The 6 Most Famous Hackers In The World!!!

In the world, we can meet a lot of hacker and cracker. But most of us didn't know who "the most famous hacker". Here is list of 6 most famous hacker in the world :

Vladimir Levin

His claim to fame is that this mathematician who graduated from St. Petersburg Tekhnologichesky University was the brain behind the Russian hacker gang that cheated Citibank's computers into giving out $10 million. Although his first use of a computer is unknown Vladimir was allegedly using his office computer at AO Saturn, a computer firm in St. Petersburg, Russia, to break into Citibank computers.

Vladimir Levin was arrested at the Heathrow airport in 1995. Tools used by him included computer, computer games and disks, a camcorder, music speakers and a TV set all of which were found by the Russian police at his apartment. During his trial, Levin alleged that one of his defence lawyers was actually an FBI agent.

Johan Helsingius

He was known to run the world's most popular remailer programme called penet.fi.

Surprisingly, this remailer, the busiest in the world, was run on an ordinary 486 with a 200-megabyte hard drive. His other idiosyncrasy was that he never tried to remain anonymous.

The Finnish police raided Johan in 1995 due to a complaint by the Church of Scientology that a penet.fi customer was posting the "church's" secrets on the Net. At that time Johan had to abandon the remailer.

Kevin Mitnick

Kevin Mitnick alias on the Net was Condor. As a teenager Kevin Mitnick could not afford his own computer. He would therefore go to a Radio Shack store and use the models kept there for demonstration to dial into other computers.

One of the unusual things about Mitnick was that he used the Internet Relay Chat (IRC) to send messages to his friends. A judge sentenced him to one year in a residential treatment center. There, Kevin enrolled in a 12-step program to rid him of what the judge also termed his "computer addiction". Mitnick was immortalized when he became the first hacker to have his face put on an FBI "most wanted" poster. His repeated offences - and an image of a teenage hacker who refused to grow up - made him The Lost Boy of Cyberspace.

Robert Morris

He was known to the Internet community as "rtm". But he was distinguished by much more than his fame as a hacker. He was the son of the chief scientist at the National Computer Security Center -- part of the National Security Agency (NSA), USA. In addition, this graduate from Cornell University rocketed to fame because of the Internet worm, which he unleashed in 1988, practically maiming the fledgling Internet. Thousands of computers were infected and subsequently crashed. Suddenly, the term "hacker" became common in every household in America.

Surprisingly, Robert's father is to be held responsible for introducing him to the world of computers. He brought the original Enigma cryptographic machines home from the NSA. Later, as a teenager, Morris was recognized as a star user at the Bell Labs network where he had an account. This recognition was due to his earlier forays into hacking.

Dennis Ritchie and Ken Thompson

He was also known as dmr and Ken were the legendary coders who designed the UNIX

system for mini-computers in 1969.
They were the creative geniuses behind Bell Labs' computer science operating group. UNIX really helped users and soon became a standard language. One of the tools used by them included Plan 9, the next-generation operating system, created after UNIX by Rob Pike, their colleague at bell Labs. Dennis also has the distinction of being the author of the C programming language.

How Cyber Crime Work ?

Unauthorised access would therefore mean any kind of access without the permission of either the rightful owner or the person in charge of a computer, computer system or computer network. Thus not only would accessing a server by cracking its password authentication system be unauthorised access, switching on a computer system without the permission of the person in charge of such a computer system would also be unauthorised access. Packet sniffing, tempest attack, password cracking and buffer overflow are common techniques used for unauthorised access.

Packet Sniffing

Packet Sniffing is a technology used by crackers and forensics experts alike. To understand 'Sniffing' the need is to first understand the basics of data transmission. Its a known fact that data travels in the form of packets on networks. These packets, also referred to as data-grams, are of various sizes depending on the network bandwidth as well as amount of data being carried in the packet in the measure of bytes. Each packet has an identification label also called a 'header'. The header carries information of the source, destination, protocol, size of packet, total number of packets in sequence and the unique number of the packet. The data carried by the packet is in an encrypted format, not as much for the sake of security as for the sake of convenience in transmitting the data. This cipher text (encrypted form) is also known as the hex of the data. When a person say 'A' sends a file to 'B' the data in the file gets converted into hex and gets broken into lots of packets finally headers are attached to all packets and the data is ready for transmission.

When being transmitted, the packets travel through a number of layers (Open Systems Interconnection (OSI) Model). Amongst theses layers, the network layer is responsible for preparing the packet for transmission. This is the level where most hackers and adversaries like to attack knowing that the packets are usually not secured and are prone to spoofing and sniffing attacks.

