Filter
Top Products
Understanding Internet risks
Risks from hackers
126
1 Initial access
The hacker exploits a vulnerability found during information
gathering and establishes an entry point into your computer.
1 Privilege escalation
The hacker gains access to more programs and services on your
computer.
1 Covering tracks
The hacker hides or removes evidence of the intrusion, sometimes
leaving an entry point open for return.
Information gathering
The first step in information gathering is acquiring a target. A hacker can
choose a person or company to attack, or search the Internet for an
unprotected target that will be easy to hack. The amount of information
available about you on the Internet is directly related to your level of Web
presence. If you have a domain name and a Web site, more information is
publicly available than would be if you only had an email address.
If a hacker has chosen a specific target, such as a company or organization,
many resources on the Internet assist in gathering information. Using the
Internet, a hacker can learn a lot about a potential target. Given a domain
name, it’s easy to find out the name and address of the owner, as well as
the name and phone number of the administrative and technical contacts.
While this information usually can’t be used directly to attack a network or
computer, it can be used to gather more information.
If a hacker doesn’t have a specific target in mind, many tools are available
for scanning the Internet and finding possible targets. The simplest scan is
a ping scan, which can quickly scan thousands of computers. The hacker
uses a program to ping computers at a series of IP addresses. A response
tells the hacker that a computer exists at an IP address. When Norton
Personal Firewall is running, your computer is hidden from ping scans
because your computer does not respond. The hacker does not learn that
there is a computer at your IP address by pinging it.
Port scans are more comprehensive and are usually performed on single
computers. A port scan can tell a hacker which services are running, such
as HTTP and FTP. Each service that is running provides a potential entry
point for the hacker. On unprotected computers, unused ports respond that
they are closed, telling the hacker that a computer exists at that IP address.
Norton Personal Firewall does not respond to scans of unused ports, giving
them a stealth appearance.