The underground world of the computer hacker may seem like a place where chaos rules, but the reality is there's a method to the hacker's perceived madness. And understanding that method is critical to knowing how best to respond to a skilled attacker.

Last fall, the SANS Institute offered three training courses that presented a step-by-step look at how criminal hackers operate and how organizations should respond.

While the bad news is that the hacker underground remains as cunning and capable as ever, the good news is that the security community continues to gain an understanding of how hackers operate.

I attended the SANS training and will pass along some of the crucial information provided. My notes from the sessions offer a look at how criminal hackers work. These lessons can give you the knowledge necessary to begin hardening your network against attacks.

Although no two hacker exploits are the same, most follow a series of predictable steps that are designed to increase the hacker's chances of success, says Ed Skoudis, founder and senior security consultant at Intelguardians LLC, a Washington-based information security consulting firm and the primary SANS instructor in hacker techniques, exploits and incident handling.

The link for this article located at Dan Verton is no longer available.