2. SESSION FLOW
Why Security?
Hacking – Introduction
Hacker Communities
Types of Hackers.
Malicious Hacker Strategies
Ethical Hacker Strategies
Steps for conducting Ethical Hacking.
Importance of Vulnerability Research.
Vulnerability Research References.
Conclusion.
3. WHY SECURITY ?
• Increasing use of Complex computer
infrastructure.
• Increasing use of Network elements &
applications.
• Decreasing level of skill set.
• Any Security breach in company will affect its
asset & goodwill.
•Any Security breach in government can affect its
operations & reputation.
4. HACKING-DEFINITION
• The Art of exploring various security breaches is termed as
Hacking.
•It’s an anti-society activity.
•It says, there always exists more than one way to solve the
problem.
•The terms Hacker and Hacking are being misinterpreted
and misunderstood with negative sidelines.
6. HACKER WHO ARE THEY ?
Hackers are Intelligent Computer Professionals.
Motive/Intent
To gain in-depth knowledge of a system, what’s happening
at the backend, behind the screen
To find possible security vulnerabilities in a system.
They create security awareness by sharing knowledge. It’s a
team work.
7. CRACKERS/ATTACKERS
An Individuals who break into computers with malicious intent.
Motive/Intent –
•To seek unauthorized access into a system and cause damage or
destroy or reveal confidential information.
•To compromise the system to deny services to legitimate users for
troubling, harassing them or for taking revenge.
Effects- Can cause financial losses & image/reputation damages,
•Defamation in the society for individuals or organizations
8. PHREAKS
•Phreaks – These are persons who use computer devices and
software to break into phone networks.
•Motive/Intention- To find loopholes in security in phone
network and to makes phone calls at free of cost!!!
•Effects- You may have to big amount of phone bills, for doing
nothing!!!
9. SCRIPT KIDDIES
•Script Kiddies – These are persons not having technical skills to hack
computers.
•Motive/Intention- They use the available information about known
vulnerabilities to break into remote system.
•it’s an act performed for a fun or out of curiosity.
10. HATS OFF
•White Hat Hackers – They use their knowledge and skill set for good, constructive
intents. They find out new
Security loopholes and their solution.
E.g.- LIKE ME.. As I’m Doing It Right Now ( I Hope So!!!)
• Black Hat Hacker- They use their knowledge and skill set for illegal activities
destructive intents.
E.g.- to gain money (online robbery), to take revenge. Disgruntled
Employees is the best example of Black Hats. Attackers (Black Hat HACKERS) are not at
all concerned with security
professionals (White hat hackers). Actually these hackers are Bad Guys!!!`
12. ETHICAL HACKER STRATEGIES
“The one who can hack it, can only secure it”
“If you want to catch criminal then you’ll have to think like
criminal”
• What to protect?
• How to protect?
• Against whom?
• How much resources needed?
13. •Understand Client Requirements for Security / Vulnerability Testing.
• In Preparation Phase, EH will sign an NDA with the client.
• Internal / External Testing.
• Conduct Network Security Audits/ VAPT.
• Risk Assessment & Mitigation
•Documenting Auditing Reports as per Standards.
•Submitting Developer as well as remediation reports.
• Implement remediation for found vulnerabilities.
ETHICAL HACKER STRATEGIES
18. A consultant was hired by a business executive to test the security of
the executive's enterprise. The consultant was not hired to try to hack
through the firewall or bypass the intrusion detection system. He was
hired to see how easy it would be for a motivated intruder to gain
physical access to the company's mission-critical systems.
So the consultant created a fake company ID badge for himself. He
even simulated a magnetic swiping strip on the back of the ID by using
a piece of electrical tape. He used this fake ID to get into the company's
main building, then made his way up to the data centre where he
began swiping his fake ID badge through the scanner. After several
failed attempts, a friendly employee walked up and said, "Sometimes,
that thing doesn't work." The friendly fellow proceeded to swipe his
own badge, letting the consultant into the data centre.
19. At that point, the consultant walked to the centre of the room, raised his
arms, and said, "Okay everyone, I'm conducting a surprise security
audit. I need everyone to leave the room immediately." Although there
were a few surprised faces, all the employees in the data centre filed
out.
The consultant pulled out his cell phone, called the executive who hired
him, and said, "Guess where I am?"
