackers all the time to test the security of their networks. These tests are called PT’s or Penetration Tests. “A penetration test has the most sizzle, since everybody’s heard of it and ‘knows’ that a penetration test is what the pros use to make sure a system is secure.” (http://searchsecurity.techtarget.com) Hackers, mainly from the inside of the company, see if they can break through the firewall and be able to harm computers or steal their data. Big companies, including IBM, Chiron, and Microsoft hire professional hackers to try to attack their security systems to try to gain access to the network, without actually doing any damage. A network is a string of numerous computers all linked together under the administrator account, or your boss’s account. The companies pay for the services of the hackers so they can remain safe from viruses, Trojans, nukes, or any other type of malicious software used to try to get classified information.
When a hacker is hired, he needs to have the correct tools to help him. There are many tools out their to aid hackers in their journey to crack into the company’s network. Although hackers can download these tools for free, it might just be easier to create their own. If they were trying to gain access to the administrator’s account, they could just send a Sniffer virus on the network. A Sniffer virus works like a silent recorder, recording all passwords and users that login. Or a hacker could just try to break into the network itself using a Brute-Forcer. A Brute-Forcer program acts like an attack dictionary, using all possible letters and characters to find a name (such as the administrator) and try’s all possible combinations as passwords to match the user name. When completed, it gives you a user name that you can login with and its password. But you have to bear in mind that these are just basic ways of how a hacker can get in. There are a lot more complex ways to get in.
However, not all companies hook up their computers to the internet. Corporations like Bungie, owned by Microsoft, try to keep off the internet for fear of being attacked and having data stolen or deleted. “Microsoft swore off Bungie to keep their computers off the internet as much as possible when they make all their games” said Stephanie Miller, daughter of employee at Microsoft. When Bungie was making the popular game Halo 2, Crackers were already trying to find ways into Bungie’s system to try to steal some sneak previews of it, and trying to get the game for free. At the release of the admirable video game, Microsoft and Bungie had realized that they had failed to keep themselves from being hacked. Somehow, somebody somewhere got a copy of the video game before its release and sold it over the internet after making tons of copies. No one was sure how this had happened, but Microsoft suspects the French did it, because of the French translation in the game. “Microsoft has pledged to ‘aggressively pursue’ whoever leaked Halo 2, the eagerly awaited sequel to the Xbox hit, onto the net.” (www.theregister.co.uk) Microsoft didn’t take this kindly and threatened to all who had downloaded or bought the game early, to sue them for more than $100,000. Also, Microsoft made a promise to track down all who had downloaded the game. This was quite a shock for me so whenever I saw the game available as a free download online, I just clicked away from it. If a company hires a hacker, they can test to make sure their program is secure from crackers. But not all companies have the budget to do so.
This shows how malicious Crackers can be. A Cracker is nothing more than a delinquent who has nothing better to do with his time. Crackers spend their time trying to hack web pages, cipher code, encryptions, and creating malicious software like viruses and Trojans. I went to a friend of mine to see what he had to say about crackers: “I think their just some kids from Taiwan or someplace in China playing around on the internet, seeing if they can actually hack into someone’s computer; they don’t mean much harm I think.” Said Pete Cull, cracker Victim. Russell has told me about a time where he has actually gotten a Trojan from someplace and it took him days to get rid of it. Just like him, most people don’t know what to do after they have gotten a Trojan or virus, so they assume it’s nothing, and leave it alone. Just like another victim said, “I got random messages saying that I should have sent HIM (name and items stricken from record) like he wanted! Then files started to be deleted right in front of me, and I couldn’t do anything about itÃ¢Â?Â¦” stated Jenny Mek, cracker Victim.
Crackers today aren’t as bad as they used to be. This is probably because of all the new Norton Internet security, and Microsoft always releasing new security patches every month. The reason I mention this is because part of my project was to try to protect my computer as much as possible from viruses and crackers. In doing this I found the best software to own or go out and get is Norton Internet Security Suite 2005. “McAfee is ok, but it still lets some things through that Norton doesn’t. My suggestion, buy Norton over McAfee” suggested Miller. Crackers used to have an advantage of getting around such meek firewalls, but today, the Cracker thing to do is to crack regular programs so you won’t need to pay money for them.
