Friday Oct 22, 2021

Hacking methods and protection

Protecting your computer against hacking is different from protecting it against viruses that you accidentally or unknowingly invite onto your computer and then cause damage in one way or another. Anti-hack is all about protecting your computer from outside entities deliberately trying to enter your computer to cause harm and steal from you, or cause harm. Viruses are impersonal and hacking is personal.

Anti-Hack software is already on sale in addition to antivirus software. These products protect you in a way that antivirus software does not. Here are some examples.

DoS (denial of service) attacks:

DoS attacks occur when too much traffic is directed to your company’s website at one time. The web server essentially ‘chokes’ on the amount of traffic trying to get into its network hardware. Attack scripts are easily downloadable and you don’t need to be an experienced engineer to launch an attack. Annoying customers looking for some kind of revenge or disruption, competitors disrupting your site, or these days, as in the recent big hospital attacks, the trend is to hold your website hostage until a ransom is paid or some is satisfied. demand. “Ransomeware” is a relatively new term, but it is gaining a lot of visibility in recent times.

SNMP (Simple Network Management Protocol) attacks:

Akamai’s Prolexic Security Engineering and Response Team (PLXsert) recently issued a threat warning for DDoS (Distributed Denial of Service) attacks that abuse the Simple Network Management Protocol (SNMP) interface. PLXsert SNMP DDoS attack campaigns target various industries, including consumer products, games, hosting, nonprofits, and software as a service, primarily in the US (49.9%) and China (18, 49%). The attackers used an online tool published by the hacker group ‘Team Poison’. This latest wave of attacks targets devices running SNMP that by default are open to the public Internet unless that feature is manually disabled. Anti-piracy software is now being created that helps prevent SNMP attacks like this by preventing the attacker from forcing the network switch to secondary gateways.

SYN / AWK attacks:

This is a bit complex, but basically, a SYN flood attack is similar to a denial of service attack in that a request is made to the web server that freezes its resources and makes it unavailable for other connections. When a computer or a web browser tries to connect to a website, it uses what is called a 3-way handshake to establish the connection between the two computers. In a SYN / AWK Flood attack, the computer offers its hand (one-way), the server reaches out to receive it (two-way), but the offered hand quickly retreats. The server waits for the hand to return until it runs out and then the cycle repeats millions of times. The 3-way handshake is never established and all other connections are rejected while this is happening.

USB Autorun Attacks:

By default, Windows runs any executable, program, or script on a USB drive the moment it is inserted into any computer or laptop. This means that anyone * with unauthorized code, such as a virus or a keylogger or a backdoor program, all of which can be easily downloaded, can walk past any computer in your building, insert the USB drive during a second or two and take control of your entire business without you knowing. Antivirus software knows this and will try to block known vulnerabilities, but what about the unknown ones that were created this morning?

* I want them to think locally here too. Friends could do it, his wife could do it, his children could do it, the babysitter, his priest, etc.

Remote connections:

Here’s a proof; Right-click on My Computer and select the Remote tab or, in Windows 8, right-click on This Computer and click on the ‘Remote Settings’ link on the left side of the System panel that opened. Is “Allow remote assistance connections to this computer” checked? Click the Advanced button and you will see how far you go and how easy it is for your computer to allow others to connect to it. In fact, you can allow others to take full control of your system.

This was designed for a help desk in a large corporation to connect quickly and easily without much authentication hassle. The average home, school and SOHO system is obviously not in a corporate help desk, so closing these interoperability ‘features’ will help protect your system from outside intrusions. If you ever need them again, you can explicitly re-enable them. But we don’t think they should be enabled by default. Neither does the NIST, the USAF, the DoHS or even the NSA. Check the current settings on your computer, then update if necessary, I bet you will find that this setting is turned on, allowing remote control to outsiders.

Microsoft program inventory:

In Windows 7, Microsoft quietly introduced a feature they call “Program Inventory.” A direct quote from Microsoft reads: “The PDU takes an inventory of system files and programs and sends information about those files to Microsoft.” It not only constantly sends information about every program installed on your machine, but also information about every file that a program can open. Read that quote again: Microsoft ‘takes an inventory of all the programs and files on your system’ and they admit it somewhere buried deep in the guts of the operating system.

But they didn’t tell you before implementing it. You’d be surprised what they’re doing with Windows 8 and especially the new free upgrade to Windows 10. How the heck could you have a sustainable business model by giving away your flagship product unless there was a massive reward for doing so? Your information is most likely that reward. Look for this window in your system settings to disable the feature if you want to protect the privacy of your information.

Conclution

While no system can be completely 100% secure in today’s changing cyber threat landscape, there is absolutely no reason to help intruders. The easy-to-connect and interoperability features and settings need to be turned off by the dozen. The goal is to make it more difficult for intruders, much more difficult, instead of still having operating systems with hundreds of doors, windows and ladders open in private areas waiting to be exploited.

Windows 10 is particularly vulnerable, and there are many settings that you should consider disabling to further protect yourself, so be sure to learn more about this; There are many video guides for doing this available on YouTube today.

In short, there is a definite reason why piracy is increasing globally. People have realized how easy it is now to control their computer, and they are doing it.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top