24. VULNERABILITY RESEARCH
Vulnerability research is process of finding vulnerabilities,
threats & loopholes in server/ system.
Includes Vulnerability Assessment & Penetration Testing.
Vulnerability notes can be search on internet via Number,
CVE.
25. VULNERABILITY RESEARCH REFERENCES
• Common Vulnerability database is available at
http://cve.mitre.org/
•National Vulnerability Database is available at
http://web.nvd.nist.gov/
• US – CERT also publishes CVD on http://www.us-cert.gov
1. Contains Alerts which can be helpful to administrator.
2. It doesn’t contain solutions.
29. CONCLUSION
Security is important because prevention is better than cure.
Community of Hackers.
Security Involves five phases.
Ethical Hacking involves Conducting Security Audits,
Vulnerability, Assessment & Penetration testing.
Vulnerability Research is process of discovering different
vulnerabilities in technology & applications.
30.
31. SQL Injection Attack
Allow remote attacker to execute arbitrary database
commands
Relies on poorly formed database queries and
insuiffcient
Input validation
Often facilated,but does not rely unhandled
exceptions and ODBC error messages.
Impact:Massive This is one of the most dangerous
vulnerability on the web.
33. How?
• Information Gathering- Definition
• Initial Info gathering of websites.
• Info Gathering using search engine ,
blogs & forums.
• Info gathering using job, matrimonial
websites.
34. Why Information Gathering ?
• Information Gathering can reveal online footprints of criminal.
• Information Gathering can help investigator to profile
criminals
35. Information Gathering Of Websites
Who is Information
•Owner of website.
•Email id used to register domain.
•Domain registrar.
• Domain name server information.
• Related websites.
36. WHO IS.
Who is. is query to database to get following information.
1.Owner of website.
2.Email id used to register domain.
3.Domain registrar.
4. Domain name server information.
5. Related websites.
37. Reverse IP -Mapping
• Reverse IP will give number of websites hosted on
same
server.
•If one website is vulnerable on the server then
hacker can
easily root the server.
38.
39. Info. Gathering Using Search Engine
• Search engines are efficient mediums to get specific
results according to your requirements.
•Google & yahoo search engine gives best results out
of all
40. Info. Gathering Using Search Engine
• This type of search engines retrieves results from different
search engine & make relation or connections between
those results.
41. Info.Gathering Using Search Engine
• Maltego is an open source intelligence and forensics
application.
• It allows for the mining and gathering of information as
well as the representation of this information in a
meaningful way.
• Coupled with its graphing libraries, Maltego, allows you to
identify key relationships between information and identify
previously unknown relationships between them.
42.
43.
44. Information Gathering
Almost 80% internet users use blogs/forums for
knowledge sharing purpose.
Information gathering from specific blog will also helpful
in
investigations.
Information gathering from Social Networking websites
can also reveal personal info about suspect.
Many websites stored email id lists for newsletters. these
email ids can also be retrieved using email spiders.
45. Phishing Frauds
In the cyber-world phishing is a form of illegal act whereby
fraudulently sensitive information is acquired, such as
passwords and credit card details, by a person/entity
masquerading as a trustworthy person or business in an
apparently official electronic communication, such as an e-
mail
or instantaneous communication.
46. Investigation Steps
Investigator should trace Email using Headers.
As it is going to be Spoof Mail in every case, Investigator should
gather information about hosting server from which it is originated.
Contacting Hosting Server with Message ID & Headers for Real IP
Address.
Asking for Domain names registered within specific time duration
during which this incident reported.
Credit Card or Paypal account or any other online payment account
which was used for transaction.
47. Cont……..
Bank Statement with online banking A/C Access log which gives IP
address of the culprit.
Beneficiary Bank account statement.
Beneficiary Bank account Access Log.
48. Prevention is Better
Harden the server
Monitor alerts
Scan and apply patches
Monitor log
Good physical Security
Intrusion detection system.
Train the technical staff only
Serous policy and procedure.
51. Good Physical Security
Preimeter Security
Computer room security
Desktop security
Close monitoring of admin’s work area
No floppy drive
No bootable CD’s
52. Security Awareness
Sharing admin accounts
Service accounts
Accounts naming conventions Hardening
Passwords (Understand NT passwords !)
Two-factor authentication