The word hacker has been time and again abused by many a man. This article is an attempt to spread awareness about hacking and that all hackers are not EVIL.
What is hacking?
Hacking has always invoked curosity among programmers and other computer users all over the world . Although it has always had certain connotations, there is also a positive side to the concept of hacking.
The greatest risk that the information technology business faces today is the security of information in terms of integrity, availability, and confidentiality. Incidents of website defacements, credit card frauds, non-availability of web and application servers, and new virus attacks are common. Statistics from various researchh organisations clearly show a rise in the number of reported information security breaches over the years.
These statistics highlight the need for understanding various security breaches. Besides, it has also become necessary for system administrators, Web masters, corporate management, and individual users to implement strong security measures.
Who Exactly Is a Hacker?
Hackers are intelligent computer professionals who have learned and acquired knowledge of advanced techniques about operating systems, programming languages, and application software. Hackers try to gain indepth knowledge of a system/network, and then use that information to find possible security gaps in it.
Hackers do not always intend to damage data or other system resources.They also share their knowledge with other users, thereby highlighting security concerns. For example, a system engineer who detects the vulnerabilities of a network/system with the intention of suggesting better security measures will be a hacker with positive intentions.
Depending on the mindset and intentions of a hacker, he or she can be divided into different communities .
In additdion to the people with good knowledge and intentions, hackers may be categorized as:
- Phreaks: Phreaks use computer devices and software to break into telecommunication networks. They use the security gaps in a telecommunication network to make free phone calls and may also try to charge them to legitimate telephone users. Such act is known as Phreaking.
- Script Kiddies: Script Kiddies are individuals who have inadequate technical skills to hack into systems. They utilize already available information about known vulnerabilities to break into remote systems. Script Kiddies break into remote systems by using internet, usually for fun or just out of curosity. However, it is interesting to know that script kiddies usually do not have any specific targets for their attacks nor do they use methodologies. Script Kiddies generally use free hacking tools available on the internet to search for any computer that may be connected to a network, but which is not secure enough to counter such an attack.
Classes of Hackers
Today it is difficult to distinguish between hackers, phreaks, and script kiddies. Therefore, depending on the nature of their activities , hackers are categorized into following groups:
- White Hats
- Black Hats
- Grey Hats
White Hats: White hackers use their skills and knowledge for good purposes, helping to find new security vulnerabilities and making the vendors of the applications or network administrators aware of the detected vulnerabilities. White hackers do not hack systems with any bad intent.
White hat hackers always inform concerned security professionals about the vulnerabilities they have discovered before the security of the system is compromised by intruders with ill intentions. For example, a hacker who tries to break into a system to find all possible security weaknesses helps a system administrator implement better security measures and is known as White Hat Hackers.
Black Hats: Black hat hackers engage in their in their activities with bad intentions. They perform illegal activities, such as destroying data, denying services to legitimate users, and defacing websites. For example, a hacker who breaks into the network of a bank and steals thousands of dollars by transferring it to other banks is a Black hat hacker.
Black hat hackers may share the results of their experiments with other hackers but not with the concerned security professionals.
Grey Hats: Grey hat hacker do not believe in categorizing hacking activities as either good or bad. They believe that some of the activities that are condemned by White Hats are harmless.
Ethics of Hackers:
Ethics are principles that distinguish between right and wrong. The American Heritage Dictionary defines ethics as, "The rules or standards governing the conduct of a person or the members of a profession."
Intelligent individuals have adopted hacking as a profession, but they have also exploited hacking for various unethical reasons. Ethics have a crucial role in the hacking community.
Need for Ethics:
In a social enviornment, human beings are interdependent and need to support each other in times of crises. They also have moral and social responsibilities to provide social justice to others. At the same time, freedom is the basic right of humans . However, in this interdependency it is important that an individual should not deny another individual's right of freedom.Hence it is necessary to have some guidelines that distinguish between good conduct and bad conduct.
Ethical Issues of Hacking:
Hackers who are conscious of other people's rights are assets to information technology. Rather than harass or cause damage to others, their activities should help build and improve existing technology. It is the hacker's responsibility to ensure that their activities do not cause any damage to the confidentiality and integrity of information.
