SlideShare ist ein Scribd-Unternehmen logo

Hackers

Als PPT, PDF herunterladen
Mohamed Boudchiche
Mohamed Boudchiche
1 von 25
Hackers, Crackers, and Network Intruders CS-480b Dick Steflik
Agenda • Hackers and their vocabulary • Threats and risks • Types of hackers • Gaining access • Intrusion detection and prevention • Legal and ethical issues
Hacker Terms • Hacking - showing computer expertise • Cracking - breaching security on software or systems • Phreaking - cracking telecom networks • Spoofing - faking the originating IP address in a datagram • Denial of Service (DoS) - flooding a host with sufficient network traffic so that it can’t respond anymore • Port Scanning - searching for vulnerabilities
Hacking through the ages • 1969 - Unix ‘hacked’ together • 1971 - Cap ‘n Crunch phone exploit discovered • 1988 - Morris Internet worm crashes 6,000 servers • 1994 - $10 million transferred from CitiBank accounts • 1995 - Kevin Mitnick sentenced to 5 years in jail • 2000 - Major websites succumb to DDoS • 2000 - 15,700 credit and debit card numbers stolen from Western Union (hacked while web database was undergoing maintenance) • 2001 Code Red – exploited bug in MS IIS to penetrate & spread – probes random IPs for systems running IIS – had trigger time for denial-of-service attack – 2nd wave infected 360000 servers in 14 hours • Code Red 2 - had backdoor installed to allow remote control • Nimda -used multiple infection mechanisms email, shares, web client , IIS • 2002 – Slammer Worm brings web to its knees by attacking MS SQL Server
The threats • Denial of Service (Yahoo, eBay, CNN, MS) • Defacing, Graffiti, Slander, Reputation • Loss of data (destruction, theft) • Divulging private information (AirMiles, corporate espionage, personal financial) • Loss of financial assets (CitiBank)
CIA.gov defacement example
Web site defacement example
Types of hackers • Professional hackers – Black Hats – the Bad Guys – White Hats – Professional Security Experts • Script kiddies – Mostly kids/students • User tools created by black hats, – To get free stuff – Impress their peers – Not get caught • Underemployed Adult Hackers – Former Script Kiddies • Can’t get employment in the field • Want recognition in hacker community • Big in eastern european countries • Ideological Hackers – hack as a mechanism to promote some political or ideological purpose – Usually coincide with political events
Types of Hackers • Criminal Hackers – Real criminals, are in it for whatever they can get no matter who it hurts • Corporate Spies – Are relatively rare • Disgruntled Employees – Most dangerous to an enterprise as they are “insiders” – Since many companies subcontract their network services a disgruntled vendor could be very dangerous to the host enterprise
Top intrusion justifications • I’m doing you a favor pointing out your vulnerabilities • I’m making a political statement • Because I can • Because I’m paid to do it
Gaining access • Front door – Password guessing – Password/key stealing • Back doors – Often left by original developers as debug and/or diagnostic tools – Forgot to remove before release • Trojan Horses – Usually hidden inside of software that we download and install from the net (remember nothing is free) – Many install backdoors • Software vulnerability exploitation – Often advertised on the OEMs web site along with security patches – Fertile ground for script kiddies looking for something to do
Back doors & Trojans • e.g. Whack-a-mole / NetBus • Cable modems / DSL very vulnerable • Protect with Virus Scanners, Port Scanners, Personal Firewalls
Software vulnerability exploitation • Buffer overruns • HTML / CGI scripts • Poor design of web applications – Javascript hacks – PHP/ASP/ColdFusion URL hacks • Other holes / bugs in software and services • Tools and scripts used to scan ports for vulnerabilities
Password guessing • Default or null passwords • Password same as user name (use finger) • Password files, trusted servers • Brute force – make sure login attempts audited!
