Web security Chapter#2

1. Web Security
Introduction to Ethical Hacking, Ethics, and
Legality

2. Hacker
The term hacker conjures up images of a
young computer whiz who types a few
commands at a computer screen—and
poof! The computer spits out
passwords, account numbers, or other
confidential data.
Hacking
The Process by which hacker spits out
passwords, account numbers, or other
confidential data is called hacking.

3. Types of Hacker
Hacker can be divided into three
groups
1. Black Hats
2. White Hats
3. Gray Hats


4. White Hats
White hats are the good guys.
 The ethical hackers who use their
hacking skills for defensive purposes.
 White-hat hackers are usually security
professionals with knowledge of
hacking and the hacker toolset and
who use this knowledge to locate
weaknesses and implement
countermeasures.


5. White hats are those who hack with
permission from the data owner.
 White hats hacker do hacking on a
contract only.

6. Black hats
Black hats are the bad guys
 The hackers or crackers who use their
skills for illegal purposes.
 Having gained unauthorized access,
 black-hat hackers destroy vital
data, deny legitimate users
service, and just cause problems for
their targets


7. Gray Hacker
Gray hats are hackers who may work
offensively or defensively.
 They may want to highlight security
problems in a system
 The difference between white hats
and gray hats is that permission word.


8. Goals Attackers Try to
Achieve

Confidentiality
◦ Information (Keep information safe)

Authenticity
◦ being authentic, trustworthy, or genuine.

Integrity
◦ Accuracy Its opposite is data corruption

Availability

9. Some Useful Terminology

Threat
◦ An environment or situation that could
lead to a potential breach of security.

Exploit
◦ A piece of software or technology that
takes advantage of a bug, leading to
unauthorized access

10. 
Vulnerability
◦ software flaw, or logic design that can
lead to damaging instructions to the
system

Target of Evaluation (TOE)
◦ A system, program, or network that is the
subject of a security analysis or attack.

Attack

11. The Phases of Ethical
Hacking

The process of ethical hacking can be
broken down into five distinct phases.

12. Phase-I: Reconnaissance

Passive reconnaissance
◦ Passive reconnaissance involves
gathering information about a potential
target without the targeted individual’s or
company’s knowledge.
◦ Such as using “whois.com” or google.com
etc

Active reconnaissance
◦ involves probing the network to discover
individual hosts, IP addresses, and
services on the network. This process
involves more risk of detection than
passive reconnaissance

13. Phase 2: Scanning


Scanning involves taking the information
discovered during reconnaissance and
using it to examine the network.
Hackers are seeking any information that
can help them perpetrate an attack on a
target, such as the following:
◦
◦
◦
◦
◦
Computer names
Operating system (OS)
Installed software
IP addresses
User accounts

14. Phase 3: Gaining Access
Phase 3 is when the real hacking
takes place.
 Gaining access is known in the hacker
world as owning the system because
once a system has been hacked, the
hacker has control and can use that
system as they wish.


15. Phase 4: Maintaining Access
Once a hacker has gained access to a
target system, they want to keep that
access for future exploitation and
attacks.
 Once the hacker owns the
system, they can use it as a base to
launch additional attacks. In this
case, the owned system is sometimes
referred to as a “zombie system”.


16. Phase 5: Covering Tracks

Once hackers have been able to gain
and maintain access, they cover their
tracks to avoid detection by security
personnel, to continue to use the
owned system, to remove evidence of
hacking, or to avoid legal action.

17. Common Entry Points for an
attack:
Here are the most common entry
points for an attack:
1. Remote Network

◦ Attack through Internet,
◦ Hacker Tried to break, or find
vulnerabilities in a network such as
firewall, proxy etc.
Remote Dial-Up Network
2.
◦
A remote dial-up network hack tries to
simulate an intruder launching an attack
against the client’s modem pools.

18. 3.
Local Network
Through Local Area Network (LAN) or
Wireless Local Area Network(WLAN)
More secure then Dail-up
4.
Stolen Equipment
◦ Some time hacker find useful information
from stolen equipment, such as
usernames, password , security
setting, and encryption types etc. from
stolen Equipment

19. 5.
Social Engineering
◦ Take information from organization
employees, or from help desk or using to
common sense.

20. Testing Types
Testing types can categorize on basis
of knowledge of hacker about target.
1. Black-Box Testing

◦ Black-box testing involves performing a
security evaluation and testing with no
prior knowledge of the network
infrastructure or system to be tested.
◦ Information gathering will take a long time.

21. 2.
White-box testing
◦ White-box testing involves performing a
security evaluation and testing with
complete knowledge of the network
infrastructure
◦ Hack will not spend time on information
gathering

22. 3.
Gray Box Testing
◦ Gray Box Gray-box testing involves
performing a security evaluation and
testing internally.
◦ Test the system against the employee of
the organization.

23. Security, Functionality, and Ease
of Use Triangle
Security
Functionality
Ease of Use

24. Ethical Hacking Report
The result of a network penetration
test or security audit is an ethical
hacking, or pen test report.
 This report details the results of the
hacking activity, the types of tests
performed, and the hacking methods
used
 This document is usually delivered to
the organization in hard-copy
format, for security reasons.


25. Keeping It Legal

The following steps (shown in Figure)
are a framework for performing a
security audit of an organization and
will help to ensure that the test is
conducted in an
organized, efficient, and ethical
manner

26. Initial Client Meeting
Sign the Agreement
Security Evaluation
Plan
Conduct the Test
Report and
Documentation
Present the report

27. Cyber Laws
Cyber Security Enhancement Act and
SPY ACT
 Freedom of Information Act (FOIA)
 Federal Information Security
Management Act (FISMA)
 Privacy Act of 1974
 PATRIOT Act


28. 
Assignment
Write down Constitutional Acts of
Islamic Republic of Afghanistan