- Great Painters
- Accounting
- Fundamentals of Law
- Marketing
- Shorthand
- Concept Cars
- Videogames
- The World of Sports

- Blogs
- Free Software
- Google
- My Computer

- PHP Language and Applications
- Wikipedia
- Windows Vista

- Education
- Masterpieces of English Literature
- American English

- English Dictionaries
- The English Language

- Medical Emergencies
- The Theory of Memory
- The Beatles
- Dances
- Microphones
- Musical Notation
- Music Instruments
- Batteries
- Nanotechnology
- Cosmetics
- Diets
- Vegetarianism and Veganism
- Christmas Traditions
- Animals

- Fruits And Vegetables


  1. Adobe Reader
  2. Adware
  3. Altavista
  4. AOL
  5. Apple Macintosh
  6. Application software
  7. Arrow key
  8. Artificial Intelligence
  9. ASCII
  10. Assembly language
  11. Automatic translation
  12. Avatar
  13. Babylon
  14. Bandwidth
  15. Bit
  16. BitTorrent
  17. Black hat
  18. Blog
  19. Bluetooth
  20. Bulletin board system
  21. Byte
  22. Cache memory
  23. Celeron
  24. Central processing unit
  25. Chat room
  26. Client
  27. Command line interface
  28. Compiler
  29. Computer
  30. Computer bus
  31. Computer card
  32. Computer display
  33. Computer file
  34. Computer games
  35. Computer graphics
  36. Computer hardware
  37. Computer keyboard
  38. Computer networking
  39. Computer printer
  40. Computer program
  41. Computer programmer
  42. Computer science
  43. Computer security
  44. Computer software
  45. Computer storage
  46. Computer system
  47. Computer terminal
  48. Computer virus
  49. Computing
  50. Conference call
  51. Context menu
  52. Creative commons
  53. Creative Commons License
  54. Creative Technology
  55. Cursor
  56. Data
  57. Database
  58. Data storage device
  59. Debuggers
  60. Demo
  61. Desktop computer
  62. Digital divide
  63. Discussion groups
  64. DNS server
  65. Domain name
  66. DOS
  67. Download
  68. Download manager
  69. DVD-ROM
  70. DVD-RW
  71. E-mail
  72. E-mail spam
  73. File Transfer Protocol
  74. Firewall
  75. Firmware
  76. Flash memory
  77. Floppy disk drive
  78. GNU
  79. GNU General Public License
  80. GNU Project
  81. Google
  82. Google AdWords
  83. Google bomb
  84. Graphics
  85. Graphics card
  86. Hacker
  87. Hacker culture
  88. Hard disk
  89. High-level programming language
  90. Home computer
  91. HTML
  92. Hyperlink
  93. IBM
  94. Image processing
  95. Image scanner
  96. Instant messaging
  97. Instruction
  98. Intel
  99. Intel Core 2
  100. Interface
  101. Internet
  102. Internet bot
  103. Internet Explorer
  104. Internet protocols
  105. Internet service provider
  106. Interoperability
  107. IP addresses
  108. IPod
  109. Joystick
  110. JPEG
  111. Keyword
  112. Laptop computer
  113. Linux
  114. Linux kernel
  115. Liquid crystal display
  116. List of file formats
  117. List of Google products
  118. Local area network
  119. Logitech
  120. Machine language
  121. Mac OS X
  122. Macromedia Flash
  123. Mainframe computer
  124. Malware
  125. Media center
  126. Media player
  127. Megabyte
  128. Microsoft
  129. Microsoft Windows
  130. Microsoft Word
  131. Mirror site
  132. Modem
  133. Motherboard
  134. Mouse
  135. Mouse pad
  136. Mozilla Firefox
  137. Mp3
  138. MPEG
  139. MPEG-4
  140. Multimedia
  141. Musical Instrument Digital Interface
  142. Netscape
  143. Network card
  144. News ticker
  145. Office suite
  146. Online auction
  147. Online chat
  148. Open Directory Project
  149. Open source
  150. Open source software
  151. Opera
  152. Operating system
  153. Optical character recognition
  154. Optical disc
  155. output
  156. PageRank
  157. Password
  158. Pay-per-click
  159. PC speaker
  160. Peer-to-peer
  161. Pentium
  162. Peripheral
  163. Personal computer
  164. Personal digital assistant
  165. Phishing
  166. Pirated software
  167. Podcasting
  168. Pointing device
  169. POP3
  170. Programming language
  171. QuickTime
  172. Random access memory
  173. Routers
  174. Safari
  175. Scalability
  176. Scrollbar
  177. Scrolling
  178. Scroll wheel
  179. Search engine
  180. Security cracking
  181. Server
  182. Simple Mail Transfer Protocol
  183. Skype
  184. Social software
  185. Software bug
  186. Software cracker
  187. Software library
  188. Software utility
  189. Solaris Operating Environment
  190. Sound Blaster
  191. Soundcard
  192. Spam
  193. Spamdexing
  194. Spam in blogs
  195. Speech recognition
  196. Spoofing attack
  197. Spreadsheet
  198. Spyware
  199. Streaming media
  200. Supercomputer
  201. Tablet computer
  202. Telecommunications
  203. Text messaging
  204. Trackball
  205. Trojan horse
  206. TV card
  207. Unicode
  208. Uniform Resource Identifier
  209. Unix
  210. URL redirection
  211. USB flash drive
  212. USB port
  213. User interface
  214. Vlog
  215. Voice over IP
  216. Warez
  217. Wearable computer
  218. Web application
  219. Web banner
  220. Web browser
  221. Web crawler
  222. Web directories
  223. Web indexing
  224. Webmail
  225. Web page
  226. Website
  227. Wiki
  228. Wikipedia
  229. WIMP
  230. Windows CE
  231. Windows key
  232. Windows Media Player
  233. Windows Vista
  234. Word processor
  235. World Wide Web
  236. Worm
  237. XML
  238. X Window System
  239. Yahoo
  240. Zombie computer

