Qysh me nxon nje HACKER !! (ENGLISH LANGUAGE)

I just wrote this guide to give you some tips of which you may not have
heard yet. Hopefully, it won't come to a hacker getting in, but if it
does...

Tip 1: Hackers cover their tracks. Experienced hackers
cover them more thorougly, but amateur hackers sometimes leave things
behind. Don't expect them to leave any really big evidence behind;
expect more of little things here and there you might find surprising.
For example, if you're writing a term paper and a black hat hacker
accidently saved it when he took a paragraph out- that's suspicious.
Where did that paragraph go? Well, for one thing, now you know he was
in that area. Check the folders surrounding the file- you might find
something.

Tip 2: Decipher between the type of hackers that are
attacking you. Experienced hackers will have a more in depth look
around when they penetrate your system. They won't touch much because
they know that that won't add too much to their knowledge. But if you
know a hacker's been in, and some files are messed with, and you have a
log of someone guessing passwords to a file or something of that sort,
its probably some newbie who's just starting out. These are the easiest
hackers to catch. They usually get so caught up in thoughts like "I'm
in!" that they forget the basics, such as work behind a proxy.

My
friend was setting up a webserver once. His first time too, and he
wasn't to anxious to set up some good software to protect against
hackers and viruses. He didn't put up one IDS, and before you know it,
the obvious happened. But this time, a newbie had struck. The nice log
files showed, bluntly across the screen, multiple instances of a
foreign IP address that stood out. Some stupid newbie had tried to
login as "uucp" on my friend's XP computer, with a password of "uucp."
Well, that's great, but he also had tried the same user/pass
combination three times, enough to get himself logged nicely. Even a
semi-brainless user with some form of neurological system knows that
uucp isn't a default XP account. Again, excitement toiled this hacker's
brain, and maybe if he hadn't done that, along with a few other stupid
things, he wouldn't have gotten caught. What other things did he do?
Well, lets see. He openned 35 instances of MS-DOS. He tried to clean
the printer's heads, and he edited a .gif in notepad. Then he
uninstalled a few programs and installed some html editor, and replaced
four files with the words "14P."

He might as well have posted his phone number. In a few days, we had tracked him down to a
suburban
town in Ohio. We let him go, not pressing any charges, because he had
done nothing really damaging and had provided me with an example of a
moron for this guide.

Tip 3: Don't go crazy if you lose data.
Chances are, if it was that important, you would have backed it up
anyway. Most hackers nowadays wish they were back in 1989 when they
could use a Black Box and having a Rainbow Book actually meant
something. Most hackers aren't blackhat, they are whitehat, and some
even greyhat. But in the end, most hackers that are in systems aren't
satisfied by looking around. From past experiences, I have concluded
that many hackers like to remember where've they been. So, what do they
do? They either press delete here and there, or copy some files onto
their systems. Stupid hackers (yes, there are plenty of stupid hackers)
send files to e-mail addresses. Some free email companies will give you
the IP of a certain e-mail address's user if you can prove that user
has been notoriously hacking you. But most of the time, by the time you
get the e-mail addy it's been unused for weeks if not months or years,
and services like hotmail have already deleted it.

Tip 4: Save
information! Any information that you get from a log file (proxy server
IP, things like "14P", e-mail addresses that things were sent to, etc.)
should be saved to a floppy disk (they're not floppy anymore, I wish I
could get out of the habit of calling them that) incase there's a next
time. If you get another attack, from the same proxy, or with similar
e-mail addresses (e.g: one says Blackjack [email]123@something.what[/email]ever and the other says [email]Black_jack_45@something.znn.com[/email])
you can make an assumption that these hackers are the same people. In
that case, it would probably be worth the effort to resolve the IP
using the proxy and do a traceroute. Pressing charges is recommended if
this is a repeat offender.

Tip 5: Don't be stupid. If you've
been hacked, take security to the next level. Hackers do talk about
people they've hacked and they do post IPs and e-mail addresses. Proof?
Take a look at Defcon Conventions. I've never gone to one, but I've
seen the photos. The "Wall of Shame"-type of boards I've seen have IPs
and e-mail addresses written all over them in fat red, dry-erase ink.
Don't be the one to go searching the Defcon website and find your
e-mail address posted on the Wall of Shame board!

Tip 6: Don't
rely on luck. Chances are, sometime or another, you're going to be
targeted for an attack. Here you can rely on luck. Maybe they'll
forget? Maybe they don't know how to do it? If you think this way, a
surprise is going to hit your face very hard. Another way you could
stupidly rely on luck is by saying this: It's probably just a whitehat.
On the contrary, my friend, it's probably just a blackhat. A blackhat
with knowledge stored in his head, ready to be used as an ax. It's your
data. You take the chance.

Well, there you have it. If you have
any additional tips that aren't widly talked about send them to i post
them on the forums, or e-mail them to a staff member. We'll probably
have another "tip" guide and include them there, with the proper
credits of course. This guide and others by myself and other staff
members can be found at

-[ Unstoppable > Joe]
-[ "Your mind is like a room. You have to put stuff in it, or else it will stay empty."- Unstoppable

Njerz ne SHQIP sun pe perkthej se shum :S mfalni..