Hacking FAQ's

I started this FAQ page because there have been more than a few eMails and posts about hacking. As with the rest of this site the opinions and errors are my own making, so if ya find an error or typo let me know so I can correct it.

F.Y.I. This page was last modified on Monday, 01-May-2006 16:28:43 UTC

 What is hacking, and what is a hacker?
 What is a cracker?
 What is a script kiddy?
 What skill set do you need to be a hacker?
 What kind of computer do you use?
 What's the best way to learn how to hack?
 How do you secure a computer, a network, etc?
 What's up with Linux vs. Windoze?
 Why did I start this page/site?
 What the heck is a port? And why are they important?
 What is a war dialer?
 What up with WiFi?
 Will I help you break into a computer network?


What is hacking, and what is a hacker?

Movies like "War Games" and "The Matrix" have hacking as a major theme and although great entertainment these movies are just that, ENTERTAINMENT!!!! Hacking in the old school techno geek sense, is playing with all kinds of hardware and software to see what makes it work. For example in the process of learning how a computer works, often it is possible to screw up a computer configuration (so that it is unstable and prone to crash, by default Micro$oft Windoze is unstable and prone to crash so in this case ya have to hack a system to make it stable and useable), or access data by using a few simple tricks (i.e. in UNIX the default settings allow users to access everything, so to secure a network with UNIX you have to change the defaults in order to limit a users access).

A hacker is someone who enjoys the challenge of making a computer do something cool, which is contrary to popular stereotypes in the media which depict a hacker as some sort of social misfit who breaks into computers to steal credit card information or deface web sites. If a hacker does explore a network the rules to live by is one "do no harm" and two "don't get caught."

What is a cracker?

A cracker (sometimes called a black hat) is a hacker who turned to the dark side. Often times crackers are immature individual who seek the excitement and notoriety of cracking a system for tagging (i.e. deface a web site) or a cracker is someone motivated by financial gain, (i.e. someone who gets into a computer network to steal credit card information).

What is a script kiddy?

A script kiddy is a wantabe cracker. These individuals lack knowledge of how a computer really works but they use well-known easy-to-find techniques and programs or scripts to break into a computer to steal porn, music files, SPAM, etc.

What skill set do you need to be a hacker?

There is no magic to hacking, but like anything else that is worthwhile it takes dedication, a willingness to learn, and most of all patients.

If you have old hardware, or software, try taking it apart and putting it back together (in the process you will learn how the two interface). I use to play around with old 8088 machines I'd pick up at thrift stores for just such a purpose. Once you have a basic idea of how hardware and software interface, the skill set is transferable to any system such as: CPM, DOS, Windoze, UNIX, a MAC, etc......

The next skill you will need to pick up is basic programming (I suggest C, although you can begin with other languages such as fortran, pascal, basic, etc.). Again you are not interested in the specifics of a language, you are interested in the skill set of learning about, loops, testing for conditions, setting up arrays in memory, etc.

When you have a basic idea of how a computer works and basic programming skills, it becomes easier to understand TCP/IP and PERL, two important skill sets needed if you want to be a "web hacker."

The next step up from web hacking is IT security, and here ya really have to know all sorts of skills cause real money is on the line (i.e. someone is working for a bank, credit card company, etc.). For an IT professional, the crucial things to know are ATM technology, fiber optics, and a firm understanding of layers.

FYI ATM technology has replaced SONET (synchronous optical network) as the banking machine technology that prevents people from breaking into the system and rerouting your financial information, it's the technology used in North America's major backbones.

To get information from one location to another, fiber optics is used because it is more difficult to intercept than consumer technology like WiFi. Having a math or physics background is helpful understanding concepts like DWDM (dense wave division multiplexing). DWDM is an optical technology used to increase bandwidth over existing fiber-optic backbones, and sometimes to make the backbone more secure. It is basically the division of a fiber-optic line into 32, 64 or 128 different channels or wavelengths. Detectors are used for each wavelength within the fiber and therefore are totally separate (and secure) from other wavelengths. This processes of using discrete wavelengths and detectors in effect multiplies the information capacity of a fiber.

Understanding the layers of technology and how they interact is the third critical thing to know for an IT professional. Basically the lower the number the more formal the training...

Layer 1 - Link
(This layer defines the network hardware and device drivers)

Layer 2 - Network
(This layer is used for basic communication, addressing and routing. TCP/IP uses IP and ICMP protocols at the network layer)

Layer 3 - Transport
(Handles communication among programs on a network. TCP and UDP falls within this layer)

Layer 4 - Application
(End-user applications reside at this layer. Commonly used applications include NFS, DNS, arp, rlogin, talk, ftp, ntp and traceroute)

Knowing how to find information and use information is often an overlooked hacker skill (there is lots of information on the web, the problem is finding and making use of the information out there).

If you master these skills and have a sense of maturity, then hacking a computer becomes nothing more than using tricks you pick up over the years.

What kind of computer do you use?

