Hacking: Guide to Basic Security, Penetration Testing and...
Transcript of Hacking: Guide to Basic Security, Penetration Testing and...
Hacking:
GuideToBasic
Security,PenetrationTestingAndEverythingElseHacking
TableofContents
Introduction
Chapter1:Hacking-AnOverview
Chapter2:PenetrationTesting
Chapter3:Basic
SecurityGuidelines
Chapter4:SecurityGuidelinesForOfficesandOrganizations
Chapter5:FewGeneralTipsOfComputerSafety
Introduction
Intelligence agencies andsecurity services of manynations consider hacking oftheir computer systems and
networks as the biggestnational threat. What wasonceconsideredasaharmlessprank played by computernerdshasnowevolvedintoacrime on par with any otherin terms of its repercussions.It isviewedatwith thesameseverityasterrorismbymanycountries and is condemnedby the world governments atlarge.
In simple terms hacking isnothing but breaking intosomeone else's computer orsystem by circumventing thesafety measures and stealingthe information containedwithin, or worse, sabotagingtheentiresystem.
The roots of hacking can betracedback to the1960'sand70's when the "Yippies"movement was at its peak.Yippies were the membersand followers of YouthInternational Party, whichwasnothingbut aproductofthe anti-war movements ofthat time. The group was
comprised mainly of youthsandwascounter-culturalatitsvery basic level. Theyengaged in carrying outelaborate street pranks andtaught its member thetechnique of tappingtelephonelines.
Thisgraduallydevelopedintowhat is now called hacking,except that the phone linesand pliers were replaced bystate of the art mega coreprocessorsandmultifunctionplasmascreens.
But over time, the goofy
nature of the whole activityhastakenabackseatandthemore evil face hasmaterialized, hugely due tothe fact that, what was oncestarted by peace lovingactiviststopullpranksontheauthorities, is now beingincreasingly used by terroristorganizations for a multitudeof reasons such as spreadingtheir propaganda, obtainingfunding, gatheringintelligence about troop
movements, to evenlaunchingmissiles.
In this eBook we shall lookinto various aspects ofhackingandprovideyouwithdetailed instructions forprotecting your homecomputer or laptop of office
systems from this vilemenace of the World WideWeb.IwanttothankyoufordownloadingthiseBookandIhope you find the contentsuseful and easy to put intopractice.
Chapter1:Hacking-AnOverview
In this chapter we will giveyouageneralideaaboutwhathacking really is and thenmove on to look into the
classification of differentkindsofhackers.
In its most elemental form,hackingcanbedefinedastheprocess of ascertaining andthesubsequentexploitationofthe various shortfalls andweaknesses in a computer
system or a network of suchcomputer systems. Thisexploitation may take theform of accessing andstealing of information,altering the configuration,changing the structuralpicture of the computersystemandsoon.
The whole spectrum ofhackingisnotsomethingthatis found only in thedeveloped countries. In fact,withthekindofadvancementthathasbeenwitnessedinthefield of informationtechnology during the lasttwo decades, it should notcomeasasurprise thatmanyof the most tenaciouscommunities of hackers are
based in the developingcountriesofSouthandSouth-EastAsia.
There is so much of smokescreen and ambiguity in theworld of hackers that it isextremelydifficulttopinpointa particular activity as
hacking or not. Thisambiguityissomuchthatthevery term“hacker” issubjectto a lot of controversies. Insome contexts, the term isused to refer to any personwho has a command overcomputer systems andnetworks. Inothercontexts itisusedtorefertoacomputersecurityspecialistwhostrivestofindandplugtheloopholesin the system. They aresometimes called crackers.
Butmoreontheclassificationofhackersshallbedealtwithin detail in the later part ofthischapter.
Aplethoraofreasonsmaybebehind hacking. Some do itwith the very predictablereason of making money.
