Using CFW to Defend Against Hacker Tools

Application Scenarios

Attackers may use hacker tools to intrude computer systems or networks, which may cause computer system or network damage, data leakage, network breakdown, or even serious legal consequences and security risks.

CFW provides intrusion prevention rules to effectively identify and block various hacker tool attacks, such as port scanning, remote control, Trojans, and network listening.

What Is a Hacker Tool?

A hack tool is a malware program used to launch network attacks. It is usually installed by hackers or malicious programs on victims computers to steal sensitive information, damage the system or network, and remotely control computers or networks. Hacker tools can also be legally used by security researchers to test the security of a system or network.

Hacker tools have the following characteristics:

• Covert: Hacker tools are usually designed to be very covert. They may disguise as legitimate software or services, or exist in other forms that cannot be easily detected, so that attacks can be launched stealthily.
• Complex: There are diverse hacker tools, including but not limited to port scanners, vulnerability scanners, password crackers, remote control software, Trojans, and network listening tools, which can be used in different scenarios.
• Easy to use: Hacker tools can be used to implement complex attacks or penetration through simple operations. A large number of hacker tools are shared on the Internet. Most of the tools provide detailed instructions and are easy to use. As a result, the technical threshold for using hacker tools is lowered. Attackers can use these tools to launch attacks even if they have no professional knowledge.
• Destructive: Hacker tools are highly destructive. They can be used for diverse attacks, penetration, and cracking; and can quickly detect and exploit vulnerabilities of target systems to efficiently launch attacks.

Harms of Hacker Tools

Abuse of hacker tools may bring huge security risks and economic losses to individuals and the society, including but not limited to the following:

• Information theft: Hackers can steal personal and privacy information, such as accounts and passwords, bank account information, and social media accounts, causing property loss and privacy leakage.
• System damage: Hackers can attack computer systems and damage system files and data, causing system breakdown or data loss.
• Malicious attacks: Hacker tools can be used to launch malicious attacks, such as DDoS attacks and virus attacks, to make websites inaccessible or crash.
• Cybercrime: Hacker tools can be used to carry out criminal activities, such as cyber fraud and cyber extortion, causing social security problems.

How to Defend Against Hacker Tools

1. Log in to the management console.
2. Click in the upper left corner of the management console and select a region or project.
3. In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
4. (Optional) Switch firewall instance: Select a firewall from the drop-down list in the upper left corner of the page.
5. In the navigation pane, choose Attack Defense > Intrusion Prevention. Click View Effective Rules under Basic Protection. The Basic Protection tab is displayed.
6. Filter the rules for hacker tool prevention. In the filter above the list, select Hacking-Tool from the Attack Types drop-down list.
7. Enable protection in batches. Select multiple rules at a time and click Intercept.
   

   Intercept: The firewall records the traffic that matches the current rule in attack event logs and blocks the traffic.