This article is from:

All text is available under the terms of the GNU Free Documentation License: 

Hacker (computer security)

From Wikipedia, the free encyclopedia

(Redirected from Security cracking)
See also: Hacker

Hacker in a security context refers to a type of computer hacker who is involved in computer security/insecurity and is able to exploit systems or gain unauthorized access through skills, tactics and detailed knowledge.

In the most common general usage, "hacker" refers to a black-hat hacker (a malicious or criminal hacker). There are also ethical hackers (more commonly referred to as white hats), and ethically ambiguous grey hats. The terms for these subcategories are not in the same general use.


Similar, synonymous and related terms, which are not mutually exclusive, or universally accepted:

  • Hacker may mean simply a person with mastery of computers; however the mass media most often uses "hacker" as synonymous with a (usually criminal) computer intruder. See hacker, and Hacker definition controversy.
  • White hat: An ethical hacker who breaks security but who does so for altruistic or at least non-malicious reasons. White hats generally have a clearly defined code of ethics, and will often attempt to work with a manufacturer or owner to improve discovered security weaknesses, although many reserve the implicit or explicit threat of public disclosure after a "reasonable" time as a prod to ensure timely response from a corporate entity. The term is also used to describe hackers who work to deliberately design and code more secure systems. To white hats, the darker the hat, the more the ethics of the activity can be considered dubious. Conversely, black hats may claim the lighter the hat, the more the ethics of the activity are lost.
  • Grey hat: A hacker of ambiguous ethics and/or borderline legality, often frankly admitted.
  • Blue Hat: Refers to outside computer security consulting firms that are used to bug test a system prior to its launch, looking for exploits so they can be closed. The term has also been associated with a roughly annual security conference by Microsoft, the unofficial name coming from the blue color associated with Microsoft employee badges. Also see Big Blue.
  • Black Hat: Someone who subverts computer security without authorization or who uses technology (usually a computer or the Internet) for terrorism, vandalism, credit card fraud, identity theft, intellectual property theft, or many other types of crime. This can mean taking control of a remote computer through a network, or software cracking.
  • Cracker:
    1. A black hat hacker. Often used to differentiate black hat hackers and the general (positive) sense of hacker. The use of the term began to spread around 1983, probably introduced both due to similar phonetic sound and as construction from the historical slang of safe cracker. Also theorized by some to be a portmanteau of the words criminal and hacker.
    2. A security hacker who uses password cracking or brute force attacks. Related to the term safe cracker.
    3. A software cracker. A person specialized in working around copy protection mechanisms in software. Note that software crackers are not involved in exploiting networks, but copy protected software.
  • Script kiddie: A pejorative term for a computer intruder with little or no skill; a person who simply follows directions or uses a cook-book approach without fully understanding the meaning of the steps they are performing.
  • Hacktivist is a hacker who utilizes technology to announce a political message. Web vandalism is not necessarily hacktivism.

