Attackers And Vulnerabilities; A Quick History Of Hackers; Shades Of Grey - Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual

Chapter 2.

Attackers and Vulnerabilities

To plan and implement a good security strategy, first be aware of some of the issues which
determined, motivated attackers exploit to compromise systems. But before detailing these issues, the
terminology used when identifying an attacker must be defined.

2.1. A Quick History of Hackers

The modern meaning of the term hacker has origins dating back to the 1960s and the Massachusetts
Institute of Technology (MIT) Tech Model Railroad Club, which designed train sets of large scale
and intricate detail. Hacker was a name used for club members who discovered a clever trick or
workaround for a problem.
The term hacker has since come to describe everything from computer buffs to gifted programmers.
A common trait among most hackers is a willingness to explore in detail how computer systems and
networks function with little or no outside motivation. Open source software developers often consider
themselves and their colleagues to be hackers, and use the word as a term of respect.
Typically, hackers follow a form of the hacker ethic which dictates that the quest for information and
expertise is essential, and that sharing this knowledge is the hackers duty to the community. During
this quest for knowledge, some hackers enjoy the academic challenges of circumventing security
controls on computer systems. For this reason, the press often uses the term hacker to describe
those who illicitly access systems and networks with unscrupulous, malicious, or criminal intent. The
more accurate term for this type of computer hacker is cracker — a term created by hackers in the
mid-1980s to differentiate the two communities.

2.1.1. Shades of Grey

Within the community of individuals who find and exploit vulnerabilities in systems and networks are
several distinct groups. These groups are often described by the shade of hat that they "wear" when
performing their security investigations and this shade is indicative of their intent.
The white hat hacker is one who tests networks and systems to examine their performance and
determine how vulnerable they are to intrusion. Usually, white hat hackers crack their own systems
or the systems of a client who has specifically employed them for the purposes of security auditing.
Academic researchers and professional security consultants are two examples of white hat hackers.
A black hat hacker is synonymous with a cracker. In general, crackers are less focused on
programming and the academic side of breaking into systems. They often rely on available cracking
programs and exploit well known vulnerabilities in systems to uncover sensitive information for
personal gain or to inflict damage on the target system or network.
The grey hat hacker, on the other hand, has the skills and intent of a white hat hacker in most
situations but uses his knowledge for less than noble purposes on occasion. A grey hat hacker can be
thought of as a white hat hacker who wears a black hat at times to accomplish his own agenda.
Grey hat hackers typically subscribe to another form of the hacker ethic, which says it is acceptable to
break into systems as long as the hacker does not commit theft or breach confidentiality. Some would
argue, however, that the act of breaking into a system is in itself unethical.
Regardless of the intent of the intruder, it is important to know the weaknesses a cracker may likely
attempt to exploit. The remainder of the chapter focuses on these issues.
9