1

ETHICAL HACKING

Vivek Kumar Mohbe

2

Contents

Introduction to hacking.What is Ethical Hacking?Hacker and Types of Hackers. Types of Hacking.Types of Ethical Hacking.The process of Ethical Hacking.Ethical issues.Skills of an Ethical Hacker. Why do Hacker do?Why can’t defend against hackers?What to do after being Hacked? System Security.Hackers Language and Translation. Security Attack and Types.

3

1. Hacking

Hacking has several meanings in the technology and computer science fields:

The word hacking is defined as an illegal use of the other's computer system or the network resources.

A modification of a program or device to give the user access to features otherwise were unavailable to them.

The rapid crafting of a new program or the making of changes to existing, usually complicated software.

A inelegant solution to a problem illegally breaking into a computer, generally over a network connection.

4

2. Ethical Hacking

Ethical hacking is defined as the services that provides the securities for the

customer's networks, information assets and identifies the vulnerabilities to maintain

the reputation of the corporate sectors before it exploit the company. Ethical hacking

is the backbone of network security.

This type of the hacking system provides the high securities to the customer's

methodologies and techniques to yield high qualities of infrastructures. It is a part of

an overall security program. It is also called attack & penetration testing. Ethical

hacking is used to understand the Dangers which your systems face. It is completely

legal in INDIA.

5

Hacker Hacker is the term which is formerly meant for the skilful programmer. The word

hacker refers to the names of the persons who enjoys the work in learning the details of

the computer systems and stretch the capabilities from the system

Types of Hackers:

White Hat Hacker.

Black Hat Hacker.

Gray Hat Hacker.

Script Kiddies.

Phreak.

Cyber Punk.

6

White Hat Hackers

Who specializes in penetration testing and in other testing methodologies to ensure the

security of an organization's information systems.

White hat hackers like Ethical hackers. They use their skills for good purposes.

They work for organizations for stop the illegal activities through Black Hat Hackers.

They works to ensure the security of an organization’s information system.

White Hackers : -

o Ankit Fadia

o Tim Berner Lee

o Bill Gates

o Linus Tovaldes

o Steve Jobes

7

Black Hat Hackers A black hat is the villain or bad guy, especially in a western movie in which such a

character would stereotypically wear a black hat in contrast to the hero's white hat.

A black hat is the villain or bad guys.

Use computer to attack systems for profit, for revenge, or for political mitigations.

Black hat hackers always do Illegal work.

They work for black money.

They are professional in their field.

They use their knowledge for illegal purpose.

Black Hackers: -o Kevin Poulseno Kevin d mitnicko Adrain Lamoo Georje Hotzo Jonathan James

8

Gray Hat Hackers

A grey hat, in the hacking community, refers to a skilled hacker whose activities fall

somewhere between white and black hat hackers on a variety of spectra.

Offensively and defensively they will hack for different reasons, depends on situation.

Script KiddiesWho use scripts or programs developed by others to attack computer systems

and networks and deface websites.

PhreakPerson who breaks into telecommunications systems to [commit] theft.

Cyber PunkRecent mutation of … the hacker, cracker, and phreak.

9

Types of Hacking

Website Hacking

Email Hacking

Network Hacking

Password Hacking

Online transactions Hacking

Computer Hacking

Mobile Hacking

PDA hacking

Metropolitan system hacking

10

Types of Ethical Hacking: -

Remote Network: This process is especially utilized to recognize the attacks that are

causing among the internet. Usually the ethical hacker always tries to identify the default

and proxy information in the networks some of them are firewalls, proxy etc.

Local Network: local network hack is the process which is used to access the illegal

information by making use of someone with physical access gaining through the local

network. To start on this procedure the ethical hacker should ready to access the local

network directly.

Stolen Equipment: By making use of the stolen equipment hack it is easy to identify the

information of the thefts such as the laptops etc. the information secured by the owner of

the laptop can be identified. Information like username, password and the security settings

that are in the equipment are encoded by stealing the laptop.

11

Physical Entry: -This Physical entry is used in the organizations to control the attacks

that are obtained through the physical premises. By using the physical entry the ethical

hacker can increase and can produce virus and other Trojans directly onto the network.

