Terms 12 Definitions and Questions

advertisement
Terms 12
Definitions and Questions
Hacker
Hacker is a term used to describe different types of computer
experts. The meaning of the term, when used in a computer context,
has changed somewhat over the decades since it first came into
use, as it has been given additional and clashing meanings by new
users of the word.
Currently, "hacker" is used in two main ways, one complimentary
and one negative. It can be used in the computing community to
describe a particularly brilliant programmer or technical expert (for
example: "Linus Torvalds, the creator of Linux, is a genius hacker.").
In popular usage and in the media, however, it generally describes
computer intruders or criminals.
A possible middle ground position observes that "hacking" describes
a collection of skills, and that these skills are utilized by hackers of
both descriptions, though for differing reasons. The companion
situation which illustrates this is the skills involved in locksmithing,
specifically picking locks, which is a skill which can be used for good
or evil.
Cracker
A cracker is someone who breaks into someone
else's computer system, often on a network;
bypasses passwords or licenses in computer
programs; or in other ways intentionally
breaches computer security.
A cracker can be doing this for profit, maliciously,
for some altruistic purpose or cause, or because
the challenge is there.
Some breaking-and-entering has been done
ostensibly to point out weaknesses in a site's
security system.
Hacker / Cracker Q/A
Q: What is l33t speak?
A: Pronounced “leet speak”, from “elite”. A
system of spellings of English words or phrases
using numbers and symbols to replace common
letters and featuring deliberate misspellings.
Supposedly the “language of hackers”, in reality
it’s used more seriously by the “script kiddie”
crowd, although it is commonly used jokingly by
experienced Internet users.
http://www.bbc.co.uk/dna/h2g2/A787917
l33t
Some common l33t words/phrases:




0wn3d – beaten in a humiliating fashion, compromised
h4x0r - hacker, can be used for a real hacker or simply a very
skillful person.
l4m3r - Lamer, someone who is lame, someone who uses an
unfair tactic or generally makes the things around him or her less
fun.
n00b - Short for noobie, misspelling of newbie; someone who is
new to something, or just not very good at it.
L33t was brought into the height of its popularity by the
webcomic “Megatokyo”, with the following early strip:
l33t
Hactivism
Formed by combining “hack” with “activism,”
hacktivism is the act of hacking into a Web site
or computer system in order to communicate a
politically or socially motivated message.
Unlike a malicious hacker, who may disrupt a
system for financial gain or out of a desire to
cause harm, the hacktivist performs the same
kinds of disruptive actions (such as a DoS
attack) in order to draw attention to a cause.
For the hacktivist, it is an Internet-enabled way
to practice civil disobedience and protest.
Hactivism Q/A
Q: Give me 1 pro and 1 con to hactivism,
in terms of the person doing it.
A:


Pro: Their message is seen by all the people
who would normally use a resource (it’s down
in the case of DoS, a web page is defaced,
etc.)
Con: Hactivism is illegal. In addition to
potentially getting you arrested, it links your
cause to criminal actions and vandalism,
which can have negative PR.
White Hats
The term is derived from American western
movies, where the good cowboy always wore
the white cowboy hat and the bad cowboy
always wore a black one.
"White Hat" usually refers to hackers who don't
break the law, commit any offense or engage in
any malicious activity as part of their hacking.
The term is now commonly used by security
consultants who offer hacking/penetration
testing as part of their services.
When they find a hole in the system they alert
the operators so they can fix it.
Black Hats
A malicious or criminal hacker. This term is
seldom used outside of the security
industry and by some modern
programmers. The general public use the
term hacker to refer to the same thing.
“Black hat” hackers steal information, plant
viruses, and wreak havoc.
Grey Hats
"Grey Hat" is the term often given to hackers whose actions are not
malicious but whose hacking methods may cross legal or ethical
lines. It's also used to categorize hackers who may at one stage
have broken the law in their hacking activities, but who have since
come across to the more ethical white side.
“Gray Hat” describes a cracker who exploits a security weakness in
a computer system or product in order to bring the weakness to the
attention of the owners. Unlike a black hat, a gray hat acts without
malicious intent. The goal of a gray hat is to improve system and
network security.
However, by publicizing a vulnerability, the gray hat may give other
crackers the opportunity to exploit it. This differs from the white hat
who alerts system owners and vendors of a vulnerability without
actually exploiting it in public.
“Grey Hat” Hackers don’t commit crimes but may give information to
Black Hat Hackers who will.
Hat colors Q / A
Q: Why (as a grey hat) post flaws publicly?
A: Many times, white hats say that when
they notify a company privately of a
security flaw, the company ignores them or
attempts to silence them. By posting the
flaw publicly, the company is forced to take
action to correct the flaw, lest it leave a
known security hole in place.
Script Kiddies
In computing, a script kiddie (occasionally script bunny, script kitty or
skiddie) is a derogatory term for inexperienced crackers who use
scripts and programs developed by others, without knowing what
they are or how they work, for the purpose of compromising
computer accounts and files, and for launching attacks on whole
computer systems (see DoS).
In general, they do not have the ability to write these kinds of
programs on their own. Such programs have included WinNuke
applications, Back Orifice, and Sub7.Script kiddies, instead of
attacking an individual system, often scan thousands of computers
looking for vulnerable targets before initiating an attack. This is
similar to wardialing and wardriving in which the attacker isn't
looking at one specific system, but instead anything that is open and
looks interesting. The term is also often used as a derogatory
moniker for individuals who do not contribute to the development of
new security-related programs, especially exploits, but rather benefit
from the work of others.
Sys Admin
The term system administrator, abbreviated
sysadmin, designates an employment position of
those people responsible for running technically
enchanced information systems or some aspect
of them. They often deal with the setup and
maintenance of computers and networks.
System Administators also work on more than
just computers, such as the interaction between
humans and technology, and the enhancement
of business process's through technology.
Download