This document discusses ethical hacking and provides information on various types of hackers, why people hack, and the hacking process. It defines ethical hacking as legal hacking done with permission to identify vulnerabilities. The hacking process involves preparation, footprinting, enumeration and fingerprinting, vulnerability identification, gaining access, escalating privileges, covering tracks, and creating backdoors. It also discusses how to protect systems and what to do if hacked, such as restoring from backups and patching security holes.
3. CONTENT
⊠Overview of Hacking
⊠Types of hacking
⊠Hacker
⊠Types of Hacker
⊠Why do hackers hack?
⊠How can kid hack?
⊠What does a script kid know?
⊠Hackers language
⊠How to translate the hackersâ language
4. ⊠Ethical Hacking
⊠Ethical Hacking â Process
⊠What hackers do after hacking?
⊠Why canât defend against hackers?
⊠How can protect the system?
⊠What should do after hacked?
⊠Final words
5. overview of hacking
⊠Hack
â Examine something very minutely
â the rapid crafting of a new program or the making of
changes to existing, usually complicated software
⊠Hacker
â The person who hacks
⊠Cracker
â System intruder/destroyer
6. HACKER
⊠Someone who bypasses the systemâs access controls by
taking advantage of security weaknesses left in the system
by developers
⊠Person who is totally immersed in computer technology
and programming, and who likes to examine the code of
programs to see how they work ⊠then uses his or her
computer expertise for illicit purposes such as gaining
access to computer systems without permission and
tampering with programs and data. At that point, this
individual would steal information and install backdoors,
virus and Trojans
⊠Hacker means cracker nowadays.
7. Types of hacker
⊠White Hat Hackers:
â who specializes in penetration testing and in other testing
methodologies to ensure the security of an organization's
information systems.
⊠Black Hat Hackers:
â A black hat is the villain or bad guy, especially in a western
movie in which such a character would stereotypically wear a
black hat in contrast to the hero's white hat.
⊠Gray Hat Hackers:
â A grey hat, in the hacking community, refers to a skilled hacker
whose activities fall somewhere between white and black hat
hackers on a variety of spectra
8. Types of hacker
⊠Script Kiddies:
â who use scripts or programs developed by others to attack
computer systems and networks and deface websites. [
⊠Phreak
â Person who breaks into telecommunications systems to [commit]
theft
⊠Cyber Punk
â Recent mutation of ⊠the hacker, cracker, and phreak
9. Why do people hack??
⊠To make security stronger ( Ethical Hacking
)
⊠Just for fun
⊠Show off
⊠Hack other systems secretly
⊠Notify many people their thought
⊠Steal important information
⊠Destroy enemyâs computer network during
the war
10. How can kid hack?
⊠Kid has much of time
â Kid can search for longer time than other people
⊠All hacking program is easy to use
⊠Kid doesnât have to know how the hacking program works
⊠These kids are called script kiddies
11. Hackers language :
1 -> i or l || -> n
3 -> e |/| -> m
4 -> a s -> z
7 -> t z -> s
9 -> g f -> ph
0 -> o ph -> f
$ -> s x -> ck
| -> i or ck -> x
12. What is Ethical Hacking
⊠It is Legal
⊠Permission is obtained from the target
⊠Part of an overall security program
⊠Identify vulnerabilities visible from Internet
at particular point of time
⊠Ethical hackers possesses same skills,
mindset and tools of a hacker but the attacks
are done in a non-destructive manner
⊠Also Called â Attack & Penetration Testing,
14. Hacking - Process
1. Preparation
2. Foot printing
3. Enumeration & Fingerprinting
4. Identification of Vulnerabilities
5. Attack â Exploit the Vulnerabilities
6. Gaining Access
7. Escalating privilege
8. Covering tracks
9. Creating back doors
15. Preparation
⊠Identification of Targets â company websites, mail servers,
extranets, etc.