Password/key theft • Dumpster diving – Its amazing what people throw in the trash • Personal information • Passwords • Good doughnuts – Many enterprises now shred all white paper trash • Inside jobs – Disgruntled employees – Terminated employees (about 50% of intrusions resulting in significant loss)
Once inside, the hacker can... • Modify logs – To cover their tracks – To mess with you • Steal files – Sometimes destroy after stealing – A pro would steal and cover their tracks so to be undetected • Modify files – To let you know they were there – To cause mischief • Install back doors – So they can get in again • Attack other systems
Intrusion detection systems (IDS) • A lot of research going on at universities – Doug Somerville- EE Dept, Viktor Skorman – EE Dept • Big money available due to 9/11 and Dept of Homeland Security • Vulnerability scanners – pro-actively identifies risks – User use pattern matching • When pattern deviates from norm should be investigated • Network-based IDS – examine packets for suspicious activity – can integrate with firewall – require one dedicated IDS server per segment
Intrusion detection systems (IDS) • Host-based IDS – monitors logs, events, files, and packets sent to the host – installed on each host on network • Honeypot – decoy server – collects evidence and alerts admin
Intrusion prevention • Patches and upgrades (hardening) • Disabling unnecessary software • Firewalls and Intrusion Detection Systems • ‘Honeypots’ • Recognizing and reacting to port scanning
Risk management Contain & Control Prevent Probability (e.g. port scan) (e.g. firewalls, IDS, patches) Ignore Backup Plan (e.g. delude yourself) (e.g. redundancies) Impact
Legal and ethical questions • ‘Ethical’ hacking? • How to react to mischief or nuisances? • Is scanning for vulnerabilities legal? – Some hackers are trying to use this as a business model • Here are your vulnerabilities, let us help you • Can private property laws be applied on the Internet?
Port scanner example
Computer Crimes • Financial Fraud • Credit Card Theft • Identity Theft • Computer specific crimes – Denial-of-service – Denial of access to information – Viruses Melissa virus cost New Jersey man 20 months in jail • Melissa caused in excess of $80 Million • Intellectual Property Offenses – Information theft – Trafficking in pirated information – Storing pirated information – Compromising information – Destroying information • Content related Offenses – Hate crimes – Harrassment – Cyber-stalking • Child privacy
Federal Statutes • Computer Fraud and Abuse Act of 1984 – Makes it a crime to knowingly access a federal computer • Electronic Communications Privacy Act of 1986 – Updated the Federal Wiretap Act act to include electronically stored data • U.S. Communications Assistance for Law Enforcement Act of 1996 – Ammended the Electronic Communications Act to require all communications carriers to make wiretaps possible • Economic and Protection of Proprietary Information Act of 1996 – Extends definition of privacy to include proprietary economic information , theft would constitute corporate or industrial espionage • Health Insurance Portability and Accountability Act of 1996 – Standards for the electronic transmission of healthcare information • National Information Infrastructure Protection Act of 1996 – Amends Computer Fraud and Abuse Act to provide more protection to computerized information and systems used in foreign and interstate commerce or communications • The Graham-Lynch-Bliley Act of 1999 – Limits instances of when financial institution can disclose nonpublic information of a customer to a third party
Legal Recourse • Average armed robber will get $2500-$7500 and risk being shot or killed; 50-60% will get caught , convicted and spent an average of 5 years of hard time • Average computer criminal will net $50K-$500K with a risk of being fired or going to jail; only 10% are caught, of those only 15% will be turned in to authorities; less than 50% of them will do jail time • Prosecution – Many institutions fail to prosecute for fear of advertising • Many banks absorb the losses fearing that they would lose more if their customers found out and took their business elsewhere – Fix the vulnerability and continue on with business as usual

