2. Ethical hackers are
motivated by different
reasons,but their purpose is
usually the same as that of
crackers: they’re trying to
determine what an intruder
can see on a network or
system and what the hacker
can do with that information
.This process of testing the
security of a system or
network is known as
penetration test or pen test.
3.
4. White Hat Hackers:
A White Hat who specializes in penetration testing and in other
testing methodologies to ensure the security of an organization's
information systems.
Black Hat Hackers:
A Black Hat is the villain or bad guy, especially in a western movie in
which such a character would stereotypically wear a black hat in
contrast to the hero's white hat.
Gray Hat Hackers:
A Grey Hat, in the hacking community, refers to a skilled hacker
whose activities fall somewhere between white and black hat hackers
on a variety of spectra
5. Hacking - showing computer expertise
Cracking - breaching security on software or systems
Phreaking - cracking telecom networks
Spoofing - faking the originating IP address in a
datagram
Denial of Service (DoS) - flooding a host with sufficient
network traffic so that it can’t respond anymore
Port Scanning - searching for vulnerabilities
6. Gain authorization from the client and have a signed contract
giving the tester permission to perform the test.
Maintain and follow a nondisclosure agreement(NDA) with the
client in case of confidential information disclosed during the test.
Maintain confidentiality when performing the test.Information
gathered may contain sensitive information.No information about
the test or company confidential data should ever be disclosed to
a third party
Perform the test up to but beyond the agreed upon limits. For
example,DoS attacks should only be run as part of the test if they
have previously been agreed upon with the client.Loss of
revenue,goodwill, and worse could befall an organisation whose
server or application are unavailable to customers as a result of
test.
7. Why Do We Need Ethical Hacking
Viruses, Trojan
Horses,
and Worms
Social
Engineering
Automated
Attacks
Accidental
Breaches in
Security Denial of
Service (DoS)
Organizational
Attacks
Restricted
Data
Protection from possible External Attacks
8. 1969 - Unix ‘hacked’ together
1971 - Cap ‘n Crunch phone exploit discovered
1988 - Morris Internet worm crashes 6,000 servers
1994 - $10 million transferred from CitiBank accounts
1995 - Kevin Mitnick sentenced to 5 years in jail
2000 - Major websites succumb to DDoS
2000 - 15,700 credit and debit card numbers stolen fromWestern Union (haked while web
database was undergoing maintenance)
2001 Code Red
exploitedbug in MS IIS to penetrate & spread
probes random IPs for systems running IIS
had trigger time for denial-of-service attack
2nd wave infected 360000 servers in 14 hours
Code Red 2 - had backdoor installed to allow remote control
Nimda -used multiple infection mechanisms email, shares, web client, IIS
2002 – SlammerWorm brings web to its knees by attacking MS SQL Server
9. To make security stronger ( Ethical Hacking )
Just for fun
Show off
Hack other systems secretly
Notify many people their thought
Steal important information
Destroy enemy’s computer network during
the war
10. Hackers
Access computer system or network without authorization
Breaks the law; can go to prison
Crackers
Break into systems to steal or destroy data
U.S. Department of Justice calls both hackers
Ethical hacker
Performs most of the same activities but with owner’s permission
Hands-On Ethical Hacking and Network Defense 10
11. Buffer overflow attack.
Denial of service(DoS) attacks.
Distributed Denial of Service(DDoS) attacks
Misconfigurations
Abuse of trust
Brute force attacks
CGI andWWW services
Backdoors andTrojans.
13. 28.02.13The CyberThreat: Planning for theWay Ahead
Director says network intrusions pose urgent threat to
nation’s security and economy.
05.02.13Sextortion Cons Like ‘Bieber Ruse’Targeted Minor
Girls
Tricks like an Alabama man’s claim to be Justin Bieber
target minors on social websites.
15. Reconnaissance refers to the preparatory
phase where an attacker gathers as much
information as possible about the target
prior to launching the attack. Also in this
phase, the attacker draws on competitive
intelligence to learn more about the
target. This phase may also involve
network scanning,either external or
internal, without authorization
16. Scanning is the method an attacker performs
prior to attacking the network. In scanning,
the attacker uses the details gathered during
reconnaissance to identify specific
vulnerabilities. Scanning can be considered a
logical extension (and overlap) of the active
reconnaissance. Often attackers use
automated tools such as network/host
scanners, and war dialers to locate systems
and attempt to discover vulnerabilities.
17.
18. Gaining access is the most important phase of
an attack in terms of potential damage.
Attackers need not always gain access to the
system to cause damage. For instance, denial-
of-service attacks can either exhaust resources
or stop services from running on the target
system. Stopping of service can be carried out by
killing processes, using a logic/time bomb, or
even reconfiguring and crashing the system.
Resources can be exhausted locally by filling up
outgoing communication links.
19.
20. Once an attacker gains access to the target
system, the attacker can choose to use both the
system and its resources, and further use the
system as a launch pad to scan and exploit other
systems, or to keep a low profile and continue
exploiting the system. Both these actions can
damage the organization. For instance, the
attacker can implement a sniffer to capture all
network traffic, including telnet and ftp sessions
with other systems.
21.
22. An attacker would like to destroy evidence of his/her presence and
activities for various reasons such as maintaining access and
evading punitive action. Erasing evidence of a compromise is a
requirement for any attacker who would like to remain obscure.
This is one of the best methods to evade trace back.This usually
starts with erasing the contaminated logins and any possible error
messages that may have been generated from the attack
process, e.g., a buffer overflow attack will usually leave a message
in the systemlogs. Next, the attention is turned to effecting
changes so that future logins are not logged. By manipulating and
tweaking the event logs, the system administrator can be
convinced that the output of his/her system is correct, and that no
intrusion or compromise has actually taken place
23.
24. To protect cyber crime
To protect secret information of any country’s
secret information
If you know how to rob somebody …..then
atleast you know how to protect your self.
25. Never use computer of untrusted
person/Cyber Cafe for E-BANKING!!!
Be careful in using PUBLICWI-FI
Facebook can be FUN but if possible avoid
using FACEBOOK Apps
Keep changing your PASSWORDS once in a
while !!!
Be careful in usingTorrents
Never leave your PC unattended
26. Ethical hacking is more than running hacking tools
and gaining unauthorized access to system just to see
what is accessible.When performed by a security
professional, ethical hacking encompasses all aspects
of reconnsissance and information gathering ,a
structured approach, and post attack analysis. Ethical
hacker require in-depth knowledge of systems and
tools as well as a great deal of patience and restraint
to ensure no damage is done to the target systems.
Hacking can be performed ethically and in fact is
being mandated by government and the private
sector to ensure systems security.
