This document discusses computer security and ethical hacking. It covers various types of hacking like interruption and interception. It defines different types of hackers like white hat, black hat and gray hat hackers. It explains the process of ethical hacking which includes preparation, footprinting, vulnerability identification and exploitation. The document provides details on what hackers do after gaining access like covering tracks, creating backdoors. It suggests ways to protect systems like patching vulnerabilities, encrypting data, and setting up firewalls and intrusion detection systems. It advises actions to take after being hacked like restoring from backups.

1. COMPUTER SECURITY AND ETHICAL
HACKING
Presented By:
Rishabha Garg
( Ethical Hacker)
rishabha.garg06@gmail.com
0903CS091071

2. CONTENTS
• Overview of Hacking
• Types of hacking
• Hacker
• Types of Hacker
• Why do hackers hack?
• How can kid hack?
• What does a script kid know?
• Hackers language
• How to translate the hackers’ language

3. CONTENT CONTINUED…
• Ethical Hacking
• Ethical Hacking – Process
• What hackers do after hacking?
• Why can’t defend against hackers?
• How can protect the system?
• What should do after hacked?
• Final words

4. OVERVIEW OF HACKING
• Hack
• Examine something very minutely
• the rapid crafting of a new program or the making of changes to
existing, usually complicated software
• Hacker
• The person who hacks
• Cracker
• System intruder/destroyer

5. TYPES OF HACKING
Normal
data transfer
Interruption Interception
Modification Fabrication

6. HACKER :
• Someone who bypasses the system’s access controls by taking
advantage of security weaknesses left in the system by developers
• Person who is totally immersed in computer technology and
programming, and who likes to examine the code of programs to see
how they work … then uses his or her computer expertise for illicit
purposes such as gaining access to computer systems without
permission and tampering with programs and data. At that point, this
individual would steal information and install backdoors, virus and
Trojans
• Hacker means cracker nowadays.

7. TYPES OF HACKER
• White Hat Hackers:
• who specializes in penetration testing and in other testing methodologies
to ensure the security of an organization's information systems.
• Black Hat Hackers:
• A black hat is the villain or bad guy, especially in a western movie in
which such a character would stereotypically wear a black hat in contrast
to the hero's white hat.
• Gray Hat Hackers:
• A grey hat, in the hacking community, refers to a skilled hacker whose
activities fall somewhere between white and black hat hackers on a
variety of spectra

8. TYPES OF HACKER CONTINUED…
• Script Kiddies:
• who use scripts or programs developed by others to attack computer
systems and networks and deface websites. [
• Phreak
• Person who breaks into telecommunications systems to [commit] theft
• Cyber Punk
• Recent mutation of … the hacker, cracker, and phreak

9. WHY DO PEOPLE HACK??
• To make security stronger ( Ethical Hacking )
• Just for fun
• Show off
• Hack other systems secretly
• Notify many people their thought
• Steal important information
• Destroy enemy’s computer network during the war

10. HACKERS LANGUAGE :
1 -> i or l || -> n
3 -> e |/| -> m
4 -> a s -> z
7 -> t z -> s
9 -> g f -> ph
0 -> o ph -> f
$ -> s x -> ck
| -> i or l ck -> x

11. HACKERS LANGAUGE TRANSLATION
• Ex)
• 1 d1d n0t h4ck th1s p4g3, 1t w4s l1k3 th1s wh3n 1 h4ck3d 1n
• I did not hack this page, it was like this when I hacked in

12. WHAT IS ETHICAL HACKING
• It is Legal
• Permission is obtained from the target
• Part of an overall security program
• Identify vulnerabilities visible from Internet at particular point of time
• Ethical hackers possesses same skills, mindset and tools of a hacker but
the attacks are done in a non-destructive manner
• Also Called – Attack & Penetration Testing,

13. HACKING - PROCESS
1. Preparation
2. Foot printing
3. Enumeration & Fingerprinting
4. Identification of Vulnerabilities
5. Attack – Exploit the Vulnerabilities
6. Gaining Access
7. Escalating privilege
8. Covering tracks
9. Creating back doors

14. 1. PREPARATION
• Identification of Targets – company websites, mail
servers, extranets, etc.
• Signing of Contract
• Agreement on protection against any legal issues
• Contracts to clearly specifies the limits and dangers of the test
• Specifics on Denial of Service Tests, Social Engineering, etc.
• Time window for Attacks
• Total time for the testing
• Prior Knowledge of the systems
• Key people who are made aware of the testing

