With the rapid development of Internet hacking technology, the security of the online world is constantly challenged. It is too easy for hackers to break into the computers of most people. If you want to access the Internet, you will inevitably encounter hackers. Therefore, you must know yourself and yourself to stay secure on the Internet. What are the common attack methods used by hackers?
1. Get the password
There are three methods for this method: one is the default logon interface (ShellScripts) attack method. Start an executable program on the attacked host, which displays a forged logon interface. After a user enters the login information (username, password, etc.) on this disguised interface, the program transmits the information entered by the user to the attacker's host, then close the interface and prompt "system fault", asking the user to log on again. After that, the real logon interface will appear. Second, illegal access to user passwords through network listening. This method has some limitations, but it is extremely harmful. Listeners often obtain all user accounts and passwords in their network segments, it poses a huge threat to LAN security. Third, attackers can use some special software to forcibly Crack user passwords after knowing the user's account (such as the part before the email "@"). This method is not subject to CIDR Block restrictions, however, hackers must have enough patience and time. Especially for users with extremely low password security, they can crack the password in just one or two minutes or even dozens of seconds.
Ii. Email attacks
This method generally uses E-mailBomb, which is a common attack method for hackers. It refers to sending thousands or even infinite numbers of malicious emails with the same content to the same mailbox using forged IP addresses and email addresses, which can also be called large-capacity spam. Because each person's mailbox is limited, when a large number of mail spam arrive at the mailbox, it will be crowded with mailboxes and normal mail will be washed away. At the same time, because it occupies a large amount of network resources, it often causes network congestion, so that users cannot work normally, serious cases may bring danger or even paralysis to the email server operating system.
Iii. Trojan Horse attack
Trojan Horse is a common attack technique. By hiding a program that runs when Windows is started in your computer system, it uses the server/client running mode to control your computer when surfing the Internet. Hackers use it to steal your password, browse your drive, modify your files, log on to the registry, and so on. For example, the widely spread Ice Horse Trojan, many of the most popular viruses are also hackers, for example, "Nimda", "cover letter", "red code", and "red code II", which have a wide impact. Attackers can pretend to be System Administrators (the email address is the same as the system administrator) and send these items to you by email. For example, network administrators of certain organizations regularly send firewall upgrade programs to users free of charge. These programs are mostly executable programs, which provides hackers with an opportunity, many users may lose important information without knowing it.
Iv. Lure Method
Hackers write programs that look "legal" and upload them to some FTP sites or provide them to some personal webpages to induce users to download them. When a user downloads the software, the hacker's software is downloaded to the user's machine. The software tracks users' computer operations. It quietly records each password entered by the user and sends it to the Internet mailbox specified by the hacker. For example, an email is sent to a user, which is called "determining the needs of our users" for investigation. The amount of hours that a user can use for free in return for filling out the form. However, the program actually collects user passwords and sends them to a remote "hacker ".
5. Search for System Vulnerabilities
Many systems have such security vulnerabilities (Bugs), some of which are inherent in the operating system or application software, such as the Sendmail vulnerability, the shared directory password verification vulnerability and IE5 vulnerability in Windows 98 are usually difficult to defend against hacker damage before the patch is developed, unless you do not access the internet. In addition, some programmers generally adopt Modular programming ideas when designing programs with complex functions. The whole project is divided into multiple functional modules for design and debugging respectively, the backdoor is the secret entry of a module. In the program development stage, backdoors are easy to test, change, and enhance module functions. Under normal circumstances, after the design is completed, the backdoors of each module need to be removed, but sometimes due to negligence or other reasons (such as leaving it in the program for future access, testing or maintenance) the backdoors are not removed. Some people with ulterior motives will use specialized scanning tools to discover and use these backdoors, and then enter the system and launch attacks.
Now, you should know some of the usual attack methods of hackers, right? When we have some knowledge about these behaviors of hackers, we can "know ourselves, and fight for nothing", so as to effectively prevent them from happening before they happen. The openness of the network determines its complexity and diversity. With the continuous advancement of technology, a variety of brilliant hackers will continue to emerge. At the same time, they will also use more advanced means. We only need to constantly improve our personal security awareness and add necessary protection measures to cut off hacker black hands. We believe that through everyone's efforts, the hacker's stage will become smaller and smaller, and individual users can rest assured to surf the Internet, and we are still in a peaceful sky.