They may steal and retrieveinformation from a computersystem, or plant incorrectinformation in return formonetary gains. Some othersdoitsimplyforthechallengeof the whole activity. Therush of doing something thatis prohibited, accessing whatis forbidden. And yet othersare computer worldequivalents of socialmiscreantswhomayaccessanetwork or system and
scramble,therebyrenderingitutterlyuselessfortheusersofsuchnetwork.
Therearepeoplewhohackasystem as a sign of protestagainst the authority. Insteadof being vocal against thepolicies which they consider
unreasonable, they burrowinto the technologicalnetwork systems employedby the authority and wreakhavoc.
Classification –Variouskinds
Based on their modusoperandi and the intention
behind their actions, hackerscan be classified into thefollowingtypes;
Whitehathackers
Thetermwhitehatisusedtorefer to someone who hacksinto a computer system ornetwork for intentions thatare not malafide. They maydoasapartofaseriesoftestsperformed to check theefficacy of their securitysystems or as a part ofresearch and developmentthat is carried out by
companies that manufacturecomputersecuritysoftware.
Also known as ethicalhackers, they carry outvulnerabilityassessmentsandpenetration tests (which shallbe explained in detail insubsequentchapters).
Blackhathackers
A black hat hacker, as thename suggests is the polar
oppositeofawhitehathackerin terms of both intention aswell as methodology. Theyviolate a network formalafide intentions formonetaryandpersonalgains.They are the illegalcommunities who fit thecommonly perceivedstereotype of computercriminals.
They gain access into asystem and steal or destroytheinformationormodifythesame. They may tweak theprograminsuchawaythatitis rendered useless for theintended users. When theynotice a weak spot orvulnerableareainthesystem,they take control of the
systembywayof suchweakspot. They keep theproprietors, authorities andthegeneralpublicintheblindregarding such vulnerability.They do not make anyattempts to fix the lacunaeunless their reign faces athreatfromathirdparty.
Greyhathackers
A grey hat hacker has acuriousmixofbothblackhatandwhite hat characteristics.He trawls the internet andsniffs out network faults and
hacks into the system. Hedoes so with the soleintention of demonstrating tothesystemadministratorsthattheir network has a defect interms of security. Oncehacked into the system, theymay offer to diagnose andrectify the defect for asuitableconsideration.
Bluehathackers
These are freelancers whooffer their expertise for hireto computer security firms.Before a new system is
introduced in themarket, theservices of blue hats arecalled for, to check thesystem for any potentialweaknesses.
Elitehackers
These are the crème de lacrème of the hackingcommunity. This is amarkerof social status used todemote the most proficienthackers. They are the firstones to break into aseemingly impenetrablesystemandwriteprogramstodo so. The elite status is
usuallyconferredonthembythe hacking community towhichtheybelong.
Skiddie
The term "skiddie" is shortfor"ScriptKiddie".Thesearethe amateur level hackerswhomanagetobreakintoandaccesssystemsbymakinguseof programswritten by otherexpert level hackers. Theyhave littleornograspon theintricacies of the programwhichtheyuse.
Newbie
Newbies, as the namesuggests,arehackerswhoare
beginners in the world ofhacking, with no priorexperience or knowledgebehind them. They hangaround at the fringe of thecommunitywiththeobjectoflearningtheropesofthetradefromtheirpeers.
Hacktivism
This is another version ofhacking, in which theindividual or the communitymakes use of their skills topromulgate any religious orsocial message through thesystems they hack into.Hacktivism can broadly be
classified into two kinds-Cyber terrorism andRight toinformation. Cyber terrorismrefers to activities thatinvolve breaking into asystemwiththesoleintentionofdamagingordestroying it.Such hackers sabotage theoperations of the system andrenderituseless.
The hackers who belong tothe "Right to information"category operate with theintention of gatheringconfidentialinformationfromprivate and public sourcesand disseminate the same onthepublicdomain.
Intelligenceagencies
Intelligence agencies andanti-cyber terrorismdepartments of variouscountries also engage in
hackinginordertoprotectthestate interests and tosafeguard their nationalsystems against any foreignthreats.Thoughthiscannotbeconsidered as hacking in thetrue sense of the term, suchagencies engage the servicesof blue hat hackers as a sortofdefensestrategy.
