SlideShare uma empresa Scribd logo

Parag presentation on ethical hacking

Transferir como PPTX, PDF
P
parag101

(1) The document is a seminar report presented by Parag S. Kosarkar on the topic of ethical hacking. (2) It introduces ethical hacking and discusses techniques like SQL injection, keylogging, phishing, remote administration tools, and cookie stealing. (3) The report provides steps people can take to protect themselves from being hacked, such as using antivirus software, firewalls, and secure passwords.

Tecnologia
1 de 24
Seminar Report on “ ETHICAL – HACKING ” Submitted BY Mr : - “ Parag S. Kosarkar “ Semester / Section “ – 6 th A Roll No : - 41 23 FEB , 2012 - 13 Department of Computer Technology PART TIME DEGREE PROGRAM YESHWANTRAO CHAVAN COLLEGE OF ENGINEERING, Nagpur (An Autonomous Institution Affiliated to Rashtrasant Tukadoji Maharaj Nagpur University)
Presenting Seminar On
INTRODUCTION : -  Ethical hacking - also known as penetration testing or intrusion testing or red teaming has become a major concern for businesses and governments.  Companies are worried about the possibility of being “hacked” and potential customers are worried about maintaining control of personal information.  Necessity of computer security professionals to break into the systems of the organisation.  Ethical hackers employ the same tools and techniques as the intruders.  They neither damage the target systems nor steal information.  The tool is not an automated hacker program rather it is an audit that both identifies the vulnerabilities of a system and provide advice on how to eliminate them.
FAMOUS HACKERS IN HISTORY : -  KEVIN MITNICK  IAN MURPHY  JOHAN HELSINGUIS  MARK ABENE  ROBERT MORRIS  LINUS TORVALDS
= Contents to be Explained : -  SQL Injection  Keylogging  Tabnapping  Phishing  RAT – Remote Administration Tools or Trojans  Cookie Stealing  What Precautions can be done to Avoid being Hacked ?
Comman Phases of Hacking:- An ethical hacker follows processes similar to those of a malicious hacker. The steps to gain and maintain entry into a computer system are similar no matter what the hacker’s intentions are. There are five phases that hackers generally follow in hacking a system.  Phase 1 – Recognise System  Phase 2 – Scanning Process  Phase 3 - Gaining Access  Phase 4 - Maintaining Access  Phase 5 - Covering Tracks
What is Hacking ?  Hacking refers to an array of activities which area done to intrude some one else’s Personal Information space so as to use it for malicious , unwanted purpose. What is Cracking ?  Cracking is almost the same as hacking because they both get into the peoples server & accounts illegally.  But a cracker destroys the information & software that it gets into, which can cause System Down.
Proffesional Criminals or Crackers : -  Make a living by breaking into the systems and selling the information. Hacker & Ethical Hacker : -  Hacker can Access computer system or network information without their permission.  Breaks the LAWS , can go to Prison !  Ethical Hacker does the same but with the legal permission.  Employed by companies to perform penetration tests. Quick – Heal Hires Hackers.
What you can do Legally ?  As an Ethical hacker , be aware of what is allowed & what is not .  Laws involving technologies are changing according to the Techology changes.  Some hacking tools on your computer might be illegal to possess. IS PORT – Scanning Legal ?  Government does not see to it as violation.  It is Legal  As noninvasive or non destructible in Nature.  Mostly port 8080 , 80 & 443 are Open
What is SQL – INJECTION ? SQL – Injection is one of the popular web application hacking method using injection attack, an unauthorized person can access the Database of the website. Attacker can extract the data from Database. What hacker can do with the SQL injection attack ?  ByPassing Logins  Accessing secret data  Modifying content of website  Shutting down the My SQL server  Google Dorking  Example : * inurl:index.php?id= * inurl:galary.php?id=
Checking the Vulnerability : -  Now lets us check the vulnerability of Target – Website to check the vulnerability add the (‘) at the end of the url and hit enter. Eg : - http://www.anywebsite.com/index.php?id=2’  If the page remains same or do not gives any message saying … “ Error 404 – page not found then its Ok ! ”
What is a Keylogger? A keylogger is a piece of malicious software, usually called "spyware" or "malware," that records every keystroke you make on a keyboard. Keyloggers can be installed without your knowledge or consent when you visit a Web site or read an e-mail, install a program, or perform other activities. Once installed, the keylogger records all your keystrokes, and then e-mails the information and other data to the computer hacker.
How Keyloggers are Constructed :  The main idea behind keyloggers is to get in between any two links in the chain of events between when a key is pressed and when information about that keystroke is displayed on the monitor.  This can be achieved using video surveillance : a hardware bug in the keyboard, wiring or the computer itself; intercepting input/output; substituting the keyboard driver; using a filter driver in the keyboard stack; intercepting kernel functions by any means possible (substituting addresses in system tables, splicing function code, etc.); intercepting DLL functions in user mode, and requesting information from the keyboard using standard documented methods.  Keyloggers can be divided into two categories: keylogging devices and keylogging software. Keyloggers that fall into the first category are usually small devices that can be fixed to the keyboard or placed within a cable or the computer itself. The keylogging software category is made up of dedicated programs designed to track and log keystrokes.
