1. AMITY SCHOOL OF ENGINEERING AND
TECHNOLOGY
Gwalior, Madhya Pradesh
Term Paper
On
ETHICAL HACKING
Submitted To:- Submitted By:-
Mrs.Samta Jain Goyal Sanu Subham
Head, Dept. of IT B.C.A
AUMP, Gwalior Sem-III
2. INDEX
S.N. TOPIC SIGN. REMARKS
1. Abstract
2. Keywords
3. Introduction
4. Categories of hackers
5. Penetration Testing
6. Working of an ethical hacker
7. Ethical hacking methodology
8. Ethical hacking process
9. Hacking tools
10. CEH
11. Ethical hacking: Future impulse
12. Conclusion
13. References
3. ABSTRACT
We live in security era, where we are securing all our belongings beneath different modes of
lock however it’s different within the case of system security. We are carelessly leaving our
datas and softwares unlocked. The state of security on the web is dangerous and obtaining
worse. One reaction to the present state of affairs is termed as Ethical Hacking that attempts
to extend security protection by distinguishing and fix identified security vulnerabilities on
systems owned by different parties. As public and personal organizations migrate additional
of their critical functions to the web, criminals have additional chance and incentive to
achieve access to sensitive info through the online application.
So, ethical hacking is an assessment to check and test a information technology environment
for possible weak links and vulnerabilities. Ethical hacking describes the way of hacking a
network in an ethical method, thus with good intentions. This paper describes what ethical
hacking is, what it will do, an ethical hacking methodology also as some tools which might
be used for an ethical hack.
5. INTRODUCTION
The immense growth of internet has brought several treats like electronic commerce, email,
easy accessibility to large stores of reference material etc. One among the more practical
ways in which of testing network security is penetration testing or ethical hacking. Activities
concentrate on the identification and exploitation of security vulnerabilities, and consequent
implementation of corrective measures (Using an Ethical Hacking Technique). Organizations
are more and more evaluating the success or failure of their current security measures through
then use of ethical hacking processes. As, with most technological advances, there's
additionally different side: criminal hackers who can secretly steal the organization’s data and
transmit it to the open internet. These varieties of hackers are known as black hat hackers.
So, to beat from these major problems, another type of hackers came into existence and these
hackers are termed as ethical hackers or white hat hackers. So, this paper describes ethical
hackers, their skills and the way they're going concerning serving to their customers. Ethical
hackers perform the hacks as security tests for his or her systems. This kind of hacking is
often legal and trustworthy. In different terms ethical hacking is the testing of resources for
the betterment of technology and is focused on securing and protective IP systems. Ethical
hacking is a method of doing a security assessment. Like all different assessments an ethical
hack may be a random sample and spending an ethical hack doesn’t mean there are not any
security problems.
What is Ethical Hacking?
Ethical hacking provides some way to see the protection of an information technology
environment – a minimum of from a technical purpose of view. As the name ethical hacking
already tells, the concept has one thing to do with hacking. However what do “hacking”
mean? “The word hacking has two definitions. The primary definition refers to the
hobby/profession of operating with computers. The second definition refers to breaking into
Pc systems. Whereas the primary definition is older and continues to be utilized by several Pc
enthusiasts (who discuss with cyber-criminals as "crackers"), the second definition is far
more commonly used.” Within the context of “ethical hacking”, hacking refers to the second
definition – breaking into pc systems. It is assumed that hacking is illegitimate, as breaking
into a house would be. At this time, “ethical” comes into play. Ethical contains a positive bit
and describes anything noble that leads us to the subsequent definition of ethical hacking:
ethical hacking describes the method of offensive and penetrating Pc systems and networks to
find and indicate potential security weaknesses for a consumer that is liable for the attacked
information technology environment. An ethical hack’s results may be a elaborate report of
the findings in addition as an affidavit that a hacker with sure amount of your time and skills
is or isn’t able to successfully attack a system or get access to certain data. Ethical hacking
are often categorised as a security assessment, a form of training, a check for the security of
an information technology environment. An ethical hack shows the risks an information
technology environment is facing and actions are often taken to cut back certain risks or to
6. just accept them. We will simply say that ethical hacking will absolutely match into the
security life cycle shown with the below figure.
Fig. 1 Security life cycle
An ethical hacker is thus a “good” hacker, someone who uses the methods and tools of the
blackhat community to check the security of networks and servers. The goal of an ethical
hack is neither to try and do harm nor to transfer any valuable data – it’s more a service for a
consumer to check his environment on however it would stand up to a hacker attack. The
ultimate output from an ethical hack is usually a detailed report concerning the detected
issues and vulnerabilities. Sometimes, the report will even have directions on the way to
remove certain vulnerabilities.
