What is hacking?
Hacker is a term used by some to mean "a clever programmer" and by others, especially those in
popular media, to mean "someone who tries to break into computer systems."
1) Eric Raymond, compiler of The New Hacker's Dictionary, defines a hacker as a clever
programmer. A "good hack" is a clever solution to a programming problem and "hacking" is the
act of doing it. Raymond lists five possible characteristics that qualify one as a hacker, which we
A person who enjoys learning details of a programming language or system
A person who enjoys actually doing the programming rather than just theorizing about it
A person capable of appreciating someone else's hacking
A person who picks up programming quickly
A person who is an expert at a particular programming language or system, as in "UNIX
Raymond deprecates the use of this term for someone who attempts to crack someone else's
system or otherwise uses programming or expert knowledge to act maliciously. He prefers the
term cracker for this meaning.
2) The term hacker is used in popular media to describe someone who attempts to break into
computer systems. Typically, this kind of hacker would be a proficient programmer or engineer
with sufficient technical knowledge to understand the weak points in a security system.
Who is not a Hacker?
Hacker is not a –
2. The person who Releases Viruses
3. A Teenager sitting in a Dark Room eating pizzas and hacking into the fbi website.
4. Not always a Computer Related Person.means can also belongs to some other field too.
5. not even somebody,who can crack password to all the websites or softwares.
6. Not also,who stole the money from bank by hacking into bank Server.
Who is a hacker?
1.The Person ,who thinks outside the box
2. who wants to Test His/Her Limits.
3. Who wants to try such things which are not given in manual.
4. Has Unlimites Curosity to work.
5. Who Discovers Unknown Features and Properties.
6. Someone who is dedicated to his knowledge
7. Highly Creative.
8. who Bellieves in Stretching the Limits.i.e who wants to test his/her limits,that upto what
extent,He/she can go
Difference between Hackers and Crackers
Hackers and Crackers are seems to be same words ,But a Great difference exists between
Hackers and Crackers. First of all ,Hackers and Crackers have a same amount of knowledge
and Experience,but the difference is about,How they are using their knowledge.Hackers are
good guys,who use their Knowledge in positive direction.like hackers are appointed by
companies and police to solve their problems or cases.On the other hand ,Crackers are Bad
guys,who use their knowledge for Illegal and negative purposes.like Crackers stole the money
from the bank by hacking into the bank's website.
1. Lots of knowledge and experience 1. Same amount of
about computers Knowledge and experience
2. Good Guy 2. Bad guy
3. Strong Ethics 3. Poor Ethics
4. No Crime commited 4. Commits Crime
5. Fights Criminals,defend From bad 5. They are Criminals
E-mail, is a method of exchanging digital messages from an author to one or more recipients. Modern
email operates across the Internet or other computer networks. Some early email systems required that
the author and the recipient both be online at the same time, in common with instant messaging.
Today's email systems are based on a store-and-forward model. Email servers accept, forward, deliver
and store messages. Neither the users nor their computers are required to be online simultaneously;
they need connect only briefly, typically to an email server, for as long as it takes to send or receive
Today Email has become a need for communication even for the big organisations. And your e-mail can
be hacked and can be used unauthorized.So There are many threats to email system.as it is not
Email hacking is illicit access to an email account or email correspondence.
Email on the internet is now commonly sent by the Simple Mail Transfer Protocol (SMTP). This
does not encrypt the text of emails and so intercepted mail can be read easily unless the user adds
their own encryption. The identity of the sender or addressee of an email is not authenticated and
this provides opportunities for abuse such as spoofing.
As email has increasingly replaced traditional post for important correspondence, there have
been several notable cases in which email has been intercepted by other people for illicit
purposes. Email archives from the Climatic Research Unit were leaked to create the scandal
popularly known as Climategate. Journalists employed by News International hacked email
accounts of celebrities in search of gossip and scandal for their stories. Individuals such as
Rowenna Davis have had their accounts taken over and held to ransom by criminals who try to
extort payment for their return. The email accounts of politicians such as Sarah Palin have been
hacked to try to find embarrassing or incriminating correspondence
How E-mail System Works?
For the vast majority of people right now, the real e-mail system consist of two different servers
running on the main e-mail server machine. One is called the SMTP Server (Simple mail transfer
protocol) which handles outgoing mail and the other is POP3 Server (Post Office Protocol)
which takes the responsibility of incoming mail. The SMTP server listens on well-known port
number 25, while POP3 listens on port 110.