Organizedcrime
This can be construed as akindofconglomerateofblackhat hackers working for acommon goal or under a
leadership. They access thesystems of governmentauthorities and privateorganizations to aid thecriminal objectives of thegangtowhichtheybelongto.
Chapter 2:PenetrationTesting
When the world becameawareofthemagnitudeofthethreat posed by hacking,various security measures
were invented by computerexperts and securityspecialists. One of the mostprominent among suchmeasuresistheprocesscalledpenetration testing. In thischapterweshalllookintothisconcept in detail and thevarious reasons forundertakingthistesting.
Whatisit?
Penetration testing is theprocess whereby a deliberateattack is mounted on acomputersystem,inwhichits
weakspotsarenoted,andthedata stored in it is accessed.The intention is todemonstrate and therebyascertaintheefficiencyofthesecurity safeguards installedinthesystem.
The primary objective of
penetration testing is to findout the vulnerable areas in asystem and fix them beforeany external threatcompromises them. The keyareas to be tested in anypenetration testing are thesoftware,hardware,computernetworkandtheprocess.
The testingcanbedonebothin an automatedway aswellas manually. The automatedmethod makes use ofsoftware and programs thatthe penetration tester hascomposed,whicharethenrunthrough the system andnetwork. However it is notpossible to find out allvulnerabilities solely throughpenetrationtesting.
This is when the manualtestingcomesin.Forinstancethevulnerabilitiesinasystemdue to human errors, lack ofemployee security standards,design flaws or faultyemployee privileges can bediagnosed better by way ofmanualpenetrationtesting.
Besides the automated andmanual methods ofpenetration testing, there is athird variety which isbasically a combination ofboth automated and manualsystems.This formof testingis more comprehensive intermsofareaofcoverageandhenceitisusedcommonlyto
identify all possibilities ofsecuritybreaches.
This is inmanywayssimilarto the concept called"business process re-engineering"and isusedasamanagement planning anddecision making tool. The
processofpenetration testinginvolves execution of thefollowingsteps:-
•Identificationof thenetworkand inparticular,
thesystemonwhich thetesting isto becarriedout.
•Fixing
of targetsand goal.Here, acleardemarcationis madebetweenbreakinginto asystem toprove itsfaults asagainstbreaking
into andretrievinginformationcontainedin thesystem.
•Gatheringinformation
pertainingto thestructureof thesystem ornetwork.
•Reviewingthe
informationthat hasbeencollectedandbasedon suchdata,chartingoutaplanof actionto beadopted.Multiplecoursesof
actionmay beoutlinedand themostsuitableone isselected.
•Implementationof themostappropriatecourse ofaction.
Thereare twobroadkindsofpenetrationtests.Itmaybein
the form of a "White Box"testora "BlackBox" test. Incase of a white box test, thecompany or organizationenlists the services of anagency or individual to carryout the penetration tests, andprovides them with allinformation with respect tothe structure of the systemanditsbackground.
The party carrying out thetests need not do anygroundwork for collection ofinformation. On the otherhand, where the penetrationtest is of the black boxvariety, very little or inmostcases, no backgroundinformationisprovidedtotheagency except the name of
theorganizationforwhichthetestisbeingdone.
Once the penetration test issuccessfully completed, thesystem administrator orowner is briefed about theweaknessesinthesystemthathascometoforeasaresultof
the test. The test reportshould list out in detail theweakspotsasobservedinthetest, the severity of suchflaws,theshorttermandlongterm impact on the systemand its contents and finallythe methods to fix suchshortcomings.
Various strategiesemployed
The following are the mostcommonly adopted strategiesofpenetrationtesting:
Targetedtest
In this form of penetrationtesting, the procedure isperformed by theorganization's in-housesecurity department. Theymay call for the help ofexternal agencies but thedecision making and
implementation powers restwith the organization itself.Oneofthemostcharacteristicfeatures of this form ofpenetration testing is thatemployeesintheorganizationare kept in the loop and areawareofthetests.