7. CATEGORIES OF HACKERS
White Hats
Ethical hacker is referred to as White hat hacker, or white hat, they use programming skills to
see the vulnerabilities in computer systems. The term "white hat" refers to an ethical
computer hacker, or a computer security skilled, who focuses on penetration testing and in
different testing methodologies to make sure the security of an organization's information
systems.
Black Hats
Non-ethical hacker or black hat exploits these vulnerabilities for personal gain or different
functions. Ethical hacker ruminate the weakness in computer security, points them out and
will recommend changes to system to secure the information. Black hat hackers are also
named as "crackers" among the security industry and by modern programmers.
Grey Hats
The term "grey hat" refers to a computer hacker or computer security expert whose ethical
standards fall somewhere between strictly unselfish and strictly malicious. Grey Hats hack
for various reasons either ethically or unethically depending on the condition and
circumstances at hand.
8. PENETRATION TESTING
A penetration test is a software attack on a computer system that appears for security
weaknesses, probably gaining access to the computer's features and information. It is also
known as intrusion testing and red teaming is the methodology of examining the weakness
and vulnerabilities of computer and network security. Penetration testing is used to measure
the performance of system security.
Needof Penetration Testing
The main purpose of penetration testing is to identify the security weakness under controlled
circumstances in order that the security flaws are often eliminated before hackers exploit the
system. Ethical hackers use their skills and apply penetration testing to find the vulnerability
Assessment, provide importance to high sensitive information. Penetration testing is also
done from business perspective to safeguard the organization against failure through
preventing loss, similarly as operational perspective to identify the danger and vulnerabilities.
Types of Penetration Test
There are two type of penetration testing
1) Black Box Test
2) White Box Test
Penetration testing depends upon the situation of an organization desires to check, whether
the scope is to simulate an attack by an insider or external source. The distinction between the
two is that the quantity of information provided to the penetration tester concerning the
system is tested. In black box penetration testing is closely stimulated to it of an external
attacker, giving very little data or no information concerning the systems to be tested. The
penetration testers gather the maximum amount as information concerning the target system
as possible to perform the test. In white box penetration testing the tester usually supplied
with elaborated information concerning the network to be tested embrace the IP address.
9. WORKING OF AN ETHICAL HACKER
The working of an ethical hacker involves the following mentioned steps
1) Obeying the Ethical Hacking Directives: All the Ethical Hacker should follow few
basic principles. If he doesn't follow, dangerous things will happen. Most of the time
these principles get neglected or forgotten when designing or executing ethical
hacking tests. The results are even so dangerous.
2) Working ethically: The word ethical is defined as working with high skilled morals
and principles. whether you’re performing ethical hacking tests against your own
systems or for somebody who has employed you, everything you are doing as an
ethical Hacker should be approved and should support the company’s goals. No
hidden agendas are allowed. trustworthiness is the final objective. The misuse of
information is completely not allowed.
3) Respecting Privacy: Treat the data you gather with complete respect. All data you
acquire throughout your testing from internet application log files to clear-text
passwords — should be kept personal.
4) Not crashing your systems: One of the biggest mistakes is when individuals attempt to
hack their own systems; they come up with crashing their systems. the reason for this
can be poor planning. These testers haven't read the documentation or misunderstand
the usage and power of the security tools and techniques. you can simply produce
miserable conditions on your systems while testing. Running too several tests too
quickly on a system causes several system lockups. several security assessment tools
will control how many tests are performed on a system at a constant time. These tools
are particularly handy if you need to run the tests on production systems throughout
regular business hours.
5) Executing the plan: In Ethical hacking, time and patience are very important. You
must be careful when you’re performing your ethical hacking tests.
10. ETHICAL HACKING METHODOLOGY
An ethical hacking methodology is pretty similar to a hacking methodology as there are more
or less the similar goals. An ethical hacker doesn’t need to take that much care in hiding his
traces and tracks. He can chose a more aggressive way and doesn’t need to bother with
slowing down portscans (to avoid detection) or evading intrusion detection systems – at least
most of the time unless it is specially desired by the client. Mostly, an ethical hacker just
hasn’t the time to be that careful in blurring his traces and tracks unless the customer pays
for. Nevertheless, a lot of similarities can be found to a hacking methodology. An ethical
hacking methodology overview can be seen in figure 2. A similar setup could be used by a
hacker for his attacks. The ethical hacking methodology described is based on eight possible
phases where interactions between the phases are possible, even required as hacking is an
iterative process; going back to an earlier phase is absolutely possible (and needed).
Fig. 2 Ethical hacking methodology
11. 1.) Reconnaissance: It states to gather as more information as we can about target in
prior to perform an attack. It can be further classified into Active and Passive. Former
involves information gathering with direct interaction like social engineering and the
later without any direct interaction by searching news release or public records.
2.) Scanning: It states to scan for all the open as well as closed ports and even for the
known vulnerabilities on the target machine.
