Cracker: Difference between revisions
From Hackepedia
Jump to navigationJump to search
No edit summary |
eh yo cracker jack! |
||
(One intermediate revision by one other user not shown) | |||
Line 7: | Line 7: | ||
#There are a few "good crackers" who will break into a remote host, patch the hole that they used to get in so others can't do the same, and then leave undetected. (''As romantic as it sounds one should not forget that cracking another persons system is illegal. Even when your intentions are meant well, the law will have no mercy on you''). | #There are a few "good crackers" who will break into a remote host, patch the hole that they used to get in so others can't do the same, and then leave undetected. (''As romantic as it sounds one should not forget that cracking another persons system is illegal. Even when your intentions are meant well, the law will have no mercy on you''). | ||
#Then there are the crackers who discover remote holes/weaknesses, and/or write the exploits for these vulnerabilites. Some like to publish these exploits, either for the fame from other crackers, or to watch the script kiddies wreak havoc with them. (''It should be noted that providing an exploit to a security advisory hastens the patch effort and scenarios where a bug is misunderstood or even ignored rarely happen. Exploits are a ticket of guarantee that someone will address this security issue sooner rather than later''). | #Then there are the crackers who discover remote holes/weaknesses, and/or write the exploits for these vulnerabilites. Some like to publish these exploits, either for the fame from other crackers, or to watch the script kiddies wreak havoc with them. (''It should be noted that providing an exploit to a security advisory hastens the patch effort and scenarios where a bug is misunderstood or even ignored rarely happen. Exploits are a ticket of guarantee that someone will address this security issue sooner rather than later''). | ||
How much time one should wait between notifying the vendor of an issue and releasing an exploit is a hotly debated issues in the information security community. Some vendors are a lot faster and remediating issues than others. |
Latest revision as of 00:21, 11 June 2007
Most commonly referred to by the media as a hacker, a cracker is the person who malciously compromises hosts that are not his/her own.
There are several levels of cracker.
- The most notorious is the least skilled, known commonly as a "script kiddie". These are the people that will use a script or program written by someone else, and use it to compromise remote hosts. They often do not even know what is exactly happening, and don't care, they just like breaking into other machines for whatever purpose.
- There are government and corporate crackers, who are hired to crack into remote hosts usually for information, specifically IP (Intellectual property) of a remote government/competitor.
- There are a few "good crackers" who will break into a remote host, patch the hole that they used to get in so others can't do the same, and then leave undetected. (As romantic as it sounds one should not forget that cracking another persons system is illegal. Even when your intentions are meant well, the law will have no mercy on you).
- Then there are the crackers who discover remote holes/weaknesses, and/or write the exploits for these vulnerabilites. Some like to publish these exploits, either for the fame from other crackers, or to watch the script kiddies wreak havoc with them. (It should be noted that providing an exploit to a security advisory hastens the patch effort and scenarios where a bug is misunderstood or even ignored rarely happen. Exploits are a ticket of guarantee that someone will address this security issue sooner rather than later).
How much time one should wait between notifying the vendor of an issue and releasing an exploit is a hotly debated issues in the information security community. Some vendors are a lot faster and remediating issues than others.