Maintaining Access Once a hacker gains access to the target system, the attacker can choose to use both the system and its resources, and further use the system as a “launch pad” to scan and exploit other systems, or to keep a low profile and continue exploiting the original target system. Both these strategies can damage the organization. For instance, the hacker can implement a “sniffer” to capture all network traffic, including telnet and ftp sessions with other systems. Attackers who choose to remain undetected remove evidence of their entry and then use a backdoor or a Trojan to gain repeat access or install rootkits at the kernel level to gain super user access. The reason behind this is that rootkits gain access at the operating systems level while a Trojan horse gains access at the application level. Both rootkits and Trojans depend on users, to service and run as Local System, which has administrative access Hackers can use Trojan horses to transfer user names, passwords, and even credit card information stored on the system. They can also maintain control over “their” system for an extended period of time by “hardening” the system against other hackers—a process that sometimes, ironically, provides the system with some degree of protection against other attackers—and then use their access to steal data, consume CUP cycles, trade sensitive information, or even resort to extortion. In their defense against such thievery, organizations can use intrusion detection systems or deploy honeypots and honeynets to detect intruders. The latter, though, is not recommended unless the organization has the required security professional to leverage the concept for protection.
Posted on: Mon, 11 Nov 2013 12:12:42 +0000
Trending Topics
Recently Viewed Topics
© 2015