3. Exploit your PC

Posted on 12 May 2008 at 15:03

It's possible to go a step further than merely probing your firewall for open ports, and actually simulate the kind of attack a hacker might employ from a number of known attack methods, such as Denial of Service, data packet fragmentation, control message swamping and CPU cycle consumption. You should pay particular attention to the various warnings about crashing your computer before doing so; a working data backup or system image is essential if you go down this testing road.

The PC Flank Exploits Test (www.pcflank.com/exploits.htm) throws a host of Denial of Service exploits in the direction of your system, although most are only of interest to those running older versions of Windows - such as 2000 and NT - and some versions of Linux. They're a good real-world method of testing just how robust your security is, but be warned they do consume large amounts of network bandwidth by their very nature.

For other operating systems, Nessus is a fine alternative, according to Lee Lawson, the lead penetration tester at information security providers DNS. "Nessus can be installed on all types of operating system and can be used to scan either the local computer or other networked computers," he says. "The generated report may be a little overwhelming at first but is invaluable information to would-be hackers."

One of the easiest ways to get to grips with Nessus and other exploit- and vulnerability-detecting tools, such as the Nikto Web Server Scanner, is to spend $9.99 on a seven-day membership of Hackerwhacker (www.hackerwhacker.com), which gives you unlimited access to its easy-to-use remote versions, as well as offering help in understanding the results.

4. Check for leaks

Hack it yourself

Author: Davey Winder