際際滷

際際滷Share a Scribd company logo

building foundation for ethical hacking.ppt

Download as PPTX, PDF
S
ShivaniSingha1

Ethical hacking involves performing penetration tests with a company's permission to discover vulnerabilities from a hacker's perspective and improve security. An ethical hacking plan should establish goals, determine systems to test, define testing standards, and select appropriate tools. The plan helps structure the ethical hacking process and ensures proper authorization for legal testing.

1 of 58
Download to read offline
MODULE - I Building Foundation for Ethical Hacking Introduction of ethical hacking, types of attacks, ethical hacking commandments, ethical hacking process, cracking the hacker mindset, developing hacking plan, hacking methodology
HOW HACKERS BEGET ETHICAL HACKERS: INTRODUCTION Defining hacker Traditionally, a hacker is someone who likes to tinker(work) with software or electronic systems. Hackers enjoy exploring and learning how computer systems operate. They love discovering new ways to work electronically. Recently, hacker has taken on a new meaning someone who maliciously breaks into systems for personal gain. Technically, these criminals are crackers (criminal hackers). Crackers break into (crack) systems with malicious intent. They are out for personal gain: fame, profit, and even revenge. They modify, delete, and steal critical information, often making other people miserable.
The good-guy (white-hat) hackers dont like being in the same category as the bad-guy (black-hat) hackers. (These terms come from Western movies where the good guys wore white cowboy hats and the bad guys wore black cowboy hats.) Whatever the case, most people give hacker a negative connotation. Hackers (or bad guys) try to compromise computers. Ethical hackers (or good guys) protect computers against illicit(illegal) entry.
Ethical Hacking Ethical hacking also known as penetration testing or white-hat hacking involves the same tools, tricks, and techniques that hackers use, but with one major difference: Ethical hacking is legal. Ethical hacking is performed with the targets permission. The intent of ethical hacking is to discover vulnerabilities(quality) from a hackers viewpoint so systems can be better secured. Its part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors claims about the security of their products are legitimate(rule).
Understanding the Need to Hack Your Own Systems To catch a thief, think like a thief. Thats the basis for ethical hacking. Your overall goals as an ethical hacker should be as follows: Hack your systems in a nondestructive fashion. Enumerate vulnerabilities and, if necessary, prove to upper management that vulnerabilities exist. Apply results to remove vulnerabilities and better secure your systems.
UNDERSTANDING THE DANGERS YOUR SYSTEMS FACE TYPES OF ATTACKS Nontechnical attacks Physical attacks can include dumpster diving(Dumpster diving is a cyberattack where the attacker gets their hands on sensitive documents or data you carelessly threw into the trash bin) Network-infrastructure attacks Connecting into a network through a rogue modem(A rogue access point is a wireless access point that has been installed on a secure network without explicit authorization from a local network administrator, whether added by a well-meaning employee or by a malicious attacker.) attached to a computer behind a firewall Exploiting weaknesses in network transport mechanisms, such as TCP/IP and NetBIOS Flooding a network with too many requests, creating a denial of service (DoS) for legitimate requests Installing a network analyzer on a network and capturing every packet that travels across it, revealing confidential information in clear text Piggybacking (to use something that someone else has made or done in order to get an advantage)onto a network through an insecure 802.11b wireless configuration
Understanding the Dangers Your Systems Face Operating-system attacks Exploiting specific protocol implementations Attacking built-in authentication systems Breaking file-system security Cracking passwords and encryption mechanisms
Application and other specialized attacks Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) applications Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) applications are frequently attacked because most firewalls and other security mechanisms are configured to allow full access to these programs from the Internet. Malicious software (malware) includes viruses, worms, Trojan horses, and spyware. Malware clogs networks and takes down systems. Spam (junk e-mail) is wreaking havoc on system availability and storage space. And it can carry malware. Understanding the Dangers Your Systems Face
Working ethically Respecting privacy Not crashing your systems Obeying the Ethical Hacking Commandments(RULE)
THE ETHICAL HACKING PROCESS Formulating your plan Specific systems to be tested Risks that are involved When the tests are performed and your overall timeline How the tests are performed How much knowledge of the systems you have before you start testing What is done when a major vulnerability is discovered The specific deliverables
THE ETHICAL HACKING PROCESS Selecting tools To crack passwords, you need a cracking tool such as LC4, John the Ripper, or pwdump. For an in-depth analysis of a Web application, a Web-application assessment tool (such as Whisker or WebInspect) is more appropriate than a network analyzer (such as Ethereal).
open-source security tools: Nmap EtherPeek SuperScan QualysGuard WebInspect LC4 (formerly called L0phtcrack) LANguard Network Security Scanner Network Stumbler ToneLoc The Ethical Hacking Process
other popular tools: Internet Scanner Ethereal Nessus Nikto Kismet THC-Scan THE ETHICAL HACKING PROCESS
Characteristics In EH Tools Adequate documentation. Detailed reports on the discovered vulnerabilities, including how they may be exploited and fixed. Updates and support when needed. High-level reports that can be presented to managers or nontechie types. THE ETHICAL HACKING PROCESS
Executing the plan Search the Internet for your organizations name, your computer and network system names, and your IP addresses. Narrow your scope, targeting the specific systems youre testing. Further narrow your focus with a more critical eye. Perform actual scans and other detailed tests on your systems. Perform the attacks, if thats what you choose to do.