You can use any kind of computer to hack (when ya think about it a computer is just a tool, actually the most important tool ya have in hacking is your mind) but if you are asking what I use, then the answer is a Mac. I use a Mac because the OS is better thought out than the Windoze OS and the Mac has less bloat than Windows. I don't use Linux cause I don't want to fool around with configuring every little item (out of the box the Mac simply works).

With a Mac I have the best of all worlds, if I need to check out a program only available in windows, then I would use "Virtual PC" a windows software emulator. If I need to play around with UNIX, I would just switch to the terminal mode in OS X (the MAC OS is now based on UNIX). One other nice feature about staying Micro$oft free is I do not have to worry about a web based virus like "I love you" that takes advantage of the fact that most users of windoze and office keep the factory default configuration.

The Mac may cost more than a typical Windoze or Linux box, but the difference is something akin driving a Land Cruiser and a Ford F150 in the bush (both vehicles will take you from point A to point B, but the Land Cruiser is a whole lot nicer to drive than a Ford F150).

What's the best way to learn how to hack?

Like the Nike ad campaign said "just do it."

These days it has never been easier to learn how to hack and at the same time never more dangerous.

The good news is, as time goes on computer hardware/software keeps on getting less expensive and the processing power keeps on going up. At the same time there are published books on the subject of hacking, lots of information on the web as well as organized hacker conventions like defcon or toorcon (ya never know what kind of interesting info you could pick up that might be useful at some future date). These are just a few reasons why it easier to learn how to hack now as compared to the past.

Now for the bad news. Hacking networks for the simple pleasure of increasing ones knowledge is frowned upon by politicians and corporate types who don't understand the technology enuf to secure sensitive info. And after 9/11 there is a pretty paranoid mindset with the powers that be, that the whole world is out to get them.

If the world was an ideal place hackers might be looked upon as magicians performing "tricks" with computers, I kind of like this analogy of hackers and magicians cause both groups break into or out of things and fool the masses.

How do you secure a computer, a network, etc?

Learn as much as you can about your own computer, network, etc. When you configure something, keep things as simple as possible and resist feature creep.

You may discover that program interaction can cause a system to crash, for example a compiler may work fine with a certain OS, a memory manager may work fine with a certain OS, but if you combine the compiler and memory manager with a certain OS then you may discover the system may be more unstable.

If you are tasked with securing a system, you may think that crackers are the biggest threat. In reality the biggest threat to a system comes from within (for example if a system is not idiot proofed you may get one user over writing their own files, over writing another users files or maliciously altering data which may be scientific or financial in nature). Other potential problems with authorized users are weak passwords and some kind of computer virus.

To poke around a computer ya might also want to look into forensic software which is used by various law enforcement agencies to get evidence of bad guys (like anything else this topic is a double edge sword, ya want to keep your data secure from the bad guys but if bad guys know how to secure data and cover their trail then it will be more difficult for law enforcement agencies to catch bad guys).

If ya need to build a simple bullet proof web site that won't be hacked, the best choice IMHO is a Mac using a basic OS9 install (the last non UNIX based Mac OS) and WebSTAR. The reason this configuration is hack proof is because there is no there is no command line interface hence no way to pipe data.

The best way to protect your computer is to separating data and software, which is what the people in the know like the NSA do. Essentially the NSA maintains "air gaps" between "red" machines which are dangerous (like those connected to the web), and "green" ones which are safe. No software may go between the color-coded networks.

In any case it is important to always backup everything, and keep a backup of backup (just in case you need to restore data on a system).

What's up with Linux vs. Windoze?

What good is the fastest processor in the world if ya don't have an operating system. All operating system like Linux, Windoze, Mac, Unix, etc., when ya think about it pretty much have the same basic operations, like copy files, save files, etc. The frills come in when ya try to multi-task, when ya try an handle lots of data, etc.

So you're asking what's the big deal with Linux when Bill and his big old marketing firm for the most part succeed in getting the public to use IMHO a piece of shit OS. Well the reason most people stick to windoze is because micro$oft writes applications people use every day (like explorer for browsing, word for doing word processing, excel for spread sheets, power point for presentations, etc.). Furthermore windoze gives people the impression of being a bargain (by that I mean micro$oft throws in all sorts of junk like a media player, games like solitaire, etc.). For the most part Windoze is OK if all ya want to do is run off the shelf software, and it tries to make installing said warez easy to install and use.

The problem with windoze is that you can't scale things up, by that I mean could you imagine keeping California's sale tax records on a PC running windoze, or something even bigger like the IRS dbase and windoze is not stable "Blue Screen of Death," nuf said! Unix and its variant OS's were designed from the ground up to run on main frames, where resources could be scaled up and shared and it is a lot more stable than windoze (when configured properly).

Basically windoze has its roots in the desk top computer, where typical users want ease of use, and Unix has its roots in mainframes where serving information to larges numbers of users with reliable was the basic design goal.

The basic reason a hacker must know Unix, Linux, etc. is because it is the key to understanding how to do interesting tricks like breaking into a web site (among other things). The problem with Unix, Linux, etc. is it is not all that easy to grasp its power, let alone install (because there are literally millions of ways you can configure a system).