Externalapproach
This form of penetrationtesting is carried outexclusively on those devicesand servers of theorganization that are visibleto outsiders, for instance thee-mail servers, domain nameservers etc. The intention of
performing a penetration testwith the external approach isto ascertain whether anyoutsider can attack theabovementioned devices andincaseofsuchanattack, therepercussionsofthesame.
Internalapproach
Thisistheexactoppositeofatest as per the externalapproach. Here the intentionis to mimic the situationwhere the system is underattack from inside bysomeone who has high levelaccess and privileges. The
testcanestablishtheextentofdamagesthatcanbecausesintheeventofsuchanattack.
Blackboxtest
The basic principle behind ablack box test has beenmentioned in the earlier partofthischapter.Theagencyorindividual carrying out thepenetration test is given verylittle information about theorganization or its systemsafeguards. This form oftesting is very time andresource intensive because
the agency has to start fromscratch and undertake thecompleteprocessofgatheringinformation, planning andexecution.
Advanced black box
test
Asisobviousfromthename,this isahigher levelofblackbox test. The majordifferentiating factor is thequantumofpeople inside theorganization who are awareof the penetration test beingcarried out. In case of a
normal black box test,although only a limitedamount of information isprovided to the testingagency, almost all themanagerial level employeesof theorganizationareawareofthetestsbeingcarriedout.However in case of anadvancedblackboxtest,onlya few people in the topmanagement of the companywill be aware of the testsbeingconducted.
Chapter 3: BasicSecurityGuidelines
Nowthatyouhavehadalookatwhatexactlyhackingis,weshall go ahead and line outsomebasicguidelinesforyou
toprotectyoursystemandtheinformation contained in itfrom an external threat. Thisis compilation of the mostpracticalmethods devised bycomputer security specialiststhat you can follow to avoidyour machine from beingattacked and ravaged by theomnipresent threat ofhacking.
UpdateyourOperatingSystem
Thesimpletruthisthatallthedifferentversionsofeventhe
bestof theoperating systemshave succumbed to hacking.Havingsaidthat,thesimplestway to protect your systemwould be to keep updatingyour operating system on aweeklyormonthlybasisorasand when a new andimproved version comesalong.This drastically bringsdowntheriskofyoursystemplayinghosttoviruses.
Updateyoursoftware
Please understand that thereis a reason why softwaredevelopers bring out newerversions of their product
every once in a while.Besides providing betterefficiency and convenience,they also have better in-builtsecurityfeatures.Thereforeitis highly imperative for youto make sure that yourapplications, browsers andprogramsallstayupdated.
Anti-Virus
The importance of havinggood and effective anti-virussoftware in your system cannever be stressed enough.
This is more so when yoursystemisalwaysconnectedtothe internet. There are manyanti-virus software availablein the market with varyingdegrees of efficiency. Theymay be both free as well aspaid and we would alwaysrecommendyoutogofor thelatter. And if you think thatjust installing one in yoursystem is good enough, thenyou are mistaken. The anti-virussoftware, likeanyother
software requires frequentupdatingfor itsdefinitions toremaineffective.
Anti-Spyware
Anti-spywaresoftwareareasimportantasanti-virusforthevery same reasons.And heretoo,youhavealotofoptions
tochoosefrom.Somakesurethatyoupickonethatisratedhighenough.
GoforMacintosh
Nowthisisatrickyone.Youmayhavereadit incountlesscomparisons and onnumerous blogs that
Macintosh operating systemsare the least secure ones outthere, especially when pittedagainst the vastly morepopular Windows operatingsystems. But here, the verypopularityofWindowsworksagainst it. Don't get it?Wellhere is the thing, Very fewhackers target Macintoshsystems because of the factthatalargemajorityofpeopledonotuseit.Takeadvantageof this and switch to
Macintoshoperatingsystems.And do not forget the factthat there is no operatingsystem in theworldwhich iscompletelyhack-proof.