KEYLOGGER’S Can Be Spread Using : -  MP3 music files  E-mail attachments  Clicking on deceptive pop–ups  P2P networks  AVI files (i.e., "YouTube" or other videos)  A legitimate Web site link, picture, or story that was malfaced  Downloaded games or any other PC tools or programs  Faked malicious Web sites that impersonate popular sites (sites such as Google, eBay, Amazon, Yahoo, banks) or anti-virus programs
TABNAPPING ? From the combination of 'tab' and 'kidnapping' - could be used by clever phishers to dupe users into giving up passwords by secretly changing already-open browser tabs. All of the major browsers on Windows and Mac OS X are vulnerable to the attack. Because most people keep multiple tabs open, often for long periods, and because they trust that the contents and label of a tab are immutable, tabnapping could become the next big thing in identity theft.
What is PHISHING ?  Suppose you check your e-mail one day and find a message from your bank. You've gotten e-mail from them before, but this one seems suspicious, especially since it threatens to close your account if you don't reply immediately. What do you do ?  PHISHING, a method of online identity theft. In addition to stealing personal and financial data, phishers can infect computers with viruses and convince people to participate unwittingly in money laundering.  Most people associate phishing with e-mail messages that spoof , or mimic, banks , credit card companies or other business like Amazon and eBay .
 Planning : - Phishers decide which business to target and determine how to get e- mail addresses for the customers of that business. They often use the same mass- mailing and address collection techniques as spammers.  Setup : - Once they know which business to spoof and who their victims are, phishers create methods for delivering the message and collecting the data. Most often, this involves e-mail addressesand a Web page.  Attack :- This is the step people are most familiar with -- the phisher sends a phony message that appears to be from a reputable source.  Collection :- Phishers record the information victims enter into Web pages or popup windows.  Since most people won't reveal their bank account, credit card number or password to just anyone, phishers have to take extra steps to trick their victims into giving up this information. This kind of deceptive attempt to get information is called “ Social - Engineering “  Phishers often use real company logos and copy legitimate e-mail messages, replacing the links with ones that direct the victim to a fraudulent page.
REMOTE ADMINISTRATION TOOLS – RAT‟s  It provides an attacker with nearly unlimited access to host computer along with Screen Capture, File management, shell control and device drivers control.  RAT is used to remotely connect and manage single or multiple computers.  RATs uses reverse connections to connect remote system and hence are more likely to remain undetected. They can hide and Server or Master and Slave.  A Trojan generally has two parts Clientaster. So a server side is installed on a remote host and the attacker manipulates it with client software.  In olden days making a Trojan was a job of master programmer but now a days several Trojan building tools are available.
“ What‟s COOKIE – STEALING ? ”
 Cookies are small files that stored on users computer by websites when a user visits them.  The stored Cookies are used by the web server to identify and authenticate the user . For example when a user logins in Facebook a unique string is generated and one copy of it is saved on the server and other is saved on the users browser as Cookies, Both are matched every time the user does any thing in his account.  So if we steal the victims cookie and inject them in our browser we will be able to imitate the victims identity to the web server and thus we will be able to login is his account . This is called as “ Side - Jacking ”.The best thing about this is that we need not no the victims id or password all we need is the victims cookie.
How be “SAFE ” from Being HACKED …  Always browse sites on a secure https connection.Facebook has setting for it.  Always use good and reputed antivirus software.If possible use Internet Security Suites of those.To stay safe online too.  Use FIREWALLS such as comodo , sygate , zone – alarm , sunbelt.  Never save password on your pc or on internet café’s.  Use a good password manager that secures your password lnline and logs in for you automatically. Eg. Lastpass  Always clear all private and temp. data using a cleaner soft, to leave no traces and remove tracking cookies. Eg : ccleaner .
Some Steps in Social Networking which can make you SURF – SAFLY … In “ FACEBOOK & GMAIL ” Do following settings :  Login in to your Account ;  Goto settings their click on security tab > their edit >  Click onto Browse Facebook on a secure connection (https) when possible.  Also check on Login Notifications This makes whenever you Log In it will send you an message to your “ Number & Mail “ that your account is being logged in by some1 if U are not then take action on it with login details given.
REFRENCES : -  Paragkosarkar.blogspot.com  Desitech.tk  Learnhackingathome.com  Gprshub.com  Indiahax.tk So… What You Wanna be ? HACKER or CRACKER Choice is Your „s !!!
Presented By : - PARAG S. KOSARKAR