Empfohlen

How to become Hackers .
How to become Hackers .How to become Hackers .
How to become Hackers .Greater Noida Institute Of Technology
 
Hackers Cracker Network Intruder
Hackers Cracker Network IntruderHackers Cracker Network Intruder
Hackers Cracker Network IntruderErdo Deshiant Garnaby
 
Protecting Client Data 11.09.11
Protecting Client Data 11.09.11Protecting Client Data 11.09.11
Protecting Client Data 11.09.11pdewitte
 
Recommending information security measures
Recommending information security measuresRecommending information security measures
Recommending information security measuresManish Singh
 
Cyberterrorism
CyberterrorismCyberterrorism
CyberterrorismVarshil Patel
 
Building a cybercrime case
Building a cybercrime caseBuilding a cybercrime case
Building a cybercrime caseOnline
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeMurray Security Services
 
Web Application Security Session for Web Developers
Web Application Security Session for Web DevelopersWeb Application Security Session for Web Developers
Web Application Security Session for Web DevelopersKrishna Srikanth Manda
 

Empfohlen

How to become Hackers .
How to become Hackers .How to become Hackers .
How to become Hackers .Greater Noida Institute Of Technology
 
Hackers Cracker Network Intruder
Hackers Cracker Network IntruderHackers Cracker Network Intruder
Hackers Cracker Network IntruderErdo Deshiant Garnaby
 
Protecting Client Data 11.09.11
Protecting Client Data 11.09.11Protecting Client Data 11.09.11
Protecting Client Data 11.09.11pdewitte
 
Recommending information security measures
Recommending information security measuresRecommending information security measures
Recommending information security measuresManish Singh
 
Cyberterrorism
CyberterrorismCyberterrorism
CyberterrorismVarshil Patel
 
Building a cybercrime case
Building a cybercrime caseBuilding a cybercrime case
Building a cybercrime caseOnline
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeMurray Security Services
 
Web Application Security Session for Web Developers
Web Application Security Session for Web DevelopersWeb Application Security Session for Web Developers
Web Application Security Session for Web DevelopersKrishna Srikanth Manda
 
Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 
General Aware Ness On Cyber Security & Ethical
General Aware Ness On Cyber Security & EthicalGeneral Aware Ness On Cyber Security & Ethical
General Aware Ness On Cyber Security & Ethicaldiwakar sharma
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examinerNeeraj Aarora
 
Trends in electronic crimes and its impact on businesses like yours
Trends in electronic crimes and its impact on businesses like yoursTrends in electronic crimes and its impact on businesses like yours
Trends in electronic crimes and its impact on businesses like yoursMotherGuardians
 
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Anpumathews
 
Hacking
Hacking Hacking
Hacking thajmohammed
 
All about Hacking
All about HackingAll about Hacking
All about HackingMadhusudhan G
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer CrimesRaffa Learning Community
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterJose L. Quiñones-Borrero
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security Wee Tang
 
Hacking
Hacking Hacking
Hacking Farkhanda Kiran
 
Computer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideComputer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideAntonio Sanz Alcober
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensicSANTANU KUMAR DAS
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Basic security concepts_chapter_1
Basic security concepts_chapter_1Basic security concepts_chapter_1
Basic security concepts_chapter_1abdifatah said
 
Intro to information security
Intro to information securityIntro to information security
Intro to information securityViraj Ekanayake
 
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...yaminohime
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hackingsilambarasansam
 
Carré Magique Cpp
Carré Magique CppCarré Magique Cpp
Carré Magique CppMohamed Boudchiche
 
DNS
DNSDNS
DNSMohamed Boudchiche
 

Weitere ähnliche Inhalte

Was ist angesagt?

Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics Avinash Mavuru
 
General Aware Ness On Cyber Security & Ethical
General Aware Ness On Cyber Security & EthicalGeneral Aware Ness On Cyber Security & Ethical
General Aware Ness On Cyber Security & Ethicaldiwakar sharma
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examinerNeeraj Aarora
 
Trends in electronic crimes and its impact on businesses like yours
Trends in electronic crimes and its impact on businesses like yoursTrends in electronic crimes and its impact on businesses like yours
Trends in electronic crimes and its impact on businesses like yoursMotherGuardians
 
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Anpumathews
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer CrimesRaffa Learning Community
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterJose L. Quiñones-Borrero
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security Wee Tang
 
Computer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideComputer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideAntonio Sanz Alcober
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Basic security concepts_chapter_1
Basic security concepts_chapter_1Basic security concepts_chapter_1
Basic security concepts_chapter_1abdifatah said
 
