The Evolution Of Hacking.

Publicated on : 1201519407
Fazed send me an article for me to post last week. I think it's good to show some ideas some of the readers have.

While thinking about phishing today i realised a good way to show how hacking and the people behind it have moved on and evolved on both sides.This example is based around one route of spyware-phishing prevention. Imagine that spyware with code that could be updated on the go was released. This spyware redirected you from a bank's (lets say HSBC) site to a malicious site that looked the same. One method of detecting if these sites are the correct ones is to look at the IP address of the website in question and check it against the IP address from a remote computer, now lets say this remote computer is given a URL for the anti-spyware software to use (well use ipcheck.anti-spyware.com) now when the user visits a web site this application gets the IP address that the local computer has for the website, it then retrieves the IP address that ipcheck.anti-spyware.com has for the website and if different it warns the user. Now one of the routes the spyware could take to circumvent this would be to inject a different IP address into the networks root DNS for ipcheck.anti-spyware.com to return the same IP address as the local machine has for the website. The way the anti-spyware could work around this was to use an IP address for the ip check instead of a URL because the request would not have to go through a DNS server first. The spyware could then circumvent this by spoofing the IP of the ip check and again sending the same IP as the local machine has. This form of evolution can continue for ever and results in the hacker having to get smarter to stay one step ahead.

[fazed]

My comments:

I think it is already happening, hacking and security is a never ending arms race. DNS pinning is the best example, we will be never able to fully secure ourselves from it. Back in the early days, IP spoofing wasn't that hard to perform. Today it's a different story. Pure client-side IP spoofing is possible, but certainly not easy, it's very hard to do. Lot's of hackers do miss the old days where even telnet was a default service on almost any webserver. Plenty of hacks where done with a telnet client and telnet service. In fact, network hacking has become really harder these days.