Recomendados

Five habits that might be a cyber security risk
Five habits that might be a cyber security riskFive habits that might be a cyber security risk
Five habits that might be a cyber security risk
K. A. M Lutfullah
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
Lokender Yadav
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
Coder Tech
 
Ethical Hacking and Network Security
Ethical Hacking and Network SecurityEthical Hacking and Network Security
Ethical Hacking and Network Security
sumit dimri
 
security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...
ABHAY PATHAK
 
Hacking
HackingHacking
Hacking
Purohit Rock
 
Hackers
HackersHackers
Hackers
Mahmoud Saeed
 
System-Security-acit-Institute
System-Security-acit-InstituteSystem-Security-acit-Institute
System-Security-acit-Institute
ACIT Education Pvt Ltd
 

Recomendados

Five habits that might be a cyber security risk
Five habits that might be a cyber security riskFive habits that might be a cyber security risk
Five habits that might be a cyber security risk
K. A. M Lutfullah
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
Lokender Yadav
 
Hacking and Types of Hacker.
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
Coder Tech
 
Ethical Hacking and Network Security
Ethical Hacking and Network SecurityEthical Hacking and Network Security
Ethical Hacking and Network Security
sumit dimri
 
security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...security privacy,security,web,internet,prevention from hackers,the onion rout...
security privacy,security,web,internet,prevention from hackers,the onion rout...
ABHAY PATHAK
 
Hacking
HackingHacking
Hacking
Purohit Rock
 
Hackers
HackersHackers
Hackers
Mahmoud Saeed
 
System-Security-acit-Institute
System-Security-acit-InstituteSystem-Security-acit-Institute
System-Security-acit-Institute
ACIT Education Pvt Ltd
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Manish Mudhliyar
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
Akiumi Hasegawa
 
Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy
Nicholas Davis
 
Password hacking
Password hackingPassword hacking
Password hacking
Abhay pal
 
Hacking ppt
Hacking pptHacking ppt
Hacking ppt
Rashed Sayyed
 
Hacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksHacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer Networks
Srikanth VNV
 
All about Hacking
All about HackingAll about Hacking
All about Hacking
Madhusudhan G
 
Ict H A C K I N G
Ict H A C K I N GIct H A C K I N G
Ict H A C K I N G
Hafizra Mas
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
arohan6
 
Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.
JasminJaman1
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
 
Trojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virusTrojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virus
ABHAY PATHAK
 
presentation on ethical hacking
presentation on ethical hacking presentation on ethical hacking
presentation on ethical hacking
Amol Deshmukh
 
Web defacement
Web defacementWeb defacement
Web defacement
student
 
Hackers
HackersHackers
Hackers
Liliya Nachalova
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
dpd
 
New internet security
New internet securityNew internet security
New internet security
university of mumbai
 
internet security
internet securityinternet security
internet security
Cheryl Tanicala-Roldan
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Harshit Upadhyay
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Manas Das
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
shahhardik27
 

