SlideShare ist ein Scribd-Unternehmen logo

Ethical hacking-ppt-download4575

Als PPT, PDF herunterladen
Gopal Rathod
Gopal Rathod
Technologie
1 von 21
Ethical Hacking !@ #
Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Reporting Ethical Hacking – Commandments 2 !@ #
What is Ethical Hacking Also Called – Attack & Penetration Testing, White-hat hacking, Red teaming Hacking Process of breaking into systems for: Personal or Commercial Gains Malicious Intent – Causing sever damage to Information & Assets Ethical Conforming to accepted professional standards of conduct Black-hat – Bad guys 3 White-hat - Good Guys !@ #
What is Ethical Hacking      4 It is Legal Permission is obtained from the target Part of an overall security program Identify vulnerabilities visible from Internet at particular point of time Ethical hackers possesses same skills, mindset and tools of a hacker but the attacks are done in a non-destructive manner !@ #
Why – Ethical Hacking January - 2005 June 01, 2004 to Dec.31, 2004 Domains .com No of Defacements 922 .gov.in 24 .org 53 .net 39 .biz 12 .co.in 48 .ac.in 13 .info 3 .nic.in 2 .edu 2 other 13 Total 1131 Defacement Statistics for Indian Websites Source: CERT-India 5 !@ #
Why – Ethical Hacking Total Number of Incidents Incidents 6 !@ Source: CERT/CC #
Why – Ethical Hacking Source: US - CERT 7 !@ #
Why – Ethical Hacking Protection from possible External Attacks Social Engineering Automated Attacks Organizational Attacks Restricted Data Accidental Breaches in Security 8 Viruses, Trojan Horses, and Worms Denial of Service (DoS) !@ #
Ethical Hacking - Process 1. 2. 3. 4. 5. 9 Preparation Footprinting Enumeration & Fingerprinting Identification of Vulnerabilities Attack – Exploit the Vulnerabilities !@ #
Preparation   Identification of Targets – company websites, mail servers, extranets, etc. Signing of Contract        10 Agreement on protection against any legal issues Contracts to clearly specifies the limits and dangers of the test Specifics on Denial of Service Tests, Social Engineering, etc. Time window for Attacks Total time for the testing Prior Knowledge of the systems Key people who are made aware of the testing !@ #
Footprinting Collecting as much information about the target  DNS Servers  IP Ranges  Administrative Contacts  Problems revealed by administrators Information Sources  Search engines  Forums  Databases – whois, ripe, arin, apnic  Tools – PING, whois, Traceroute, DIG, nslookup, sam spade 11 !@ #
Enumeration & Fingerprinting    Specific targets determined Identification of Services / open ports Operating System Enumeration Methods  Banner grabbing  Responses to various protocol (ICMP &TCP) commands  Port / Service Scans – TCP Connect, TCP SYN, TCP FIN, etc. Tools  Nmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh, telnet, SNMP Scanner 12 !@ #
Identification of Vulnerabilities Vulnerabilities       13 Insecure Configuration Weak passwords Unpatched vulnerabilities in services, Operating systems, applications Possible Vulnerabilities in Services, Operating Systems Insecure programming Weak Access Control !@ #
Identification of Vulnerabilities Methods  Unpatched / Possible Vulnerabilities – Tools, Vulnerability information Websites  Weak Passwords – Default Passwords, Brute force, Social Engineering, Listening to Traffic  Insecure Programming – SQL Injection, Listening to Traffic  Weak Access Control – Using the Application Logic, SQL Injection 14 !@ #
Identification of Vulnerabilities Tools Vulnerability Scanners - Nessus, ISS, SARA, SAINT Listening to Traffic – Ethercap, tcpdump Password Crackers – John the ripper, LC4, Pwdump Intercepting Web Traffic – Achilles, Whisker, Legion Websites  Common Vulnerabilities & Exposures – http://cve.mitre.org  Bugtraq – www.securityfocus.com  Other Vendor Websites 15 !@ #
Attack – Exploit the vulnerabilities     Obtain as much information (trophies) from the Target Asset Gaining Normal Access Escalation of privileges Obtaining access to other connected systems Last Ditch Effort – Denial of Service 16 !@ #
Attack – Exploit the vulnerabilities Network Infrastructure Attacks  Connecting to the network through modem  Weaknesses in TCP / IP, NetBIOS  Flooding the network to cause DOS Operating System Attacks  Attacking Authentication Systems  Exploiting Protocol Implementations  Exploiting Insecure configuration  Breaking File-System Security 17 !@ #
Attack – Exploit the vulnerabilities Application Specific Attacks     18 Exploiting implementations of HTTP, SMTP protocols Gaining access to application Databases SQL Injection Spamming !@ #
Attack – Exploit the vulnerabilities Exploits  Free exploits from Hacker Websites  Customised free exploits  Internally Developed Tools – Nessus, Metasploit Framework, 19 !@ #
Reporting Methodology  Exploited Conditions & Vulnerabilities that could not be exploited  Proof for Exploits - Trophies  Practical Security solutions  20 !@ #
Ethical Hacking - Commandments  Working Ethically     21 Trustworthiness Misuse for personal gain Respecting Privacy Not Crashing the Systems !@ #

