| |
|
Home
|
| Red Hat Linux 8.0: The Official Red Hat Linux Security Guide |
|---|
| Prev | | Next |
Chapter 2. Attackers and Risks In order to plan and implement a good security strategy, you should first
be aware of some of the issues which determined, motivated attackers
exploit to compromise systems. Before detailing these issues, we will
define the terminology used when identifying an attacker.
Hackers and Crackers The modern meaning of the term hacker has origins
dating back to the 1960s and the Massachusetts Institute of Technology
(MIT) Tech Model Railroad Club, which designed train sets of large scale
and intricate detail. Hacker was a name used for club members who discovered a
clever trick or workaround for a problem.
The term hacker has since come to describe everything from computer
buffs to gifted programmers. A common trait among most hackers is a
willingness to explore in detail how computer systems and networks
function with little or no outside motivation. Open source software
developers often consider themselves and their colleagues hackers and
use the word as a term of respect.
Hackers typically follow a form of the hacker
ethic which dictates that the quest for information and
expertise is essential and that sharing this knowledge is the hackers
duty to the community. During this quest for knowledge, some hackers
enjoy the academic challenges of circumventing security controls on
computer systems. For this reason, the press often uses the term hacker
to describe those who illicitly access systems and networks with
unscrupulous, malicious, or criminal intent. The more accurate term for
this type of computer hacker is cracker — a
term created by hackers in the mid-1980s to differentiate
the two communities.
Shades of Grey There are levels of distinction to describe individuals who find and
exploit vulnerabilities in systems and networks. They are described by
the shade of hat that they "wear" when performing their security
investigations and this shade is indicative of their intent.
The white hat hacker is one who tests networks
and systems to examine their performance and determine how vulnerable
they are to intrusion. Usually, white hat hackers crack their own
systems or the systems of a client who has specifically employed them
for the purposes of security auditing. Academic researchers and
professional security consultants are two examples of white hat
hackers.
A black hat hacker is synonymous with a
cracker. In general, crackers are less focused on programming and the
academic side of breaking into systems. They often rely on available
cracking programs and exploit well known vulnerabilities in systems to
uncover sensitive information for personal gain or to
inflict damage on the target system or network.
The grey hat hacker, on the other hand, has
the skills and intent of a white hat hacker in most situations but
uses his knowledge for less than noble purposes on occasion. A grey
hat hacker can be thought of as a white hat hacker who wears a black hat at
times to accomplish his own agenda.
Grey hat hackers typically subscribe to another form of the hacker
ethic, which says it is acceptable to break into systems as long as
the hacker does not commit theft or breach confidentiality. Some
would argue, however that the act of breaking into a system is in
itself unethical.
Regardless of the intent of the intruder, it is important to
know the weaknesses a cracker will likely attempt to exploit. The
remainder of the chapter will focus on these issues.
|
|
|
|
|
|
|
|
Disclaimer: For authoritative source or latest update to this
documentation, please refer to http://www.redhat.com/docs/manuals/linux/ |
|
 |
|
|
|
Quotes: Where a government has come into power through some form of popular vote, fraudulent or not, and maintains at least an appearance of constitutional legality, the guerrilla outbreak cannot be promoted, since the possibilities of peaceful struggle have not yet been exhausted.Whenever death may surprise us, let it be welcome if our battle cry has reached even one receptive ear and another hand reaches out to take up our arms.There are no boundaries in this struggle to the death. We cannot be indifferent to what happens anywhere in the world, for a victory by any country over imperialism is our victory; just as any country's defeat is a defeat for all of us.The amount of poverty and suffering required for the emergence of a Rockefeller, and the amount of depravity that the accumulation of a fortune of such magnitude entails, are left out of the picture, and it is not always possible to make the people in general see this.Many will call me an adventurer - and that I am, only one of a different sort: one of those who risks his skin to prove his platitudes.Whoever, in middle age, attempts to realize the wishes and hopes of his early youth, invariably deceives himself. Each ten years of a man's life has its own fortunes, its own hopes, its own desires.Life belongs to the living, and he who lives must be prepared for changes.Fools and sensible men are equally innocuous. It is in the half fools and the half wise that the danger lies.Destiny grants us our wishes, but in its own way, in order to give us something beyond our wishes.We must learn to be still in the midst of activity and to be vibrantly alive in repose.There is certainly no absolute standard of beauty. That precisely is what makes its pursuit so interesting.The conventional view serves to protect us from the painful job of thinking.Power is not something that can be assumed or discarded at will like underwear.People are the common denominator of progress. So - no improvement is possible with unimproved people, and advance is certain when people are liberated and educated.Faced with the choice between changing one's mind and proving that there is no need to do so, almost everyone gets busy on the proof.It is a far, far better thing to have a firm anchor in nonsense than to put out on the troubled sea of thought.The world is full of willing people, some willing to work, the others willing to let them.
|
|
|
|
|
|
|