Now when an adversary (a person trying to hack into a system) to the whole process -'C' wishes to intercept the transmission between 'A' and 'B', he would have intercept the data packets and then go on to translate them back from hex to the actual data. For doing this he would normally use a technology called "Packet Sniffing". When he uses this technology he is able to intercept all or some of the packets leaving the victim (sender) computer. The same deception can also be practiced at the point of the intended recipient of the message before it can actually receive the packets.

To use the sniffing technology the adversary only needs to know the IP address e.g. (202.13.174.171) of either of the parties involved in the communication. He would then instruct the sniffer to apply itself to the network layer of the victim IP address. From then on, all packets leaving the IP address will be 'sniffed' by the Sniffer and the data that is being carried out will be reported to the adversary in the form of logs. The sniffed data would still be in the hex format however most Sniffers nowadays provide the facility of conversion of the stolen hex into actual human readable data, with varying amount of success. The sniffer can also be instructed to report only certain type of data, for example passwords that are traveling through the network. The Sniffer represents the network-computing equivalent of the telephone 'tap' that does not cause a disruption of the telephone connection but only listens in to the conversation being carried out surreptitiously, without anyone being the wiser. Similarly, the Sniffer, is invisible for anyone on either side of the network, since it does not steal data packets, it only screens them, copies the hex and then reformulates the hex into the original data for the adversary.
That is the reason the detection of most packet sniffers is next to impossible. Most firewalls that solely provide application level security are unable to discover the presence of any sniffers on the external wall of the network. The Sniffer attaches itself to the network devices like the modem or the Network Interface Card (NIC) that is used by the victim computer to send and receive data.

There are many commercially and conventionally available packet sniffers today, some which can freely be downloaded from the Internet. Some of the more famous ones are ADMsniff-v08, AntiSniff-101, anti_sniff_researchv1-1-2, esniff, ethereal and Spynet. Given below is a log file created by a packet sniffer called Spynet. This freely downloadable sniffer, like most others, gives the additional facility to users to convert the sniffed hex to data.
A Spynet log file:

No: 45 (Sequence number of specific packet) MAC source address: 12:54:35:700 Address on the Network card of sender) Protocol: HTTP (Hypertext Transfer Protocol) Source IP address: 203.113.174.171 (Senders IP address) Destination IP address: 16.15.244.132 (Receivers IP address) Source port: 80 (Port number used for sending the data) Destination port: 139 (Port number of the receivers computer) SEQ: 1312 (Total number of packets in the sequence)

ACK: 9918351 (Acknowledgement sent by the TCP) Packet size: 6950151 (Size of data packet in bytes)

Packet data: (Hex) ( Data)

0010: 1F B5 09 FB 00 00 00 00 01 00 6E 66 6F 72 6D 61
0020: 74 69 6F 6E 2E 20 0D 0D 50 72 6F 74 6F 63 6F 6C
0030: 73 20 6C 69 6B 65 3A 20 0D 0D 46 69 6C 65 20 54
0060: 72 61 6E 73 66 65 72 20 50 72 6F 74 6F 63 6F 6C
0070: 20 28 66 6F 72 20 75 70 6C 6F 61 64 69 6E 67 20
0080: 61 6E 64 20 64 6F 77 6E 6C 6F 61 64 69 6E 67 20
0090: 6F 66 20 69 6E 66 6F 72 6D 61 74 69 6F 6E 29 0D
00A0: 53 69 6D 70 6C 65 20 4D 61 69 6C 20 54 72 61 6E
00B0: 73 66 65 72 20 50 72 6F 74 6F 63 6F 6C 20 28 75
00C0: 73 65 64 20 66 6F 72 20 73 65 6E 64 69 6E 67 20
00D0: 2F 20 72 65 63 65 69 76 69 6E 67 20 65 6D 61 69
00E0: 6C 73 29 0D 54 65 6C 6E 65 74 20 50 72 6F 74 6F
00F0: 63 6F 6C 20 28 75 73 65 64 20 74 6F 20 63 6F 6E
0100: 6E 65 63 74 20 64 69 72 65 63 74 6C 79 20 74 6F
0110: 20 61 20 72 65 6D 6F 74 65 20 68 6F 73 74 29 0D

Tempest attack

Tempest is the ability to monitor electromagnetic emissions from computers in order to reconstruct the data. This allows remote monitoring of network cables or remotely viewing monitors.

