Common Methods

There are several recurring tools of the trade and techniques used by computer criminals and security experts:

Security exploit

A security exploit is a prepared application that takes advantage of a known weakness.

Vulnerability scanner

A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Note that firewalls defend computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented.)

Packet Sniffer

A packet sniffer is an application that captures TCP/IP data packets, which can maliciously be used to capture passwords and other data while it is in transit either within the computer or over the network.

Spoofing attack

A spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining illegitimate access.

Rootkit

A rootkit is a toolkit for hiding the fact that a computer's security has been compromised, is a general description of a set of programs which work to subvert control of an operating system from its legitimate (in accordance with established rules) operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Root kits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.

Social engineering

Social Engineering is simply the art of getting unsuspecting persons to reveal sensitive information about a system. This is usually done by impersonating someone or by convincing people to believe you have permissions to obtain such information. A typical example would be eavesdropping on or discussing company security details at a café. A more subtle method would be via impersonation: requesting promotional material or technical reference material regarding a company's systems while pretending to be co-worker or contractor working under pressure or within unseen limitations.

Trojan horse

A Trojan horse is a program designed as to seem to being or be doing one thing, such as a legitimate software, but actually being or doing another. They are not necessarily malicious programs but can be. A trojan horse can be used to set up a back door in a computer system so that the intruder can return later and gain access. Viruses that fool a user into downloading and/or executing them by pretending to be useful applications are also sometimes called trojan horses. (The name refers to the horse from the Trojan War, with conceptually similar function of deceiving defenders into bringing an intruder inside.) See also Dialer.

Virus

A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Thus, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells.

Worm

Like a virus, a worm is also a self-replicating program. The difference between a virus and a worm is that a worm does not create copies of itself on one system: it propagates through computer networks. After the comparison between computer viruses and biological viruses, the obvious comparison here is to a bacterium. Many people conflate the terms "virus" and "worm", using them both to describe any self-propagating program. It is possible for a program to have the blunt characteristics of both a worm and a virus.

Key loggers

A keylogger is a software program designed to record ('log') every keystroke on the machine on which it runs. Often uses virus-, trojan-, and rootkit-like methods to remain active and hidden from the victim (and possibly self-replicate). The log is later transferred to the 'owner' of the keylogger. Hardware-assisted and hardware-based keyloggers also exist