QUOTE(develCuy @ May 15 2007, 05:26 AM) 
My question is: how to know when you are hacked??
WARNING! I don't necessary agree with the following concepts. Read with caution -->
First I will share to you an ancient hacker philosophy.
"You are not talking about to be infected by a trojan or worm. Hacking is about open ports and capturing of services. A hacker don't want to delete your files or kill your HD, that is another kind of attack. The original purpose of a hacker is "to hack your system". Find security holes and then break the security, but nobody must know. Only after the "attack".
People commonly think about hackers like criminals that want to kick Buss ass and get access to the White House cameras and avoid terrorist be detected when they put an antrax bomb. Criminals are criminals, hackers are people that help in security. Now, if some hacker 'makes sin' then must be named a sucker..."
This kind of philosophy is named "subtility", Christians think that a subtility is an strategy used by the evil. A mix of true and lie, then, an absolute lie. Make some kind of invasion to private content, system or service is not a good action, this means "sin" and then "die". Christians know what kind of die.
<-- WARNING END
SECURITY ON YOUR DESKTOP
A Desktop Computer is the most vulnerable kind of system, . The principal virus, is normally the user. Is like the Earth. Our planet is destroyed by humans. The security of a system depends of the user. In Windows Systems, You ONLY need a good antivirus(avast!, antivir, etc...), also a firewall, an anti-spyware, install Windows Security Updates.... You know the history. Internet does not mean: download & install me. Is like the real world, be careful, something bad will happen if you visit warez sites, or open files containing attachments with the extension: .src, .com, .pif. You must also use this logic: "You read the manual for your TV, for your Cellphone, then use your computer's manual". Drive with care in the signals.
SECURITY ON SERVERS
Securing a server means be in control of everything, have an up to date system and take fast actions in the crisis. By example, for a common LAMP server, you have to configure the firewall, allow connections only via HTTP, HTTPS, FTP, SMTP, POP3 and SSH. Everyone of these services have a common port. If a hacker knows your Apache and OS version, then he will look at bug reports to find some hole and then take control of your Web server. To avoid vulnerability you have to keep an update kernel and apache server. The same for the other services, by example: Postfix, tftp, OpenSSH. You have to be in control of your system, what users, what services, what hostnames/IPs, what ports, what schedules, what kind of rights for every service.... and more in low level: what size of TCP/IP packages, what amount of packages, what amount of lost packages and their frequency.
Some kind of variation, something that makes you think: "this looks strange", must be enough to start your security test routine.
TURN OFF YOUR COMPUTER IS NOT ENOUGH
Hackers are intelligent people, they know: "He will turn-off the computer, just what I need!! I will put my trojan in the boot tasks". Please!!! Just pray, unplug your Internet connection, copy your important files, pray again, turn of your computer and call 911, the police office and FBI. Maybe your hacker is a terrorist spy using your as bridge to hack the Federal Bank. In the real life, a normal user will never know that was hacked, and how many times. Are you waiting for Fire games on your computer, and a Windows Message: "WARNING Your computer is being hacked!!!".
ARE YOU FILLING INSECURE?
Please, I don't want to start the red alert in your mind. Only be sure to have your system up to date. Let the security experts think in their servers and don't do thinks that your mother will not.
Blessings!
WARNING! I don't necessary agree with the following concepts. Read with caution -->
First I will share to you an ancient hacker philosophy.
"You are not talking about to be infected by a trojan or worm. Hacking is about open ports and capturing of services. A hacker don't want to delete your files or kill your HD, that is another kind of attack. The original purpose of a hacker is "to hack your system". Find security holes and then break the security, but nobody must know. Only after the "attack".
People commonly think about hackers like criminals that want to kick Buss ass and get access to the White House cameras and avoid terrorist be detected when they put an antrax bomb. Criminals are criminals, hackers are people that help in security. Now, if some hacker 'makes sin' then must be named a sucker..."
This kind of philosophy is named "subtility", Christians think that a subtility is an strategy used by the evil. A mix of true and lie, then, an absolute lie. Make some kind of invasion to private content, system or service is not a good action, this means "sin" and then "die". Christians know what kind of die.
<-- WARNING END
SECURITY ON YOUR DESKTOP
A Desktop Computer is the most vulnerable kind of system, . The principal virus, is normally the user. Is like the Earth. Our planet is destroyed by humans. The security of a system depends of the user. In Windows Systems, You ONLY need a good antivirus(avast!, antivir, etc...), also a firewall, an anti-spyware, install Windows Security Updates.... You know the history. Internet does not mean: download & install me. Is like the real world, be careful, something bad will happen if you visit warez sites, or open files containing attachments with the extension: .src, .com, .pif. You must also use this logic: "You read the manual for your TV, for your Cellphone, then use your computer's manual". Drive with care in the signals.
SECURITY ON SERVERS
Securing a server means be in control of everything, have an up to date system and take fast actions in the crisis. By example, for a common LAMP server, you have to configure the firewall, allow connections only via HTTP, HTTPS, FTP, SMTP, POP3 and SSH. Everyone of these services have a common port. If a hacker knows your Apache and OS version, then he will look at bug reports to find some hole and then take control of your Web server. To avoid vulnerability you have to keep an update kernel and apache server. The same for the other services, by example: Postfix, tftp, OpenSSH. You have to be in control of your system, what users, what services, what hostnames/IPs, what ports, what schedules, what kind of rights for every service.... and more in low level: what size of TCP/IP packages, what amount of packages, what amount of lost packages and their frequency.
Some kind of variation, something that makes you think: "this looks strange", must be enough to start your security test routine.
TURN OFF YOUR COMPUTER IS NOT ENOUGH
Hackers are intelligent people, they know: "He will turn-off the computer, just what I need!! I will put my trojan in the boot tasks". Please!!! Just pray, unplug your Internet connection, copy your important files, pray again, turn of your computer and call 911, the police office and FBI. Maybe your hacker is a terrorist spy using your as bridge to hack the Federal Bank. In the real life, a normal user will never know that was hacked, and how many times. Are you waiting for Fire games on your computer, and a Windows Message: "WARNING Your computer is being hacked!!!".
ARE YOU FILLING INSECURE?
Please, I don't want to start the red alert in your mind. Only be sure to have your system up to date. Let the security experts think in their servers and don't do thinks that your mother will not.
Blessings!
hehe, i was thinking about the same, good question!
