Introduction to Ethical Hacking (Basics)
-
Upload
sumit-satam -
Category
Education
-
view
60 -
download
5
description
Transcript of Introduction to Ethical Hacking (Basics)
SUMMITSPRESENTS
KNOW ABOUT :
WHAT IS HACKING?
HACKERS
TYPES OF HACKING
WHAT IS ETHICAL HACKING?
DIFFERENT LEVELS IN HACKERS
ETHICAL HACKING
Hacking is simply gaining an unauthorized access to a computer system. It is the act of breaking in to a computer system and is a criminal offence under the computer misuse. Learning how a system works and how to make it do things it wasn't designed to do , or you haven't got the privileges to do.
What is Hacking?
• Inside Jobs :- It include stealing passwords (which hackers then use or sell)- Performing industrial espionage- causing harm (as disgruntled employees)- committing simple misuse.
Types Of Hacking :
• Rogue Access Points :- Rogue access points (APs) are unsecured wireless access points that outsiders can easily breech. (Local hackers often advertise rogue APs to each other.)- Rogue APs are most often connected by well-meaning but ignorant employees.
• Back Doors :- Hackers can gain access to a network by exploiting back doors administrative shortcuts, configuration errors, easily deciphered passwords, and unsecured dial-ups.- With the aid of computerized searchers (bots), hackers can probably find any weakness in your network.
• Viruses and Worms :- Viruses and worms are self-replicating programs or code fragments that attach themselves to other programs (viruses) or machines (worms).- Both attempt to shut down networks by flooding them with massive amounts of bogus traffic, usually through e-mail.
• Trojan Horses :-Trojan horses, which are attached to other programs, are the leading cause of all break-ins.- When a user downloads and activates a Trojan horse, the hacked software (SW) kicks off a virus, password gobbler, or remote-control SW that gives the hacker control of the PC.
• Denial of Service :- DoS attacks give hackers a way to bring down a network without gaining internal access.- DoS attacks work by flooding the access routers with bogus traffic (which can be e-mail or Transmission Control Protocol, TCP, packets).- Distributed DoSs are coordinated DoS attacks from multiple sources. DDoS is more difficult to block because it uses multiple, changing, source IP addresses.
• Anarchists, Crackers, and Kiddies (types in hackers) :- Anarchists are people who just like to break stuff. They usually exploit any target of opportunity.- Crackers are hobbyists or professionals who break passwords and develop Trojan horses or other SW (called warez). They either use the SW themselves (for bragging rights) or sell it for profit.
- Script kiddies are hacker wannabes. They have no real hacker skills, so they buy or download warez, which they launch.Other attackers include disgruntled employees, terrorists, political operatives, or anyone else who feels slighted, exploited, ripped off, or unloved.
• Sniffing and Spoofing :- Sniffing refers to the act of intercepting TCP packets. This interception can happen through simple eavesdropping or something more sinister.- Spoofing is the act of sending an illegitimate packet with an expected acknowledgment (ACK), which a hacker can guess, predict, or obtain by snooping.
-As the cost of hacking attacks continues to rise, businesses have been forced to increase spending on network security. However, hackers have also developed new skills that allow them to break into more complex systems.- Hacking typically involves compromising the security of networks, breaking the security of application software, or creating malicious programs such as viruses.
- Most popular forms of network hacking are denial of service (DoS) attacks and mail bombs.- DoS attacks are designed to swamp a computer network, causing it to crash.- Mail bombs act in a similar fashion, but attack the network's mail servers.- Web server are bombarded with fake requests for Web pages, which overloads the site and caused it to crash.
- Network hackers also try to break into secure areas to find sensitive data. Once a network is hacked, files can be removed, stolen, or erased.
- Application hackers break security on application software-software including word processing and graphics programs-in order to get it for free.
- One way they gain access to software that requires a serial number for installation is by setting up a serial number generator that will try millions of different combinations until a match is found.- Application hackers also sometimes attack the program itself in an attempt to remove certain security features.
-Hackers that create viruses, logic bombs, worms, and Trojan horses are involved in perhaps the most malicious hacking activities.-A virus is a program that has the potential to attack and corrupt computer files by attaching itself to a file to replicate itself.- It can also cause a computer to crash by utilizing all of the computer's resources.
Ethical hacking is where a person hacks to find weaknesses in a system and then usually patches them.Ex. : A bank may pay a hacker to hack their systems to see if it is hackable. If he gets in, then they know there is potential for other people to hack in, and usually they will work with this ethical hacker to patch these holes. If he doesn't get in, then they pray that nobody is better at hacking than him.
What is ethical hacking ?
A hacker (white, grey, or black) looks at it this way. The RFC says to load an instruction into memory, use 8 bits of data, and two bits of instruction, then a hacker looks at this and wonders, and tries to pass more no. of bits .- As results sooner or later the computer will not be able to deal with the amount of data being passed in a manner it understands & the computer will not know how to interpret the instructions.
When a computer does not know what to do next, it gives up and passes control to the SYSTEM, which is all powerful.This is a very basic description of a buffer overflow. The hacker wants to force the computer to give up, and pass control to the SYSTEM. Once this happens, the hacker has administrative control and can now start passing commands to the computer that it will follow without question.
• There are three levels of hackers.- White Hats spend all their time trying to break the system, to prove it can be broke, so they can get the manufacturer to address the problem and fix it.- Grey Hats do same thing, but perhaps will try to gain from their new way of breaking the system. They may expect payment for finding a way to break the system, & they may even try to get financial gain from their knowledge or silence.
Different levels in hackers
-Black Hats want to take the knowledge of how to break a system and use it for financial gain. They may use it to hack systems or write code that allows others to hack systems, and sell that code.
All three are doing the same thing, trying to break the systems. The difference which matters is what they intend to DO with the information once they discover it ??
Thanks For Reading
By : Sumit Sanjay Satam
THE END