Avoidshadysites
Would you walk into a darkalley on the secluded part ofthe street at night, wearingexpensive jewelry? You
wouldn't. Similarly, be waryof dubious websites thatparade as reputed ones.Alsoavoid visiting porn sites,gaming websites and sitespromising free music andmovie downloads. Thesewebsites are frequentlytracked by hackers andanything you view ordownload from these sitesmay contain malware thatmayharmyourcomputerandcompromiseitssecurity.
Firewall
If there are more than onecomputer systems operatingunder one network, it ishighly advisable to install
software that provides asecurity firewall. Otherwisemake sure that the in-builtfirewall in your Windows isactivated. This feature iscomes in all versions ofWindows starting from theXPtothelatestversion.
Spam
Never ever open mails thatlook suspicious. Especiallythe ones that haveattachments. All the
mainstream e-mail websitesprovide a certain amount ofprotection against suchspurious mails bystraightawaymoving them tothe spam box when youreceive them. However theremaybemailsthatgetpastthefilters of your e-mail serverand that iswhenyouhave toexercise caution. Do notattempt to readsuchmailsordownloadthecontents.
Back-upoptions
Whether it is your homecomputer or the system atwork, always create a back-up of the data that you store
in it. Youmay be having allsorts of important andconfidential information suchas financial information,personal files and workrelated documents saved inyour system. In that case,makesure thatyou transferacopy of everything into anexternal source such as astandaloneharddiskorsomeothersimilardeviceorserver.Remember single potentmalicious software may
completely scramble yourdataandmakeitirretrievable.Andmerelyhavingaback-upoption is not good enough ifyoudonotutilizeit.Performaback-uptransferasoftenaspossible,at leastoncein4to5days.
Passwords
We have kept the mostimportant aspect to the last.The significance of having asecurepasswordcanneverbe
underminedenough.Beitforyourdocuments,fore-mailoreven your secure server, agoodenoughpassword is thefirst and quite often the lastline of defense against anyexternal threats. There aresome golden rules whenpicking a password. Do notmake your bank accountnumber,telephonenumberorcar registration number asyourpassword.Similarlyitisabignowhenitcomestothe
names of your familymembers.
Do not adopt any dates suchasbirthdaysandanniversariesas passwords. In short, whenit comes to adopting apassword do not takepredictable words or
numerals.As far as possible,make it a combination ofjumbled alphabets andnumbersthatdonotbearanyimportance to you on apersonalorprofessionalfront.And a golden rule when itcomestopasswordsecurityisthat, never write down yourpassword anywhere, be ityour personal diary or at theback of the telephone index.Thesamegoesforsavingitinyourcellphone.
Chapter 4: SecurityGuidelines ForOffices AndOrganizations
Thethreatofhackingisanallpervasive one and the bigscale corporations andorganizations are equally
affected by it. This isespecially so in the case ofbanks and financialinstitutions where a hugequantum of personal andfinancial information of theclientele is stored. An attackon such networks can wreakhavoc of scale beyondimagination. In this chapterwe shall deal with howoffices and organizations cantake precautionary measuresto avoid such instances and
neutralize an external threattotheircomputernetwork.
Safeguardthepointsofentry
Thefirstandforemoststepisto identify and mark out the
points of entry between theinternet and organization'snetwork. This is not as easyas it sounds. There will benumerous interfaces wherethe internal network isexposed to the internet andthese need to be monitoredbecause any external attackon the network can onlyoriginate from these points.Once these entry points areidentified, steps should betaken toensure that theseare
wellprotected.
Diagnostictests
Various diagnostic tests canbe run on the network toascertain the points ofweakness. These tests must
be run keeping inconsiderationthefactthatthethreatcanemanatefrombothexternal as well as internalsources. The results of thetests will provide a clearpicture as to where theorganization is lacking interms network security. Thefaulty lines can then beaddressedbypatchingup thelacunaeorbyaddinganextralayer of security or byeliminating such faulty areas
completely. The diagnostictestsshouldberunonregularintervalsbasedonthelevelofexposuretoexternalsources.
