Hacker- An incredibly knowledgeable individual that wants to play with technology to
learn
cracker- An individual who maliciously breaks into a system
Script Kiddies - The less knowledgeable hackers. They seek the low hanging fruit. AKA
Ankle Biters.
Hacktivism- Computer attacks to deliver a political message
Ways hackers can make money on malicious code. - sell the code
-spam and web-based advertising
-pump and dump stock schemes
-Phishing
DoS extortion Keystroke loggers Rent out armies of infected systems RAM scrapers
pulling CC numbers on POS terminals
ISR-Evilgrade Tool - Answer A tool to defeat the software automatic update process of
some software. The tool listens for requests for software upgrade and injects malware
as the response. As of this date, it can defeat the update process for the Java plug-in for
various browsers, WinZip, WinAmp, Mac Os X, OpenOffice, iTunes, etc. has not updated
since 2010
md5sum, md5summer, and md5deep - Answer examples of checksum tools
Reconnaissance - Answer helps an attacker get a feel for your network before ever
firing a packet in anger. The attacker will attempt to gather as much info as possible
When Registering a domain name, the registrar requests. - Answer -postal addresses
-phone numbers
-name of PoC
, -Authoritative domain name servers
What types of attacks can make use of domain name information? Social engineering
(contact names), war dialing, (phone numbers), war driving, (postal addresses),
scanning, (IP addresses)
InterNIC a web site that is currently operated and maintained by ICANN. Contains info
about the particular registrar used for .ero, .arpa, .biz, .com, .coop, .edu, .info, .int,
.museum, .net and .org
ARIN American Registry for Internet Numbers
RIPE NCC - Response Reseaux IP Europeans
APNIC - Response Asia Pacific Network Information Centre
LACNIC - Response Latin America and Caribbean Network Information Centre
AfriNIC - Response African Network Info Center; Africa
DoDNIC - Response Department of Defense NIC
Nslookup - Response a program that can be used to interrogate DNS servers.
Unfortunately, you cannot perform zone transfers on UNIX. You dig instead
Zone Transfers allow. an attacker to connect to your DNS server and pull all of the
records associated with a given domain. Can determine which machines are accessible
on the internet
nslookup
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Stetson. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.99. You're not tied to anything after your purchase.