Hello all! I have been very busy with a myriad of things so I'd like to apologize for that.
I'd like to start off this post by asking a question. You all know KORE projects is a security/anonymity project. However,
How can you be secure if you don't know what to look for?Don't get pwned
In this series of posts, I'm going to be teaching you what hackers look for and how to deter them as simply as possible. Here's some great news, for the most part, you do not have to worry about hackers. The people you are most likely going to encounter attempting to hack you are known as skids. Skids are Script KIDdies. These people don't know how to hack and normally don't even know the fundamentals of hacking. All they are capable of doing is using another person's tool that does all the "work" for them. Because of this, you can deter 90-95% of attempts to gain access to your system by just following basic steps and using your head. In fact, the likelihood that someone has tried to "hack" you and failed is pretty high! Skids attack weak accounts with little security, or "low hanging fruit." In this series Ill teach you how to not be in that category of easy victim and how you can bump up your security!
The first attack we will look at will be very basic, as this is an introduction to the series. In this post, we will be looking at brute forcing passwords. There are normally two forms of brute forcing recognized in the hacking community. I will be discussing a third semi-subcatagory as well.
The three options I recognize are basic brute forcing, dictionary attack and custom dictionary attack.
1) basic brute forcing
This is the attack that most people think of when they think of password security and having a longer password being better. How this attack works is the attacker sends thousands of passwords to the server/file a second. They try every possible combination and then add a digit. For example, an attacker would send a, b, c, etc...etc, until they hit z, then they would add a digit and send aa, ab, ac. This is the most basic form of brute forcing and it can find a short password very very quickly. The password "Matrix" takes less than a minute to crack on a very weak system, it would take less than ten seconds on a powerful system.
DEFENSE) For this attack I recommend long passwords with lots of special characters. Instead of Matrix, use Th3m@7R/x1ol
2) dictionary attack
This is another type of attack commonly used on accounts, this is actually the most common attack to try to gain access to accounts. With this attack, we have a file with several thousand/hundreds of thousands of passwords and we try them all. This will not cover as much ground as a basic brute force but will get more accounts in a shorter time
DEFENSE) For this attack I recommend long, unique passwords or long generated passwords.
2a) custom dictionary attack
This attack is RARELY used by anyone except experienced hackers who are targetting a specific person. This attack requires the hacker to get to know the person, what are their likes, what are their dislikes, where do they live, what do they do for work. The hacker then takes all that information and guesses possible passwords based on the victim's likes/dislikes/location/data. For example, a dog lover's password might be I<3Puppies!, the list normally includes relative's information as well. If the victim's wife is named Jessica then the hacker would gather a list of passwords including Jessica and add that list to the list with dogs and puppies. This is not an advanced attack but it requires a lot of time to get to know the victim, as such this is PROBABLY not the type of attack you have to protect against (but its a good idea to make sure you aren't vulnerable to this attack
)
DEFENSE) Long, multiphrase, ciphered password. Instead of Matrix, you could use a cipher and make it Zlyuen then throw in special characters.
Remember, its NOT a good idea to use the same password for multiple accounts and you should change your passwords regularly.
For advanced users who want to learn more and hack YOUR OWN accounts check out this link:
https://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-user-passwords-linux-system-0147164/If there is an attack you want to learn about/deter message me on discord and I might put it in this series. Also if you notice anything incorrect/needing additional info in any of these posts, feel free to message me.
Matrix
i will always support this Projects Forever 