Mais conteúdo relacionado

Mais procurados

Password hacking
Password hackingPassword hacking
Password hacking
Abhay pal
 
Ict H A C K I N G
Ict H A C K I N GIct H A C K I N G
Ict H A C K I N G
Hafizra Mas
 
presentation on ethical hacking
presentation on ethical hacking presentation on ethical hacking
presentation on ethical hacking
Amol Deshmukh
 
Web defacement
Web defacementWeb defacement
Web defacement
student
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
dpd
 

Mais procurados (20)

Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
 
Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy Cybersecurity, Hacking, and Privacy
Cybersecurity, Hacking, and Privacy
 
Password hacking
Password hackingPassword hacking
Password hacking
 
Hacking ppt
Hacking pptHacking ppt
Hacking ppt
 
Hacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksHacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer Networks
 
All about Hacking
All about HackingAll about Hacking
All about Hacking
 
Ict H A C K I N G
Ict H A C K I N GIct H A C K I N G
Ict H A C K I N G
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
 
Trojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virusTrojan and Virus,Trojan horse,virus,how to make and defend the virus
Trojan and Virus,Trojan horse,virus,how to make and defend the virus
 
presentation on ethical hacking
presentation on ethical hacking presentation on ethical hacking
presentation on ethical hacking
 
Web defacement
Web defacementWeb defacement
Web defacement
 
Hackers
HackersHackers
Hackers
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
 
New internet security
New internet securityNew internet security
New internet security
 
internet security
internet securityinternet security
internet security
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 

Destaque

Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Manas Das
 

Destaque (9)

Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Erectile Dysfunction Symptoms And Treatment
Erectile Dysfunction Symptoms And TreatmentErectile Dysfunction Symptoms And Treatment
Erectile Dysfunction Symptoms And Treatment
 
Hacking
HackingHacking
Hacking
 
ETHICAL HACKING PPT
ETHICAL HACKING PPTETHICAL HACKING PPT
ETHICAL HACKING PPT
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Hacking ppt
Hacking pptHacking ppt
Hacking ppt
 
Hacking & its types
Hacking & its typesHacking & its types
Hacking & its types
 

Semelhante a Parag presentation on ethical hacking

Ethi mini1 - ethical hacking
Ethi mini1 - ethical hackingEthi mini1 - ethical hacking
Ethi mini1 - ethical hacking
Being Uniq Sonu
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
Harshil Barot
 

Semelhante a Parag presentation on ethical hacking (20)

my new HACKING
my new HACKINGmy new HACKING
my new HACKING
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
 
Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)
 
Learn Hacking With Gflixacademy
Learn Hacking With GflixacademyLearn Hacking With Gflixacademy
Learn Hacking With Gflixacademy
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethi mini1 - ethical hacking
Ethi mini1 - ethical hackingEthi mini1 - ethical hacking
Ethi mini1 - ethical hacking
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !Type of Malware and its different analysis and its types !
Type of Malware and its different analysis and its types !
 
Ict Hacking
Ict HackingIct Hacking
Ict Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
 
The Basics of Protecting Against Computer Hacking
The Basics of Protecting Against Computer Hacking The Basics of Protecting Against Computer Hacking
The Basics of Protecting Against Computer Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking
HackingHacking
Hacking
 
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptx
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Understanding advanced persistent threats (APT)
Understanding advanced persistent threats (APT)Understanding advanced persistent threats (APT)
Understanding advanced persistent threats (APT)
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 

Último

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Último (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Parag presentation on ethical hacking