If you are running Windoze and want to learn about Linux, try getting partition software so you an duel boot your machine, and install "red hat," "Lindow" (a company started by the dude who also started MP3.com and is trying to make using linux as easy to use as windoze), or ya might even want to check out the NSA which has a version of linux which is optimized for security.

Why did I start this page/site?

I stated this web site because I thought I'd try and cash in on the dot com frenzy and create an over commercialized, bloated and content challenged portal. Well I guess I missed that boat!

Truth be told, this site was started as a way for me to organize some of the cool things I discover on the net and post some of my own junk. To build it I use just two software packages, Photoshop for the graphics and BBedit to write the HTML.

What the heck is a port? And why are they important?

So ya want to find out about ports eh? To check ports ya can use a port scanner which is just a tool that allows you to check what ports are open, it is kind of like going to a random building and turning all the door knobs and pushing up all the windows to see if anyone of them is unlocked.

A port scanner is a legitimate tool when used by web masters or IT administrators to see if a computer is locked down, it other words it can be used like a guard at a building to see if non public areas are secure. Taking the analogy of building security a bit further, lets compare a site or network to a storefront or museum. Port 80 is the basis of the web, it basically is the http:// protocol, sort of like the public area of a storefront or museum.

In a store front or museum there are areas that store owners or museum curators don't want to give the public general access to for obvious reasons, like storage areas, office space, loading docks, etc. Now if ya get what I'm trying to say, then a port scanner can be used to see if it is possible to access non public areas like the loading dock (ports 21, 20 which is FTP or a file transfer service), administrative offices (port 23 which is TELNET and allows remote login), etc.

FYI there are 65536 ports available for use in TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) which are divided into three ranges. The Internet Assigned Numbers Authority (IANA) manages the first range of 1024 ports (0 through 1023). The second range is the Registered Port Numbers which contain ports 1024 through 49151. The Registered Port Numbers can be used by ordinary programs and users (basically these ports are generally used transiently when needed). The third range is the Dynamic or Private Port Numbers which range from 49152 through 65535. These last range can be used by applications and processes initiated by the user (but this is uncommon).

There is lots of stuff you can do once you have access to a non public area of a building or computer, for example if you are in building ya might be able to crawl through an air duct to reach really secure parts of a building (but for the most part the only experience most people have of checking out an air duct to reach a "secretive and secure location" is done vicariously in a Hollywood movie).

When ya have access to a non public part of a computer system that is not yours, ya can do all sort of stuff if you're cleaver enuf, like pipe various parameters into a program to access even more parts of a system, find your way down to the ROOT, so you can monitor everything just like the owner of the system and even erase or alter logs to cover any evidence that you were in the system.

To illustrate an example what exploits are possible, ports 137, 139, and 445 run a piece of software called "windows Management Port" which is ON all the time, but it is only need when Windows sends data to the printer or looks for a machine in or office or home to share files. If you hook up a broadband modem directly to the net, you expose these three ports on your PC to be exploited. To prevent this exploit you can hook up your broadband modem to a router, which then limits worms to only those ports you are going out on (i.e. port 80 which is http:// or normal browser traffic).

What is a war dialer?

War dialers were first popularized when the movie "War Games" came out. To make a long story short, most of them were written in some sort of "basic" language, when 2400 baud was considered high end.

Back in the day ToneLoc short for Tone Locator was the tool of choice to look for carriers (like an ordinary wardialer) and to check out PBXs. Another golden oldie DOS program of the era is BlueBeep an all-purpose phreaking/hacking tool.

What up with WiFi?

802.11 or WiFi is a neat way to network computers, this is because no wires are needed to connect computers. Apple computer was the first major maker of computers to push this concept, and soon after makers of other personal computers followed Apple's lead. Coffee houses (like starbucks), have installed wireless networks because it is another way for them to sucker in customers.

One way to achieve reasonable anonymity surfing the web is to find a free WiFi access point (called a hotspot) that does not require a password or a subscription. Because anyone can access the wireless network without identifying herself or himself first, free hot spots in theory are perfect for terrorists, porn perverts and for individuals who download music (because lawyers from the RIAA would have difficulty tracking down individual users).

One file-distribution system that is trying to conceal even its users IP addresses is the venerable Freenet, which breaks from the traditional mold of peer-to-peer networks by cloaking the identities of both the people distributing copies of a file and those downloading it. Because Freenet is intended to provide a near-uncensorable and encrypted way to communicate, its designers specified that individuals may not even know what files are stored on their hard drives. The downside: Freenet remains more difficult to search and offers less content than do the most popular file-swapping networks.

The major down side of wirless networks is that it is pretty easy to find out what other users are up to since pretty much everthing is sent in the clear.... besides that WEP (first generation WiFi security) can be cracked in 10 minutes.

Will I help you break into a computer network and root a system?

Only if ya have a cute young sister that is willing to give me a blowjob ...... hahahahahaha

Anyway to introduce yourself or post any comments, use the graffiti wall.