IT Security
A virus represents the oldest form of malware and is by far the best known to the public. But what is a virus? What separates a virus from other forms of malware? How is a virus created, and how does it target its victim? This section explores these questions and how they affect you, the … Read more
malware is an extremely broad term that blankets a range of software packages. We can say that malware is anything that steals resources, time, identity, or just about anything else while it is in operation. In order to understand what malware is, let’s look at the major types before we delve deeper into the mechanics … Read more
Ethical hackers should be mindful of the web of laws that relates to the deployment and use of malware. Over the years, malware has been subjected to increasing legal attention as the technology has evolved from being harmless to much more malicious and expansive in its abilities. The creation and use of malware have led … Read more
Malware is a term that is frequently used but frequently misapplied, so let’s first clarify its meaning. The term malware is short for malicious software, which accurately explains what this class of software is designed to do: to perform malicious and disruptive actions. Simply put, malware is any type of software that performs actions without … Read more
Once you gain access to a system and obtain sufficient privileges, it’s time to compromise the system and carry out the attack. Which applications are executed at this point is up to the attacker, but they can either be custom-built applications or off-the-shelf software. An attacker executes different applications on a system with specific goals … Read more
Security Accounts Manager (SAM) Inside the Windows operating system is a database that stores security principals (accounts or any entity that can be authenticated). In the Microsoft world, these principals can be stored locally in a database known as the Security Accounts Manager (SAM). Credentials, passwords, and other account information are stored in this database; … Read more
Gathering information from a target is through the use of SMTP. This protocol is designed to send messages between servers that send and receive e-mail. SMTP is the standard used by the majority of e-mail servers and clients today. So how is this protocol used to gather information from a server? The process is quite … Read more
Another effective way to gather information about a network and the resources on it is through use of the Network Time Protocol (NTP). Before you look at how to exploit this protocol for information-gathering purposes, you need to understand what the protocol does and what purpose it serves. NTP is a protocol used to synchronize … Read more
The Lightweight Directory Access Protocol (LDAP) is used to interact with and organize databases. LDAP is very widely used due to the fact that it is an open standard that is used by a number of vendors in their own products—in many cases a directory service like Microsoft’s Active Directory. A directory is a database, … Read more
Linux and Unix systems are no different from Windows systems and can be enumerated as well. The difference lies in the tools and the approach. In this section you will take a look at a handful of the tools that have proven useful in exploring these systems. finger The finger command is designed to return … Read more