Hacking Techniques :
To hack a system, hackers have to first find the possible security gaps and vulnerabilities within that system by using various tools and techniques.
Some of the common techniques used by hackers around the world are:
- Eavesdropping/Sniffing attack
- Reconnaissance
- Scanning
- Internet Footprinting
- Pharming
Eavesdropping/Sniffing attack:
An eavesdropping attack uses special software, known as a sniffer, to gain access to communications being carried out over a network. Sniffers are used to steal the content of the communication or to obtain confidentiality data such as user credentials.
Attackers can eavesdrop on both wired and wireless network communications. On a wired network, the attacker must have physical access to the network or tap in to the network cable. On a wireless network, an attacker neds a device capable of receic=ving signals from the wireless network.
Reconnaissance:
The information about target users that interests hackers includes physical locations, assets , user details, phone numbers, network structures, operating systems, application programs, hardware configurations, available system services and bussiness strategies.
Reconnaissance is the method of collecting infromation about a potential target by using bohphysical and electronic methods. Hackers can physically enter an office or a home and search papers, computer documents , or even garbage for relevent information. However, collecting information phiysically isnot always possible because of numerous restrictions or defficulties that prevent entering a target's office or home.
Alternatively, hackers can use the internet and networking technologies to collect valuabele information about users and organisations. The internet allows hackers to access a lot of information about organizations and individuals.
Scaninng
Any technique that allows hackers to clearly understand the vulnerabilities of a target system from a remote locations simplifies hacking efforst. it is possible for hackers to find out the vulnerabilities of a remote host by performing scanning of the ports.
Scanning is the method of using programs to examine the weakness of some ports on an IP address. The tools used for scanning are knowing are known as port scanners and are used to reveal open ports in a nework , which be vulnerable to attacks.
Scanners were not developed as hacking tools. They were developed by security professionals to help system administrators examine networks for various network-specific operations. The developers of scanners made them publicly available over the internet, to help people improve the systems across the world.
However, the public availability of scanners has also helped hacker sto scan the network and its vulnerabilities. In this way, scanners have become a powerful hacking tool.
Internet Footprinting
Internet Footprinting is a type of reconnaissance technique and involves gathering information about the network of a target system . Internet footprinting helps a hacker to gain in -depth knowledge about a system, its remote access capabilities , its ports and services, and the various security aspects of the system.
Pharming
Pharming, pronounced as farming, is a hacking technique that allows a hacker to transmit the traffic of a website to a diiferent and mostly fake website. This can be performed by either modifying the contents of a file known as Hosts file on a victim's computer or by taking advantage of vulnerabilities in the Domain Name System(DNS) server software, which is which is responsibility for resolving internet names into their real addresses (IP addresses).
The fake websites receiving some other websites's traffic can be used to obtain a user's confidential information, such as passwords, PIN number, or account IDs. However, the pharming technique tchnique is only possible when the original website is not secure, or when the user ignores warnings about invalid server certificates.
Why to choose Java?
In the computer market, being able to use Java is a crucial knowledge. Java is a development terminology used to build compelling content for websites, stand-alone application, and server-side programs. The Java foundation is the unseen power behind numerous programs we use in a variety of devices, from PCs to gaming consoles, as well as systems. Today, it is used by roughly 9 thousand application designers, and an incredible number of end-users globally. Java is truly everywhere. 1 billion dollars personal computers and 3 billion dollars mobile mobile phones run Java. At the same time, 100% of Blu-ray gamers run this system. There are also more than 900 thousand Java playback environment downloading yearly.
History of Java
Java technology was designed by James gosling, along with some of the application technicians at Sun Microsystems in the early 1990's. The team had the fact that the next stage of processing was the partnership of electronics and customers. Earlier on in this development language's growth, Java was known in a different way, specifically Oak and thereafter Green. The Java terminology venture was originally designed for entertaining television, but back then it was too complicated for current digital wire systems. By 1995, Sun Microsystems presented Java 1.0, and the company marketed it as a Create Once, Run Anywhere terminology. What this means is that, Java programs can be designed on any system, collected as a standard bytecode, and run on any system that is packed with a Java exclusive machine.