Empfohlen

Hacking and Ethical Hacking
Hacking and Ethical HackingHacking and Ethical Hacking
Hacking and Ethical HackingMasih Karimi
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmmandynova
 
Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingMissStevenson1
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingRavi Rajput
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingBugRaptors
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingS Sai Karthik
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingMohammad Affan
 

Empfohlen

Hacking and Ethical Hacking
Hacking and Ethical HackingHacking and Ethical Hacking
Hacking and Ethical HackingMasih Karimi
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmmandynova
 
Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingMissStevenson1
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingRavi Rajput
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingBugRaptors
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingS Sai Karthik
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingMohammad Affan
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingNitheesh Adithyan
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAlapan Banerjee
 
An Introduction to Ethical Hacking
An Introduction to Ethical HackingAn Introduction to Ethical Hacking
An Introduction to Ethical HackingVinny Vessel
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Umesh Mahawar
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingAditya Vikram Singhania
 
Hackers
HackersHackers
HackersReyansh Vishwakarma
 
Ethical Hacking
Ethical Hacking Ethical Hacking
Ethical Hacking Harshit Upadhyay
 
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...Simplilearn
 
Penetration testing
Penetration testing Penetration testing
Penetration testing PTC
 
ETHICAL HACKING
ETHICAL HACKING ETHICAL HACKING
ETHICAL HACKING Sweta Leena Panda
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacksSugirtha Jasmine M
 
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...Edureka!
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingAryan Saxena
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolschrizjohn896
 
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...Edureka!
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingSVishnupriya5
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingSourabh Badve
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking PowerpointRen Tuazon
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAltacit Global
 
Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical HackingDivyank Jindal
 
324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.pptssuserde23af
 
324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.pptssuserde23af
 

Weitere ähnliche Inhalte

Was ist angesagt?

An Introduction to Ethical Hacking
An Introduction to Ethical HackingAn Introduction to Ethical Hacking
An Introduction to Ethical HackingVinny Vessel
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Umesh Mahawar
 
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...Simplilearn
 
Penetration testing
Penetration testing Penetration testing
Penetration testing PTC
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacksSugirtha Jasmine M
 
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...Edureka!
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolschrizjohn896
 
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...Edureka!
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking PowerpointRen Tuazon
 
Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical HackingDivyank Jindal
 

Was ist angesagt? (20)

Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
An Introduction to Ethical Hacking
An Introduction to Ethical HackingAn Introduction to Ethical Hacking
An Introduction to Ethical Hacking
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Hackers
HackersHackers
Hackers
 
Ethical Hacking
Ethical Hacking Ethical Hacking
Ethical Hacking
 
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
 
Penetration testing
Penetration testing Penetration testing
Penetration testing
 
ETHICAL HACKING
ETHICAL HACKING ETHICAL HACKING
ETHICAL HACKING
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacks
 
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and tools
 
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking Powerpoint
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical Hacking
 

Ähnlich wie Ethical hacking-ppt-download4575

324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.pptssuserde23af
 
324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.pptssuserde23af
 
324515851-Ethical-Hacking-Ppt-Download4575A.ppt
324515851-Ethical-Hacking-Ppt-Download4575A.ppt324515851-Ethical-Hacking-Ppt-Download4575A.ppt
324515851-Ethical-Hacking-Ppt-Download4575A.pptssuserde23af
 
