The internet is a large and vast place.
Luckily for us, it is easy to navigate around.
We have places that will help us navigate the net such as Google and other link providers.
Search engines are not the only places that index the links of web sites though as you have places such as directories, which Yahoo used to be, that also do it.
In Cyberspace, No-One Can Hear You Lurk
But there is also another part of the internet that few people know about.
It is where people who do not want to be found lurk at.
It is called the darknet and it is a part of the internet that is never indexed.
This is where you will find the most exciting parts of the internet.
To quote the movie “Hackers”, these are where the keyboard samurai (aka ‘hackers’) like to hang out at.
This is especially true for black hat hackers but even though these places are secret, there are still a group of people who know how to find them and try to stop the bad guys before they launch their next terrible attack.
Security experts know full well about these dark pools.
Even though they are on a part of the internet that most people do not go down, it is still part of the normal net.
It uses the same IP addresses that every other site uses.
If you are going to be a computer security expert then you must be able to venture down these dark holes; if you want to be able to stop the next big attack then this is the place that you have to be – you are not going to find out anything lurking on Yahoo messenger.
Instead, you have to be where the action is and most of the time this in the darknet.
But the dark net is not the only place where you are going to find the bad guys and it is not the only way that you can track them down either.
Sometimes you have to do a little bit of digital forensics to be able to find where the bad guys are at.
You can do that by learning how to read the code that they put out there for their attacks.
Reading The Code
Most programmers and even some hackers do not know that there is an art to reading code after it has been compiled.
The whole purpose of compiling a program is so that it gets translated into machine code and it is able to run faster.
Of course not all program languages follow this paradigm.
The ones that don’t are what you would call an interpreted language; those are languages that are made so that the person can write the code quick and easily and not have to worry about the time it takes the compiler to go through its paces.
Most hackers use a compiled language such as C or C++ because they are able to make the programs smaller and fit into less memory on the machine they are attacking.
The less memory you are taking up, the less likely someone is going to notice you are there.
Also, with these types of compiled languages you are able to control the memory which makes it easier to form an attack.
Since the languages are compiled, to be able to read them a security expert has to use a program called a decompiler.
The Decompiler In Action
When some people hear the word decompiler they believe that it is going to show the source code of the program again.
That is not what happens.
The decompiler allows you to see the assembly code that the program is running on.
From there a security expert who is good at assembly will be able to see little signatures that might give away who the hacker is or at least where the attack came from.
They can do this by seeing if the person used certain functions, if there are any strings in a foreign language and other little things that can tell more about the person who made the program.
Work such as this is long and tedious and is only done by people who love the job as there is so much to study before you can get to this point.
You have to have good working knowledge of software program construction, the operating system, and the processor underneath.
These factors all form together for you to be able to find out some things about the program.
Finding The Bad Guys
Finding out what is inside the program is only the first step.
Next you must be able to find out how the program was delivered in the first place.
What nodes on the internet did it take to get here?
This is when the attacker is finally caught.
In this stage of operation, everything can be exposed.
The network is the most telling of the whole process but you may have to deal with other countries to find out who did it.
Hopefully you now realise that there is a lot that goes on when trying to find the bad guys.
It is hard work but some people love it.