Why application designers use of Java
Through Java, application designers can write in one foundation and be assured that it will run on almost any other foundation. Apart from its cross-platform benefits, it is also effective, secure, and convenient, making it necessary to designers. Using this development terminology, application contractors can create highly effective application for a number of devices like set-top box, photo printers, add-ons for computer systems, games, medical devices, and so much more. It can also be used along with additions like OSGi or CORBA to produce highly personalized application or services.
How understand Java?
If you are fascinated to understand Java, there are many institutions that are providing programs in this terminology. You can also develop your skills by surfing around articles added to Oracle's Java designer website, being a member in online Java boards, updates, and deciding upon up for instructor-led programs available on the Internet. Additionally, there are a lot of books you can use to understand Java. With so many solutions to understand Java, there are high opportunities that you can find one that meets your demands.
If you are looking for creating programs across various systems, studying java guides can help you do just that. There are various studying options, which can create it difficult to choose; however, it can also mean having a better possibility of finding a system that meets your choices and needs.
DATABASE CONNECTIVITY
This articles explains the need of database connectivity, the way it is achieved through Java using the JDBC(java database connectivity) APIs.
Need of Database Connetivity
Consider a scenario where you have to develop an application for an airlines company to maintain a record of daily transactions. You install your database server ,lets say SQL server, design the airlines database and ask airlines personnel to use it. Will this daabase alone be of any use to the airline personnel? The answer is NO!. The task of updating SQL server by using SQL statements will be a tedious process. An application will need to be developed that is user friendly and provides a client, the options to retrieve , add, and modify data at the touch of a key.
Sun Microsystems has included JDBC API as a part of J2SDK to develope java applications that can communicate with the databases.The following figure shows the airlines reservation system developed in java interacting with the airlines database using the JDBC API:
PROBLEM:
Java applications cannot directly communicate with a database to submit data and retrieve the results of queries. This is because a database can interpret only SQL statements and not java language statements. For this reason, you need a mechanism to translate java statements into SQL statements . Java Drivers provide us with such a mechanism.
JDBC Drivers
JDBC DRIVERS act as an interface between a java application and a database. It enables connectivity to a database. A driver sends the request of a java aplication to the database . After processing the request, the database sends the response back to the driver . The driver translates and sends the response of the jdbc api. The JDBC API forwards it to the Java application.
JDBC supports four types of drivers
- JDBC-ODBC Bridge driver
- Native-API Partly-Java driver
- JDBC-Net Pure-Java driver
- Native Protocol Pure-Java driver
THE CODING PART...
Java has provided us with the jdbc api classes and interfaces , available in the java.sql and the javax.sql packages.The classes and interfaces perform a number of tasks, such asa establish and close a connection with the database , send a request to a database , retrieve data from a database, and update data in a database. The commomnly used classes and interfaces in the Jdbc API are:
- DriverManager class: loads the driver for a databse .
- Driver interface: Represents a database driver. All JDBC classes must implement the Driver interface.
- Connection interface: Enables you to establish a connection between a java application and a databse.
- Statement interface: Enables you to execute SQL statements.
- ResultSet interface: Represents the information retrieved form a databse.
- SQLException class: Provides information about the exceptions that occur while interacting with databases.
To query database and display the result using Java applications, you need to follow the below mentioned steps:
- Load a driver.
- Connect to a database.
- Create and Execute JDBC statements.
- Handle SQL exceptions.
- Close all the connections.
Now we will discuss step wise implementation of these steps.