Intro to information security
Intro to information securityIntro to information security
Intro to information securityViraj Ekanayake
 
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...yaminohime
 

Was ist angesagt? (20)

Computer crimes and forensics
Computer crimes and forensics Computer crimes and forensics
Computer crimes and forensics
 
General Aware Ness On Cyber Security & Ethical
General Aware Ness On Cyber Security & EthicalGeneral Aware Ness On Cyber Security & Ethical
General Aware Ness On Cyber Security & Ethical
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examiner
 
Trends in electronic crimes and its impact on businesses like yours
Trends in electronic crimes and its impact on businesses like yoursTrends in electronic crimes and its impact on businesses like yours
Trends in electronic crimes and its impact on businesses like yours
 
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1
 
Hacking
Hacking Hacking
Hacking
 
All about Hacking
All about HackingAll about Hacking
All about Hacking
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR Chapter
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security
 
Hacking
Hacking Hacking
Hacking
 
Computer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hideComputer Forensics: You can run but you can't hide
Computer Forensics: You can run but you can't hide
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics
 
Cyber crime and forensic
Cyber crime and forensicCyber crime and forensic
Cyber crime and forensic
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic tools
 
Basic security concepts_chapter_1
Basic security concepts_chapter_1Basic security concepts_chapter_1
Basic security concepts_chapter_1
 
Intro to information security
Intro to information securityIntro to information security
Intro to information security
 
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9 - Network...
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Andere mochten auch

Parallel computing on internet
Parallel computing on internetParallel computing on internet
Parallel computing on internetMohamed Boudchiche
 
part of speech tagger for ARABIC TEXT
part of speech tagger for ARABIC TEXTpart of speech tagger for ARABIC TEXT
part of speech tagger for ARABIC TEXTarteimi
 
présentation soutenance PFE.ppt
présentation soutenance PFE.pptprésentation soutenance PFE.ppt
présentation soutenance PFE.pptMohamed Ben Bouzid
 

Andere mochten auch (8)

Carré Magique Cpp
Carré Magique CppCarré Magique Cpp
Carré Magique Cpp
 
DNS
DNSDNS
DNS
 
Parallel computing on internet
Parallel computing on internetParallel computing on internet
Parallel computing on internet
 
part of speech tagger for ARABIC TEXT
part of speech tagger for ARABIC TEXTpart of speech tagger for ARABIC TEXT
part of speech tagger for ARABIC TEXT
 
Introduction à MATLAB
Introduction à MATLABIntroduction à MATLAB
Introduction à MATLAB
 
Développement Sous Android
Développement Sous AndroidDéveloppement Sous Android
Développement Sous Android
 
Cours rn 2006
Cours rn 2006Cours rn 2006
Cours rn 2006
 
présentation soutenance PFE.ppt
présentation soutenance PFE.pptprésentation soutenance PFE.ppt
présentation soutenance PFE.ppt
 

Ähnlich wie Hackers

Introduction to hackers
Introduction to hackersIntroduction to hackers
Introduction to hackersHarsh Sharma
 
9. Computer Ethics.ppt
9. Computer Ethics.ppt9. Computer Ethics.ppt
9. Computer Ethics.pptasm071149
 
MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.pptEndAlk15
 
Understanding the need for security measures
Understanding the need for security measuresUnderstanding the need for security measures
Understanding the need for security measuresjoy grace bagui
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
 
Track 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotTrack 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotST_World
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer CrimesRaffa Learning Community
 

Ähnlich wie Hackers (20)

Introduction to hackers
Introduction to hackersIntroduction to hackers
Introduction to hackers
 
9. Computer Ethics.ppt
9. Computer Ethics.ppt9. Computer Ethics.ppt
9. Computer Ethics.ppt
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Web security
Web securityWeb security
Web security
 
Hackers
HackersHackers
Hackers
 
Hackers
HackersHackers
Hackers
 
Hackers
HackersHackers
Hackers
 
9 - Security
9 - Security9 - Security
9 - Security
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
 
MIS part 4_CH 11.ppt
MIS part 4_CH 11.pptMIS part 4_CH 11.ppt
MIS part 4_CH 11.ppt
 