Firewallconfiguration
Merely having a firewallsystem installed in your
network is not enough. Thefirewallshouldbeconfiguredinsuchawaythatitisawareof the nature of threat thatyour network can face. Itshould be able to let throughsuchcommunicationwhichisrelevant and conducive andblock traffic that appears tobe having malafideintentions. The configurationmust be in tandem with thesecurity requirement of thenetwork and should
complementitsfunctionality.
Passwordpolicies
As mentioned in the earlierchapter, passwords are anintegral part of any networkof computer systems. They
are one of themain areas ofhuman-machine interface. Incaseofalargecorporationororganization, where are alarge number of employees,the risks of the networkcoming under attack alsoincreasing manifold. In suchlarge scale operations, thenetwork administrator shoulddevise properly outlinedpolicies for generation,alteration and periodicalchange of passwords. The
passwords shouldmandatorily consist ofalphabets, characters andnumbers.Theyshouldhaveaminimum length of seven toeight characters and shouldbeinajumbledfashion.
Strict guidelines should be
introduced with respect tosharing of passwords orproviding authentication to aperson other than to whomthepasswordisissued.Inthehigher levels of theorganization, the nature ofdata accessible is of a moreconfidential variety, bothqualitatively andquantitatively. In suchsituations non-disclosureagreements may be put inplacebindingthehigherlevel
managerialstaff.
Anotherkey step tobe takenis to introduce a systemwhere the passwords areautomatically changed everytwoweeksandfreshonesaregeneratedinitsplace.
Bio-metricscanners
It is a given fact that nomatter how many safetymeasuresyouinstallinplace,when it comes to passwords,
the threats can never becompletely ruled out. Manycomputer security specialistsbelieve that the best way todeal with this situation is tominimize the use of thepasswords and in their place,establish other forms ofemployee specific securitymeasuressuchassmartcardstoaccessindividualcomputersystems and finger printscanners and retinal scannersto gain entry into server
rooms, data storage roomsetc. These devices are not asprone to breaches aspasswords due to the simplefact that a second partycannotimpersonatetheactualuserandenterthesystem.
Anti-virusandanti-spywaresoftware
The basics of safeguardingagainst malicious virus
attacks and spyware are thesame when it comes to apersonal laptop or a largenetworkofsystems.Itisonlythe scale of operations thatdiffer. In case of largeorganizations, efficient anti-virus and anti-spywaresoftwarehavingawideambitof operations must beinstalled. The software mustbe able to tackle threats of awide variety from simplereconnaissancebugstoall-out
hacking codes. In addition todetection of viruses, it mustalso be capable ofquarantining infected filesand keeping them isolatedfromtheotherfiles.
Physicalsecurityofthepremises
When it comes to computersecurity and protection
against hacking, corporationstendtoignoretheverysimplefact that unless the officepremises are properlyguarded and secured at alltimes, all the internalsoftware security measuresshallbeinvain.Ifthesystemis exposed to threats frominside due to lack of properhardware security, thenetwork can be easilybreached.
There should be continuousmonitoring of people whohave access to computersanywhereintheorganization.The inflow and outflow ofpeople into the premisesshould be recorded anddocumented. Care should betaken to ensure that, visitorsshouldnotbeallowedaccess
to computer systems underany circumstances. And last,it should be ensured that theoffice premises are underroundtheclocksecurity.
Awarenesscampaigns
All the precautions taken bythe organization and the
safety measures andprocedures set in place shallnot prove to be effectiveunless the employees, rightfrom the high level ones tothelowlevelmaintenanceareaware of the gravity of thethreat posed by hacking,viruses and other maliciousactivities.Employeesfromalllevels of security clearancesmust be aware of theimportance of secured andbreachfreesystemsand their
roleinensuringthesame.
