Nash Soneta

Wednesday 7 December 2011

What is hacking?
Hacking is unauthorized use of computer and network resources. (The term "hacker" originally meant a very gifted programmer. In recent years though, with easier access to multiple systems, it now has negative implications.)
    Hacking is a felony in the United States and most other countries. When it is done by request and under a contract between an ethical hacker and an organization, it's OK. The key difference is that the ethical hacker has authorization to probe the target.
    We work with IBM Consulting and its customers to design and execute thorough evaluations of their computer and network security. Depending on the evaluation they request (ranging from Web server probes to all-out attacks), we gather as much information as we can about the target from publicly available sources. As we learn more about the target, its subsidiaries and network connectivity, we begin to probe for weaknesses.
    Examples of weaknesses include poor configuration of Web servers, old or unpatched software, disabled security controls, and poorly chosen or default passwords. As we find and exploit vulnerabilities, we document if and how we gained access, as well as if anyone at the organization noticed. (In nearly all the cases, the Information Syhstems department is not informed of these planned attacks.) Then we work with the customer to address the issues we've discovered.
   The number of really gifted hackers in the world is very small, but there are lots of wannabes.... When we do an ethical hack, we could be holding the keys to that company once we gain access. It's too great a risk for our customers to be put in a compromising position. With access to so many systems and so much information, the temptation for a former hacker could be too great -- like a kid in an unattended candy store.

From the interview with Dr. Charles C. Palmer, IBM.
Source: Computer Crime Research Center
               http://www.crime-research.org/news/05.05.2004/241/
Cyber Ethics: Applying Old Values to a New Medium
An old adage tells us "Character is what you do when no one is watching."
So it is with the Internet. Online, people can feel invisible and capable of doing things they normally wouldn't do in person or in public - things that they know might be wrong. As the Internet becomes an indispensable tool for everyday life, it is more important than ever to dust off the concept of "citizenship" and apply it to the online world.
    Relatively new terms, "cybercitizenship", "cyber ethics", and "netiquette" refer to responsible cyber social behavior. These terms refer to what people do online when no one else is looking. As our kids go online in increasing numbers, cyber ethics is a critical lesson, especially since poor e-habits can start at an early age. Unfortunately, we are learning all too well that children armed with computers can be dangerous and cause serious damage and harm, regardless of whether they are being mischievous or trying to intentionally commit cybercrimes.
source: http://www.cybercitizenship.org/ethics/ethics.html
What is cyber crime???
Parents, teachers, non-profits, government, and industry have been working hard to protect kids online. However, we also need to think about protecting the Internet from kids who might abuse it.
The Department of Justice categorizes computer crime in three ways:
1.           The computer as a target - attacking the computers of others (spreading viruses is an example).
2.         The computer as a weapon - using a computer to commit "traditional crime" that we see in the physical world (such as fraud or illegal gambling).
3.         The computer as an accessory - using a computer as a "fancy filing cabinet" to store illegal or stolen information.
  Reports of alleged computer crime have been a hot news item of late. Especially alarming is the realization that many of the masterminds behind these criminal acts are mere kids. In fact, children no longer need to be highly skilled in order to execute cyber crimes. "Hacker tools" are easily available on the Net and, once downloaded, can be used by even novice computer users. This greatly expands the population of possible wrongdoers. Children (and in some cases - their parents) often think that shutting down or defacing Web sites or releasing network viruses are amusing pranks. Kids might not even realize that what they are doing is illegal. Still other kids might find themselves hanging out online with skilled hackers who share hacking tools with them and encourage them to do inappropriate things online. Unfortunately, some of these kids don't realize that they are committing crimes until it is too late. Even more distressing and difficult to combat is the fact that some in the media portray the computer criminal as a modern day Robin Hood. Nothing could be further from the truth.
   So what are cyber crimes? Can the law enforcement authorities find criminals online? How can you create context for your children to understand what cyber crimes are? The following information (and areas throughout the site) will help familiarize you with unethical and illegal online behavior. Additionally, to learn more about cyber crime, visit the Department of Justice Computer Crime & Intellectual Property Section's website at www.cybercrime.gov. The Computer Emergency Response Team (CERT) at www.cert.org and the National Infrastructure Protection Center at the FBI at www.infragard.net provides regularly updated information and descriptions of cyber crimes.

  


How to interpret S.M.A.R.T. data

Some attributes are flagged to be performance related, while other ones are related to the actual fitness of the drive. Some other attributes have no special relationship. It's up to the manufacturer to set flags and thresholds accordingly. Attribute values can range from 1 to 253. 0, 254 and 255 are invalid and should not be used. 253 is the highest value an attribute can assume and 100 is the initial value for any attribute prior to any data collection. Let's have a look at a sample report from a S.M.A.R.T. enabled hard disk:
  • Attribute id is 4 ("Start/stop count")
  • Value is 253
  • Worst value is 253
  • Threshold is 0
  • Raw value is 1324
Since the threshold was set by the device manufacturer to 0, it means this is an informational attribute. The raw value indicates how many times the hard disk was started and stopped. The value is set to 253, which means that the health related to this attribute is at its best, and the worst value set to 253 states that the drive was always reported to be healthy.