⊠Signing of Contract
â Agreement on protection against any legal issues
â Contracts to clearly specifies the limits and dangers of the test
â Specifics on Denial of Service Tests, Social Engineering, etc.
â Time window for Attacks
â Total time for the testing
â Prior Knowledge of the systems
â Key people who are made aware of the testing
16. Foot printing
Collecting as much information about the
target
ï DNS Servers
ï IP Ranges
ï Administrative Contacts
ï Problems revealed by administrators
18. Enumeration & Fingerprinting
⊠Specific targets determined
⊠Identification of Services / open ports
⊠Operating System Enumeration
Methods
ï Banner grabbing
ï Responses to various protocol (ICMP
&TCP) commands
ï Port / Service Scans â TCP Connect, TCP
SYN, TCP FIN, etc.
19. Identification of Vulnerabilities
Vulnerabilities:
ï It is a weakness which allows an attacker to
reduce a system's information assurance.
⊠Insecure Configuration
⊠Weak passwords
⊠Unpatched vulnerabilities in services,
Operating systems, applications
⊠Possible Vulnerabilities in Services,
Operating Systems
⊠Insecure programming,Weak Access
20. Tools
Vulnerability Scanners - Nessus, ISS, SARA,
SAINT
Listening to Traffic â Ethercap, tcpdump
Password Crackers â John the ripper, LC4,
Pwdump
Intercepting Web Traffic â Achilles, Whisker,
Legion
21. Gaining access:
⊠Enough data has been gathered at this point to make an informed
attempt to access the target
⊠Techniques
â Password eavesdropping
â File share brute forcing
â Password file grab
â Buffer overflows
22. Escalating Privileges
⊠If only user-level access was obtained in the last step, the attacker will
now seek to gain complete control of the system
⊠Techniques
â Password cracking
â Known exploits
23. Covering Tracks
⊠Once total ownership of the target is
secured, hiding this fact from system
administrators becomes paramount, lest
they quickly end the romp.
⊠Techniques
â Clear logs
â Hide tools
24. Creating Back Doors
⊠Trap doors will be laid in various parts of the system to ensure that
privileged access is easily regained at the whim of the intruder
⊠Techniques
â Create rogue user accounts
â Schedule batch jobs
â Infect startup files
â Plant remote control services
â Install monitoring mechanisms
â Replace apps with trojans
25. Denial of Service
⊠If an attacker is unsuccessful in gaining access, they may use readily
available exploit code to disable a target as a last resort
⊠Techniques
â SYN flood
â ICMP techniques
â Identical SYN requests
â Overlapping fragment/offset bugs
â Out of bounds TCP options (OOB)
â DDoS
26. What do hackers do after hacking?
⊠Patch security hole
â The other hackers canât intrude
⊠Clear logs and hide themselves
⊠Install rootkit ( backdoor )
â The hacker who hacked the system can use the system later
â It contains trojan virus, and so on
⊠Install irc related program
â identd, irc, bitchx, eggdrop, bnc
27. ⊠Install scanner program
â mscan, sscan, nmap
⊠Install exploit program
⊠Install denial of service program
⊠Use all of installed programs silently
28. How can protect the system?
ï Patch security hole often
ï Encrypt important data
ï Ex) pgp, ssh
ï Do not run unused daemon
ï Remove unused setuid/setgid program
ï Setup loghost
âą Backup the system often
ï Setup firewall
ï Setup IDS
ï Ex) snort
29. What should do after hacked?
⊠Shutdown the system
â Or turn off the system
⊠Separate the system from network
⊠Restore the system with the backup
â Or reinstall all programs
⊠Connect the system to the network
30. H4CKING VS CR4CKING
⊠HACKING WITH MALICIOUS
INTENTION IS CRACKING
ï¶The basic difference is hackers do not do
anything disastrous.
ï¶Cracking yield more devastating results.
ï¶Cracking is crime.
ï¶Cyber crime are the results of cracking ,not
hacking