A common misconception about hackers is that their sole intent is to defraud other people. However, there are those who hack purely for the challenge and the enjoyment of it. They generally do not have any malicious intent further than pranking the server they break into and perhaps turning some heads.

One prime example is the recent hack of the Harvard Lampoon's Web site by a Columbia University Marching Band member. No real permanent damage was done to the server on which the Lampoon's Web page resides, and the student's main goal was simply to play a joke on the Lampoon.

However, the vast majority of hackers are out there for the taking of private information, as in the cases of the Dunster and Eliot House system break-ins. Some follow a profoundly anti-bureaucratic ethic that was defined by Steven Levy in his 1984 book, Hackers: Heroes of the Computer Revolution. His tenets are as follows: Access to computers should be unlimited and total, all information should be free, authority should be mistrusted and decentralization should be promoted.

It is also important to note that not all malicious computer use is considered hacking. For example, there is a "denial of service attack." "This is an attack where the attacker doesn't actually break into a remote system but does something to render the remote system unusable by flooding it with information in some way," Osterberg says.

How to Hack

The actual hacking of a Web site is, in actuality, not an extremely complicated process. For the hacker, the only obstacle is getting the password for the root user to the server.

By logging in as root, a person gains universal access to do whatever they want to the files on that server. For hackers, this generally entails first changing passwords, so that only they can gain access to the server, and then altering the site, while taking care to delete all the logs that might be used later on to identify them.

There are two commonly used methods of gaining root access to a server. The first is through anonymous FTP access into the Web page's server.

Once connected, all the hacker has to do is take the password file and unencrypt it using a cracker program and a dictionary maker. With these programs in hand, the hacker can simply run them on the password file to get an unencrypted version of the password file.

Basically, what this cracker/dictionary combination does is generate alphabets and then use some version of a "brute force" (where every possible combination for the encryption key is tried) in order to break the encryption code.

Hence, the more heavily encrypted a password file is, the more difficult it will be for a hacker to be able to compromise it.

Another method of hacking Web pages is

through the use of exploits, which are more closely related to what most people think hacking on the Internet is.

Exploits are tiny programs that a hacker runs on a server to expose errors or bugs in a system. While this is a much more complicated way of hacking a Web site than through FTP, it is also much more powerful because it allows a person to hack servers that don't allow anonymous FTP access.

Generally, what a person would do is to set up an account with the target if that is possible and then view any weak spots in the system from the inside out. Each system, however, is bound to be different, so this is where a certain level of skill and experience come into play.

By writing the right programs and running them correctly, the most experienced hackers can usually hack into just about any server. This is a scary notion, because no matter how heavily protected one is against break-ins to the server, one can never be completely sure whether a hacker will run some program on the system that will expose a flaw in security.