hack yourself

Hack yourself: wondering if your network is secure? Run the same tools hackers do to test your PC’s defenses. Here’s an article i happen to read in the net that may help some of us about pc issues :

COPYRIGHT 2007 Ziff Davis Media Inc.

Here at PC Magazine, we’ve published numerous articles over the years on how to secure your computer network. But did you ever wonder exactly what hackers do when trying to break into a machine? Everyone’s heard the vague generalities–run password crackers, sniff out data in unsecured public Wi-Fi hot spots, and so on–but what are the specific tools they use? Could you use them to test your own network? Of course you can.

But hold on just a second, bucko. There’s nothing in this article that will help you break into NASA mainframes. The programs we’re going to show you are common knowledge among security aficionados. Even so, these are the kinds of tools that are often used to poke around unsuspecting user’s PCs–precisely because they’re prepackaged and ready to go.

So let’s step through a typical hack and run some of the attack tools. The idea for this exercise is to look from the outside in, to see if you can penetrate your own network’s defenses–the equivalent of trying to open your doors and windows from the outside after locking them. This will give you a better picture of what your network looks like from the hacker’s point of view as well as show any vulnerability.

While many hackers run Unix and therefore have the greatest variety of tools available to them, here we’ll focus on programs you can run on Windows. For more ways to evaluate your network’s security, check out Larry Seltzer’s how-to “Make Your Network Safer by Attacking It” on our Web site (go.pcmag.com/network attack). And you’ll find more networking articles at go.pcmag.com/networksolutions.

Survey the Landscape

You can check the state of wireless in your house or apartment–or just go wardriving–with NetStumbler (go.pcmag.com/netstumbler). At its core, this Wi-Fi tool lets you get the lay of the network land, showing you who’s “out there.” While you can theoretically do the same thing with Windows XP’s Wireless Network Connection Status window, NetStumbler’s picture is far more detailed. It helps find unsecured networks, dead spots with weak signal, and rogue access points that fool unsuspecting users, and it even helps sort out wireless interference.

NetStumber’s List view shows lots of details about nearby wireless networks. Looking across the columns, you’ll see entries for MAC address, SSID, channel, speed, encryption type, and details on the signal-to-noise ratio. There are also filters along the left-hand side to sort by signal strength, encryption status, and other characteristics. The Graph view, meanwhile, plots signal strength over time elapsed.

If your laptop has a GPS device connected, NetStumbler can use it to show exactly where each access point is located physically–information that is helpful in wardriving or finding “rogue access points” that don’t belong on a company network. (Incidentally, NetStumbler doesn’t officially support USB-based GPS devices, though some are known to work. And there’s a workaround using a software “port bridge”–check out Jeff Duntemann’s Wardriving FAQ at faq.wardrive.net, as well as the NetStumbler.org forums, for details.)

Sniff Out Browser Data

Wireshark (www.wireshark.org) is a comprehensive network protocol analyzer. Usually it’s used to troubleshoot network issues, but it’s also a packet sniffer–meaning that you can pull data out of any live network stream over Ethernet, Wi-Fi, Bluetooth, or even USB connections. It can also attempt to decrypt traffic on WEP and WPA networks.

Try capturing data on its way to and from your local machine to see what’s visible: Go to Capture | Interfaces and click the Start button next to the appropriate network adapter. We saw nothing at first when connected to our Belkin router–Wire-shark can’t sniff data on a switched network, and some routers have trouble with promiscuous mode, which is necessary for sniffing. But when we plugged a laptop directly into the cable modem, we saw the data window in Wireshark light up.

Visit a Web site, log in to webmail, or, as the Wireshark site suggests, fire up an Internet radio station to see different kinds of traffic. Wireshark displays it all in unreadable hexadecimal but decodes each piece in plain text to the right. Sift through it to find Web page downloads, text submitted into forms (including unencrypted passwords), and more.

Crack Your Own Passwords

Cain & Abel (www.oxid.it/cain.html) is a password cracker program for Windows XP, NT, and 2000 systems. It uses several algorithms, including Dictionary, Brute-Force, and Cryptanalysis attacks, to try to crack passwords from within a network. These passwords include wireless network encryption keys and cached IE7 log-ins.

For our example, we’ll use it to recover passwords stored on a home machine. Choose a category on the left-hand side–we’ll start with Wireless Passwords. Right-click on the ones showing on the right–which should correspond with a list of the hot spots you’ve stored passwords for–and select Send WPA-PSK [or other encryption] Hashes to Cracker.

Next, click the Cracker tab. You’ll see a fairly long list of Hashes on the left-hand side. Scan until you see “WPA-PSK Hashes”; the words should be in bold, showing that new Hashes have arrived recently. Click on that, and then right-click on a particular Wi-Fi network SSID that appears on the right.

Here’s the fun part: Run the attack of your choice, such as Brute-Force or Dictionary. If it’s a good enough password, it could take the program years to crack–fortunately, Cain & Abel will warn you if it’s predicting this scenario. If your password is weak, the program could figure it out quickly. Cain also has its own built-in sniffer. This way you can listen in for passwords from another machine on your network, such as when logging onto a Web site. The things you learn with these tools can aid in beefing up your home network’s security.

RELATED ARTICLE: EDITOR’S TIP

FOR MORE HACKING TOOLS, check out sectools.org for a list of the top 100 used. Many are for Unix machines, but there’s also a wide selection of Windows and Mac OS X programs available. Of course, you could also install Linux on your PC–read our installation guide at go.pcmag.com/linuxinstall.