Script kiddie

related topics
{system, computer, user}
{war, force, army}
{math, number, function}
{film, series, show}
{specie, animal, plant}
{island, water, area}
{black, white, people}

A script kiddie or skiddie,[1] occasionally script bunny,[2] script kitty,[3] script-running juvenile (SRJ) or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks and deface websites.[4]

Contents

Characteristics

In a Carnegie Mellon report prepared for the U.S. Department of Defense in 2005, script kiddies are defined as

"The more immature but unfortunately often just as dangerous exploiter of security lapses on the Internet. The typical script kiddy uses existing and frequently well known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the Internet—often randomly and with little regard or perhaps even understanding of the potentially harmful consequences.[5]

Script kiddies have at their disposal a large number of effective, easily downloadable malicious programs capable of breaching computers and networks.[4] Such programs have included remote denial-of-service WinNuke,[6] trojans Back Orifice, NetBus, Sub7,[7] and ProRat, vulnerability scanner/injector Metasploit,[8] and often software intended for legitimate security auditing. A survey of college students in 2010, supported by UK's Association of Chief Police Officers, indicated a high level of interest in beginning hacking: "23% of 'uni' students have hacked into IT systems. And 32% thought hacking was 'cool.' Also, 28% considered it to be easy."[9]

Script kiddies vandalize websites both for the thrill of it and to increase their reputation among their peers.[4] Some, more malicious, script kiddies have used virus toolkits to create and propagate the Anna Kournikova and Love Bug viruses.[1] Script kiddies lack, or are only developing, coding skills sufficient to understand the effects and side effects of their work. As a result, they leave significant traces which lead to their detection, or directly attack companies which have detection and countermeasures already in place, or in recent cases, leave automatic crash reporting turned on.[10][11]

Full article ▸

related documents
Memory hierarchy
Supervisory program
KOffice
Freescale 68HC11
Multi-user
Intel 80486DX4
MOS Technology 6507
Amiga 2000
Commodore 1570
XGA
Squeak
Demon dialing
Viewdata
PC motherboard
Freedb
Frame synchronization
Digital Signal 0
KMail
Raster graphics
BearShare
Intel 80486SX
Voice operated switch
56 kbit/s line
KA9Q
PagePlus
Freeware
Microelectronics
Bitstream
Isochronous burst transmission
Delta modulation