This document discusses ethical hacking and provides an overview of the topic. It defines ethical hacking as illegally accessing a computer system, but doing so for legitimate purposes such as testing security vulnerabilities. The summary outlines the 8 step process of ethical hacking: preparation, footprinting, scanning, enumeration, vulnerability identification, attack/exploitation, clearing tracks, and reporting. It also notes some of the advantages of ethical hacking like preventing security breaches and closing network holes, as well as the skills needed to become an ethical hacker like coding ability and network/security knowledge.
2. K.J.Institute of Engg. & Tech.
for
Seminar Presentation on
Ethical Hacking
“A Licence to Hack”
3.
4. High-lights
Concept of hacking
Hacker and its types
What is ethical hacking???
Need of ethical hacking…..
Ethical hacker- not a criminal hacker
Ethical hacking process
Pros and cons of ethical hacking
Safe your career by becoming an
ethical hacker
6. What is Hacking?
Hacking is the art of finding solutions to
real life problems.
The word “HACK” is not directly related to
computers.
BUT
Technically, hacking as a computer related
term means that breaking or entering into
another computer system
ILLEGALLY.....which is done by
HACKER…….
7. IS HACKING GOOD OR BAD?
Answer is
YES & NO
also………
Depending
on the
INTENTION
of the
hacker
behind
doing
this…!!!!!
8. Definition of HACKER….
Old concept New concept
Traditionally,
A hacker is someone
who likes to play with
software or electronic
systems…
Recently,
Hacker has taken on a
new meaning- someone
who maliciously breaks
into systems for personal
gain…
These criminals are
known as crackers…
Hackers do not do anything disastrous
Hacking with malicious intention is cracking. Cracking is
CRIME…….
Cyber Crimes are the result of cracking, NOT OF hacking!!!
9. Types of Hackers…
(depending on their intention)
Good
“Ethical Hackers…..”
Bad
“Crackers…”
10. Ethical Hacking
Ethical = Good Purpose
Hacking = Breaking or Entering into a
remote computer illegally
Therefore……….
Ethical hacking is actually breaking
into another computer system illegally
but for good reason.
11. Why ethical hacking is
required?
Ethical hacking is extremely important things
in this Era of Computers & Robotics, One
must know what is hacking, how to prevent or
overcome it if one is victim.
Ethical Hacking plays a key role in
I. Providing security to the important people or
places
II. Protecting yourself from becoming a victim
of hacking
III. Providing security to the common people
who are not so aware of this…like
banks,offices etc.
IV. To decrease Cyber Attacks.
12. Ethical Hacker
Performs
most of the
same
activities
Of Hackers
but with
owner’s
permission.
Employed
by
companies to
perform
13. Ethical Hackers but not
Criminal Hackers
Working ethically,
Trustworthiness
No misuse of personal information
Learn about the system & trying to find
its weaknesses, report back to
owner…
Not Crashing the system.
Respect Privacy..
14. Process of Ethical Hacking
I. Preparation
II. Foot-printing
III. Scanning
IV. Enumeration
V. Identification of vulnerabilities
VI. Attack- exploit the vulnerabilities
VII. Clearing tracks
VIII.reporting
15. 1. Preparation
Identification of target- company
websites, mail servers etc..
Signing of Contract-
Agreement on protection against any
legal issues.
Total time for the testing.
Contracts to clearly specifies the limits
and dangers of test.
Key people who are made aware of
testing..
16. 2.Foot-printing
Used to evaluate the security of IT
infrastructure.
The process of creating map of targeted
organization’s network and systems.
Foot-printing means, gather the maximum
information about the computer system or
network.
This may include:
Accessible hosts
Open ports
Location of routers
Os details
17. 3.Scanning
Scanning is the process of locating
systems that are alive and responding on
the network.
That means, it is used to determine
whether a system is on the network and
available..?
Here ,some scanning tools are used to
gather information about a system like IP
address, OS and services running on the
target computer.
Once the IP address of target system is
identified, easily can gain access on it…
18. 4.Enumeration
Enumeration is the ability of hacker to
convince some servers to give them
information that is vital to make an
attack.
The main objective of it is , to find less
protected system resources, what
valid user account and user groups
are there in the network, what
application will be there etc…
19. 5.Identification of
vulnerabilities
Insecure configuration
Weak passwords
Possible vulnerabilities
Insecure programming
Weak access control
20. 6.Attack-Exploit the
Vulnerabilities
By exploiting the vulnerabilities..
One can
Gain access on system
Do Escalation of privileges
Maintain access for Obtaining access
to other connected system
21. Gaining access
This is the stage where real hacking
takes place.
By exploiting all the vulnerabilities at
Scanning stage, hacker can gain access
on target system.
This hacking attack done with the help of
specialized tools, OS …
It is also known as owning the system as
once a system has been hacked ,the
hacker has control and can use the
system as they wish.
22. Maintaining access
Once a hacker has gained access to a
target system , they want to keep that
for future attacks.
To secure their exclusive access,
hackers make use of Backdoors, Root
kits, Trojans..
By maintaining access on main target
system, hackers can attack on other
devices connected on network with
the system.
23. Escalating Privileges
How hacker maintain access on
targeted system??
The answer is Escalating Privileges..
In this, hackers execute some special
application or program to install
backdoors, root kits which helps them
to gain access easily on the system
again and again in future.
24. 7.Clearing tracks
Once hackers have been able to gain
and maintain access, they clear their
tracks – try to remove all tracks of
attack
But why????
to avoid detection by security
personnel
To continue to use the owned system
once again easily
To remove evidence of hacking to
25. 8.Reporting
Methodology
Exploited condition and vulnerabilities
that should not be exploited
Proof of exploits
Practical security solutions
26. Advantages of ethical
hacking
Fighting against terrorism and national
security breaches
To take preventive action against
hackers
To build a system that helps to prevent
penetration by hacker
Provides security to banking and
financial establishments
Help in closing the open holes in the
network
27. Disadvantages of Ethical
Hacking
All depend upon the trustworthiness of
the ethical hacker
Hiring professionals is expensive.
28. Career in ethical
hacking
In the past few years the demand of
ethical hackers is increased in the
industry.
Of course it is a highly paid job.
You can
become a
“CERTIFIE
D
ETHICAL
29. Required skills
Good coder
Well knowledgeable person, in hardware
and in software also.
Like…….
o Routers
o Linux
o Firewalls
o Network protocols
o Microsoft
Should have knowledge on security
system
30. Conclusion
“ To catch a thief , think like a thief
Similarly………
To catch a hacker , think like a
hacker”
Ethical hacking is the process of
hacking the hacker..
31. Hacking is not a CRIME,
BUT
It is just made CRIME by some
FOOLISH PEOPLE!!!!!
32. References
http://www.scribd.com (9-21-2014)
http://www.seminarOnly/ehical
hacking.com(9-21-2014)
http://wikipedia/seminartopics/ethical
hacking.org(9-22-2014)
pdf – Learn about basics of ethical
hacking