Awareness campaigns anddrills must be held on aregular basis, where theemployees are trained on thebasicsecuritymeasures tobeobservedandabidedbythem.They should be acquainted
with the anti-virus and anti-spywaresoftwareinstalledbythe organization. And morethaneverything,asaresultofthe campaigns, they shouldrealize that they all play animportantpartinmakingsurethat theirsystemsand in turnthe network does not comeunder the threat of beinghacked.
Chapter 5: FewGeneral Tips OfComputerSafety
Bynowyoumustbehavingafair idea about the variousfacets of hacking and theguidelines for ensuring basic
safety to your personalcomputers and also to largescale, computer networks.Given below are somegeneraltipsthatyoucankeepinmind to avoid fallingpreytothethreatofhacking.
➢Neveropenmailsfromunknownsourcesand moreimportantly,do notever
downloadtheattachmentsto yoursystem.
➢Alwaysengage insafe
browsing.Avoidvisitingwebsitesthat yoususpectofhavingmalware.
➢Wheninstallinga newprogram,makesurethat theoldprogramiscompletelyuninstalledbeforeyoubegininstalling
the filespertainingto thenewone.
➢Withrespect towhateverprograms
andsoftwareyou havein yoursystem,ensurethat theyareupdatedto thelatestversionpossible.
➢ Ifyou areone ofthosework-at-homeprofessionals,do nothesitatetoenlist the
servicesof aprofessionalfirm ofcomputersecurityexperts tokeepyoursystemandnetworkwellguarded.
➢ Donot replyto chatroominvitationsandmessagesfrompeoplewhom
you don'tknow orwhoseauthenticityyoususpect.
➢Alwayskeep a
back upof yourfiles andinformationin aseparateexternalsourcethat iskeptsecure.
➢Manycomputersecurityexpertsbelievethatwhilebrowsingtheinternet,itisbetter
to useMozillaFirefoxbrowserthanInternetExplorer.Firefoxprovidesbetterinbuiltsecurityfeaturesthanother
browsers.
➢Deactivatefeaturessuch asJava,Active Xetc inyour
browser,when notinuse.
➢ Asmentionedearlier inthis book,shift to
operatingsystemslikeMacintoshor Linuxif you arecomfortablewith theiroperation.Theincidenceofhackingin
computersusingtheseoperatingsystemsisvery lesscomparedto thevastlymorepopularWindows.
➢ Thelast andoftenoverlookedtip - turnoff yourcomputerwhen notinuse.Donot keep
yourcomputerin sleepmode andleaveyourworkstationfor morethantwentyminutes.It isimpossibleto hack
into asystemwhich isnotswitchedon.
Conclusion
By now you must having agoodideaaboutwhathackingis and what will be theconsequences if your system
is attacked by an external orinternal party. But fear not,simplyfollowtheinstructionsand guidelines provided inthisbookandyoucanberestassured that your system iswellprotected.
Although we have explained
alltheconceptshereinaverylucid and comprehensiblefashion, putting themall intopracticemay sometimes be abit tough.Donot think twicebefore seeking help fromprofessional securityspecialists if you feel all thisisabittootechnicalforyou.
And please note that theworldofcomputersisaneverchanging and advancing one.The more advanced thehackers become, the moreeffective should be yourdefensive mechanisms.Always keep your softwareandsystemupdated.
Thank you again fordownloadingthiseBookandIhope you enjoyed theinformationshared.
Free Bonus Video:TopHackerShoesUsHowItsDone
Here is a great video,showing how almostevery secure networkis vulnerable from atophacker.
Bonus Video:https://www.youtube.com/watch?v=hqKafI7Amd8
Checkout My OtherBooks
•http://www.amazon.com/Apps-
Design-Development-Made-Simple-ebook/dp/B00UEMM5X4/ref=sr_1_9?s=digital-text&ie=UTF8&qid=1427558209&sr=1-9&keywords=apps
TableofContents
IntroductionChapter 1: Hacking - AnOverview
Chapter 2: PenetrationTesting
Chapter 3: Basic SecurityGuidelines
Chapter 4: SecurityGuidelinesForOfficesAndOrganizations
Chapter5:FewGeneralTipsOfComputerSafety
Conclusion