To plan and implement a good security strategy, first be aware
of some of the issues which determined, motivated attackers exploit
to compromise systems. But before detailing these issues, the
terminology used when identifying an attacker must be defined.
The modern meaning of the term hacker
has origins dating back to the 1960s and the Massachusetts
Institute of Technology (MIT) Tech Model Railroad Club, which
designed train sets of large scale and intricate detail. Hacker was
a name used for club members who discovered a clever trick or
workaround for a problem.
The term hacker has since come to describe everything from
computer buffs to gifted programmers. A common trait among most
hackers is a willingness to explore in detail how computer systems
and networks function with little or no outside motivation. Open
source software developers often consider themselves and their
colleagues to be hackers, and use the word as a term of
Typically, hackers follow a form of the hacker ethic which dictates that the quest for
information and expertise is essential, and that sharing this
knowledge is the hackers duty to the community. During this quest
for knowledge, some hackers enjoy the academic challenges of
circumventing security controls on computer systems. For this
reason, the press often uses the term hacker to describe those who
illicitly access systems and networks with unscrupulous, malicious,
or criminal intent. The more accurate term for this type of
computer hacker is cracker — a term
created by hackers in the mid-1980s to differentiate the two
Within the community of individuals who find and exploit
vulnerabilities in systems and networks are several distinct
groups. These groups are often described by the shade of hat that
they "wear" when performing their security investigations and this
shade is indicative of their intent.
The white hat hacker is one who tests
networks and systems to examine their performance and determine how
vulnerable they are to intrusion. Usually, white hat hackers crack
their own systems or the systems of a client who has specifically
employed them for the purposes of security auditing. Academic
researchers and professional security consultants are two examples
of white hat hackers.
A black hat hacker is synonymous with a
cracker. In general, crackers are less focused on programming and
the academic side of breaking into systems. They often rely on
available cracking programs and exploit well known vulnerabilities
in systems to uncover sensitive information for personal gain or to
inflict damage on the target system or network.
The grey hat hacker, on the other hand,
has the skills and intent of a white hat hacker in most situations
but uses his knowledge for less than noble purposes on occasion. A
grey hat hacker can be thought of as a white hat hacker who wears a
black hat at times to accomplish his own agenda.
Grey hat hackers typically subscribe to another form of the
hacker ethic, which says it is acceptable to break into systems as
long as the hacker does not commit theft or breach confidentiality.
Some would argue, however, that the act of breaking into a system
is in itself unethical.
Regardless of the intent of the intruder, it is important to
know the weaknesses a cracker may likely attempt to exploit. The
remainder of the chapter focuses on these issues.