Ethical hacking
-
Upload
vivek-mohbe -
Category
Career
-
view
443 -
download
0
description
Transcript of Ethical hacking
1
ETHICAL HACKING
Vivek Kumar Mohbe
2
Contents
Introduction to hacking.What is Ethical Hacking?Hacker and Types of Hackers. Types of Hacking.Types of Ethical Hacking.The process of Ethical Hacking.Ethical issues.Skills of an Ethical Hacker. Why do Hacker do?Why can’t defend against hackers?What to do after being Hacked? System Security.Hackers Language and Translation. Security Attack and Types.
3
1. Hacking
Hacking has several meanings in the technology and computer science fields:
The word hacking is defined as an illegal use of the other's computer system or the network resources.
A modification of a program or device to give the user access to features otherwise were unavailable to them.
The rapid crafting of a new program or the making of changes to existing, usually complicated software.
A inelegant solution to a problem illegally breaking into a computer, generally over a network connection.
4
2. Ethical Hacking
Ethical hacking is defined as the services that provides the securities for the
customer's networks, information assets and identifies the vulnerabilities to maintain
the reputation of the corporate sectors before it exploit the company. Ethical hacking
is the backbone of network security.
This type of the hacking system provides the high securities to the customer's
methodologies and techniques to yield high qualities of infrastructures. It is a part of
an overall security program. It is also called attack & penetration testing. Ethical
hacking is used to understand the Dangers which your systems face. It is completely
legal in INDIA.
5
Hacker Hacker is the term which is formerly meant for the skilful programmer. The word
hacker refers to the names of the persons who enjoys the work in learning the details of
the computer systems and stretch the capabilities from the system
Types of Hackers:
White Hat Hacker.
Black Hat Hacker.
Gray Hat Hacker.
Script Kiddies.
Phreak.
Cyber Punk.
6
White Hat Hackers
Who specializes in penetration testing and in other testing methodologies to ensure the
security of an organization's information systems.
White hat hackers like Ethical hackers. They use their skills for good purposes.
They work for organizations for stop the illegal activities through Black Hat Hackers.
They works to ensure the security of an organization’s information system.
White Hackers : -
o Ankit Fadia
o Tim Berner Lee
o Bill Gates
o Linus Tovaldes
o Steve Jobes
7
Black Hat Hackers A black hat is the villain or bad guy, especially in a western movie in which such a
character would stereotypically wear a black hat in contrast to the hero's white hat.
A black hat is the villain or bad guys.
Use computer to attack systems for profit, for revenge, or for political mitigations.
Black hat hackers always do Illegal work.
They work for black money.
They are professional in their field.
They use their knowledge for illegal purpose.
Black Hackers: -o Kevin Poulseno Kevin d mitnicko Adrain Lamoo Georje Hotzo Jonathan James
8
Gray Hat Hackers
A grey hat, in the hacking community, refers to a skilled hacker whose activities fall
somewhere between white and black hat hackers on a variety of spectra.
Offensively and defensively they will hack for different reasons, depends on situation.
Script KiddiesWho use scripts or programs developed by others to attack computer systems
and networks and deface websites.
PhreakPerson who breaks into telecommunications systems to [commit] theft.
Cyber PunkRecent mutation of … the hacker, cracker, and phreak.
9
Types of Hacking
Website Hacking
Email Hacking
Network Hacking
Password Hacking
Online transactions Hacking
Computer Hacking
Mobile Hacking
PDA hacking
Metropolitan system hacking
10
Types of Ethical Hacking: -
Remote Network: This process is especially utilized to recognize the attacks that are
causing among the internet. Usually the ethical hacker always tries to identify the default
and proxy information in the networks some of them are firewalls, proxy etc.
Local Network: local network hack is the process which is used to access the illegal
information by making use of someone with physical access gaining through the local
network. To start on this procedure the ethical hacker should ready to access the local
network directly.
Stolen Equipment: By making use of the stolen equipment hack it is easy to identify the
information of the thefts such as the laptops etc. the information secured by the owner of
the laptop can be identified. Information like username, password and the security settings
that are in the equipment are encoded by stealing the laptop.