Loading a driver:
Java has provided us with two ways of loading a driver, namely:
- Using the forName() method
- Using the registerDriver() method
forName() method: The forName() method is available in the java.lang.Class class. The forName() method loads the JDBCdriver and register the driver with the driver manager. The syntax to load a JDBC driver to access a database is:
Class.forName("<driver_name>");
for eg: You can laod the JDBC-ODBC Bridge using the following method call:
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
rigisterDriver() method: You can create an instance of the Driver class to load the jdbc driver. The syntax for that is
Driver d = new sun.jdbc.odbc.JdbcOdbcDriver();
Once you have created the Driver object, call the registerDriver() method to register it with the DriverManager. Or in other words simply call the registerDriver() method using the class name DriverManager and pass the object of the driver class into the registerDriver() method. Syntax of that is:
DriverManager.registerDriver(d);
Connecting to a Database:
interface to establish a connection of the Java application with a database. You can create multiple Connection objects in a Java application to access and retrieve data from multiple databases. The DriverManager class provides the getConnection() method to create a COnnection object. The getConnection() method is an overloaded method that has three forms. Syntax of the same is:
Connection con = DriverManager.getConnectio.("jdbc.odbc.MydataSource");
where jdbc is the protocol, odbc is the subprotocol and MydataSource is the DSN(ie data source name)
Creating and Executing JDBC Statements
You need to create a Statement object to send requests to and retrieve results from a database. The Connection object provides the createStatements() method to create a Statement object. You can use the following code snippet to create a Statement object:
Connection con = DriverManager.getConnection("jdbc:odbc:MyDataSource","NewUser","New password");
Statement stmt = con.createStatement();
The statement interface contains the following methods to send static SQL statements to a database:
- ResultSet executeQuery(String str): Executes an sql statement and returns a single object of the type, ResultSet.
- int ExecuteUpdate(String str): Executes the sql statements and returns the number of data rows that are affected after processing the sql statement
- boolean execute(String str): Executes an SQL statement and returns a boolean value.
Handling SQL Exceptions:
The java.sql package provides the SQLException class, which is derived from the java.lang.Exception class.The SQLException is thrown by various methods in the JDBC API and enables you to determine the reason of the errors that occur while connecting a java application to a database. You can catch the SQLException in a java application using the try and catch exception handling block.
Closing the opened connection
As the resources used in running any process are extremely precious to us so closing all the opened resources is a good coding practice. To close a resource , we use the close() method.
I hereby leave you with a simple program which hal used the above mentioned classes and methods to give you a better understanding of JDBC:
Program code:
import java.sql.*;
import java.io.*;
class DataBaseDemo
{
public static void main(String... aa)
{
try
{
//load the driver class
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
System.out.println("driver loaded");
//create the connection
Connection c = DriverManager.getConnection("jdbc:odbc:mydatabase";"deven";"password");
System.out.println("connected");
// create the statement
Statement s = c.createStatement();
//create the result set
ResultSet rs = s.executeQuery("select emloyeeID, login from human resource.employee");
while(rs.next())
{
System.out.println(rs.getString(1));
System.out.println(rs.getString(2));
}
}
catch(Exception e)
{
System.out.println(e);
}
}
}
Write your first simple java program.
First of all we need is a placewhere we can write your Java code. All Java programs are written using plain text files such as a notepad.Therefore there is no need of a fancy software.Lets come to write your first program.For this you open a notepad and start writing a code.The program code looks like this:
class HelloWorld
{
public static void main(String[] args)
{
System.out.println("Hello World!");
}
}
For your first program we are going to understand step by step process to compile and run a program.
1.The first step is to save the file written on the notepad.
A dialog box is open as show above. Now save your file as "HelloWorld.java". Now I have created an directory in My Documents called "Java" to store the all the Java programs in one place for my convience. You are free to create a another folder on your computer as you prefered.
Note:-
It is very Sincere while saving a file you must save a file as "HelloWorld.java".
class HelloWorld
{
The above code is an instruction to call the class "HelloWorld".
2. Then we need to open a Terminal Window as show below.
Most of the program are window application you are use a cursor to open a file but the above program are a example of console application it does not run on its own window its needs a terminal window to run a program. A terminal window is a source to run a programs that is stored on your hard drive.
Now to open a terminal window, press the "Windows key" and the letter “R” at one time.
Now a dialog box is open and type a cmd and press ok.
3. The Java Compiler
Now what is a java compiler .It is one of the console program is the Java compiler called "javac". Its function is to read the code in the HelloWorld.java file, and then translate it into a language that your computer understand. This process is known as called compiling.In Java every program you write in a notepad they have to be compiled before it can be run.
To run javac from the terminal window,First of all you need to tell your computer where The file is located on your computer.Now you give the directory just like I give here my location is "C:\Program Files\Java\jdk\1.6.0_06\bin". If you have the same directory then use it otherwise search your directory from your computer.
When you found your directory location, type the following command into the terminal window:
set path= *the directory where javac located*
Example:-
set path=C:\Program Files\Java\jdk\1.6.0_06\bin
Now press Enter. The terminal window return you something in a flash, It will be the command prompt. At last the path to the compiler has now been set and ready to use.
