It's 10 O'Clock. Do You Know Where Your Hacker Is?

Ethical hackers. This remark seems to be incompatible with some, but other an important part of their IT strategy. Whatever your response to the concept of ethical hacking, everyone will agree that a person, authorized or not, is trying to break into your IT infrastructure.

"You want the good guys to find security holes before the bad guys doing so, and said:" Jack koziol, project managers, information security Research Institute, an organization This proves that security professionals. "If you have not done so, others - people will not have your side," he says.

Maintain this is not just evil "Someone." Arrested A successful acts - or even simply knowing that a breakthrough has occurred in or are being planned - too often have gone far beyond the technology scope, and many IT departments. To make matters worse, when a breakthrough is found, the majority of IT professionals do not know how to secure and preserve evidence necessary for forensic analysis and prosecution.

Enter the good guys Paul luehr hour before the computer crime prosecutor with the United States made a Ministry of Justice and the Federal Trade Committee. After September 11 incident, it is luehr responsible for overseeing the initial forensic investigation, computer evidence zacarias the convicted terrorist Moussaoui. He also prosecuted computer crimes committed on eBay, Best Buy Company and the parent Sachs Fifth Avenue .

Today, luehr Deputy General Counsel, stroz Friedberg, a law firm that excels in the use of forensic investigation, prosecution of cases. " Departments often threaten prosecution, because they are not familiar with the use of the Procedure and Evidence must catch up with the bad guys behind Internet cafes, "he says.

Matexierman, founder of the Legion of moral hackers (LEH), I believe concept is valid. He classified any authorization breakthrough for ethical hackers, to eliminate some confusion. "Hackers are basically neutral.

This is just one thing, and how you do. You do anything, it is a whole other matters " he said. Of course, water is a recognized breakthroughs, we all know how has turned out.

Therefore, these days, we proved to be good people, or people, we hope for good.

Koziol for information security, which means that operation of a wide range of background checks before teach students advanced technologies such as DNS hostname identify abuse, cache poisoning, crack the code, deception, and the SSL session hijacking and malicious log editing, just name a few things in the bag of tricks hackers only. He pointed out that students are often experienced IT professionals, from the larger companies take the next steps to protect their companies on the crown of one of the precious stones. Although thousands of people taken by these testing and certification, a hacker, or even confirm koziol only tests the technical ability - not a person behind ethics. Hes fast, but please note that information security has never heard of one of its certification hackers damage.

It can be a good line, however, the separation of government from enterprises, wearing a white hat hackers from those wearing black, in the Oliver Friedrichs, director of Symantec Security response. "Investigations have criminal records or prior abuse you only so far . After all, a successful attacker is a human managed to maintain invisible, "he argued.

Stereotypes invisible hackers - was sitting in his or her apartment around computers - "essentially true, said:" Gunter o llmann, IBM director of the Internet Security Systems X - and the threat of service.

His team is putting their own personal time, in order to improve their skills, he added.

Most of the groups meet regularly to exchange new tools and technology. "There are a lot of alcohol involved and burnout rate these people is very high, usually only 7:55 into alcoholics or burn themselves, "he said.

When hiring undergo X force, ollmann insisted on the election and technical degree.

Most from the physical sciences, rather than computer science. He candidate must have three to five years of multinational experience in the processing of infrastructure and breadth of types of attacks, or as security researchers and detailed understanding of how large organizations develop and deploy systems.

Not surprisingly, the employment of a "hacker direct experience" is generally sneer at the . "Our thinking is that a banks hiring of a convicted robber a security consultant.

Because he knows thats where the money is not justified, said: "luehr.

"This is not the image, the company should have no reasonable project, after all guys go." Currid Xie, a former director of its Fortune 100 companies and current president currid Cos IT strategy consultant, with a more reticent position. She is still cautious attitude, however, recruitment, from the dark side.

"It is impossible to learn a lot of things from these guys said:" currid. "I will be employed only on the basis of short-term projects. His full time, he will feel bored ", and patiently and boredom, she said, because it creates curiosity, This, in turn, breeds trouble.

Whether you call it moral or hacker infiltration tests, the bottom philosophy, looking for weak links in the initiative before the bad guys do is very Many survivors in IBMs Global Services unit. In the current online marketing materials for their ethical hacking services, IBM said its team members simulated real intruder attacks, in a controlled manner, "to tell you, they see How will you solve these problems. "Service is in a steep Price, although one position independent IBM Dehake Road will be set up to return to you as much as 45,000 US dollars.

Is worth the price? If the test found that the vulnerability of a destructive, and then Its almost priceless. By its very nature, though, any safety testing can be found only allocate it to look at.

"You must remember that no matter how good the tool, it could This is not only in the design, it is to do so, said:" 646, senior security safety engineering project manager in the group, and world-renowned Microsoft experts in the softwares security. "The nature of the threat is changing and the people behind these threats are more sophisticated than ever. Test is always one step behind, "he said.

Test In his landmark, the 2001 White Paper on the ethical hackers, Charles Palmer, manager of the Network Security and Cryptography of the Department of the IBM Thomas J. Watson Research Center identified six key areas of the test. Published only rise of social networking platforms, like MySpace and YouTube and thriving download music and video industries, the target list Palmer, seems to be positive clairvoyance Today: • Remote Network: a simulated attack hit the Internet perimeter firewall, filtering routers and network servers.