Understanding the need for security measures
Understanding the need for security measuresUnderstanding the need for security measures
Understanding the need for security measures
 
Chap11
Chap11Chap11
Chap11
 
Security and privacy
Security and privacySecurity and privacy
Security and privacy
 
Chap11
Chap11Chap11
Chap11
 
Threats
ThreatsThreats
Threats
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
 
Track 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotTrack 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iot
 
Chapter5.ppt
Chapter5.pptChapter5.ppt
Chapter5.ppt
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 

Hackers

  • 1. Hackers, Crackers, and Network Intruders CS-480b Dick Steflik
  • 2. Agenda • Hackers and their vocabulary • Threats and risks • Types of hackers • Gaining access • Intrusion detection and prevention • Legal and ethical issues
  • 3. Hacker Terms • Hacking - showing computer expertise • Cracking - breaching security on software or systems • Phreaking - cracking telecom networks • Spoofing - faking the originating IP address in a datagram • Denial of Service (DoS) - flooding a host with sufficient network traffic so that it can’t respond anymore • Port Scanning - searching for vulnerabilities
  • 4. Hacking through the ages • 1969 - Unix ‘hacked’ together • 1971 - Cap ‘n Crunch phone exploit discovered • 1988 - Morris Internet worm crashes 6,000 servers • 1994 - $10 million transferred from CitiBank accounts • 1995 - Kevin Mitnick sentenced to 5 years in jail • 2000 - Major websites succumb to DDoS • 2000 - 15,700 credit and debit card numbers stolen from Western Union (hacked while web database was undergoing maintenance) • 2001 Code Red – exploited bug in MS IIS to penetrate & spread – probes random IPs for systems running IIS – had trigger time for denial-of-service attack – 2nd wave infected 360000 servers in 14 hours • Code Red 2 - had backdoor installed to allow remote control • Nimda -used multiple infection mechanisms email, shares, web client , IIS • 2002 – Slammer Worm brings web to its knees by attacking MS SQL Server
  • 5. The threats • Denial of Service (Yahoo, eBay, CNN, MS) • Defacing, Graffiti, Slander, Reputation • Loss of data (destruction, theft) • Divulging private information (AirMiles, corporate espionage, personal financial) • Loss of financial assets (CitiBank)
  • 8. Types of hackers • Professional hackers – Black Hats – the Bad Guys – White Hats – Professional Security Experts • Script kiddies – Mostly kids/students • User tools created by black hats, – To get free stuff – Impress their peers – Not get caught • Underemployed Adult Hackers – Former Script Kiddies • Can’t get employment in the field • Want recognition in hacker community • Big in eastern european countries • Ideological Hackers – hack as a mechanism to promote some political or ideological purpose – Usually coincide with political events
  • 9. Types of Hackers • Criminal Hackers – Real criminals, are in it for whatever they can get no matter who it hurts • Corporate Spies – Are relatively rare • Disgruntled Employees – Most dangerous to an enterprise as they are “insiders” – Since many companies subcontract their network services a disgruntled vendor could be very dangerous to the host enterprise
  • 10. Top intrusion justifications • I’m doing you a favor pointing out your vulnerabilities • I’m making a political statement • Because I can • Because I’m paid to do it
  • 11. Gaining access • Front door – Password guessing – Password/key stealing • Back doors – Often left by original developers as debug and/or diagnostic tools – Forgot to remove before release • Trojan Horses – Usually hidden inside of software that we download and install from the net (remember nothing is free) – Many install backdoors • Software vulnerability exploitation – Often advertised on the OEMs web site along with security patches – Fertile ground for script kiddies looking for something to do
  • 12. Back doors & Trojans • e.g. Whack-a-mole / NetBus • Cable modems / DSL very vulnerable • Protect with Virus Scanners, Port Scanners, Personal Firewalls
  • 13. Software vulnerability exploitation • Buffer overruns • HTML / CGI scripts • Poor design of web applications – Javascript hacks – PHP/ASP/ColdFusion URL hacks • Other holes / bugs in software and services • Tools and scripts used to scan ports for vulnerabilities