15. 2. FOOT PRINTING
Collecting as much information about the target
 DNS Servers
 IP Ranges
 Administrative Contacts
 Problems revealed by administrators
Information Sources
• Search engines
• Forums
• Databases – whois,
• Tools – PING, whois, Traceroute, nslookup

16. 3. ENUMERATION & FINGERPRINTING
• Specific targets determined
• Identification of Services / open ports
• Operating System Enumeration
Methods
 Banner grabbing
 Responses to various protocol (ICMP &TCP) commands
 Port / Service Scans – TCP Connect, TCP SYN, TCP FIN, etc.
Tools
• Nmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh, telnet, SNMP Scanner

17. 4. IDENTIFICATION OF VULNERABILITIES
Vulnerabilities:
It is a weakness which allows an attacker to reduce a system's
information assurance.
• Insecure Configuration
• Weak passwords
• Unpatched vulnerabilities in services, Operating systems, applications
• Possible Vulnerabilities in Services, Operating Systems
• Insecure programming
• Weak Access Control

18. IDENTIFICATION OF VULNERABILITIES CONT..
Tools
Vulnerability Scanners - Nessus, ISS, SARA, SAINT
Listening to Traffic – Ethercap, tcpdump
Password Crackers – John the ripper, LC4, Pwdump
Intercepting Web Traffic – Achilles, Whisker, Legion

19. 5. ATTACK – EXPLOIT THE VULNERABILITIES
Network Infrastructure Attacks
 Connecting to the network through modem
 Weaknesses in TCP / IP, NetBIOS
 Flooding the network to cause DOS
Operating System Attacks
 Attacking Authentication Systems
 Exploiting Protocol Implementations
 Exploiting Insecure configuration
 Breaking File-System Security

20. 6. GAINING ACCESS:
• Enough data has been gathered at this point to make an informed attempt to
access the target
• Techniques
• Password eavesdropping
• File share brute forcing
• Password file grab
• Buffer overflows

21. 7. ESCALATING PRIVILEGES
• If only user-level access was obtained in the last step, the attacker will now
seek to gain complete control of the system
• Techniques
• Password cracking
• Known exploits

22. 8. COVERING TRACKS
• Once total ownership of the target is secured, hiding this fact from system administrators
becomes paramount, lest they quickly end the romp.
• Techniques
• Clear logs
• Hide tools

23. 9. CREATING BACK DOORS
• Trap doors will be laid in various parts of the system to ensure that
privileged access is easily regained at the whim of the intruder
• Techniques
• Create rogue user accounts
• Schedule batch jobs
• Infect startup files
• Plant remote control services
• Install monitoring mechanisms
• Replace apps with trojans

24. WHAT DO HACKERS DO AFTER HACKING? (1)
• Patch security hole
• The other hackers can’t intrude
• Clear logs and hide themselves
• Install rootkit ( backdoor )
• The hacker who hacked the system can use the system later
• It contains trojan virus, and so on
• Install irc related program
• identd, irc, bitchx, eggdrop, bnc

25. WHAT DO HACKERS DO AFTER HACKING? (2)
• Install scanner program
• mscan, sscan, nmap
• Install exploit program
• Install denial of service program
• Use all of installed programs silently

26. WHY CAN’T DEFEND AGAINST HACKERS?
• There are many unknown security hole
• Hackers need to know only one security hole to hack the system
• Admin need to know all security holes to defend the system

27. HOW CAN PROTECT THE SYSTEM?
 Patch security hole often
 Encrypt important data
 Ex) pgp, ssh
 Do not run unused daemon
 Remove unused setuid/setgid program
 Setup loghost
• Backup the system often
 Setup firewall
 Setup IDS
 Ex) snort

28. WHAT SHOULD DO AFTER HACKED?
• Shutdown the system
• Or turn off the system
• Separate the system from network
• Restore the system with the backup
• Or reinstall all programs
• Connect the system to the network

29. PLEASE SEND SUGGESTIONS AND FEEDBACKS
• Many topics of hacking is still remains to cover
• People who are interested can send me a message or can mail me at
rishabha.garg06@gmail.com
Thank You !!!