2. WHAT IS ETHICAL HACKING
Ethical hacking are the terms that describe hacking
performed to help a company or individual identify
potential threats on the computer or network.
An ethical hacker attempts to hack their way past the
system security, finding any weak points in the security
that could be exploited by other hackers.
2
3. What does an Ethical Hacker do ?
An ethical hacker is a person
I. Who tries to penetrate into a network to find if
there is some vulnerability in the system and they
Have permission for that.
II. If he succeed in penetrating into the system he
goes to the next level and then he will report
about the vulnerability exploiting which he got
in to the system.
3
4. For Indian organizations, these statistics should serve as a wake up call.
I. As per the CSRT statistics, more than 16,000 Indian websites were
hacked every year.
II. A total of 294 websites belonging to various ministries and government
departments were hacked in 2012 .
III. The script kiddies of today becomes the real hackers of tomorrow, who
are well equipped to steal Indian government information discreetly.
Why – Ethical Hacking
4
6. Ethical Hacking
It is Legal
Permission is obtained from the target
It is the Part of an overall security program
Ethical hackers possesses same skills, mindset and tools of a
hacker but the attacks are done in a non-destructive
manner
6
7. Who are Hackers?
Someone who bypasses the system’s access controls by taking advantage of
security weaknesses left in the system by developers .
Person who likes to examine the code of programs to see how they work …
then uses his computer expertise for gaining access to computer systems
without permission and tampering with programs and data. At that point, this
individual would steal information and install backdoors and virus.
Hacker means cracker nowadays.
7
8. Why do people hack??
To make security stronger ( Ethical Hacking )
Just for fun
Hack other systems secretly
Notify many people their thought
Steal important information
8
10. 10
Types of hackers cont..
White Hat Hackers:
A white hat is specializes in penetration testing and in other
testing methodologies to ensure the security of an organization's
information systems.
Black Hat Hackers:
A black hat is the villain or bad guy, especially in a western movie
in which such a character would stereotypically wear a black hat
in contrast to the hero's white hat and they always works as
anonymous.
Gray Hat Hackers:
A grey hat, in the hacking community, refers to a skilled hacker
whose activities fall somewhere between white and black hat
hackers on a variety of spectra.
10
11. Script Kiddies:
Use scripts or programs developed by others to attack computer systems
and networks.
Phreak
A phreak is someone who breaks into the telephone network illegally, to
make free long-distance phone calls or to tap phone lines.
Cyber Punk
Recent mutation of … the hacker, cracker, and phreak
Types of hackers cont..
11
13. 1. Preparation
Identification of Targets – company websites, mail servers, etc.
Signing of Contract
Agreement on protection against any legal issues
Contracts clearly specifies the limits and dangers of the test
Total time for the testing
Prior Knowledge of the systems
13
14. 2. Foot printing
Foot printing is the technique of gathering information about computer systems—
Collecting as much information about the target
DNS Servers
IP Ranges
Admin Contacts
Problems revealed by admin
Information Sources
Search engines
Forums
Tools – PING, whois, Traceroute,etc
14
15. 3. Enumeration & Fingerprinting
Enumeration is a process to gather the information about user names and network
resources .
Fingerprinting identifies specifics of your hardware and software configurations--
Specific targets determined
Identification of Services / open ports
Operating System Enumeration
Methods
Banner grabbing
Port / Service Scans
Tools
Hping, Firewalk, netcat, ssh, telnet, etc.
15
16. 4. Identification of Vulnerabilities
Vulnerability is a weakness which allows an attacker to reduce system's
information assurance.
Insecure Configuration
Weak passwords
Insecure programming
Weak Access Control
16
17. 5. Attack–Exploit the vulnerabilities
Network Infrastructure Attacks
Connecting to the network through modem
Weaknesses in TCP / IP
Flooding the network
Operating System Attacks
Attacking Authentication Systems
Exploiting Protocol Implementations
Exploiting Insecure configuration
Breaking File-System Security
17
18. 6. Gaining access:
Enough data has been gathered at this point to make an informed attempt to
access the target
Techniques
Network sniffing – searching of sensitive information like password
File share brute forcing
Password file grab
Buffer overflows
18
19. 7. Escalating Privileges
If only user-level access was obtained in the last step, the attacker will
now seek to gain complete control of the system
Techniques
Password cracking
19
20. 8. Covering Tracks
Once total ownership of the target is secured, hiding this fact from system
administrators.