Sending the mail (Role of SMTP server)
Whenever you send a piece of e-mail, your e-mail client interacts with the SMTP server to
handle the sending.
Lets assume that i want to send a piece of e-mail. My e-mail ID is admin and having account on
WinSpark.net. I want to send e-mail to manekari[at]live.com and i am using standalone e-mail
client like Windows live mail or Outlook Express. lets see what happens when i compose a
message and press the send button.
E-mail client connects to the SMTP server at mail.WinSpark.net using port 25.
E-mail client has a conversation with the SMTP server, telling the SMTP server the
address of the sender and the address of the recipient, as well as the body of the message.
The SMTP server takes the “to” address (email@example.com) and breaks into two parts :
o The recipient name (manekari)
o The domain name (live.com)
(If the “to” had been another user at WinSpark.net, the SMTP server would
simply hand the message to POP3 server for WinSpark.net ) Since the recipent is
at another domain, SMTP needs to communicate with the domain.
The SMTP server has a conversation with a Domain Name Server, or DNS. It says, “Can
you give me the IP address of the SMTp server for live.com?” The DNS replies with the
one or more IP address for the SMTP server(s) that live.com operates.
The SMTP server at WinSpark.net connects with the SMTP server at live.com using port
25. It has the same simple text conversation that my e-mail client had with the SMTP
server for WinSpark, and gives the message to the live.com server. The Live.com server
recognizes that the domain name for manekari is at Live.com, so it hands the message to
yahoo POP3 server, which puts the message in manekari’s mailbox.
Threats to E-mail Security
As per the defined secured protocols, E-mail system still have many Threats,which
leads to E-mail Hacking, Some of them are listed below:
E-mail Password cracking
Identity Thefts Attacks
Generally, the path taken by an email while travelling from sender to receiver can be explained
by following diagram.
The most effective and easiest way to trace an email is to analyze it's email headers. This can be
done by just viewing the full header of received email. A typical email header looks something
From Barr Thu Jan 3 05:33:26 2008
X-Apparently-To: firstname.lastname@example.org via 126.96.36.199; Thu, 03 Jan
2008 05:25:38 +0530
Authentication-Results: mta113.mail.in.yahoo.com from=destatis.de;
domainkeys=neutral (no sig)
Received: from 188.8.131.52 (HELO dsl-189-160-34-89.prod-infinitum.com.mx)
(184.108.40.206) by mta113.mail.in.yahoo.com with SMTP; Thu, 03 Jan 2008
Received: from dvapa ([220.127.116.11]) by dsl-189-160-34-89.prod-
infinitum.com.mx with Microsoft SMTPSVC(6.0.3790.0); Wed, 2 Jan 2008 18:03:26
Date: Wed, 2 Jan 2008 18:03:26 -0600
From: "Barr" <email@example.com> Add to Address Book
User-Agent: Thunderbird 18.104.22.168 (Windows/20070728)
Subject: angel rubberneck
Content-Type: multipart/related; boundary="------------
The above email header gives us the following information about it's origin and
a) Sender's email address :- firstname.lastname@example.org
b) Source IP address :- 22.214.171.124
c) Source mail server :- dsl-189-160-34-89.prod-infinitum.com.mx
d) Email client :- Thunderbird 126.96.36.199
As we know the ip of the sender, now we can easily trace the location of sender, or Many tools are
available which directly traces the location of the sender with received email.soma tools are Email
Email forging allows an attacker to disguise the source of an email and send it to the victim.
Most attackers use this technique to fool the victim into believing that somebody else has send
the particular email.
The SMTP protocol makes it extremely easy for an attacker to send forged emails to a remote
Typically an attacker carries out email forging by following steps:
1) Start Command Prompt and type the following command-
c:/>telnet smtp.mailserver.com 25 or c:/>telnet mail.domain.com 25
example:- c:/>telnet smtp.gmail.com 25
The above command opens a telnet connection to the specified remote mail server on port-25.
Where port-25 is the default SMTP port on which outgoing mail daemon runs.
2) Once you are connected to the mail daemon of remote mail server, you would be greeted with
a message similar to following:-
If you are not familiar with the smtp mail daemon commands then enter the keyword 'help' at
daemon which may reveal all the supporting commands as shown below.
3) The correct sequence of commands to be executed is:-
a) helo mailserver1.com
b) mail from:email@example.com
c) rcpt to:firstname.lastname@example.org
e) .(dot command represents end of mail body)
This all as shown in figure below:
EMail forging by this technique does not possible, if mail relying is disabled by it's