The word TEMPEST is usually understood to stand for "Transient Electromagnetic Pulse Emanation Standard". There are some fonts that remove the high-frequency information, and thus severely reduce the ability to remotely view text on the screen. PGP also provides this option of using tempest resistant fonts. An appropriately equipped car can park near the target premises and remotely pick up all the keystrokes and messages displayed on the computer video screen. This would compromise all the passwords, messages, and so on. This attack can be thwarted by properly shielding computer equipment and network cabling so that they do not emit these signals.

Password cracking

A password is a type of authentication. It is a secret word or phrase that a user must know in order to gain access. A pass-phrase is a correspondingly larger secret consisting of multiple words. Passwords have been used since Roman times. The Romans were some of the first large armies where people didn't recognize each other by sight. In order to gain entry into the camp, a Roman soldier would have to know the secret password. Internal to the computer, password information is constantly being checked. If you were rqueried for the password each and every time, you would find that computer would become unusable. Therefore, the computer attempts to "cache" the password so that internal prompts during the same session do not cause external prompts to the user.

All systems cache passwords in memory during a login session. Therefore, if a hacker can gain access to all memory on the system, he/she can likely sift the memory for passwords. Likewise, hackers can frequently sift pagefiles for passwords. To crack a password means to decrypt a password, or to bypass a protection scheme. When the UNIX operating system was first developed, passwords were stored in the file "/etc/passwd". This file was readable by everyone, but the passwords were encrypted so that a user could not figure out what a person's password was. The passwords were encrypted in such a manner that a person could test a password to see if it was valid, but couldn't decrypt the entry. However, a program called "crack" was developed that would simply test all the words in the dictionary against the passwords in "/etc/passwd". This would find all user accounts whose passwords where chosen from the dictionary. Typical dictionaries also included people's names since a common practice is to choose a spouse or child's name. The sources of encrypted passwords typically include the following:

???/etc/passwd from a UNIX system
???SAM or SAM._ from a Windows NT system
???.pwl from a Windows 95/98 system
???sniffed challenge hashes from the network
The "crack" program is a useful tool for system administrators. By running the program on their own systems, they can quickly find users who have chosen weak passwords. In other words, it is a policy enforcement tool.

Password crackers are utilities that try to 'guess' passwords. One way, also known as a dictionary attack involves trying out all the words contained in a predefined dictionary of words. Ready-made dictionaries of millions of commonly used passwords can be freely downloaded from the Internet.

Another form of password cracking attack is 'brute force' attack. In this form of attack, all possible combinations of letters, numbers and symbols are tried out one by one till the password is found out. Brute force attacks take much longer than dictionary attacks.

Buffer overflow

Also known as buffer overrun, input overflow and unchecked buffer overflow, this is probably the most common way of breaking into a computer.

It involves input of excessive data into a computer. The excess data "overflows" into other areas of the computer's memory. This allows the hacker to insert executable code along with the input, thus enabling the hacker to break into the computer.

Free e-book

Get Free e-book here :

Free ebooks Software

Introduction to Cyber Crime

The first recorded cyber crime took place in the year 1820! That is not surprising considering the fact that the abacus, which is thought to be the earliest form of a computer, has been around since 3500 B.C. in India, Japan and China. The era of modern computers, however, began with the analytical engine of Charles Babbage.
In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom. This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened. They committed acts of sabotage to discourage Jacquard from further use of the new technology. This is the first recorded cyber crime!

Cyber crime is an evil having its origin in the growing dependence on computers in modern life. In a day and age when everything from microwave ovens and refrigerators to nuclear power plants is being run on computers, cyber crime has assumed rather sinister implications. Major cyber crimes in the recent past include the Citibank rip off. US $ 10 million were fraudulently transferred out of the bank and into a bank account in Switzerland. A Russian hacker group led by Vladimir Kevin, a renowned hacker, perpetrated the attack. The group compromised the bank's security systems. Vladimir was allegedly using his office computer at AO Saturn, a computer firm in St. Petersburg, Russia, to break into Citibank computers. He was finally arrested on Heathrow airport on his way to Switzerland
Cyber Crime is differentiate from "conventional crime". 166 Computer crime can involve criminal activities that are traditional in nature, such as theft, fraud, forgery, defamation and mischief, all of which are subject to the Indian Penal Code. The abuse of computers has also given birth to a gamut of new age crimes that are addressed by the Information Technology Act, 2000.
Defining cyber crimes, as "acts that are punishable by the Information Technology Act" would be unsuitable as the Indian Penal Code also covers many cyber crimes, such as email spoofing and cyber defamation, sending threatening emails etc. A simple yet sturdy definition of cyber crime would be "unlawful acts wherein the computer is either a tool or a target or both".
This kind of activity usually involves a modification of a conventional crime by using computers. Some examples are:

Financial crimes

This would include cheating, credit card frauds, money laundering etc. To cite a recent case, a website offered to sell Alphonso mangoes at a throwaway price. Distrusting such a transaction, very few people responded to or supplied the website with their credit card numbers

Cyber pornography

This would include pornographic websites; pornographic magazines produced using computers (to publish and print the material) and the Internet (to download and transmit pornographic pictures, photos, writings etc).In another incident, in Mumbai a Swiss couple would gather slum children and then would force them to appear for obscene photographs. They would then upload these photographs to websites specially designed for paedophiles. The Mumbai police arrested the couple for pornography.