That brings me to mention about the money involved in all this. It costs a fairly descent amount of money to pay for a hacker. A hacker needs to have a good paycheck to be able to purchase the necessary tools for a job. A hacker has many tools as I have mentioned before, and I would like to explain some of these tools that you yourself can download later and try to hack in your own computer. If you can, that means you’re vulnerable. Some of the simplest of tools consist of the following: Who Is, Port Scanner, and Flooders. Flooders are only a suggestion by me seeing as how I don’t want you to destroy your computer just by trying something.
A Who Is program does basically what it’s called. It “Who Is(es)”, or finds out “who is” a web address, or an IP address to find the location of the person or place. When the program runs, you can see it trace many places, or the networks that connect to each other. Then after a while, you get a location of a host domain that may be an internet provider’s IP, or your own. Then you can use the Port Scan program. It’s used to search and find an open port, or “door”, into another computer through the internet. I can give an example of how to use these programs and more in my story. When I was attacking the web server earlier, I “Who Is(ed)” the website and got its IP address. Then I did a port scan to find an open door. This meant that the program looked up the IP address and tried all its doors to tell me which door I can try to open. When it came up with an open door, or port 21, 80, and 1214, I ran the CD I had. I opened up the flooder program and prepared to launch 2000 messages to the website to overflow it and crash it for good. A flooder program is one that I recommend trying to run on your own computer, but before you run it, make sure you set the messages to be sent to one so you don’t actually crash your computer. Even though one message won’t harm your computer (most likely), it would if you sent multiple messages. An example of that is when I flooded the server with the 2000 messages.
Now the messages are just random words and sentences that can be insulting, or just funny. Plus there is the amiability that you can change the message to what ever you want it to say. When I was putting in the IP address to be flooded and the Port to have the messages pushed through, I changed the message to say, “Shut down this crappy site before I report you!” I carried out the flood attack by pressing the send button, and immediately, a little window popped up on my computer telling me how many out of 2000 messages have been sent. After about a minute, there had been over 600 messages sent and it was starting to slow down a lot because the server that was receiving the messages couldn’t handle that many at one time. I disconnected after it had finished sending the last message. Then for the purpose of not getting caught, I unplugged my computer’s Ethernet cable (the thing that keeps me connected to the internet). I shut down my computer for a while too, wondering if they could trace me. That is the story about how I hacked a website and crashed the server.
Although this might seem very easy, it doesn’t work just as easily anymore and it also leads to the answer of my last question: Could hackers gain control of our government’s systems? “No! That is impossible because the military no longer connects to the internet!” says my mentor, Schwingle. Also to answer the question of: how have hackers affected the world of computers, it all comes down to this: Hackers have improved the way we use our computers, our privacy, and also protection. If I had properly addressed the question though, as to say cracker in the place of hacker, then the following should answer it from my research. Crackers have affected the world entirely. With out them, people wouldn’t be so worried about their new expensive computers crashing and burning the second they plug into the net.
In Conclusion, I have to say that I learned a lot more about hacking and about myself in how much knowledge I am able to obtain in such a short amount of time. I didn’t expect to learn so much, and that there was a wealth of knowledge just waiting to be attained. I realize also that I should have properly stated my questions where I mentioned “What have hackers done” when I should have replaced hackers with crackers. It was a very fun thing to research and it wasn’t that hard to learn. In my eyes, anyone can become a hacker for the better.
Some people may be baffled when I say that almost anyone can become a hacker if they just try and get to know a few basic tools. But it’s rather easy, with just a little time and maybe some help from a friend, you can make sure that your home computer is safe from attacks. All you need is a little bit of time, patience, and a whole lot of social engineering.
NOTE: This paper is intended for research and educational use only! It is intended for casual computer users to help better understand software and computer electronic security. Under no circumstance do I offer any support for what is said in this paper! Please contact your local law enforcement officials, Software Licensing & Internet Providers if you are unsure about using any utility I may have suggested you use that you don’t understand! I am not responsible or liable for any damages resulting from the use of this information! I also deny having destroyed the web server. All names have been changed to ensure privacy.