11
Physical Entry: -This Physical entry is used in the organizations to control the attacks
that are obtained through the physical premises. By using the physical entry the ethical
hacker can increase and can produce virus and other Trojans directly onto the network.
Application network: - The logic flaws present in the applications may result to the
illegal access of the network and even in the application and the information that is
provided in the applications.
Wireless network testing: - In this process the wireless network reduces the network
liability to the attacker by using the radio access to the given wireless network space.
Code review: This process will observe the source code which is in the part of the
verification system and will recognize the strengths and the weakness of the modules that
are in the software.
War dialing: It simply identifies the default information that is observed in the modem
which is very dangerous to the corporate organizations.
12
Ethical Hacking Process
Preparation
Foot printing
Enumeration & Fingerprinting
Identification of Vulnerabilities
Attack – Exploit the Vulnerabilities
Gaining Access
Escalating privilege
Covering tracks
Creating back doors
13
1. Preparation
Identification of Targets – company websites, mail servers etc.
Signing of Contract
• Agreement on protection against any legal issues.
• Contracts to clearly specifies the limits and dangers of the test.
• Specifics on Denial of Service Tests, Social Engineering, etc.
• Time window for Attacks.
• Total time for the testing.
• Prior Knowledge of the systems.
• Key people who are made aware of the testing.
14
2. Foot Printing
Collecting as much information about the target
DNS Servers
IP Ranges
Administrative Contacts
Problems revealed by administrators
Information Sources
Search engines
Forums
Databases – whois
Tools – PING, whois, Traceroute, nslookup.
15
3. Enumeration And Fingerprinting
Specific targets determined.
Identification of Services / open ports.
Operating System Enumeration.
Methods
Banner grabbing.
Responses to various protocol (ICMP &TCP) commands.
Port / Service Scans – TCP Connect, TCP SYN, TCP FIN, etc.
Tools
Nmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh, telnet, SNMP Scanner.
16
4. Identification of Vulnerabilities
Vulnerabilities:
It is a weakness which allows an attacker to reduce a system's information assurance.
Insecure Configuration
Weak passwords
Unpatched vulnerabilities in services, Operating systems, applications
Possible Vulnerabilities in Services, Operating Systems
Insecure programming
Weak Access Control
Tools
Vulnerability Scanners - Nessus, ISS, SARA, SAINT
Listening to Traffic – Ethercap, tcpdump
Password Crackers – John the ripper, LC4, Pwdump
Intercepting Web Traffic – Achilles, Whisker, Legion
17
5. Attack – Exploit the vulnerabilities
Network Infrastructure Attacks
Connecting to the network through modem.
Weaknesses in TCP / IP, NetBIOS.
Flooding the network to cause DOS.
Operating System Attacks
Attacking Authentication Systems.
Exploiting Protocol Implementations.
Exploiting Insecure configuration.
Breaking File-System Security.
18
6. Gaining AccessEnough data has been gathered at this point to make an informed attempt to
access the target.
Techniques
Password eavesdropping
File share brute forcing
Password file grab
Buffer overflows
19
7. Escalating Privileges
If only user-level access was obtained in the last step, the attacker will now seek to gain
complete control of the system.
Techniques
Password cracking.
Known exploits.
8. Covering Tracks
Once total ownership of the target is secured, hiding this fact from system administrators
becomes paramount, lest they quickly end the romp.
Techniques
Clear logs.
Hide tools.
20
9. Creating Back DoorsTrap doors will be laid in various parts of the system to ensure that privileged
access is easily regained at the whim of the intruder.
Techniques
Create rogue user accounts.
Schedule batch jobs.
Infect startup files.
Plant remote control services.
Install monitoring mechanisms.
Replace apps with trojans.
21
Skills Of An Ethical Hacker
Routers: knowledge of routers, routing protocols, and access control lists.
Microsoft Windows: skills in operation, configuration and management.
Linux: knowledge of Linux/Unix; security setting, configuration, and services.
Firewalls: configurations, and operation of intrusion detection systems.
Mainframes : knowledge of mainframes .
Network Protocols: TCP/IP; how they function and can be manipulated.