Now let's look at another attribute:
  • Attribute id is 5 ("Reallocated sector count")
  • Value is 253
  • Worst value is 253
  • Threshold is 63
  • Raw value is 0
This time, the threshold value shows that this attribute is strictly related to device reliability. If the value for this attribute reaches 63 or an even lower value, the drive is expected to fail soon. This is obvious, as modern hard disks do include an area with spare sectors that are normally unused, but where bad sectors can be transparently remapped when found. The amount of spare sectors is fixed and while they become less and less with new bad sectors being detected, this attribute is updated. The raw value shows the number of reallocated sectors. When they are 0, no bad sector was found and needed remapping. When this value is higher, some bad sectors were discovered. While the raw value is still low, there is no real threat to the hard disk reliability, but when that number grows, we should seriously consider a replacement for the drive. This all will be reflected by the synthetic value associated to this attribute. In this example, its value is 253, which means that everything is working perfectly when coming to reallocated sectors.

Now let's look at another sample for the same attribute, but from a different drive:
  • Attribute id is 5 ("Reallocated sector count")
  • Value is 85
  • Worst value is 85
  • Threshold is 63
  • Raw value is 37
This time the value is 85, which is less than 100 and even less than 253. This means that this attribute is not in perfect shape. Since the manufacturer set this threshold to 63, we can still assume the drive is working properly and will still work properly in the (near) future. Because of the nature of this attribute, the raw value is easy to decipher and we can try to infere something by reading it too. Keep in mind that this manufacturer decided that to a raw value of 37 corresponds a value of 85. Some other manufacturer might use different numbers. Since most IDE drives include 512 spare sectors, we can try to figure out how bad the situation is, but we should remember that this is something that is not directly stated by the S.M.A.R.T. data. In order to be sure that the raw value actually represents the number of reallocated sectors, we should read the product manual for the drive and we should do the same to be sure about the 512 value. What can be read from S.M.A.R.T. data is that the attribute whose id is 5 (we need not to know that it actually represents "Reallocated sector count") has a direct influence over reliability (we understand this because the threshold value is higher than 0), that it is somewhat degraded or not at its best (because its current value is lower than both 100 and 253) and that it is not failing. This example helps us to understand that the actual meaning for the threshold is not to show something that already failed, but something that is about to fail. If we assume that spare sectors are 512 and that the raw value represents the number of spare sectors currently used to remap bad sectors, we might expect to read a value that equals the threshold when the raw value reports, say, 300. This means that several bad sectors were spotted and that the drive manufacturer considers this as a significant evidence of a hard disk that is about to fail.


What are attributes, values and thresholds? 

 An attribute is something that a specific hard disk logic is able to analyze and report about. Every hard disk can include a different set of attributes. Every device manufacturer can publish some attribute based on its ability to report about it and on his knowledge that such an attribute is useful to decide about hard disk reliability over time. Every attribute can assume a value. Such values change over time. Higher values indicate a better health, while lower ones should be considered symptoms of something that either degraded or is degrading. Every attribute has a corresponding threshold. When an attribute value is the same as or lower than its threshold, the drive is considered to be failing S.M.A.R.T. status. A threshold of 255 means something that will alway fail and should only be used for test purposes. A threshold can be only be set to values from 1 to 253. 254 is forbidden and 0 means that the attribute the threshold is associated to should be considered only informational and that it has no direct influence over reliability. Every attribute stores the worst value it ever assumed and some raw data. Raw data is highly vendor specific and only specific tools find it really useful. It should be noted that some kind of silent agreement exists over raw values and some kind of standard might be assumed. According to S.M.A.R.T. specifications, no linearity is implied in attribute values, but since lower values mean worst conditions, even if linearity is not mandatory, it can be assumed as a first guess. It should be noted that a lot of things in S.M.A.R.T. specifications are left up to

What is S.M.A.R.T.?


S.M.A.R.T. is for Self-Monitoring, Analysis and Reporting Technology. First developed by Compaq, Hitachi, IBM, Maxtor, Quantum, Seagate, Toshiba and Western Digital, it has been adopted by almost every manufacturer. While a hard disk is running, its internal logic encounters events and reacts to them to fix unusual or unwanted situations. By keeping track of them, we can know that something sometimes didn't work fine with our hard disk. S.M.A.R.T. extends this philosophy by analyzing several parameters and reporting them. Data reported by S.M.A.R.T. can include the number of retries when transmitting data to the computer, the number of spare sectors that were used to replace bad ones, the number of times the hard disk has been started and stopped, the internal temperature and much more. S.M.A.R.T. relies on attributes, values and thresholds. Based on them, a hard disk might be about to fail.