|
* EXPLOITING *
The act of exploiting a network is actually way too simple in most cases. Most networks are comprised of too many insecure hosts. Lets take any college for example, educational institutions are ripe with exploitable hosts.
www.exploited.edu case study
- The hacker will first find out the netblock or blocks that the institution owns, this is easily done by going to www.arin.net and entering one of the school’s IP addresses.
- After a specific range of IP addresses is found, the attacker will most likely scan the netblock for a number of different vulnerabilities. (using nmap, or some script made to automatically exploit the hosts with vulnerabilities)
- The attacker will gather evidence on what machines have what ports open, what machines are running what OS, and what machines are running what version of some specific type of software (ftp, httpd, telnet, ssh, etc.)
- At this point the attacker knows what hosts are vulnerable and what hosts are not, and can concentrate on the vulnerable hosts by exploiting their security weaknesses.
- After gaining access on numerous machines, the attacker will install backdoors and trojans so that he may regain access easily, and will most likely get rid of the logs and fix the system so it does not log any of his activity. The attacker may also patch the system so that other attackers cannot take control of the system that he just gained.
- The attacker may use the machine for any number of purposes, either Ddos attacks, more hacking, etc.
|