Sale of illegal articles

This would include sale of narcotics, weapons and wildlife etc., by posting information on websites, auction websites, and bulletin boards or 167 simply by using email communication. E.g. many of the auction sites even in India are believed to be selling cocaine in the name of 'honey'.

Online gambling

There are millions of websites; all hosted on servers abroad, that offer online gambling. In fact, it is believed that many of these websites are actually fronts for money laundering.

Intellectual Property crimes

These include software piracy, copyright infringement, trademarks violations, theft of computer source code etc.

Email spoofing

A spoofed email is one that appears to originate from one source but actually has been sent from another source. E.g. Pooja has an e-mail address pooja@asianlaws.org. Her enemy, Sameer spoofs her e-mail and sends obscene messages to all her acquaintances. Since the e-mails appear to have originated from Pooja, her friends could take offence and relationships could be spoiled for life.

Forgery

Counterfeit currency notes, postage and revenue stamps, mark sheets etc can be forged using sophisticated computers, printers and scanners. Outside many colleges across India, one finds touts soliciting the sale of fake mark sheets or even certificates. These are made using computers, and high quality scanners and printers. In fact, this has becoming a booming business involving thousands of Rupees being given to student gangs in exchange for these bogus but authentic looking certificates.

Cyber Defamation

This occurs when defamation takes place with the help of computers and / or the Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information to all of that person's friends.

Cyber stalking

The Oxford dictionary defines stalking as "pursuing stealthily". Cyber stalking involves following a person's movements across the Internet by posting messages (sometimes threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented by the victim, constantly bombarding the victim with emails etc.

Grilled Meats Good For Dietician But Could Increase Cancer Risk - How to anticipate it ?

Grilled Meat Experts have said that those who live on grilled meats have an increased risk of developing cancer.

Elizabeth Schaub, a registered and licensed dietician on the medical staff at Baylor Regional Medical Center at Plano, has claimed that eating grilled meats too often can boost the chances of cancer.
"Grilling is a low-fat method of cooking. But we have to be aware that it can increase our risk of cancer if we eat grilled meats too often", says Schaub.

Schaub said that the juicy burgers, particularly the charred ones, are likely to contain cancer-causing carcinogens.When you grill meat some of the fat does drip down on to the charcoal and when fat meets that really high temperature it develops a carcinogen and the smoke carries the carcinogen back up to the meat which can be dangerous for our bodies.

However, Schaub suggested that one way to grill safer is to simply avoid burning or roasting meats. She said that cooking food longer at lower temperatures is best the best alternative in order to also cut down on carcinogens you can decrease the amount of time that the food is actually on the grill. Precook the meat in either the oven or the microwave then finish it up on the grill just to give it a little bit of crispness and a little bit of flavor. Skinless chicken or lean beef or pork, decreasing the amount of fat that’s able to drip down onto the coals also will decrease your carcinogens.

And finally, Schaub explained that its just meat cooked on the grill, not other foods, that can form cancer-causing chemicals. You really don’t get carcinogen development when you grill fruits and vegetables and those can be a nice, flavorful accompaniment to a low-fat piece of meat for a meal.

Menjebak Hacker - Gimana Caranya ???

Account Webmail adalah target utama hacker/cracker/phiser, bisa dikatakan account webmail adalah harta karun yang harus kita jaga baik-baik, jangan sampai orang lain tahu.

Jika webmail kita dihack, semua informasi penting termasuk login bank, administrasi situs, dan semua website yang berhubungan dengan webmail kita (yang menggunakan sistem kirim password ke email jika kita lupa) bisa-bisa dibobol juga.

Bahkan di dalam sebuah wawancara, seorang phisher mengaku bisa memperoleh ribuan dolar setiap harinya dengan membobol email account dan mengumpulkan informasi finansial yang berharga di dalamnya
[ http://find.pcworld.com/57837].