Ethical Hacking: Safeguarding Systems through Responsible Security Testing
Ethical Hacking: Safeguarding Systems through Responsible Security TestingEthical Hacking: Safeguarding Systems through Responsible Security Testing
Ethical Hacking: Safeguarding Systems through Responsible Security Testingchampubhaiya8
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0Q Fadlan
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingANURAG CHAKRABORTY
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxSuhailShaik16
 
Learn Hacking With Gflixacademy
Learn Hacking With GflixacademyLearn Hacking With Gflixacademy
Learn Hacking With GflixacademyGaurav Mishra
 
Introduction to Hacking
Introduction to HackingIntroduction to Hacking
Introduction to HackingRishabha Garg
 
EN-Ethical-Hacking-2023-18-08-03-26-15.pdf
EN-Ethical-Hacking-2023-18-08-03-26-15.pdfEN-Ethical-Hacking-2023-18-08-03-26-15.pdf
EN-Ethical-Hacking-2023-18-08-03-26-15.pdfssuser886cfe
 
EN-Ethical Hacking.pdf
EN-Ethical Hacking.pdfEN-Ethical Hacking.pdf
EN-Ethical Hacking.pdfVinay379568
 
certifieced ethical hacker course old an
certifieced ethical hacker course old ancertifieced ethical hacker course old an
certifieced ethical hacker course old anradio02moura
 

Ähnlich wie Ethical hacking-ppt-download4575 (20)

324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt
 
324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt
 
324515851-Ethical-Hacking-Ppt-Download4575A.ppt
324515851-Ethical-Hacking-Ppt-Download4575A.ppt324515851-Ethical-Hacking-Ppt-Download4575A.ppt
324515851-Ethical-Hacking-Ppt-Download4575A.ppt
 
Ethical Hacking: Safeguarding Systems through Responsible Security Testing
Ethical Hacking: Safeguarding Systems through Responsible Security TestingEthical Hacking: Safeguarding Systems through Responsible Security Testing
Ethical Hacking: Safeguarding Systems through Responsible Security Testing
 
Ethical hacking by shivam
Ethical hacking by shivamEthical hacking by shivam
Ethical hacking by shivam
 
Presentation1
Presentation1Presentation1
Presentation1
 
ethical hacking
ethical hackingethical hacking
ethical hacking
 
Ethical h
Ethical hEthical h
Ethical h
 
Ethical h
Ethical hEthical h
Ethical h
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration Testing
 
Introduction to ceh
Introduction to cehIntroduction to ceh
Introduction to ceh
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
 
Learn Hacking With Gflixacademy
Learn Hacking With GflixacademyLearn Hacking With Gflixacademy
Learn Hacking With Gflixacademy
 
Introduction to Hacking
Introduction to HackingIntroduction to Hacking
Introduction to Hacking
 
EN-Ethical-Hacking-2023-18-08-03-26-15.pdf
EN-Ethical-Hacking-2023-18-08-03-26-15.pdfEN-Ethical-Hacking-2023-18-08-03-26-15.pdf
EN-Ethical-Hacking-2023-18-08-03-26-15.pdf
 
EN-Ethical Hacking.pdf
EN-Ethical Hacking.pdfEN-Ethical Hacking.pdf
EN-Ethical Hacking.pdf
 
certifieced ethical hacker course old an
certifieced ethical hacker course old ancertifieced ethical hacker course old an
certifieced ethical hacker course old an
 

Kürzlich hochgeladen

Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Kürzlich hochgeladen (20)

Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Ethical hacking-ppt-download4575