  • 14. Password guessing • Default or null passwords • Password same as user name (use finger) • Password files, trusted servers • Brute force – make sure login attempts audited!
  • 15. Password/key theft • Dumpster diving – Its amazing what people throw in the trash • Personal information • Passwords • Good doughnuts – Many enterprises now shred all white paper trash • Inside jobs – Disgruntled employees – Terminated employees (about 50% of intrusions resulting in significant loss)
  • 16. Once inside, the hacker can... • Modify logs – To cover their tracks – To mess with you • Steal files – Sometimes destroy after stealing – A pro would steal and cover their tracks so to be undetected • Modify files – To let you know they were there – To cause mischief • Install back doors – So they can get in again • Attack other systems
  • 17. Intrusion detection systems (IDS) • A lot of research going on at universities – Doug Somerville- EE Dept, Viktor Skorman – EE Dept • Big money available due to 9/11 and Dept of Homeland Security • Vulnerability scanners – pro-actively identifies risks – User use pattern matching • When pattern deviates from norm should be investigated • Network-based IDS – examine packets for suspicious activity – can integrate with firewall – require one dedicated IDS server per segment
  • 18. Intrusion detection systems (IDS) • Host-based IDS – monitors logs, events, files, and packets sent to the host – installed on each host on network • Honeypot – decoy server – collects evidence and alerts admin
  • 19. Intrusion prevention • Patches and upgrades (hardening) • Disabling unnecessary software • Firewalls and Intrusion Detection Systems • ‘Honeypots’ • Recognizing and reacting to port scanning
  • 20. Risk management Contain & Control Prevent Probability (e.g. port scan) (e.g. firewalls, IDS, patches) Ignore Backup Plan (e.g. delude yourself) (e.g. redundancies) Impact
  • 21. Legal and ethical questions • ‘Ethical’ hacking? • How to react to mischief or nuisances? • Is scanning for vulnerabilities legal? – Some hackers are trying to use this as a business model • Here are your vulnerabilities, let us help you • Can private property laws be applied on the Internet?
  • 23. Computer Crimes • Financial Fraud • Credit Card Theft • Identity Theft • Computer specific crimes – Denial-of-service – Denial of access to information – Viruses Melissa virus cost New Jersey man 20 months in jail • Melissa caused in excess of $80 Million • Intellectual Property Offenses – Information theft – Trafficking in pirated information – Storing pirated information – Compromising information – Destroying information • Content related Offenses – Hate crimes – Harrassment – Cyber-stalking • Child privacy
  • 24. Federal Statutes • Computer Fraud and Abuse Act of 1984 – Makes it a crime to knowingly access a federal computer • Electronic Communications Privacy Act of 1986 – Updated the Federal Wiretap Act act to include electronically stored data • U.S. Communications Assistance for Law Enforcement Act of 1996 – Ammended the Electronic Communications Act to require all communications carriers to make wiretaps possible • Economic and Protection of Proprietary Information Act of 1996 – Extends definition of privacy to include proprietary economic information , theft would constitute corporate or industrial espionage • Health Insurance Portability and Accountability Act of 1996 – Standards for the electronic transmission of healthcare information • National Information Infrastructure Protection Act of 1996 – Amends Computer Fraud and Abuse Act to provide more protection to computerized information and systems used in foreign and interstate commerce or communications • The Graham-Lynch-Bliley Act of 1999 – Limits instances of when financial institution can disclose nonpublic information of a customer to a third party
  • 25. Legal Recourse • Average armed robber will get $2500-$7500 and risk being shot or killed; 50-60% will get caught , convicted and spent an average of 5 years of hard time • Average computer criminal will net $50K-$500K with a risk of being fired or going to jail; only 10% are caught, of those only 15% will be turned in to authorities; less than 50% of them will do jail time • Prosecution – Many institutions fail to prosecute for fear of advertising • Many banks absorb the losses fearing that they would lose more if their customers found out and took their business elsewhere – Fix the vulnerability and continue on with business as usual