“INTERNET USERS’ privacy is under threat, they may be watched, their personal data rerecorded and their system made to response using a remote computer without the knowledge of the owner,” said renowned hacker Ankit Fadia. He was speaking at a seminar on ‘Internet and Networking Security’ organised by Devi Ahilya Vishwa Vidyalaya (DAVV) at its Khandwa Road auditorium on Wednesday.
Fadia determined invasion of privacy on the net as a reality and biggest threat to innocent users. Drawing a scary picture, he said that billions of people use e-mail accounts for conversation, Google as the most noteworthy search engine, internet messengers for chatting and making virtual friends and anti-virus software to protect their computer systems without realising the inherent risk.
Information even of a personal nature that is not disclosed, just stored on the PC gets inadvertently watched, monitored, recorded and sometimes put to manipulative use. He said anyone tinkering with on-line information without permission is a ‘hacker’. A hacker is normally a good guy working in tandem with government agencies for the good of society and not pilfering data for the wrong reasons, while it is ‘crackers’ who are the bad guys and commit cyber crimes.
To be come a good hacker one needs knowledge of computer language, especially C++, has to be proficient in computer networking, must know the basics of UNIX and have a different of mindset by adopting different line of thinking/approach than normal. Having a criminal mindset known in layman terms as ‘hacking attitude’ is of utmost importance.
According to an FBI report, incidence of cyber crime has nearly doubled in recent years. Average persons having no secret information or government data are being made targets of attack thus leaving everyone vulnerable in the face of a cyber attack. The gravity of this can be understood from the recent and true example of a teenager in Russia hacking into NASA computers and altering the course of a space ship.
Hackers locate IP address, when sharing information on the net using ICQ protocol by simply asking for it on MS Dos Prompt as also when files are being routed through another server. Countermeasures include not accepting files, voice mails and other such posted articles from unknown senders. However, it has been found that mostly known persons - be they friend, relative or acquaintance - are the culprits.
Use of proxy servers like ‘multiproxy’ software tool, which help hide the identity of the actual user guaranteeing anonymity is a good idea when chatting. Filters maintain a list of URLs and block unwanted sites, which can be bypassed using anonymizer.com, anonymizer.ru and cooltunnle.com amongst many.
The IP address of an e-mail hacker can be traced from e-mail headers and by looking for the last sentence starting with key word ‘received’, which will have the IP address. Software like ‘NoTrace Professional’, cracks.com and cracks.ru trace path of IP address.
Trojans, which is remote controlled software, can be passed on to a computer through physical access, e-mail, CD and lately exe binders, which attach the Trojan with another file thus hiding its recognisable extension. The commonly used Trojans include netbus, girlfriend, orephus and sub7.
Technical team leader of Sansar Technologies Prabhat Shandilya levelled several allegations against Fadia and questioned him on nature of his seminars being more of cracking than hacking.
Shandilya later alleged before media persons that Fadia used the term ethical hacking, while himself differentiating it on the very basis of ethicality from cracking. He also alleged that openly showing how to hack websites, e-mail IDs, retrieve IP protocol, and the idea given for hacking into Tata Indicom in the name of getting free talktime for life and other such examples set a wrong precedent, give the wrong ideas and are in open violation of IT Act norms. The mute presence of police officials indicates that they have turned a deaf ear.
Fadia on his part claimed that hacking and the modes shown by him were within limits of ethicality and while it seemed very easy to break into anything in the demonstrations it was not that easy in reality. The presentation was pre-prepared in simulated environment and novices would not be able to tamper on-line.
DAVV Vice Chancellor Dr Rajkamal, IET HoD Dr Manohar Chandwani and other senior university officials kept mum on the allegations putting a question mark on the need for such programmes attended by computer science students, who by no means are novices and the role of the university in organising them.