Application network: - The logic flaws present in the applications may result to the

illegal access of the network and even in the application and the information that is

provided in the applications.

Wireless network testing: - In this process the wireless network reduces the network

liability to the attacker by using the radio access to the given wireless network space.

Code review: This process will observe the source code which is in the part of the

verification system and will recognize the strengths and the weakness of the modules that

are in the software.

War dialing: It simply identifies the default information that is observed in the modem

which is very dangerous to the corporate organizations.

12

Ethical Hacking Process

Preparation

Foot printing

Enumeration & Fingerprinting

Identification of Vulnerabilities

Attack – Exploit the Vulnerabilities

Gaining Access

Escalating privilege

Covering tracks

Creating back doors

13

1. Preparation

Identification of Targets – company websites, mail servers etc.

Signing of Contract

• Agreement on protection against any legal issues.

• Contracts to clearly specifies the limits and dangers of the test.

• Specifics on Denial of Service Tests, Social Engineering, etc.

• Time window for Attacks.

• Total time for the testing.

• Prior Knowledge of the systems.

• Key people who are made aware of the testing.

14

2. Foot Printing

Collecting as much information about the target

DNS Servers

IP Ranges

Administrative Contacts

Problems revealed by administrators

Information Sources

Search engines

Forums

Databases – whois

Tools – PING, whois, Traceroute, nslookup.

15

3. Enumeration And Fingerprinting

Specific targets determined.

Identification of Services / open ports.

Operating System Enumeration.

Methods

Banner grabbing.

Responses to various protocol (ICMP &TCP) commands.

Port / Service Scans – TCP Connect, TCP SYN, TCP FIN, etc.

Tools

Nmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh, telnet, SNMP Scanner.

16

4. Identification of Vulnerabilities

Vulnerabilities:

It is a weakness which allows an attacker to reduce a system's information assurance.

Insecure Configuration

Weak passwords

Unpatched vulnerabilities in services, Operating systems, applications

Possible Vulnerabilities in Services, Operating Systems

Insecure programming

Weak Access Control

Tools

Vulnerability Scanners - Nessus, ISS, SARA, SAINT

Listening to Traffic – Ethercap, tcpdump

Password Crackers – John the ripper, LC4, Pwdump

Intercepting Web Traffic – Achilles, Whisker, Legion

17

5. Attack – Exploit the vulnerabilities

Network Infrastructure Attacks

Connecting to the network through modem.

Weaknesses in TCP / IP, NetBIOS.

Flooding the network to cause DOS.

Operating System Attacks

Attacking Authentication Systems.

Exploiting Protocol Implementations.

Exploiting Insecure configuration.

Breaking File-System Security.

18

6. Gaining AccessEnough data has been gathered at this point to make an informed attempt to

access the target.

Techniques

Password eavesdropping

File share brute forcing

Password file grab

Buffer overflows

19

7. Escalating Privileges

If only user-level access was obtained in the last step, the attacker will now seek to gain

complete control of the system.

Techniques

Password cracking.

Known exploits.

8. Covering Tracks

Once total ownership of the target is secured, hiding this fact from system administrators

becomes paramount, lest they quickly end the romp.

Techniques

Clear logs.

Hide tools.

20

9. Creating Back DoorsTrap doors will be laid in various parts of the system to ensure that privileged

access is easily regained at the whim of the intruder.

Techniques

Create rogue user accounts.

Schedule batch jobs.

Infect startup files.

Plant remote control services.

Install monitoring mechanisms.

Replace apps with trojans.

21

Skills Of An Ethical Hacker

Routers: knowledge of routers, routing protocols, and access control lists.

Microsoft Windows: skills in operation, configuration and management.

Linux: knowledge of Linux/Unix; security setting, configuration, and services.

Firewalls: configurations, and operation of intrusion detection systems.

Mainframes : knowledge of mainframes .

Network Protocols: TCP/IP; how they function and can be manipulated.

Project Management: knowledge of leading, planning, organizing, and controlling a

penetration testing team.

