1. ETHICAL HACKING
A LICENCE TO HACK
BY PRABHAT KUMAR SUMAN
Follow me on facebook.com/prabhatksuman

2.  Ethical hackers are
motivated by different
reasons,but their purpose is
usually the same as that of
crackers: they’re trying to
determine what an intruder
can see on a network or
system and what the hacker
can do with that information
.This process of testing the
security of a system or
network is known as
penetration test or pen test.

4.  White Hat Hackers:
 A White Hat who specializes in penetration testing and in other
testing methodologies to ensure the security of an organization's
information systems.
 Black Hat Hackers:
 A Black Hat is the villain or bad guy, especially in a western movie in
which such a character would stereotypically wear a black hat in
contrast to the hero's white hat.
 Gray Hat Hackers:
 A Grey Hat, in the hacking community, refers to a skilled hacker
whose activities fall somewhere between white and black hat hackers
on a variety of spectra

5.  Hacking - showing computer expertise
 Cracking - breaching security on software or systems
 Phreaking - cracking telecom networks
 Spoofing - faking the originating IP address in a
datagram
 Denial of Service (DoS) - flooding a host with sufficient
network traffic so that it can’t respond anymore
 Port Scanning - searching for vulnerabilities

6.  Gain authorization from the client and have a signed contract
giving the tester permission to perform the test.
 Maintain and follow a nondisclosure agreement(NDA) with the
client in case of confidential information disclosed during the test.
 Maintain confidentiality when performing the test.Information
gathered may contain sensitive information.No information about
the test or company confidential data should ever be disclosed to
a third party
 Perform the test up to but beyond the agreed upon limits. For
example,DoS attacks should only be run as part of the test if they
have previously been agreed upon with the client.Loss of
revenue,goodwill, and worse could befall an organisation whose
server or application are unavailable to customers as a result of
test.

7. Why Do We Need Ethical Hacking
Viruses, Trojan
Horses,
and Worms
Social
Engineering
Automated
Attacks
Accidental
Breaches in
Security Denial of
Service (DoS)
Organizational
Attacks
Restricted
Data
Protection from possible External Attacks

8.  1969 - Unix ‘hacked’ together
 1971 - Cap ‘n Crunch phone exploit discovered
 1988 - Morris Internet worm crashes 6,000 servers
 1994 - $10 million transferred from CitiBank accounts
 1995 - Kevin Mitnick sentenced to 5 years in jail
 2000 - Major websites succumb to DDoS
 2000 - 15,700 credit and debit card numbers stolen fromWestern Union (haked while web
database was undergoing maintenance)
 2001 Code Red
 exploitedbug in MS IIS to penetrate & spread
 probes random IPs for systems running IIS
 had trigger time for denial-of-service attack
 2nd wave infected 360000 servers in 14 hours
 Code Red 2 - had backdoor installed to allow remote control
 Nimda -used multiple infection mechanisms email, shares, web client, IIS
 2002 – SlammerWorm brings web to its knees by attacking MS SQL Server

9.  To make security stronger ( Ethical Hacking )
 Just for fun
 Show off
 Hack other systems secretly
 Notify many people their thought
 Steal important information
 Destroy enemy’s computer network during
the war

10.  Hackers
 Access computer system or network without authorization
 Breaks the law; can go to prison
 Crackers
 Break into systems to steal or destroy data
 U.S. Department of Justice calls both hackers
 Ethical hacker
 Performs most of the same activities but with owner’s permission
Hands-On Ethical Hacking and Network Defense 10

11.  Buffer overflow attack.
 Denial of service(DoS) attacks.
 Distributed Denial of Service(DDoS) attacks
 Misconfigurations
 Abuse of trust
 Brute force attacks
 CGI andWWW services
 Backdoors andTrojans.

12. 1.Preparation
2.Footprinting
3.Enumeration & Fingerprinting
4.Identitification of vulnerabilities
5.Attack :- Exploit the vulnerabilities
6.Gaining access
7.Escalating privilage
8.Covering tracks
9.Creating backdoors

13.  28.02.13The CyberThreat: Planning for theWay Ahead
 Director says network intrusions pose urgent threat to
nation’s security and economy.
 05.02.13Sextortion Cons Like ‘Bieber Ruse’Targeted Minor
Girls
 Tricks like an Alabama man’s claim to be Justin Bieber
target minors on social websites.

14.  Reconnaissance
 Scanning
 Gaining access
 MaintaingAccess
 Covering tracks

15.  Reconnaissance refers to the preparatory
phase where an attacker gathers as much
information as possible about the target
prior to launching the attack. Also in this
phase, the attacker draws on competitive
intelligence to learn more about the
target. This phase may also involve
network scanning,either external or
internal, without authorization

16.  Scanning is the method an attacker performs
prior to attacking the network. In scanning,
the attacker uses the details gathered during
reconnaissance to identify specific
vulnerabilities. Scanning can be considered a
logical extension (and overlap) of the active
reconnaissance. Often attackers use
automated tools such as network/host
scanners, and war dialers to locate systems
and attempt to discover vulnerabilities.

18.  Gaining access is the most important phase of
an attack in terms of potential damage.
Attackers need not always gain access to the
system to cause damage. For instance, denial-
of-service attacks can either exhaust resources
or stop services from running on the target
system. Stopping of service can be carried out by
killing processes, using a logic/time bomb, or
even reconfiguring and crashing the system.
Resources can be exhausted locally by filling up
outgoing communication links.

20.  Once an attacker gains access to the target
system, the attacker can choose to use both the
system and its resources, and further use the
system as a launch pad to scan and exploit other
systems, or to keep a low profile and continue
exploiting the system. Both these actions can
damage the organization. For instance, the
attacker can implement a sniffer to capture all
network traffic, including telnet and ftp sessions
with other systems.

22.  An attacker would like to destroy evidence of his/her presence and
activities for various reasons such as maintaining access and
evading punitive action. Erasing evidence of a compromise is a
requirement for any attacker who would like to remain obscure.
This is one of the best methods to evade trace back.This usually
starts with erasing the contaminated logins and any possible error
messages that may have been generated from the attack
process, e.g., a buffer overflow attack will usually leave a message
in the systemlogs. Next, the attention is turned to effecting
changes so that future logins are not logged. By manipulating and
tweaking the event logs, the system administrator can be
convinced that the output of his/her system is correct, and that no
intrusion or compromise has actually taken place

24.  To protect cyber crime
 To protect secret information of any country’s
secret information
 If you know how to rob somebody …..then
atleast you know how to protect your self.

25.  Never use computer of untrusted
person/Cyber Cafe for E-BANKING!!!
 Be careful in using PUBLICWI-FI
 Facebook can be FUN but if possible avoid
using FACEBOOK Apps
 Keep changing your PASSWORDS once in a
while !!!
 Be careful in usingTorrents
 Never leave your PC unattended

26.  Ethical hacking is more than running hacking tools
and gaining unauthorized access to system just to see
what is accessible.When performed by a security
professional, ethical hacking encompasses all aspects
of reconnsissance and information gathering ,a
structured approach, and post attack analysis. Ethical
hacker require in-depth knowledge of systems and
tools as well as a great deal of patience and restraint
to ensure no damage is done to the target systems.
Hacking can be performed ethically and in fact is
being mandated by government and the private
sector to ensure systems security.