Anatomy of a Hacker Attack
Phase 6 - Covering Tracks
Most hacker attacks go unnoticed. Many times this is because
no-one is looking. Most computers have logs, but usually, there will not be
anyone reviewing them. However, for the hacker, covering tracks by deleting
entries from a log file is usually pretty easy. Other ways to cover tracks is to
use hijacked intermediaries for all communication with the target computer. That
way, locating the hacker through his IP address will be much more difficult.
Software may be used to hide your tracks as well. Once you
have sufficient privileges on a computer, you can theoretically do more or less
whatever you like with it, if you are skilled enough. For example, so called
root-kits can be used to modify the operating system itself in a way that is
practically impossible to detect.
Copyright © 2002 Abtrusion Security AB.
All rights reserved. This document may be reproduced provided that it is
reproduced in its entirety and that this copyright message is retained.