Masalahnya adalah kita tidak pernah tahu jika account webmail kita pernah dibobol atau tidak, kecuali jika kita sudah tidak bisa login memakai informasi password yang kita tentukan, yang berarti telah ada hacker yang masuk ke webmail kita dan merubah password webmail tersebut. Dan bisa saja sang hacker setelah membaca email kita kemudian menandainya sebagai belum terbaca (unread), yang kita tidak akan pernah sadar jika email tersebut telah dibaca orang.

Untuk mendeteksi kemungkinan dibobolnya email kita, bisa dengan menyelipkan script dari situs hit counter ke dalam email sehingga jika ada yang membukanya otomatis hit counter akan bertambah, seperti dibahas di
http://www.stuff.web.id/2007/08/tips-berburu-maling.html.

Sebagai alternatif, kita bisa membuat sendiri script PHP sederhana seperti berikut:

(?
/*
Alarm pendeteksi hacker untuk Webmail
By dktrooper/at/stuff.web.id
*/

putenv("TZ=SE Asian Standar Time/Jakarta");
$gmt_dif = +7; // Beda waktu dengan GMT
$timestamp = time() + 60*60*($gmt_dif); // Hitung jam
$date = date('F-j-Y', $timestamp);
$time = date('g:i a', $timestamp);
$fp = fopen('xlogs.txt','a');
fputs($fp, "IP: ".getenv('REMOTE_ADDR')."\nBROWSER: ".getenv('HTTP_USER_AGENT')."\nDATE: ". $date." ".$time."\n\n"); // Catat Log
fclose($fp);
?)

Ket : Tanda "( )" di atas harus diganti dengan "<>" agar menjadi mode PHP.

Simpan dengan nama access_logs.php. Buat file xlogs.txt (atur permisinya ke 777 sehingga bisa ditulisi oleh nobody) dan juga file htacces seperti di bawah:

RewriteEngine On
RewriteRule ^passwordku.html$ access_logs.php

Sehingga semua request ke passwordku.html akan diarahkan ke access_logs.php (mirip dengan trik yang saya terapkan dalam kasus detikinet
[http://www.stuff.web.id/2007/07/beware-of-hotlinking.html])

Ok, jebakan sudah, sekarang saatnya kita buat umpan. Tulis email dalam format html yang isinya daftar user+password palsu dan tambahkan skrip ini (dalam mode html):

(iframe src=" http://situs-anda.org/passwordku.html" frameborder="0" scrolling="no" style="display:none;")(/iframe)

Ket : Tanda "( )" di atas harus diganti dengan "<>" agar menjadi mode HTML.

Beri subject: "Password Penting" dan kirim ke email Anda sendiri (atau semua email yang perlu dimata-matai) Apabila format html tidak diperbolehkan, bisa pakai format teks biasa dan tambahkan http://situs-anda.org/passwordku.html, sehingga hacker akan tertarik dan mengunjungi halaman jebakan yang telah disiapkan.

Apabila ada yang membuka email atau link tersebut, maka hasil Lognya seperti berikut:

IP: x.x.x.x
BROWSER: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/419 (KHTML, like Gecko) Safari/419.3
DATE: August-08-2007 23:33 pm

Alternatif lain, selain mencatatnya ke file xlogs.txt, kita bisa mengirim log di atas ke email kita setiap ada yang mengakses file passwordku.html, dengan menambahkan beberapa baris skrip pada access_logs.php sehingga menjadi:

(?
/*
Alarm pendeteksi hacker untuk Webmail
By dktrooper/at/stuff.web.id
*/

putenv("TZ=SE Asian Standar Time/Jakarta");
$gmt_dif = +7; // Beda waktu dengan GMT
$timestamp = time() + 60*60*($gmt_dif); // Hitung jam
$date = date('F-j-Y', $timestamp);
$time = date('g:i a', $timestamp);
$fp = fopen('xlogs.txt','a');
fputs($fp, "IP: ".getenv('REMOTE_ADDR')."\nBROWSER: ".getenv('HTTP_USER_AGENT')."\nDATE: ". $date." ".$time."\n\n"); // Catat Log
fclose($fp);
mail("alamat@email.koe","Daftar hacker yang terdeteksi","IP: ".getenv('REMOTE_ADDR')."\nBROWSER: ".getenv('HTTP_USER_AGENT')."\nDATE: ". $date." ".$time."\n\n");
?)

Ket : Tanda "( )" di atas harus diganti dengan "<>" agar menjadi mode PHP.

Sebagai usaha pencegahan, jangan pernah menyimpan informasi rahasia dalam email, karena walaupun pelakunya bisa ketahuan, mungkin data-data penting atau bahkan account bank kita sudah diobok-obok terlebih dulu.

Mudah-mudahan bermanfaat.

Source: JASAKOM Information Center