22

Why Do Hacker do? To make Security Stronger (Ethical Hacking).

Just for fun.

Show off.

Hack other System secretly.

Notify many people their thoughts.

Steel important information.

Destroy enemy’s computer network during war.

Ethical Issues

Privacy – Information should be shared by an authorized people.

Accessibility - Availability of information at any point of time.

Accuracy - Authorized people should not altered the information.

Property - User can access according to property rights.

23

Why Can’t Defend Against Hackers? There are many unknown security hole.

Hackers need to know only one security hole to hack the system.

Admin need to know all security holes to defend the system.

What to do after being Hacked?Shutdown the system Or turn off the system.

Separate the system from network.

Restore the system with the backup Or reinstall all programs.

Clear the memory using Cleaners (like CCleaner).

Scan infected sections with good antivirus.

Finally connect the system to the network.

24

System SecurityUse fire wall.

Use an antivirus. (Norton, mcafee, kespersky).

Update it every week.

Open source software.

Update operating system every month.

Use strong password .

Use a key Scrambler.

Avoid using public computers to bank/shop online.

Secure your wireless network .

25

Hackers Language and Translation

1 -> i or l f -> ph0 -> o |\| -> n3 -> e |\/| -> m 4 -> a s -> z7 -> t z -> s9 -> g ph -> f$ -> s x -> ck| -> i or l ck -> x

Example: -

1 d1d n0t h4ck th1s p4g3, 1t w4s l1k3 th1s wh3n 1 h4ck3d 1n

I did not hack this page, it was like this when I hacked in

26

Security AttackAny action that compromises the security of information owned by the organization.

Types of Security Attack

1. Passive Attack: - passive attacks are the nature of eavesdropping on, or

monitoring of, transmissions. The goal of the opponent is to obtain

information that is being transmitted . These attacks do not harm your

message or data, which includes unauthorized reading of a message or file

2. Active Attack: - active attack involve some modification of the data stream

or the creation of a false stream. These attacks harm your message or data.

27

Types of Passive Attack:

1. Release of message contents :

A release of message contents is easily understood. A telephonic conversation, an

electronic mail, or a transferred file that may contain sensitive or confidential

information . We would like to prevent an opponent from learning the message contents

of these transmission.

2. Traffic Analysis :

Traffic analysis is subtler. Suppose we had a way of masking the contents of message or

other information traffic so that opponents, even if they captured the message, could not

extract the information from the message. The common technique for masking is

encryption.

28

Types of Passive Attack:1. Masquerade: -

Masquerade takes place when one entity pretends to be a different entity. A masquerade

attack usually includes one of the other forms of active attack.

2. Replay: -

Replay involves the passive capture of a data unit and its subsequent retransmission to

produce an unauthorized effect.

3. Modification of message: -

Modification of message means that some portion of a legitimate message is altered, or

that messages are delayed or reordered, to produce an unauthorized effect.

4. Denial of service: -

Denial of service prevents or inhibits the normal use or management of communications

facilities. This attack may have a specific target.

29

Importance of Ethical Hacking:

The ethical hacking system important for some of the service like Application Testing,

War Dialling, Network Testing, Wireless Security, System Hardening etc.

Ethical Hacking used to judge the security programs of the organizations.

It makes software and codes better and more efficient of organizations.

Ethical hacking faces the organizations security risks.

30

Advantage of ethical hacking

This prevents identity theft and the leaking of vital information.

It allows them to implement stronger security measures.

It is also beneficial to help government entities to protect major computer systems from

being compromised in a way that national security would be an issue.

Ethical hacking also helps families of deceased people to access accounts to see what

their final viral transmissions may have been or gain access to some accounts to close them

down.

The Disadvantages of Ethical Hacking This may corrupt the files of an organization.

Basic problems with this is trustworthiness of the Ethical hacker.

Ethical hacker might use the information maliciously.

31

Conclusion

Proper Ethical Hacker Should Be Employed.

Do Not Exposed Your Passwords to Untrusted Sites.

Close Your Internet While Not in Use.

Having Basic Knowledge of Internet.