Techniques
Clear logs-Eliminating logging evidence to become anonymous
Hide tools
20
21. 9. Creating Back Doors
Trap doors will be laid in various parts of the system to ensure that privileged
access is easily regained at the whim of the intruder
Techniques
Create fake user accounts
Plant remote control services
Install monitoring mechanisms
Replace apps with Trojans and virus
21
22. Why can’t defend against hackers?
There are many unknown security hole
Hackers need to know only one security hole to hack the system
Admin need to know all security holes to defend the system
Ethical hackers find those security holes by testing
22
23. Ethical Hacker - Commandments
Working Ethically
Trustworthiness
No misuse for personal gain
Hacking is not a crime when it is done under set of rules…
That’s why it is termed as ETHICAL HACKING!!!
23
24. Always security professionals are one step behind the hackers and crackers.
Plan for the unplanned attacks.
The role of ethical hacking in security is to provide customers with
awareness of how they could be attacked and why they are targeted.
“This country needs more and better quality of Ethical Hackers
and for that more and more individual should consider it as a
profession.”
24
//According to Nasscom, India will require at least 77,000 ethical hackers every year whereas we are producing only 15,000 in a year, currently.
This results into a significant demand of ethical hackers which are employed on a very high pay scale.
------
As u see that most of indian websites are defaced means attacked by the hackers in the graph shown
------
Csrt : cyber security response team
As shown in graph these are the Government websites hacking incidences
Now we see who are hackers
Now we see the different types of hackers
Domain Name System (DNS) is a standard technology for managing the names of Web sites
Whois: look up domain and IP owner information
Ping – Shows how long it takes for packets to reach host
traceroute is a computer network diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol
TCP (Transmission Control Protocol) is a set of rules
hping is a free packet generator and analyzer for the TCP/IP protocol
Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding
Netcat is a computer networking service for reading from and writing to network connections using TCP
tcpdump is a common packet analyser
Secure Shell (SSH) is a cryptographic network protocol for secure data communication
Telnet is a user command and an underlying TCPIP protocol for accessing remote computers
SNMP specific ports
Banner Grabbing is a technique used by hackers to extract information about a host
NetBIOS (Network Basic Input/Output System) is a program that allows applications on different computers to communicate within a local area network
Flooding is a Denial of Service (DoS) attack that is designed to bring a network or service down by flooding it with large amounts of traffic.
network sniffing is a network layer attack consisting ... in search of sensitive information like passwords
Brute force cracking is method used by application programs to crack encrypted data, such as passwords
buffer overflows to corrupt the execution stack of a web application
//This country needs more and better quality of Ethical Hackers
and for that more and more individual should consider it as a
profession
Domain Name System (DNS) is a standard technology for managing the names of Web sites
Whois: look up domain and IP owner information
Ping – Shows how long it takes for packets to reach host
traceroute is a computer network diagnostic tool for displaying the route (path) and measuring transit delays of packets across an Internet Protocol
TCP (Transmission Control Protocol) is a set of rules
hping is a free packet generator and analyzer for the TCP/IP protocol
Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding
Netcat is a computer networking service for reading from and writing to network connections using TCP
tcpdump is a common packet analyser
Secure Shell (SSH) is a cryptographic network protocol for secure data communication
Telnet is a user command and an underlying TCPIP protocol for accessing remote computers
SNMP specific ports
Banner Grabbing is a technique used by hackers to extract information about a host
Flooding is a Denial of Service (DoS) attack that is designed to bring a network or service down by flooding it with large amounts of traffic.
buffer overflows to corrupt the execution stack of a web application
//This country needs more and better quality of Ethical Hackers
and for that more and more individual should consider it as a
profession