ethical hacking tips
-
Upload
mathewjose228 -
Category
Technology
-
view
3.939 -
download
2
description
Transcript of ethical hacking tips
PRESENTED BY Mathew jose
http://ethicalhacking228.blogspot.in/pls logon to this site to get tips on
ethical hacking re…..
Ethical Hacking - ?
Why – Ethical Hacking ?
Ethical Hacking - Process
Ethical Hacking – Commandments
Reporting
Ethical
Hacking
Conforming to accepted professional standards of conduct
What is Ethical Hacking
Process of breaking into systems for:Personal or Commercial GainsMalicious Intent – Causing sever damage to Information & Assets
Also Called – Attack & Penetration Testing, White-hat hacking, Red teaming
White-hat - Good GuysBlack-hat – Bad guys
What is Ethical HackingIt is LegalPermission is obtained from the targetPart of an overall security programIdentify vulnerabilities visible from Internet at
particular point of timeEthical hackers possesses same skills, mindset
and tools of a hacker but the attacks are done in a non-destructive manner
Why – Ethical HackingJune 01, 2004 to Dec.31, 2004
Domains No of Defacements
.com 922
.gov.in 24
.org 53
.net 39
.biz 12
.co.in 48
.ac.in 13
.info 3
.nic.in 2
.edu 2
other 13
Total 1131
Source: CERT-India
January - 2005
Defacement Statistics for Indian Websites
Why – Ethical Hacking
Source: CERT/CCTotal Number of Incidents Incidents
Why – Ethical Hacking
Source: US - CERT
Why – Ethical Hacking
Viruses, Trojan Horses,
and Worms
SocialEngineering
AutomatedAttacks
Accidental Breaches in
Security Denial ofService (DoS)
OrganizationalAttacks
RestrictedData
Protection from possible External Attacks
Ethical Hacking - Process1. Preparation2. Footprinting3. Enumeration & Fingerprinting4. Identification of Vulnerabilities5. Attack – Exploit the Vulnerabilities
PreparationIdentification of Targets – company websites,
mail servers, extranets, etc.Signing of Contract
Agreement on protection against any legal issuesContracts to clearly specifies the limits and dangers of
the testSpecifics on Denial of Service Tests, Social Engineering,
etc.Time window for AttacksTotal time for the testingPrior Knowledge of the systemsKey people who are made aware of the testing
FootprintingCollecting as much information about the target DNS Servers IP Ranges Administrative Contacts Problems revealed by administrators
Information SourcesSearch enginesForumsDatabases – whois, ripe, arin, apnicTools – PING, whois, Traceroute, DIG, nslookup, sam spade
Enumeration & FingerprintingSpecific targets determined Identification of Services / open portsOperating System Enumeration
Methods Banner grabbing Responses to various protocol (ICMP &TCP) commands Port / Service Scans – TCP Connect, TCP SYN, TCP FIN,
etc.
ToolsNmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh,
telnet, SNMP Scanner
Identification of VulnerabilitiesVulnerabilities
Insecure ConfigurationWeak passwordsUnpatched vulnerabilities in services, Operating
systems, applicationsPossible Vulnerabilities in Services, Operating
SystemsInsecure programmingWeak Access Control
Identification of VulnerabilitiesMethodsUnpatched / Possible Vulnerabilities – Tools,
Vulnerability information WebsitesWeak Passwords – Default Passwords, Brute
force, Social Engineering, Listening to TrafficInsecure Programming – SQL Injection, Listening
to TrafficWeak Access Control – Using the Application
Logic, SQL Injection
Identification of VulnerabilitiesToolsVulnerability Scanners - Nessus, ISS, SARA, SAINTListening to Traffic – Ethercap, tcpdumpPassword Crackers – John the ripper, LC4, PwdumpIntercepting Web Traffic – Achilles, Whisker, Legion
Websites Common Vulnerabilities & Exposures – http://cve.mitre.org Bugtraq – www.securityfocus.com Other Vendor Websites
Attack – Exploit the vulnerabilitiesObtain as much information (trophies) from the
Target AssetGaining Normal AccessEscalation of privilegesObtaining access to other connected systems
Last Ditch Effort – Denial of Service
Attack – Exploit the vulnerabilitiesNetwork Infrastructure Attacks Connecting to the network through modem Weaknesses in TCP / IP, NetBIOS Flooding the network to cause DOS
Operating System Attacks Attacking Authentication Systems Exploiting Protocol Implementations Exploiting Insecure configuration Breaking File-System Security
Attack – Exploit the vulnerabilitiesApplication Specific Attacks
Exploiting implementations of HTTP, SMTP protocols
Gaining access to application DatabasesSQL InjectionSpamming
Attack – Exploit the vulnerabilitiesExploits Free exploits from Hacker Websites Customised free exploits Internally Developed
Tools – Nessus, Metasploit Framework,
ReportingMethodologyExploited Conditions & Vulnerabilities that
could not be exploitedProof for Exploits - TrophiesPractical Security solutions
Ethical Hacking - CommandmentsWorking Ethically
TrustworthinessMisuse for personal gain
Respecting PrivacyNot Crashing the Systems
QUESTIONS ???