  • 1. Seminar Report on “ ETHICAL – HACKING ” Submitted BY Mr : - “ Parag S. Kosarkar “ Semester / Section “ – 6 th A Roll No : - 41 23 FEB , 2012 - 13 Department of Computer Technology PART TIME DEGREE PROGRAM YESHWANTRAO CHAVAN COLLEGE OF ENGINEERING, Nagpur (An Autonomous Institution Affiliated to Rashtrasant Tukadoji Maharaj Nagpur University)
  • 3. INTRODUCTION : -  Ethical hacking - also known as penetration testing or intrusion testing or red teaming has become a major concern for businesses and governments.  Companies are worried about the possibility of being “hacked” and potential customers are worried about maintaining control of personal information.  Necessity of computer security professionals to break into the systems of the organisation.  Ethical hackers employ the same tools and techniques as the intruders.  They neither damage the target systems nor steal information.  The tool is not an automated hacker program rather it is an audit that both identifies the vulnerabilities of a system and provide advice on how to eliminate them.
  • 4. FAMOUS HACKERS IN HISTORY : -  KEVIN MITNICK  IAN MURPHY  JOHAN HELSINGUIS  MARK ABENE  ROBERT MORRIS  LINUS TORVALDS
  • 5. = Contents to be Explained : -  SQL Injection  Keylogging  Tabnapping  Phishing  RAT – Remote Administration Tools or Trojans  Cookie Stealing  What Precautions can be done to Avoid being Hacked ?
  • 6. Comman Phases of Hacking:- An ethical hacker follows processes similar to those of a malicious hacker. The steps to gain and maintain entry into a computer system are similar no matter what the hacker’s intentions are. There are five phases that hackers generally follow in hacking a system.  Phase 1 – Recognise System  Phase 2 – Scanning Process  Phase 3 - Gaining Access  Phase 4 - Maintaining Access  Phase 5 - Covering Tracks
  • 7. What is Hacking ?  Hacking refers to an array of activities which area done to intrude some one else’s Personal Information space so as to use it for malicious , unwanted purpose. What is Cracking ?  Cracking is almost the same as hacking because they both get into the peoples server & accounts illegally.  But a cracker destroys the information & software that it gets into, which can cause System Down.
  • 8. Proffesional Criminals or Crackers : -  Make a living by breaking into the systems and selling the information. Hacker & Ethical Hacker : -  Hacker can Access computer system or network information without their permission.  Breaks the LAWS , can go to Prison !  Ethical Hacker does the same but with the legal permission.  Employed by companies to perform penetration tests. Quick – Heal Hires Hackers.
  • 9. What you can do Legally ?  As an Ethical hacker , be aware of what is allowed & what is not .  Laws involving technologies are changing according to the Techology changes.  Some hacking tools on your computer might be illegal to possess. IS PORT – Scanning Legal ?  Government does not see to it as violation.  It is Legal  As noninvasive or non destructible in Nature.  Mostly port 8080 , 80 & 443 are Open
  • 10. What is SQL – INJECTION ? SQL – Injection is one of the popular web application hacking method using injection attack, an unauthorized person can access the Database of the website. Attacker can extract the data from Database. What hacker can do with the SQL injection attack ?  ByPassing Logins  Accessing secret data  Modifying content of website  Shutting down the My SQL server  Google Dorking  Example : * inurl:index.php?id= * inurl:galary.php?id=
  • 11. Checking the Vulnerability : -  Now lets us check the vulnerability of Target – Website to check the vulnerability add the (‘) at the end of the url and hit enter. Eg : - http://www.anywebsite.com/index.php?id=2’  If the page remains same or do not gives any message saying … “ Error 404 – page not found then its Ok ! ”
  • 12. What is a Keylogger? A keylogger is a piece of malicious software, usually called "spyware" or "malware," that records every keystroke you make on a keyboard. Keyloggers can be installed without your knowledge or consent when you visit a Web site or read an e-mail, install a program, or perform other activities. Once installed, the keylogger records all your keystrokes, and then e-mails the information and other data to the computer hacker.
  • 13. How Keyloggers are Constructed :  The main idea behind keyloggers is to get in between any two links in the chain of events between when a key is pressed and when information about that keystroke is displayed on the monitor.  This can be achieved using video surveillance : a hardware bug in the keyboard, wiring or the computer itself; intercepting input/output; substituting the keyboard driver; using a filter driver in the keyboard stack; intercepting kernel functions by any means possible (substituting addresses in system tables, splicing function code, etc.); intercepting DLL functions in user mode, and requesting information from the keyboard using standard documented methods.  Keyloggers can be divided into two categories: keylogging devices and keylogging software. Keyloggers that fall into the first category are usually small devices that can be fixed to the keyboard or placed within a cable or the computer itself. The keylogging software category is made up of dedicated programs designed to track and log keystrokes.