Common methods

There are several recurring tools of the trade used by computer criminals and security experts:

Security exploit
A prepared application that takes advantage of a known weakness.
Packet sniffer
An application that captures TCP/IP data packets, which can maliciously be used to capture passwords and other data while it is in transit either within the computer or over the network.
A toolkit for hiding the fact that a computer's security has been compromised. Root kits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.
Social engineering
Convincing other people to provide some form of information about a system, often under false premises. A blatant example would be asking someone for their password or account possibly over a beer or by posing as someone else. A more subtle example would be asking for promotional material or technical references about a company's systems, possibly posing as a journalist.
Trojan horse
These are programs designed so that they seem to do or be one thing, such as a legitimate software, but actually are or do another. They are not necessarily malicious programs. A trojan horse can be used to set up a back door in a computer system so that the intruder can return later and gain access. Viruses that fool a user into downloading and/or executing them by pretending to be useful applications are also sometimes called trojan horses. (The name refers to the horse from the Trojan War, with conceptually similar function of deceiving defenders into bringing an intruder inside.) See also Dialer.
A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Thus, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells.
Vulnerability scanner
A tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and it's version number. (Note that firewalls defend computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented.)
Like a virus, a worm is also a self-replicating program. The difference between a virus and a worm is that a worm does not create multiple copies of itself on one system: it propagates through computer networks. After the comparison between computer viruses and biological viruses, the obvious comparison here is to a bacterium. Many people conflate the terms "virus" and "worm", using them both to describe any self-propagating program. It is possible for a program to have the blunt characteristics of both a worm and a virus.

Security tools

  • Firewall (networking) In computing, a firewall is a piece of hardware and/or software which functions in a networked environment to prevent some communications forbidden by the security policy, analogous to the function of firewalls in building construction.
  • Intrusion Detection System (IDS), generally detects unwanted manipulations to systems. There are many different types of IDS, some of them are described here. The manipulations may take the form of attacks by skilled malicious hackers, or Script kiddies using automated tools.
  • Anti-virus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware).
  • Encryption is used to protect your message from the eyes of others. It can be done in several ways by switching the characters around, replacing characters with others, and even removing characters from the message. These have to be used in combination to make the encryption secure enough, that is to say, sufficiently difficult to crack.
  • Authorization restricts access to a computer to group of users through the use of authentication systems. These systems can protect either the whole computer - such as through an interactive logon screen - or individual services, such as an FTP server.
  • Vulnerability scanner and port scanner tool used to quickly check computers on a network for known weaknesses and ports available to access a computer over a network.

Notable intruders and criminal hackers

  • Jonathan James (also known as comrade) was most notably recognized for the theft of software which controlled the International Space Station's life sustaining elements, as well as intercepting dozens of electronic messages relating to U.S. nuclear activities from the Department of Defense
  • Mark Abene (also known as Phiber Optik) — Inspired thousands of teenagers around the country to "study" the internal workings of the United States phone system. One of the founders of the Masters of Deception group.
  • Dark Avenger — Bulgarian virus writer that invented polymorphic code in 1992 as a mean to circumvent the type of pattern recognition used by Anti-virus software, and nowadays also intrusion detection systems.
  • John Draper (also known as Captain Crunch) — Draper is widely credited with evangelizing the use of the 2600 hertz tone generated by whistles distributed in Captain Crunch cereal boxes in the 1970s, and sometimes inaccurately credited with discovering their use. Draper served time in prison for his work, and is believed to have introduced Steve Wozniak to phone phreaking through the 2600hz tone. Draper now develops anti-spam and security software.
  • Markus Hess — A West German, he hacked into United States Military sites and collected information for the KGB; he was eventually tracked down by Clifford Stoll.
  • Roberto Baroni Italian Ethical Hacker '90s.
  • Adrian Lamo — Lamo surrendered to federal authorities in 2003 after a brief manhunt, and was charged with nontechnical but surprisingly successful intrusions into computer systems at Microsoft, The New York Times, Lexis-Nexis, MCI WorldCom, SBC, Yahoo!, and others. His methods were controversial, and his full-disclosure-by-media practices led some to assert that he was publicity-motivated.
  • Vladimir Levin — This mathematician allegedly masterminded the Russian hacker gang that tricked Citibank's computers into spitting out $10 million. To this day, the method used is unknown.
  • Kevin Mitnick — Held in jail without bail for a long period of time. Inspired the Free Kevin movement. Once "the most wanted man in cyberspace", Mitnick went on to be a prolific public speaker, author, and media personality. Mitnick Security Consulting, LLC is a full-service information security consulting firm. Founded by Kevin Mitnick, Mitnick Security Consulting offers a comprehensive range of services to help businesses protect their valuable assets.
  • Robert Tappan Morris — In 1988 while a graduate student at Cornell University, Morris was the creator of the first worm, Morris Worm, which used buffer overflows to propagate. He is the son of Robert Morris, the former chief scientist at the National Computer Security Center, a division of the National Security Agency (NSA).
  • Nahshon Even-Chaim (also known as Phoenix) — Leading member of Australian hacking group The Realm. Targeted US defence and nuclear research computer systems in late 1980s until his capture by Australian Federal Police in 1990. He and fellow Realm members Electron and Nom were the world's first computer intruders prosecuted based on evidence gathered from remote computer intercept.
  • Kevin Poulsen — In 1990 Poulsen took over all telephone lines going into Los Angeles area radio station KIIS-FM to win an automobile in a call-in contest. Poulsen went on to a career in journalism, including several years as editorial director at SecurityFocus.
  • David L. Smith — In 1999 Smith launched the Melissa Worm, causing $80 million dollars worth of damage to businesses. Originally sentenced to 40 years, he eventually served only 20 months when he agreed to work undercover for the FBI.
  • Craig Neidorf — In 1990, Neidorf (a co-founder of Phrack) was prosecuted for stealing the E911 document from BellSouth and publicly distributing it online. BellSouth claimed that the document was worth $80,000; they dropped the charges after it was revealed that copies of the document could simply be ordered for a minuscule $13.