  • 2. Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Reporting Ethical Hacking – Commandments 2 !@ #
  • 3. What is Ethical Hacking Also Called – Attack & Penetration Testing, White-hat hacking, Red teaming Hacking Process of breaking into systems for: Personal or Commercial Gains Malicious Intent – Causing sever damage to Information & Assets Ethical Conforming to accepted professional standards of conduct Black-hat – Bad guys 3 White-hat - Good Guys !@ #
  • 4. What is Ethical Hacking      4 It is Legal Permission is obtained from the target Part of an overall security program Identify vulnerabilities visible from Internet at particular point of time Ethical hackers possesses same skills, mindset and tools of a hacker but the attacks are done in a non-destructive manner !@ #
  • 5. Why – Ethical Hacking January - 2005 June 01, 2004 to Dec.31, 2004 Domains .com No of Defacements 922 .gov.in 24 .org 53 .net 39 .biz 12 .co.in 48 .ac.in 13 .info 3 .nic.in 2 .edu 2 other 13 Total 1131 Defacement Statistics for Indian Websites Source: CERT-India 5 !@ #
  • 6. Why – Ethical Hacking Total Number of Incidents Incidents 6 !@ Source: CERT/CC #
  • 7. Why – Ethical Hacking Source: US - CERT 7 !@ #
  • 8. Why – Ethical Hacking Protection from possible External Attacks Social Engineering Automated Attacks Organizational Attacks Restricted Data Accidental Breaches in Security 8 Viruses, Trojan Horses, and Worms Denial of Service (DoS) !@ #
  • 9. Ethical Hacking - Process 1. 2. 3. 4. 5. 9 Preparation Footprinting Enumeration & Fingerprinting Identification of Vulnerabilities Attack – Exploit the Vulnerabilities !@ #
  • 10. Preparation   Identification of Targets – company websites, mail servers, extranets, etc. Signing of Contract        10 Agreement on protection against any legal issues Contracts to clearly specifies the limits and dangers of the test Specifics on Denial of Service Tests, Social Engineering, etc. Time window for Attacks Total time for the testing Prior Knowledge of the systems Key people who are made aware of the testing !@ #
  • 11. Footprinting Collecting as much information about the target  DNS Servers  IP Ranges  Administrative Contacts  Problems revealed by administrators Information Sources  Search engines  Forums  Databases – whois, ripe, arin, apnic  Tools – PING, whois, Traceroute, DIG, nslookup, sam spade 11 !@ #
  • 12. Enumeration & Fingerprinting    Specific targets determined Identification of Services / open ports Operating System Enumeration Methods  Banner grabbing  Responses to various protocol (ICMP &TCP) commands  Port / Service Scans – TCP Connect, TCP SYN, TCP FIN, etc. Tools  Nmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh, telnet, SNMP Scanner 12 !@ #
  • 13. Identification of Vulnerabilities Vulnerabilities       13 Insecure Configuration Weak passwords Unpatched vulnerabilities in services, Operating systems, applications Possible Vulnerabilities in Services, Operating Systems Insecure programming Weak Access Control !@ #
  • 14. Identification of Vulnerabilities Methods  Unpatched / Possible Vulnerabilities – Tools, Vulnerability information Websites  Weak Passwords – Default Passwords, Brute force, Social Engineering, Listening to Traffic  Insecure Programming – SQL Injection, Listening to Traffic  Weak Access Control – Using the Application Logic, SQL Injection 14 !@ #
  • 15. Identification of Vulnerabilities Tools Vulnerability Scanners - Nessus, ISS, SARA, SAINT Listening to Traffic – Ethercap, tcpdump Password Crackers – John the ripper, LC4, Pwdump Intercepting Web Traffic – Achilles, Whisker, Legion Websites  Common Vulnerabilities & Exposures – http://cve.mitre.org  Bugtraq – www.securityfocus.com  Other Vendor Websites 15 !@ #
  • 16. Attack – Exploit the vulnerabilities     Obtain as much information (trophies) from the Target Asset Gaining Normal Access Escalation of privileges Obtaining access to other connected systems Last Ditch Effort – Denial of Service 16 !@ #
  • 17. Attack – Exploit the vulnerabilities Network Infrastructure Attacks  Connecting to the network through modem  Weaknesses in TCP / IP, NetBIOS  Flooding the network to cause DOS Operating System Attacks  Attacking Authentication Systems  Exploiting Protocol Implementations  Exploiting Insecure configuration  Breaking File-System Security 17 !@ #
  • 18. Attack – Exploit the vulnerabilities Application Specific Attacks     18 Exploiting implementations of HTTP, SMTP protocols Gaining access to application Databases SQL Injection Spamming !@ #
  • 19. Attack – Exploit the vulnerabilities Exploits  Free exploits from Hacker Websites  Customised free exploits  Internally Developed Tools – Nessus, Metasploit Framework, 19 !@ #
  • 20. Reporting Methodology  Exploited Conditions & Vulnerabilities that could not be exploited  Proof for Exploits - Trophies  Practical Security solutions  20 !@ #
  • 21. Ethical Hacking - Commandments  Working Ethically     21 Trustworthiness Misuse for personal gain Respecting Privacy Not Crashing the Systems !@ #

Hinweis der Redaktion

  1. Red teaming – used for the first time by US government for testing its systems early 90’s Black & white hat terminology comes from the Hollywood movies where good guys wear white hats and bad guys wear black hats
  2. Other information not available