Hacking into computer systems a beginners guide

[ Pobierz całość w formacie PDF ]
.A number of hackers come forward to help run what becomesthe Happy Hacker Digest.1996 is also the year when documentation for routers, operating systems, TCP/IP protocols and much, muchmore begins to proliferate on the Web.The era of daring burglaries of technical manuals fades.In early 1997 the readers of Bugtraq begin to tear the Windows NT operating system to shreds.A new maillist, NT Bugtraq, is launched just to handle the high volume of NT security flaws discovered by its readers.Self-proclaimed hackers Mudge and Weld of The L0pht, in a tour de force of research, write and release apassword cracker for WinNT that rocks the Internet.Many in the computer security community have comefar enough along by now to realize that Mudge and Weld are doing the owners of NT networks a greatservice.Thanks to the willingness of hackers to share their knowledge on the Web, and mail lists such as Bugtraq,NT Bugtraq and Happy Hacker, the days of people having to beg to be inducted into hacker gangs in orderto learn hacking secrets are now fading.Where next will the hacker world evolve? You hold the answer to that in your hands.Contents of the Crime Volume:Computer Crime Law Issue #1Everything a hacker needs to know about getting busted by the feds____________________________________________________________GUIDE TO (mostly) HARMLESS HACKINGComputer Crime Law Issue #1By Peter Thiruselvam and Carolyn Meinel____________________________________________________________Tired of reading all those You could go to jail notes in these guides? Who says those things are crimes?Well, now you can get the first in a series of Guides to the gory details of exactly what laws we re trying tokeep you from accidentally breaking, and who will bust you if you go ahead with the crime anyhow.This Guide covers the two most important US Federal computer crime statutes: 18 USC, Chapter 47, Section1029, and Section 1030, known as the Computer Fraud and Abuse Act of 1986.Now these are not the *only* computer crime laws.It s just that these are the two most important laws usedin US Federal Courts to put computer criminals behind bars.COMPUTER CRIMES: HOW COMMON? HOW OFTEN ARE THEY REPORTED?The FBI s national Computer Crimes Squad estimates that between 85 and 97 percent of computer intrusionsare not even detected.In a recent test sponsored by the Department of Defense, the statistics werestartling.Attempts were made to attack a total of 8932 systems participating in the test.7860 of thosesystems were successfully penetrated.The management of only 390 of those 7860 systems detected theattacks, and only 19 of the managers reported the attacks (Richard Power, -Current and Future Danger: ACSI Primer on Computer Crime and Information Warfare_, Computer Security Institute, 1995.)The reason so few attacks were reported was mainly because organizations frequently fear their employees,clients, and stockholders will lose faith in them if they admit that their computers have been attacked.Besides, of the computer crimes that *are* reported, few are ever solved.SO, ARE HACKERS A BIG CAUSE OF COMPUTER DISASTERS?According to the Computer Security Institute, these are the types of computer crime and other losses:� Human errors - 55%� Physical security problems - 20%(e.g., natural disasters, power problems)� Insider attacks conducted for the purpose of profiting from computer crime - 10%� Disgruntled employees seeking revenge - 9%� Viruses - 4%� Outsider attacks - 1-3%So when you consider that many of the outsider attacks come from professional computer criminals -- manyof whom are employees of the competitors of the victims, hackers are responsible for almost no damage at allto computers.In fact, on the average, it has been our experience that hackers do far more good than harm.Yes, we are saying that the recreational hacker who just likes to play around with other people s computersis not the guy to be afraid of.It s far more likely to be some guy in a suit who is an employee of his victim.But you would never know it from the media, would you?OVERVIEW OF US FEDERAL LAWSIn general, a computer crime breaks federal laws when it falls into one of these categories:� It involves the theft or compromise of national defense, foreign relations, atomic energy, or other restrictedinformation.� It involves a computer owned by a U.S.government department or agency.� It involves a bank or most other types of financial institutions.� It involves interstate or foreign communications.� it involves people or computers in other states or countries.Of these offenses, the FBI ordinarily has jurisdiction over cases involving national security, terrorism,banking, and organized crime.The U.S [ Pobierz całość w formacie PDF ]

Archiwum