Look at the social engineering of hackers from the film "firewall"

xiaoxiao2021-04-01  221

"Firewall" FireWall Introduction: Harrison Ford plays a security system of the International Bank of Security and controls banks. The criminal name kidnapped his family, and walked all Ford, vowed to save his wife and children ... "firewall" is the key to this righteous battle ... Noun explanation: Hacker's social engineering What is social engineering? In the security field, social engineering is the trust of hackers using people and people, and then I want to do it. Social engineering is a non-technical means of hacker behavior, using the most no way to control in the network security system, there is no way to play a function of patch - people. The following is a text: I am more fluent, often in the movie, I will go to see it, such as this Firewall. Because it is your own, it is very interested in this movie, and it is more careful to see the whole process. It is not only sigh, which is not only sigh, this is a classic violent social engineering, and only a pity that the savvy robber has made a series of low-level mistakes, causing the last loss. I really should have a good summary of this experience lesson and think that later people will (咚! Uncle police, do you have anything? Please drink tea? Ok, I know a nice teahouse. Hey? Why do you have a handcuff in the teahouse?) Well! Well! Well! Declaration, the following comments are not only technical discussions, and does not represent any similar behavior, or make it strategic for them. Anyone who uses this review to do anything to himself. In short, I am the most is a grinding knife (even if you don't have a knife knife), the behavior of the robbery robbery has nothing to do with myself. OK, the words retired. First explain the noun, what is social engineering. In the security field, social engineering is the trust of hackers using people and people, and then I want to do it. Social engineering is a non-technical means of hacker behavior, using the most no way to control in the network security system, there is no way to play a function of patch - people. Here is a famous social engineering case for Microsoft. A hacker has sent an email to Microsoft's network management, claiming that he is Microsoft employee, in Europe, but forgets password, the big idea is sent to the new password. This person, hacker has been easily completed. In this regard, it is recommended that everyone will see the famous American hacker Kevin Mitnick's book "The Art of Deception", there is downloaded on the Internet, the writing is very good, you can take a novel, you can practice E text by way of it. Back to the movie, "firewall" is defined as a typical violent social engineering case, which is said because the robbery does not rely on the director, especially the domestic directors, very likes to have a miraculous hacker. Complete robbery (this is a kind of vulgarity that makes all the industry people deeply painful, just tapped up, then announced the intrusion system to "Bad Command or Files", relying on, you are a shit.), Instead, completed robbery in a manner that uses banks, it is clearly a category of social engineering. At the same time, it is obvious that the social engineering of the robbers belongs to the in-epigenic social project, because he relies on violence, not deception, this obviously Kevin Mitnick has not used the means, it is estimated that the truly social engineering hacker is also disdainful. Use this means. With Li Shu's words: "The most annoying you robbed, there is no technical content.

"The leader of this robbers is obviously a very professional robbery, the whole plan is very perfect (not perfect, the imperfect part is what to discuss below), stealing and imitation signing, monitoring, camouflage, etc. The means are very professional, it is estimated that this brother has a background of FBI or CIA. But this brother clearly understands the understanding of information technology, so this work is more in this regard, with the guy with glasses, this The guy should be a master of writing viruses and Trojans. However, although the robbers are very professional, the team's combination is also the director, a few nearly perfect. But the whole plan of the robbers has a major flaw, and now discuss it. First, the robbers do not have a complete and clear strategy principle, this principle is - killing or killing, this is a problem. The robbers seem to want to kill all the useful users of the event, but they are inexplicable Leave a hostage, it is obviously not a good idea with hostage. If you don't want to stay in the body, you can take the body. Of course, the Douk of Hollywood may be arranged for the end of a big group, but we discuss here. It is technology, not a movie. So should you kill still? Do you think it is either not killing, and I am more preferred to not kill, because the won is realized, the highest sword is not killing, it is peaceful. Sorry, It is too big to stay. So far. As for the reason why it is not killing, because the murder is too unity, for the pursuit of the realm, you can use technical means to avoid the police's tracking, and even let the other party do not find out. The alarm. This is also discussed below. Secondly, the plan of the robbers is perfect, but there is a feeling of painting the snake, such as forced the female owner to call the fake marriage, forgery, this is obviously very good for people who understand this couple. It is difficult for people to believe. And killing that person is very unnecessary. The robbers can find someone to walk with that person, and the human resources of the robbers are only responsible for the intelligence, they are not directly involved in the event. Other parts, no one will link the investment plan with the robbery plan, which can also leave less clues. The more simple plan is more and more, and when there is a simpler method, why should I use that? What about complicated methods? Again, the robbers have made a very low-level mistake, that is, change the password of the five accounts immediately after the funds are in place, formal this negligence caused the final unsuccessful and defeat. If the robbery is successful, change the password immediately, then The counterattack of the owner will not succeed. Of course, the robbers arranged the plan to kill the protagonist, but there were two possibilities of success and failure. The so-called care makes a thousand years, the password is not difficult, but it can guarantee that there is no loss. Moreover, I don't support murder. I finally discussed a very good way to raise the amount of the amount of the amount of the amount of the amount of the amount of the amount of the amount of the amount of the amount of $ 10,000. It is actually a reduction of the case. The means of the possibility. This is because For the average person, unless you are particularly sensitive to the number, you will only pay attention to the number of numbers, you can remember only two, up to the third place. For example, the first two of my account is 16, and I can't remember it later. Then, the top 10,000 larger of the big bank should be all tens of millions of levels, and less than 10,000 is very difficult to find, even if they find it too much. If the fourth place in my account is 1, I am also very hard to find that even if I find it, I will never report it. You ask me why? If you have a nonsense account, you will report less, you are not afraid of the police to tell you the official. It's said, cross-line inquiry is still 3 hairy, who knows this cussion is black or black by the bank. Because the possibility of the case is reduced, the necessary murder must be even more great.

转载请注明原文地址:https://www.9cbs.com/read-131042.html

New Post(0)