Thursday, 4 June 2015

Attacking

IP Address leh Port Scanning kan tih mai te hi Network Administrator te hnapui ber a ni a, chutihrualin mi hack-na kalkawng hmahruai (preliminary step) an ni thei bawk. Heng mi attack-na hrang hrang, Email Phising, malicious websites, USB stick hmanga code hlauhawm thehdarh, mi credentials ruksak leh software thatlohna(flaws) te hi lo sawifiah ve dawn ta ila:

Email Phising: hei hian infected attachment a paipawn ru thei, attachment kan va click khan malware a rukin kan khawlah a lo install thei a ni. Attachment te hi file pangai ang tak pawh an ni thei a, a then phei chu thlalak en chakawm ngawih ngawih ang te pawh an ni thei a ni.

Malicious Websites: Attacker thiam tak tak te chuan mi website-ah malicious code an ching (plant) thei a. Hetiang website hi a saptawng chuan Compromised Website te an ti a, a neitu hriatlohin an zuar kual thin bawk a ni. Hetihrual hian Website hlauhawm tur renga siam Malicious website a awm teuh bawk a, hetiang website te hian malware te an host tawp mai a ni. Hetiang Compromised website leh Malicious website te i visit chuan a rukin i computer malware an lo thun malh malh thei a ni. Tichuan i computer chu malware bu, compromised machine (inthlahpunna hmun) atan an hmang zui thei bawk ang. Email phising leh Malicious website hi an thlunzawm leh zel bawk a. Hetiangah hi chuan email-ah khan compromised website link te an dah tel thin a ni. A bikin social media lamah malicious website link dah an ching nasa hle bawk a ni. An thiam em avangin engkim hi pangai ang takin an lantir thiam a fimkhur lutuk hleih theih loh khawp hial a ni. malicious website thenkhat hacker ho run phei chu website pangai nen a danglamna a awm lo va, hetiang ho hian bank hi an target ber a ni thin bawk a, an tum ber chu bank hnathawktu te credential rukchhuah a ni.

Man in the Browser: Attacking nana an hma lar leh tak chu Browser hi a ni. Attacker thiam chuan user browser software that tawk lohna kha remchangah hmangin user attack nan an hmang thei bawk a ni. An thil chhut leh transaction kalphung kha detailin an lo record thlap a, chu chu a neitu hriatlohin an lo hmang ve hem hem tawh thin a ni. Hetianga in attack hi a tuartu tan hriat a har bakah sawi tur a tam vak lo a. Mahse browser hlui lutuk leh update lo lutuk hman chuan tawn ve theih a ni tih hriat a tha ang. Kan browser hman chu a lo berah stable version latest edition tal ni thei se a tha.

Botnet: Botnet hi Hacker te thununna hnuaia awm Computer sawina tawngkam a ni. Zombie tia sawi a ni bawk. I computer chu hacker te thunna hnuaia awm a nih leh nih loh hriat theih dan point 8 zonealarm.com-in a tarlan dan chuan:
  1. Hriat theih khawpin i computer a rawn muang tan a, Application i hawn tam vak loh pawhin a chak lo lutuk a, ninawm i ti tan. Misual chuan i computer chu suahsual rawng bawl tura a duh avangin i computer processor leh network a mamawh nasa a, chuvangin i khawl pawhin a lo chak loh phah ta ni.
  2. Error message mak a lo lang leh nawlh thin.
  3. I computer software a buai zeuh zeuh thin.
  4. I thawn ni miah lovin email te i thawnchhuak thin.
  5. Tun hma aiin i computer in on leh off chhung a rei bik thin.
  6. I hriat lohvin i hard disk space a lo pung or a lo kiam.
  7. nangma  close pawh ni chuang lovin i browser a lo in close daih leh thin.
  8. Security website then khat i lut thei lo bawk ang.

Antivirus tha leh antimalware tha neih reng hi a tha ber a. Link leh attachment 100%-a hriatchian loh chu click loh a him ber bawk a ni. Tunhnai hian facebook lamah hian link thianghlim lo post leh share a tam em em mai a, a then te phei chu Sex Video ang tak an ni a, va click la link an ni tih i hre thei ang, mahse a zombie i nih theihna chance 100-ah 90 vel a awm tih hriat tel a tha bawk ang. Hetiang security measure miin an sawi te hi ngaih thutak a tha hle a, a chhan chu i dam chhungin heng hacker te hian an um kual reng mai tur che nia.

Hacker te hi article hmasa lama ka lo sawi tawh ang khan Botnet hi an lei loh pawhin rental botnet te a awm leh zel a, hah leh buai chuk chuk ngai lovin mi an hack thei tawh a. Tichuan heng cybercrime software turu Zeus (Zbot = Trojon Horse Computer Worm -Wikipedia) te hmang hian khawvel pumpuia computer zombies te chu command an pe thei tawh a. An hna ber chu zombie kaltlanga computer natna hrik thehdarh a ni. Nitin zombie hi million chanve tal hmuhziah a ni tih mithiam te chuan an sawi a ni.

Flash Drive: In hack na hmanrua hi nitin a pung emaw tih mai tur a ni a, Flash Drive te hi hacker te chuan mi attack nan an hmang nasa ve hle bawk a. I Computer-a thunluh a nih chiah khan i computer chuan a kai nghal thei a, he hrik hi a che rang hle ringawt lo va, i computer ringtu computer dangte khan awlsam takin an kai thei nghal bawk a ni.

User Credentials: Password te hi uluk leh secure taka kan encrypt pawhin hacker te hian a rukchhuah dan thar an dap ve reng tho a. Malware hmangin i password file an copy chhuak thei a,  i password mil turin hash an generate thei bawk a, hei hi Dictionary attack tiin an sawi thin bawk a ni. Password hi hawrawp 8 aia tam a nih a, HAWRAWPPUI leh te inpawlh, character leh number te a inpawlh hian hacker te tan a hash generate a har hle bik tih hriat a tha bawk ang. Eng thil emaw-a account kan hawna password hman tur lo awmsa ang chi a awm chuan rang taka thlak vat a tha a, a chhan chu hetianga password an chhawpchhuahsa ang chi hacker te hian an hrethei riau bawk a ni.

Software Flaws: In attackna thlentu tam ber chu software that tawklohna/diktawklohna (flaws) vang a ni tih hi mithiam te rin dan a ni. Software siamtu lamin software-a dik lo an hmuh chuan a fix na (patches) an tichhuak leh thin a. Automatic update hman nasat pawh hi a tha hle reng a ni. Mahse software siamtu lamin software diklohna an hmuh leh hriat (identify) hma zero day chhung khan attacker chuan remchanna a lo zawng ve thei bawk a ni. Hetiang hun lai hi chuan internet hman tam loh a him ber an ti bawk a ni.