No, I don’t want to learn how to do this.
I am asking because an obnoxious person at a forum keeps threatening to hack into the websites of people he hates.
Two questions:
1. What is the likelihood that this guy isn’t just all talk?
2. How can a website be protected from such people with no other ways to occupy their time?
Umm… if he’s threatening, then he probably can’t do it.
It all depends on the website’s host. If the host is protected by a firewall, most attempts to hack get logged and rejected. (Which is why most hackers take over other people’s computers first, so they don’t get caught)
Unfortunately, most “dumb” hackers can probably download some program to do some damage.
The idiot is just talk.
There are two ways to get into a system.
One is through the front door. Logging in with either a login/pass that they got through social engineering (conning someone out of their login/pass) or through a brute force attack (using a program to try all kinds of log/pass combos, which will get noticed most of the time)
The other is through a bug in the system. Either a server on the system has a bug that a cracker can exploit to get in or a brain dead setting (like leaving a server sitting on the internet with no password for the admin account).
Even the best programs will have bugs now and then which is why if you’re going to have any system on the net you really need to keep up on security fixes.
Also, the site might be vulnerable if it has any forms where you can put data in it (a search engine, or username/password forms).
It’s next to impossible. “Hacking” doesn’t work the way it does in movies.
The best he can hope to do is get lucky and guess the password. Could Possibly do a denial of service wherein he swamps the host with requests such that “real” visitors can’t access it. This isn’t really hacking though.
Whenever I get one of these…ahem…“threats” I always encourage them to do their worst. That just pisses them off because they know they can’t really do squat.