Notable Security Hackers

  • Eric Corley (also known as Emmanuel Goldstein) — Long standing publisher of 2600: The Hacker Quarterly and founder of the H.O.P.E. conferences. He has been part of the hacker community since the late '70s.
  • Fyodor — The author of Nmap and STC.
  • Roberto Baroni Italian Ethical Hacker '90s.
  • Johan "Julf" Helsingius — Operated the world's most popular anonymous remailer, the Penet remailer (called, until he closed up shop in September 1996.
  • Tsutomu Shimomura — Shimomura helped catch Kevin Mitnick, the United States' most infamous computer intruder, in early 1994. He is the co-author of a book about the Mitnick case, Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw-By the Man Who Did It (ISBN 0-7868-8913-6).
  • Solar Designer — Founder of the Openwall Project.
  • Michał Zalewski (lcamtuf) — Prominent security researcher.
  • Farid Essebar — (also known as Diabl0), the creator of Zotob

Hacker conferences

Hacker cons have drawn more and more people every year including SummerCon (Summer), DEF CON, HoHoCon (Christmas), PumpCon (Halloween), H.O.P.E. (Hackers on Planet Earth) and HEU (Hacking at the End of the Universe).

See also

  • Hacker definition controversy
  • Hacker
  • White hat
  • Grey hat
  • Black hat
  • Computer security
  • Computer insecurity
  • System administrator
  • Computer crime
  • Biohacker
  • Hacking/Carding in the Philippines

Movies about fictional hackers

  • Antitrust
  • Hackers
  • Enemy of the State
  • WarGames
  • Sneakers
  • Swordfish
  • The Net
  • The Matrix series
  • Firewall

Related literature

  • Clifford Stoll (1990). The Cuckoo’s Egg. The Bodley Head Ltd. ISBN 0-370-31433-6.
  • Code Hacking: A Developer's Guide to Network Security by Richard Conway, Julian Cordingley
  • Kevin Beaver. Hacking For Dummies.
  • Katie Hafner & John Markoff (1991). Cyberpunk: Outlaws and Hackers on the Computer Frontier. Simon & Schuster. ISBN 0-671-68322-5.
  • David H. Freeman & Charles C. Mann (1997). @ Large: The Strange Case of the World’s Biggest Internet Invasion. Simon & Schuster. ISBN 0-684-82464-7.
  • Suelette Dreyfus (1997). Underground: Tales of Hacking, Madness and Obsession on the Electronic Frontier. Mandarin. ISBN 1-86330-595-5.
  • Bill Apro & Graeme Hammond (2005). Hackers: The Hunt for Australia’s Most Infamous Computer Cracker. Five Mile Press. ISBN 1-74124-722-5.

Network Security

  • Stuart McClure, Joel Scambray & George Kurtz (1999). Hacking Exposed. Mcgraw-Hill. ISBN 0-07-212127-0.


  • "2600: The Hacker Quarterly"
  • "Hakin9"
  • "Binary Revolution Magazine 2006"
  • "Blacklisted 411"
Retrieved from ""