• Remote Dial-Up Networking: targeting certification program, the original idea attack modem pool. It has been updated to include channels provide external access to internal networks, including virtual private network.

• local network: This test employees or other authorized access from the periphery. Specific objectives include enterprise firewall, internal Web server, security measures and e-mail system.

• stolen laptop: Select key company employees, and he or she notebook computers, no advance notice, and give it to test.

Specific objectives, including passwords stored in remote access software, enterprise information assets, personnel information and customer data (whether or not its encrypted).

This is a favorite way leapfrog perimeter security, and obtained corporate Intranet full privileges.

• social engineering: These are not technical testing, but evaluation of personnel. Testing including telephone technical support, and requested for remote access or ongoing assistance at the scene to find lost, and asked where computer room is located. Update Internet life, other tests, including how to respond to the staff e-mail from impostors, regardless of whether they click on the link This may lead to websites and malicious software If they downloaded from the Internet multimedia This may contain embedded malicious software.

• physical access: This test instrumentation on-site safety, security guards, access control and monitoring, and safety awareness attempt access to the premises. Hackers may be trying to dig through the trash can through this cans in search of documents and the company logo.

Palmer concludes that: "regular audits, remain vigilant, intrusion detection systems good management practices and computer security awareness have The main components of an organizations security efforts "is just a failure, he said, can expose an organization to network damage and embarrassment, loss income, and / or litigation. As for the ethical hackers itself, but rather Palmer said that they would help any IT director better understanding of the organization necessary, they should be carefully Like watching.

Simple solution, zero cost In addition to testing stolen laptop circumstances, luehr also recommended that the choice of servers in the random whether the logging function is to test and firewall features operating correctly. "One of the biggest problem we see is its board of directors carrying old habits, do not open enough logging functions," he said. He gives this time, storage is expensive and logging strategies and tools, such as mainframe CICS transaction log or NetWare tracking system, slowing system performance.

Today, he said, if you can log in, then open it and do it. "In any safety investigation, whether it is in preventive mode or passive mode, crime occurred, these logs can prove valuable . " Logging functions contained gold potentially useful forensic information, including the IP address normally open port activities, and even attack vector Analysis of the investigating officers, for the logo. "You can often tell whether attacks from domestic sources, a former employee or from overseas hackers and more nationalist goals minds. " Initiatives: data center In order to ethical hacker is to minimize that could cause actual attacks, there is no situation is perfect. Therefore, rapid access to the crime scene after the attacks, is essential. This does not involve line Yellow crime scene tape National Data Center, but this does not involve any compromise system withdraw from the service, if you can identify What is their impact.

"If a system is a compromise and forensic needs, locking machines in a closet, is by far the more intelligent and more effective in enabling IT departments bright minds and curious finger poke away from it, and said: "luehr.

If you can not take the system, because of its mission-critical operations software, you can use specialized forensic tools to, live data. It need more time, so, and may impede the prosecution of offenders. In stroz Friedberg, luehr forensic examiners and permeability testing of the use of commercial can be scanned and test tools, but also Arsenal an exclusive test and data reconstruction tool developed in-house.

Penetration testing because of the need of sustained growth, there are also commodities portfolio the tools available. One of the most well-known is by ISS Internet Scanner, which IBM in October. Other factors include the impact from the core security technology, and paraben Inc. S software analysis e-mail, instant messaging and handheld devices.

The New York-based Council of the European Community to provide training, leading to certification as a hackers evidence survey, which is similar to the information security ethical hackers certification. EMB course teaches participants to identify intruders sightings, and the collection of evidence, need to take prosecution action. The on the list of companies to maintain at least one staff reads like chfi wealth 100.

These tools, as well as use of their investigators found that these weaknesses, information security providing a CD-ROM containing more than 750 tools to exploit them. The tool inventory, including keyloggers, password crackers, rootkit attacks, routers hackers, viruses and Trojan crack the code in the dictionary 163 languages.

Will not become a certainty Unfortunately, a security plug loopholes, shutting down all outstanding publicly port, change default passwords on the router and running Quarterly infiltration You need only test so far. Too often, the bad guys find their own way out.

"We see more and more content-borne threats, such as embedded script word processing documents, and said:" International Space Station ollmann a newer technique, precious hacker attack on its elegant simplicity, is placed keyloggers or other malicious code cheap USB thumb drives to the thousands as promotional items. "Once you Plug it into the USB port, you aggravated trouble," he argued.

No amount of training can prevent this kind of threat. And penetration tests by definition trying to break in from the outside, is not likely to help those cases. For this reason, most security auditing firm recommended frequent and full internal testing.

This is a real fact, the increase in percentage of its budget was allocated to security . This provides a sad commentary on the times we are living in a major. Use building of a clean government and hacker infiltration tests, in order to maintain data integrity and network, and forensic tools to analyze breaches and find the perpetrators have become an important part of any of its security protocols. Bavisi Ceyhan, the presidents EC Council, summed up the best. "Defeat hackers, you need to think hackers."