I'm amazed by how simple penetrating an unprotected system on the Internet has become. A person with only basic computing knowledge can locate enough information to quickly learn how to infiltrate the security of a given system.
By using scripts along with step-by-step instructions widely available in the computer underground, inexperienced intruders can infiltrate a network's security without having to understand how they actually did it. More knowledgeable crackers call these intruders "script kiddies" because of their tendency to use canned scripts to breach security. In general, a script kiddie can run a script or program against a remote system but rarely understands how to perform an exploit without that canned assistance.
In previous editions of this newsletter, I've written about honey pots and their advantages when it comes to catching intruders. I recently came across an intriguing article, "Know Your Enemy: Motives," published by the Honeynet Project. The Honeynet Project is a small group of security professionals dedicated to learning the tools and tactics of the black-hat community. The group's latest article came about after the group set up honey pot systems to catch intruders. They caught a group of script kiddies and also captured much of their IRC-based conversations over a 2-week period. The conversation transcripts are a gold mine; they offer a real-world look into the minds of these intruders.
The article shows just how easily intruders can break into a system without completely understanding what they're doing. You'll notice while reading the transcripts that the intruders often struggle with basic computer skills, while possessing just enough knowledge to compromise system security. Keep in mind that while the transcripts don't reflect the motives of intruders as a whole, they do show how some intruders' minds work. So head over and read the article here. I'm sure you'll find it as interesting as I did. Until next time, have a great week.