Manuals / HP / Computer Equipment / Printer

HP Norton Personal Firewall 2003 manual Information gathering

Models: Norton Personal Firewall 2003

1 151
Download 151 pages 44.7 Kb
Page 126
Image 126

126

Understanding Internet risks

Risks from hackers

1Initial access

The hacker exploits a vulnerability found during information gathering and establishes an entry point into your computer.

1Privilege escalation

The hacker gains access to more programs and services on your computer.

1Covering tracks

The hacker hides or removes evidence of the intrusion, sometimes leaving an entry point open for return.

Information gathering

The first step in information gathering is acquiring a target. A hacker can choose a person or company to attack, or search the Internet for an unprotected target that will be easy to hack. The amount of information available about you on the Internet is directly related to your level of Web presence. If you have a domain name and a Web site, more information is publicly available than would be if you only had an email address.

If a hacker has chosen a specific target, such as a company or organization, many resources on the Internet assist in gathering information. Using the Internet, a hacker can learn a lot about a potential target. Given a domain name, it’s easy to find out the name and address of the owner, as well as the name and phone number of the administrative and technical contacts. While this information usually can’t be used directly to attack a network or computer, it can be used to gather more information.

If a hacker doesn’t have a specific target in mind, many tools are available for scanning the Internet and finding possible targets. The simplest scan is a ping scan, which can quickly scan thousands of computers. The hacker uses a program to ping computers at a series of IP addresses. A response tells the hacker that a computer exists at an IP address. When Norton Personal Firewall is running, your computer is hidden from ping scans because your computer does not respond. The hacker does not learn that there is a computer at your IP address by pinging it.

Port scans are more comprehensive and are usually performed on single computers. A port scan can tell a hacker which services are running, such as HTTP and FTP. Each service that is running provides a potential entry point for the hacker. On unprotected computers, unused ports respond that they are closed, telling the hacker that a computer exists at that IP address. Norton Personal Firewall does not respond to scans of unused ports, giving them a stealth appearance.

Page 125 Page 127
Page 126
Image 126
HP Norton Personal Firewall 2003 manual Information gathering
Page 125 Page 127