Project Management: knowledge of leading, planning, organizing, and controlling a
penetration testing team.
22
Why Do Hacker do? To make Security Stronger (Ethical Hacking).
Just for fun.
Show off.
Hack other System secretly.
Notify many people their thoughts.
Steel important information.
Destroy enemy’s computer network during war.
Ethical Issues
Privacy – Information should be shared by an authorized people.
Accessibility - Availability of information at any point of time.
Accuracy - Authorized people should not altered the information.
Property - User can access according to property rights.
23
Why Can’t Defend Against Hackers? There are many unknown security hole.
Hackers need to know only one security hole to hack the system.
Admin need to know all security holes to defend the system.
What to do after being Hacked?Shutdown the system Or turn off the system.
Separate the system from network.
Restore the system with the backup Or reinstall all programs.
Clear the memory using Cleaners (like CCleaner).
Scan infected sections with good antivirus.
Finally connect the system to the network.
24
System SecurityUse fire wall.
Use an antivirus. (Norton, mcafee, kespersky).
Update it every week.
Open source software.
Update operating system every month.
Use strong password .
Use a key Scrambler.
Avoid using public computers to bank/shop online.
Secure your wireless network .
25
Hackers Language and Translation
1 -> i or l f -> ph0 -> o |\| -> n3 -> e |\/| -> m 4 -> a s -> z7 -> t z -> s9 -> g ph -> f$ -> s x -> ck| -> i or l ck -> x
Example: -
1 d1d n0t h4ck th1s p4g3, 1t w4s l1k3 th1s wh3n 1 h4ck3d 1n
I did not hack this page, it was like this when I hacked in
26
Security AttackAny action that compromises the security of information owned by the organization.
Types of Security Attack
1. Passive Attack: - passive attacks are the nature of eavesdropping on, or
monitoring of, transmissions. The goal of the opponent is to obtain
information that is being transmitted . These attacks do not harm your
message or data, which includes unauthorized reading of a message or file
2. Active Attack: - active attack involve some modification of the data stream
or the creation of a false stream. These attacks harm your message or data.
27
Types of Passive Attack:
1. Release of message contents :
A release of message contents is easily understood. A telephonic conversation, an
electronic mail, or a transferred file that may contain sensitive or confidential
information . We would like to prevent an opponent from learning the message contents
of these transmission.
2. Traffic Analysis :
Traffic analysis is subtler. Suppose we had a way of masking the contents of message or
other information traffic so that opponents, even if they captured the message, could not
extract the information from the message. The common technique for masking is
encryption.
28
Types of Passive Attack:1. Masquerade: -
Masquerade takes place when one entity pretends to be a different entity. A masquerade
attack usually includes one of the other forms of active attack.
2. Replay: -
Replay involves the passive capture of a data unit and its subsequent retransmission to
produce an unauthorized effect.
3. Modification of message: -
Modification of message means that some portion of a legitimate message is altered, or
that messages are delayed or reordered, to produce an unauthorized effect.
4. Denial of service: -
Denial of service prevents or inhibits the normal use or management of communications
facilities. This attack may have a specific target.
29
Importance of Ethical Hacking:
The ethical hacking system important for some of the service like Application Testing,
War Dialling, Network Testing, Wireless Security, System Hardening etc.
Ethical Hacking used to judge the security programs of the organizations.
It makes software and codes better and more efficient of organizations.
Ethical hacking faces the organizations security risks.
30
Advantage of ethical hacking
This prevents identity theft and the leaking of vital information.
It allows them to implement stronger security measures.
It is also beneficial to help government entities to protect major computer systems from
being compromised in a way that national security would be an issue.
Ethical hacking also helps families of deceased people to access accounts to see what
their final viral transmissions may have been or gain access to some accounts to close them
down.
The Disadvantages of Ethical Hacking This may corrupt the files of an organization.
Basic problems with this is trustworthiness of the Ethical hacker.
Ethical hacker might use the information maliciously.
31
Conclusion
Proper Ethical Hacker Should Be Employed.
Do Not Exposed Your Passwords to Untrusted Sites.
Close Your Internet While Not in Use.
Having Basic Knowledge of Internet.