An intruder can also be referred to as a hacker or cracker.

You're Reading a Free Preview
Page 4 is not shown in this preview.

Inhaltsverzeichnis Show

Computer cracker vs. hacker
Types of computer crackers
An intruder can also be referred to as a hacker or cracker.
Activists are either individuals or members of an organized crime group with a goal of financial reward
Running a packet sniffer on a workstation to capture usernames and passwords is an example of intrusion
Those who hack into computers do so for the thrill of it or for status
Intruders typically use steps from a common attack methodology
The IDS component responsible for collecting data is the user interface.
Intrusion detection is based on the assumption that the behavior of the intruder differs from that of a legitimate user in ways that can be quantified.
The primary purpose of an IDS is to detect intrusions, log suspicious events, and send alerts.
Signature-based approaches attempt to define normal, or expected, behavior, whereas anomaly approaches attempt to define proper behavior
Anomaly detection is effective against misfeasors
To be of practical use an IDS should detect a substantial percentage of intrusions while keeping the false alarm rate at an acceptable level.
An inline sensor monitors a copy of network traffic; the actual traffic does not pass through the device
A common location for a NIDS sensor is just inside the external firewall.
Network-based intrusion detection makes use of signature detection and anomaly detection
Snort can perform intrusion prevention but not intrusion detection.
1. _________ are either individuals or members of a larger group of outsider attackers who are motivated by social or political causes.A. State-sponsored organizations B. ActivistsC. Cyber criminals D. Others
A _________ is a security event that constitutes a security incident in which an intruder gains access to a system without having authorization to do so. A. intrusion detection B. IDS C. criminal enterprise D. security intrusion
A _________ monitors the characteristics of a single host and the events occurring within that host for suspicious activity. A. host-based IDS B. security intrusion C. network-based IDS D. intrusion detection
A ________ monitors network traffic for particular network segments or devices and analyzes network, transport, and application protocols to identify suspicious activity. A. host-based IDS B. security intrusion C. network-based IDS D. intrusion detection
The ________ is responsible for determining if an intrusion has occurred. A. analyzer B. host C. user interface D. sensor
__________ involves an attempt to define a set of rules or attack patterns that can be used to decide if a given behavior is that of an intruder. A. Profile based detection B. Signature detection C. Threshold detection D. Anomaly detection
_________ involves the collection of data relating to the behavior of legitimate users over a period of time. A. Profile based detection B. Signature detection C. Threshold detection D. Anomaly detection
A (n) __________ is a hacker with minimal technical skill who primarily uses existing attack toolkits. A. Master B. Apprentice C. Journeyman D. Activist
The _________ module analyzes LAN traffic and reports the results to the central manager. A. LAN monitor agent B. host agent C. central manager agent D. architecture agent
The purpose of the ________ module is to collect data on security related events on the host and transmit these to the central manager. A. central manager agent B. LAN monitor agent C. host agent D. architecture agent
A(n) ________ is inserted into a network segment so that the traffic that it is monitoring must pass through the sensor. A. passive sensor B. analysis sensor C. LAN sensor D. inline sensor
A(n) ________ event is an alert that is generated when the gossip traffic enables a platform to conclude that an attack is under way. A. PEP B. DDI C. IDEP D. IDME
_________ is a document that describes the application level protocol for exchanging data between intrusion detection entities. A. RFC 4767 B. RFC 4766 C. RFC 4765 D. RFC 4764
The rule _______ tells Snort what to do when it finds a packet that matches the rule criteria. A. protocol B. direction C. action D. destination port
The _______ is the ID component that analyzes the data collected by the sensor for signs of unauthorized or undesired activity or for events that might be of interest to the security administrator. A. data source B. sensor C. operator D. analyzer

A computer cracker is an outdated term used to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or in other ways intentionally breached computer security. Computer crackers were motivated by malicious intent, for profit or just because the challenge is there.

Computer cracker vs. hacker

The antiquated phrase computer cracker is not used anymore. It was originally proposed as an antonym, or the opposite, of the term hacker. Hacker initially applied to only those who used their computing skills without malicious intent -- they broke into systems to identify or solve technical issues. Skillful technologists with altruistic motives were called hackers; those with bad intent were called computer crackers. This distinction never gained much traction, however.

In 1993, the Internet Users' Glossary defined hacker as "a person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular. The term is often misused in a pejorative context, where 'cracker' would be the correct term."

The Glossary defined a computer cracker as "an individual who attempts to access computer systems without authorization. These individuals are often malicious, as opposed to hackers, and have many means at their disposal for breaking into a system."

The term computer cracker was subsequently subsumed by the term black hat, another outdated term for threat actor.

It should be noted, however, that people today rarely distinguish between ethical hackers and malicious hackers. Although hackers, by definition, do not have malicious intent, some people assume malicious intent when the word is used in everyday context.

Types of computer crackers

A computer cracker has also referred to users who break into copyrighted software or devices. Jailbreaking is a common example of cracking. Jailbreaking removes restrictions a manufacturer sets in the phone's software. By bypassing the restrictions, the user can perform more advanced functions on the phone or use it on a different network.

Cracking also applies to password cracking. A password cracker is an application designed to identify passwords to computers or network resources.

TechTarget is responding to readers' concerns as well as profound cultural changes when it comes to certain commonly used but potentially linguistically biased terms. In some cases, we are defaulting to industry-standard terminology that may be seen as linguistically biased in instances where we have not found a replacement term. However, we are actively seeking out and giving preference to terms that properly convey meaning and intent without the potential to perpetuate negative stereotypes.

TRUE/FALSE QUESTIONS: T F 1. An intruder can also be referred to as a hacker or cracker. T F 2. Activists are either individuals or members of an organized crime group with a goal of financial reward.