3.) Gaining Control: It can be gained at OS level, system level or even network level.
From normal access hacker can even proceed with privilege escalation. It often
includes password cracking, buffer overflows, DoS attack etc.
4.) Maintaining Access: It is where hacker strives to retain its control over target with
backdoors, root kits or Trojans. Compromised machines can even be used as Bots
and Zombies for further attacks.
5.) Covering Tracks : It is also known as Daisy Chaining. To avoid being exposed or
caught, a good hacker will leave no impressions of his presence. So he attempts to
overwrite the system and application logs.
12. ETHICAL HACKING PROCESS
The Ethical hacking process must be planned ahead. All technical, management and strategic
problems should be thought-about. planning is very important for any amount of testing –
from an easy password test to any or all out penetration test on an internet application.
Backup off information must be ensured, otherwise the testing could also be known off
unexpectedly if somebody claims they never authorises for the tests. So, a well outlined scope
involves the subsequent in formation:
1.) Specific systems to be tested: While choosing systems to test, begin with the most
critical systems and processes or those you think to be the most vulnerable. for
instance, you'll check computer passwords, an Internet-facing web application, or try
social engineering attacks before drilling down into all of your systems.
2.) Risks involved: It pays to own a contingency set up for your ethical hacking process
just in case anything goes away. What if you are assessing your firewall or internet
application and you are taking it down? This could cause system inaccessibility,
which may cut back system performance or employee productivity. Even worse, it
might cause loss of information integrity, loss of information itself, and even
unhealthy publicity. It will most certainly check someone or two and make you look
unhealthy. Handle social engineering and DoS attacks carefully. Determine how
they'll have an effect on the systems you are testing and your entire organization.
3.) When the tests will be performed and your overall timeline: Determining while the
tests are performed are a few things that you simply must assume long and hard about.
Does one perform tests throughout normal business hours? However concerning late
at midnight or early within the morning in order that production systems are not
affected? Involve others to create certain they approve of your timing. The best
approach is an infinite attack, whereby any variety of test is possible at any time of
day. The dangerous guys are not breaking into your systems inside a restricted scope,
thus why should you? Some exceptions to this approach are performing DoS attacks,
social engineering, and physical security tests.
4.) How much information of the systems you've got before you begin testing: You do
not need intensive information of the systems you are testing — simply a basic
understanding. This basic understanding helps shield you and also the tested systems.
5.) What action will be taken while a serious vulnerability is discovered: Do not stop
when you discover one security hole. this may result in a false sense of security. Keep
getting to see what else you are able to discover. you do not need to keep hacking till
13. the end of your time or till you crash all of your systems; just pursue the path you are
going down till you cannot hack it any further (pun intended). If you haven't found
any vulnerabilities, you haven't looked hard enough.
6.) The specific deliverables: This includes security assessment reports and a higher-level
report outlining the general vulnerabilities to be addressed, along with
countermeasures that should be implemented.
14. ETHICAL HACKING TOOLS
The specific deliverables: This includes security assessment reports and a higher-level report
outlining the general vulnerabilities to be addressed, along with countermeasures that should
be implemented.
The list and description of several tools used in the ethical hacking process are as follows:
Scanning tools: The Scanning tools are quite helpful in the ethical hacking process. In
technical detail, a scanner sends a message requesting to open a connection with a computer
on a particular port. (A port is an interface where different layers of software exchanges
information).
Port Scanners:
Nmap
Superscan
Nikto
Autoscan
Angry IP Scanner
Unicornscan
Packet Sniffers: They allow you to capture and visualise the traffic that is coming on your
website.
Wideshark
Ethercap
Dsniff
TCPdump
Etherape
Vulnerability Exploitation: These are the tools you would use in order to gain access to
various places.
Sqlmap
Sqlninja
Social Engineer Toolkit
Metasploit
BeEF
Dradis
Netsparker
15. Vulnerability Scanners: These are designed to access a computer or network’s vulnerability
to attacks. The functionality of these tools varies from one to the other, but they all present a
detailed analysis of how vulnerable your system is.
Open VAS
Nipper
Nessus
Retina
Nexpose
QualysGuard
Hacking Operating System: These are OS that have been designed specifically for hackers.
Backtrack5r3
Kali Linux
SE Linux
Knoppix
Backbox Linux
Pentoo
Helix
DEFT
CAINE
Blackbuntu
NodeZero
Matriux Krypton
Intrusion Detection System: These tools are one of the most important part of any security
arrangement. They allow you to detect those threats that are potentially dangerous for your
system.
NetCap
Snort
16. CEH
Certified Ethical Hacker (CEH) is a professional designation for hackers that perform
legitimate service for IT companies and other organisation. A CEH is hired to locate and
repair application and system security vulnerabilities to preempt exploitation by black hat
hackers and others with potentially illegal intensions.
