Tip One
Hackers cover their tracks, Experienced hackers cover them more
thoroughly, but amateur hackers sometimes leave things behind, Don't
expect them to leave any really big evidence behind, expect more of
little things here and there you might find surprising, For example,
if you are writing a term paper and a black hat hacker accidently
saved it when he took a paragraph out, that's suspicious, Where did
that paragraph go ? Well, for one thing, now you know he was in that
area, Check the folders surrounding the file you might find something
Tip Two
Decipher between the type of hackers that are attacking you,
Experienced hackers will have a more in depth look around when they
penetrate your system, They won't touch much because they know that
they won't add too much to their knowledge, But if you know a hacker's
been in, and some files are messed with, and you have a log of someone
guessing passwords to a file or something of that sort, its probably
some newbie who's just starting out, These are the easiest hackers to
catch, They usually get so caught up in thoughts like "Iam in" that
they forget the basics, such as work behind a proxy
Tip Three
Don't go crazy if you lose data, Chances are, if it was that
important, you would have backed it up anyway, Most hackers nowadays
wish they were back in 1989 when they could use a Black Box and having
a Rainbow Book actually meant something, Most hackers aren't black
hat, they are white hat, and some even grey hat, But in the end, most
hackers that are in systems aren't satisfied by looking around, From
past experiences, I have concluded that many hackers like to remember
where have they been, So what do they do ? They either press delete
here and there, or copy some files on to their systems, Stupid hackers
(yes, there are plenty of stupid hackers) send files to e-mail
addresses Some free e-mail companies will give you the IP of a certain
e-mail address's user if you can prove that user has been notoriously
hacking you. But most of the time, by the time you get the e-mail adds
it's been unused for weeks if not months or years, and services like
hotmail have already deleted it
Tip Four
Save information, Any information that you get from a log file (proxy
server IP, things like "14P", e-mail addresses that things were sent
to, etc) should be saved to a floppy disk (they are not floppy
anymore, I wish I could get out of the habit of calling them that) in
case there's a next time, If you get another attack, from the same
proxy, or with similar e-mail addresses (e.g: one says Blackjack
123@something.whatever and the other says
Black_jack_45@something.znn.com) you can make an assumption that these
hackers are the same people, In that case, it would probably be worth
the effort to resolve the IP using the proxy and do a trace route
Pressing charges is recommended if this is a repeat offender
Tip Five
Don't be stupid, If you've been hacked, take security to the next
level, Hackers do talk about people they have hacked and they do post
IPs and e-mail addresses, Proof ? Take a look at Defcon Conventions,
I've never gone to one, but I have seen the photos, The "Wall of
Shame" type of boards I've seen have IPs and e-mail addresses written
all over them in fat red, dry-erase ink, Don't be the one to go
searching the Defcon web site and find your e-mail address posted on
the Wall of Shame board
Tip Six
Don't rely on luck, Chances are, sometime or another, you're going to
be targeted for an attack, Here you can rely on luck, Maybe they'll
forget ? Maybe they don't know how to do it ? If you think this way, a
surprise is going to hit your face very hard, Another way you could
stupidly rely on luck is by saying this: It's probably just a white
hat, On the contrary, my friend, it's probably just a black hat, A
black hat with knowledge stored in his head, ready to be used as an
ax, It's your data, You take the chance
Hackers cover their tracks, Experienced hackers cover them more
thoroughly, but amateur hackers sometimes leave things behind, Don't
expect them to leave any really big evidence behind, expect more of
little things here and there you might find surprising, For example,
if you are writing a term paper and a black hat hacker accidently
saved it when he took a paragraph out, that's suspicious, Where did
that paragraph go ? Well, for one thing, now you know he was in that
area, Check the folders surrounding the file you might find something
Tip Two
Decipher between the type of hackers that are attacking you,
Experienced hackers will have a more in depth look around when they
penetrate your system, They won't touch much because they know that
they won't add too much to their knowledge, But if you know a hacker's
been in, and some files are messed with, and you have a log of someone
guessing passwords to a file or something of that sort, its probably
some newbie who's just starting out, These are the easiest hackers to
catch, They usually get so caught up in thoughts like "Iam in" that
they forget the basics, such as work behind a proxy
Tip Three
Don't go crazy if you lose data, Chances are, if it was that
important, you would have backed it up anyway, Most hackers nowadays
wish they were back in 1989 when they could use a Black Box and having
a Rainbow Book actually meant something, Most hackers aren't black
hat, they are white hat, and some even grey hat, But in the end, most
hackers that are in systems aren't satisfied by looking around, From
past experiences, I have concluded that many hackers like to remember
where have they been, So what do they do ? They either press delete
here and there, or copy some files on to their systems, Stupid hackers
(yes, there are plenty of stupid hackers) send files to e-mail
addresses Some free e-mail companies will give you the IP of a certain
e-mail address's user if you can prove that user has been notoriously
hacking you. But most of the time, by the time you get the e-mail adds
it's been unused for weeks if not months or years, and services like
hotmail have already deleted it
Tip Four
Save information, Any information that you get from a log file (proxy
server IP, things like "14P", e-mail addresses that things were sent
to, etc) should be saved to a floppy disk (they are not floppy
anymore, I wish I could get out of the habit of calling them that) in
case there's a next time, If you get another attack, from the same
proxy, or with similar e-mail addresses (e.g: one says Blackjack
123@something.whatever and the other says
Black_jack_45@something.znn.com) you can make an assumption that these
hackers are the same people, In that case, it would probably be worth
the effort to resolve the IP using the proxy and do a trace route
Pressing charges is recommended if this is a repeat offender
Tip Five
Don't be stupid, If you've been hacked, take security to the next
level, Hackers do talk about people they have hacked and they do post
IPs and e-mail addresses, Proof ? Take a look at Defcon Conventions,
I've never gone to one, but I have seen the photos, The "Wall of
Shame" type of boards I've seen have IPs and e-mail addresses written
all over them in fat red, dry-erase ink, Don't be the one to go
searching the Defcon web site and find your e-mail address posted on
the Wall of Shame board
Tip Six
Don't rely on luck, Chances are, sometime or another, you're going to
be targeted for an attack, Here you can rely on luck, Maybe they'll
forget ? Maybe they don't know how to do it ? If you think this way, a
surprise is going to hit your face very hard, Another way you could
stupidly rely on luck is by saying this: It's probably just a white
hat, On the contrary, my friend, it's probably just a black hat, A
black hat with knowledge stored in his head, ready to be used as an
ax, It's your data, You take the chance
0 Responses to "How To Catch A Hacker"
Post a Comment