  • 14. KEYLOGGER’S Can Be Spread Using : -  MP3 music files  E-mail attachments  Clicking on deceptive pop–ups  P2P networks  AVI files (i.e., "YouTube" or other videos)  A legitimate Web site link, picture, or story that was malfaced  Downloaded games or any other PC tools or programs  Faked malicious Web sites that impersonate popular sites (sites such as Google, eBay, Amazon, Yahoo, banks) or anti-virus programs
  • 15. TABNAPPING ? From the combination of 'tab' and 'kidnapping' - could be used by clever phishers to dupe users into giving up passwords by secretly changing already-open browser tabs. All of the major browsers on Windows and Mac OS X are vulnerable to the attack. Because most people keep multiple tabs open, often for long periods, and because they trust that the contents and label of a tab are immutable, tabnapping could become the next big thing in identity theft.
  • 16. What is PHISHING ?  Suppose you check your e-mail one day and find a message from your bank. You've gotten e-mail from them before, but this one seems suspicious, especially since it threatens to close your account if you don't reply immediately. What do you do ?  PHISHING, a method of online identity theft. In addition to stealing personal and financial data, phishers can infect computers with viruses and convince people to participate unwittingly in money laundering.  Most people associate phishing with e-mail messages that spoof , or mimic, banks , credit card companies or other business like Amazon and eBay .
  • 17.  Planning : - Phishers decide which business to target and determine how to get e- mail addresses for the customers of that business. They often use the same mass- mailing and address collection techniques as spammers.  Setup : - Once they know which business to spoof and who their victims are, phishers create methods for delivering the message and collecting the data. Most often, this involves e-mail addressesand a Web page.  Attack :- This is the step people are most familiar with -- the phisher sends a phony message that appears to be from a reputable source.  Collection :- Phishers record the information victims enter into Web pages or popup windows.  Since most people won't reveal their bank account, credit card number or password to just anyone, phishers have to take extra steps to trick their victims into giving up this information. This kind of deceptive attempt to get information is called “ Social - Engineering “  Phishers often use real company logos and copy legitimate e-mail messages, replacing the links with ones that direct the victim to a fraudulent page.
  • 18. REMOTE ADMINISTRATION TOOLS – RAT‟s  It provides an attacker with nearly unlimited access to host computer along with Screen Capture, File management, shell control and device drivers control.  RAT is used to remotely connect and manage single or multiple computers.  RATs uses reverse connections to connect remote system and hence are more likely to remain undetected. They can hide and Server or Master and Slave.  A Trojan generally has two parts Clientaster. So a server side is installed on a remote host and the attacker manipulates it with client software.  In olden days making a Trojan was a job of master programmer but now a days several Trojan building tools are available.
  • 19. “ What‟s COOKIE – STEALING ? ”
  • 20.  Cookies are small files that stored on users computer by websites when a user visits them.  The stored Cookies are used by the web server to identify and authenticate the user . For example when a user logins in Facebook a unique string is generated and one copy of it is saved on the server and other is saved on the users browser as Cookies, Both are matched every time the user does any thing in his account.  So if we steal the victims cookie and inject them in our browser we will be able to imitate the victims identity to the web server and thus we will be able to login is his account . This is called as “ Side - Jacking ”.The best thing about this is that we need not no the victims id or password all we need is the victims cookie.
  • 21. How be “SAFE ” from Being HACKED …  Always browse sites on a secure https connection.Facebook has setting for it.  Always use good and reputed antivirus software.If possible use Internet Security Suites of those.To stay safe online too.  Use FIREWALLS such as comodo , sygate , zone – alarm , sunbelt.  Never save password on your pc or on internet café’s.  Use a good password manager that secures your password lnline and logs in for you automatically. Eg. Lastpass  Always clear all private and temp. data using a cleaner soft, to leave no traces and remove tracking cookies. Eg : ccleaner .
  • 22. Some Steps in Social Networking which can make you SURF – SAFLY … In “ FACEBOOK & GMAIL ” Do following settings :  Login in to your Account ;  Goto settings their click on security tab > their edit >  Click onto Browse Facebook on a secure connection (https) when possible.  Also check on Login Notifications This makes whenever you Log In it will send you an message to your “ Number & Mail “ that your account is being logged in by some1 if U are not then take action on it with login details given.
  • 23. REFRENCES : -  Paragkosarkar.blogspot.com  Desitech.tk  Learnhackingathome.com  Gprshub.com  Indiahax.tk So… What You Wanna be ? HACKER or CRACKER Choice is Your „s !!!
  • 24. Presented By : - PARAG S. KOSARKAR