CEH oversight is provided by the International Council of E-Commerce Consultants (EC-
Council).
To beat a hacker, you need to think like one! a certified ethical Hacker is a skilled
professional who understands and is aware of how to look for weaknesses and vulnerabilities
in target systems and uses the same information and tools as a malicious hacker, however
during a lawful and legitimate manner to assess the security posture of the target system(s).
The CEH credential certifies individuals within the specific network security discipline of
ethical Hacking from a vendor-neutral perspective.
The Certified Ethical Hacker program is the pinnacle of the most desired information security
training program any information security professional will ever want to be in. To master the
hacking technologies, you will need to become one, but an ethical one! The authorised course
provides the advanced hacking tools and techniques used by hackers and information security
professionals alike to break into an organization. As we place it, “To beat a hacker, you need
to think like a hacker”. This course will immerse you into the Hacker mind-set so you will be
able to defend against future attacks. the security mind-set in any organization must not be
restricted to the silos of a certain vendor, technologies or pieces of equipment.
17. ETHICAL HACKING: FUTURE IMPULSE
It is always enticed to predict the future when it comes to computer security. Of course it‘s
impossible to know for sure but it is possible to make an educated guess. They say we are in
the “the golden age of hacking” and we do not agree more. Tools for both Windows and
Linux are available and now anyone can actually be a decent hacker using nothing but
windows. The best of times for those curious about security and how it can be breached and
the worst of times if you are sitting on the net with a vulnerable computer.
If we were to split hacking into 3 levels, say low, middle and high. Low is requiring the least
amount of technical skill and relies more on social engineering and a few simple things like
hardware key loggers. Middle level comprises a good skill with tools available and
precompiled buffer overflows, etc... High is someone who can think way outside the box and
deepest aspects of TCP/IP and can code accordingly. Our strong feeling is that the middle
level as defined it will be the one that will disappear in the future. Buffer overflows will
become a thing of the past. Technology is growing strongly towards that direction. Exploiting
code will slowly become more and more difficult and tools that focus on that will lose more
and more of their effectiveness. Hackers will either focus on things like social engineering or
gaining physical access. Join a cleaning crew and place a hardware key logger. Come back
the next night and retrieve it and while not very sophisticated it can be very devastating none
the less. The high end will be those that understand the very core of IP6 and will understand
how to manipulate packet flows in ways no one has ever thought about. Obviously if this
scenario is correct, most hackers will focus on the low level and that perhaps is even scarier.
Using a combination of hardware and social skills could prove the most difficult to defend
against. That‘s the future as I see it happening. Let‘s wait and see!
18. CONCLUSION
Ethical hacking looks to be a new buzz word although the techniques and concepts of testing
security by attacking an installation aren’t new at all. But, with the current poor security on
the internet, ethical hacking may be the most effective way to plug security holes and stop
intrusions. On the opposite hand ethical hacking tools have also been disreputable tools for
crackers. So, at this time the tactical objective is to remain one step ahead of the crackers.
ethical Hacking is a tool, that if properly used, will prove useful for understanding the
weaknesses of a network and the way they could be exploited. After all, ethical hacking can
play a certain role in the security assessment offerings and positively has attained its place
among alternative security assessments. lastly, it should be said that the ethical hacker is an
educator who seeks to enlighten not only the client, but also the protection industry as a
whole.
19. REFERENCES
1.) Gurpreet K. Juneja, “A Technique to Enhance Information Security”, Dec 2013.
2.) International Journal of Computer Applications (0975 – 8887) Volume 1 – No. 10
3.) Regina D. Hartley, Ethical Hacking: Teaching Students to Hack, East Carolina
University.
4.) Amitesh Kumar Gupta, Asish Srivastava, Tinesh Kumar Goyal, Piyush Saxena,
“ETHICAL HACKING: An Approach towards Penetration Testing “,International
Journal of Modern Communication Technologies & Research (IJMCTR) ISSN: 2321-
0850, Volume-2, Issue-5, May 2014
5.) Monika Pangaria1, Vivek Shrivastava2,” Need of Ethical Hacking in Online World”,
Volume.2. Issue 4.Apr 2014
6.) Aniruddha P Tekade, Pravin Gurjar, Pankaj R. Ingle, Dr.B.B.Meshram, “Ethical
Hacking in Linux Environment”, International Journal of Engineering Research and
Applications (IJERA) ISSN: 22489622 , Vol. 3, Issue 1, January -February 2013,
pp.1854-1860
7.) Aileen G. Bacudio, 1Xiaohong Yuan, 2Bei-Tseng Bill Chu, 1Monique Jones, “An
Overview of Penetration Testing”, Volume3.no.6, Nov 2011
8.) https://www.eccouncil.org/Certification/certified-ethical-hacker
9.) IEEE journals and proceeding papers