4. Change the Directory as you preferred
Now,you think where your HelloWorld.java file is saved in your computer. My file has been saved in a directory called "Java1" in My Documents. The location is as "C:\Documents and Settings\Chandan\My Documents\Java1".
Follow the below code to change the directory in the terminal window, type in the command:
cd *directory where HelloWorld.java file is saved*
Example:-
cd C:\Documents and Settings\paul\My Documents\Java1
5. Compile Your Program
Now you are ready to compile Your program. For that, enter the command:
javac HelloWorld.java
When you hit Enter buttom, the compiler work start and look at the code contained within the HelloWorld.java file, and try to attempt to compile it if yor program does not contain any error. If it contain error, it will display a series of errors on the command prompt which help you fix the code.After fixing the error again try to compile your program in the same manner as discuss above.
Tip: After your HelloWorld program has been successfully compiled, and you will see a new file in the same directory. It will be the “HelloWorld.class”.
6. Run the Program
And at last the only thing is to remain is to run the program. In your terminal window type the command:
java HelloWorld
When you press Enter, the program will run and you will see a output as "Hello World!" written to the terminal window.
This all about your first java program keep going I will discuss the core java in a brief in my next article . Thanks for reading my article.
Array of objects in Java
Arrays are defined as block of continous memory locations which are arranged in one after another. Elements of the Array can be accessed by the index number as: a[2]
Syntax:
data_type[] array_name = new data_type[number of elements];
Example:
int[] name = new int[10];
Array of objects
Objects are instance of a class.
Object can easily be created using following syntax: class_name object_name = new class_name();
Example: Student name = new Student();
but what if we need to create hundreds of objects of the same class. However this can be achieved using above procedure but imagine the the efforts and time required. To accomplish this task, Java introduces array of objects.
syntax: class_name[] object_name = new class_name[number of objects];
Example: Student name = new Student[5];
this code segment will create 5 objects called 'name' of type Student.
here is a beautiful example of apllication of array of objetcs: Students marksheet
Programs states:
Write a java program to accept details of students such as name, ID no, marks in Maths, Physics, and Chemistry. Display the students detail in descending order of their total marks. (Use array of objects)
import java.io.*; //importing input-output files
class Student
{
String name; //declaration of variables
int id;
int mathmarks;
int phymarks;
int chemmarks;
int total;
Student(String naam,int idno, int m,int p,int c) //Initializing variables to user data
{
name=naam;
id=idno;
mathmarks=m;
phymarks=p;
chemmarks=c;
total=m+p+c;
}
void display() //displaying information
{
System.out.println(name+"\t"+id+"\t"+mathmarks+"\t"+phymarks+"\t"+chemmarks+"\t"+total);
}
}
class Studentexe //main class
{
public static void main(String args[]) throws IOException //exception handling
{
System.out.println("Enter the numbers of students:");
BufferedReader in=new BufferedReader(new InputStreamReader(System.in));
int n=Integer.parseInt(in.readLine());
Student[] S=new Student[n]; // array of objects declared and defined
for(int i=0;i
System.out.println("Enter the Details of Student no: "+(i+1)); //reading data form the user
System.out.println("Name: ");
String nm=in.readLine();
System.out.println("ID no: ");
int idno=Integer.parseInt(in.readLine());
System.out.println("Maths marks: ");
int m=Integer.parseInt(in.readLine());
System.out.println("Physics marks: ");
int p=Integer.parseInt(in.readLine());
System.out.println("Chem marks: ");
int c=Integer.parseInt(in.readLine());
S[i]=new Student(nm,idno,m,p,c); //calling Student constructor
}
Student temp; //swaping to achieve decsending order of total marks
for(int a=0;a
for(int b=0;b
if(S[b].total {
temp=S[b];
S[b]=S[b+1];
S[b+1]=temp;
}
}
}
System.out.println("\nName"+"\t"+"ID"+"\t"+"Math"+"\t"+"Phy "+"\t"+"Chem"+"\t"+"Total"); //printing data on the output screen
for(int i=0;i
S[i].display();
}
} //main ends here
} //Studentexe class ends here
Note: 1) save the above code as 'Studentexe.java' while executing.