Script Kiddies: Vermin Of The Internet? - What Exactly Is A Script Kiddie? (Page 2 of 6 )
Hackers seem to have gained a fairly respectful reputation in society these days, mainly due to glorification by the media. This article is not about the true hackers, but about their "wannabe counterparts" - the Script Kiddies.
A Script Kiddie is someone who is "socially challenged" and has very little respect for the privacy of others. They utilise freely available software, which is easy to use, to scan networks in the hope of finding a computer that is compromised enough to allow them to have some fun.
Fun includes crashing your machine, opening the CD-ROM tray, controlling your mouse, stealing your files or other "really cool" activities such as stealing your PWD (password) file for cracking later on. Script Kiddies gain this type of control through utilising Trojan programs that have been installed on your computer by other means (usually by executing unscanned infected email attachments or software downloads). The Trojan broadcasts it's presence to the world, so as the Script Kiddie sits back and picks his nose, or engages in other such habits, the port probing program he is running detects any suitable Trojan, makes a connection and he's in... akin to home invasion.
These Trojan programs take up residence on certain ports on your computer. And here's the scary bit. There are approximately 65 000 ports on your PC. Each Trojan has its "favorite" port, so that makes the Script Kiddie's cushy job even easier. Since installing my firewall a month ago, I have had notifications that these particular ports have been probed over 300 times.
Script Kiddies can get a little more creative with their attacks, but mostly it is random opportunist vandalism and theft. And these are considered punishable crimes in many countries. The act of port probing is considered by most ISP's to be hacking.
The reason for my tone in this article is that I would like these people, mainly young, bored and misdirected, to realise that what they are doing is not "cool". We do not consider them to be "hackers"... just annoying, immature criminals. If the entire Internet community took on the same attitude towards this behaviour, it may encourage them to cease it. There is no glory in what they are doing, and very little skill involved...
Even using the term "Script Kiddie" in reference to them relays the derision that they deserve. Calling them hackers is a boost to their rather sad egos.
If this article has stirred your interest in the subject of Internet security, and the security of your own computer, I strongly recommend a visit to http://www.grc.com and testing your computer out on their online diagnostic - "Shields Up". I ran this test last year and was horrified at what information I was unknowingly giving away. The owners of grc.com, the Gibson Corporation, are well respected in the Internet Security Community and the tests are carried out under secure conditions. And yes, it's free...
Even if you do use the latest virus scanner that can detect these types of Trojans (they aren't actually virii), it's still worth a trip out there. The method of attack stated above is only just one of the many invasion strategies currently in use.
As for personal firewall security, check out our new security and privacy software section, where you'll find a number of interesting software products to assist you in securing your systems and to make web surfing not such a hazardous exercise.
Your ports have most likely been probed while you have been online today... and you probably wouldn't even know it...