Evaluating results Assess your results to see what you uncovered, assuming that the vulnerabilities havent been made obvious before now. This is where knowledge counts. Evaluating the results and correlating the specific vulnerabilities(quality) discovered is a skill that gets better with experience. Youll end up knowing your systems as well as anyone else.
CRACKING THE HACKER MINDSET What Youre Up Against The definition of hacker has transformed from harmless tinkerer to malicious criminal. Hackers often state that the general public misunderstands them, which is mostly true. Its easy to prejudge what you dont understand. Hackers can be classified by both their abilities and underlying motivations. Some are skilled, and their motivations are benign; theyre merely seeking more knowledge. At the other end of the spectrum, hackers with malicious intent seek some form of personal gain. Unfortunately, the negative aspects of hacking usually overshadow the positive aspects, resulting in the stereotyping.
Who Hacks Script kiddies: Intermediate hackers: Elite hackers Cyberterrorists
Why Hackers Hack Many hackers get a kick out of outsmarting corporate and government IT and security administrators. Some common hacker motives are revenge, basic bragging rights, curiosity, boredom, challenge, vandalism, theft for financial gain, sabotage, blackmail, extortion, and corporate espionage. Hackers often promote individualism or at least the decentralization of information
Hacking continues to get easier for several reasons: Increasing use of networks and Internet connectivity Anonymity provided by computer systems working over the Internet Increasing number and availability of hacking tools Computer-savvy children Unlikelihood that hackers are investigated or prosecuted if caught
Planning and Performing Attacks Some hackers prepare far in advance of a large attack. Other hackers usually, the inexperienced script kiddies act before they think things through
Aspects Of Real-world Security The majority of systems that hackers want to attack arent managed properly. Most network and security administrators simply cant keep up with the deluge of new vulnerabilities. Information systems grow more complex every year. This is yet another reason why overburdened administrators find it difficult to know whats happening across the wire and on the hard drives of their systems.
Hack attacks can be carried out slowly, making them hard to detect. Theyre frequently carried out after typical business hours often, in the middle of the night. Defenses are often weaker at night with less physical security and less intrusion monitoring when the typical network administrator (or security guard) is sleeping.
Maintaining Anonymity Smart hackers want to be as low-key as possible. Covering their tracks is a priority. Hackers often remain anonymous by using one of the following techniques: Borrowed or stolen dial-up accounts from friends or previous employers Public computers at libraries, schools, or kiosks at the local mall Internet proxy servers or anonymizer services Anonymous or disposable e-mail accounts from free e-mail services Open e-mail relays Unsecured computers also called zombies at other organizations Workstations or servers on the victims own network
DEVELOPING YOUR ETHICAL HACKING PLAN As an ethical hacker, you must plan your ethical hacking efforts before you start. A detailed plan doesnt mean that your testing must be elaborate. It just means that youre very clear and concise on whats done. Given the seriousness of ethical hacking, make this as structured a process as possible. Even if youre just testing a single Web application or workgroup of computers, its critical to establish your goals, define and document the scope of what youll be testing, determine your testing standards, and gather and familiarize yourself with the proper tools for the task.
Getting Your Plan Approved Getting approval for ethical hacking is critical. First, obtain project sponsorship. This approval can come from your manager, an executive, a customer, or yourself (if youre the boss). Otherwise, your testing may be canceled suddenly, or someone can deny authorizing the tests. There can even be legal consequences for unauthorized hacking. Always make sure that what youre doing is known and visible at least to the decision-makers.
Establishing Your Goals Define more specific goals. Align these goals with your business objectives. Create a specific schedule with start and end dates. These dates are critical components of your overall plan.
The following questions can start the ball rolling Does ethical hacking support the mission of the business and its IT and security departments? What business goals are met by performing ethical hacking? These goals may include the following: Prepping for the internationally accepted security framework of ISO 17799 or a security seal such as SysTrust or WebTrust Meeting federal regulations Improving the companys image How will ethical hacking improve security, IT, and the general business? What information are you protecting?
How much money, time, and effort are you and your organization willing to spend on ethical hacking? What specific deliverables will there be? What specific outcomes do you want? After you know your goals, When will you start your ethical hacking? Will your ethical hacking be blind, in which you know nothing about the systems youre testing, or a knowledge-based attack, in which youre given specific information about the systems youre testing such as IP addresses, hostnames, and even usernames and passwords?
Will this testing be technical in nature or involve physical security assessments or even social engineering? Will you be part of a larger ethical hacking team, often called a tiger team or red team? Will you notify your customers of what youre doing? If so, how? How will you notify customers that the organization is taking steps to enhance the security of their information? What measurements can ensure that these efforts are paying off?
Determining What Systems to Hack You probably dont want or need to assess the security of all your systems at the same time. You may decide which systems to test based on a high-level risk analysis, answering questions such as: What are your most critical systems? Which systems, if hacked, would cause the most trouble or the greatest losses? Which systems appear to be most vulnerable to attack? Which systems are not documented, are rarely administered, or are the ones you know the least about?
The following list includes systems and applications that you may consider performing your hacking tests on: Routers Firewalls Network infrastructure as a whole Wireless access points and bridges Web, application, and database servers E-mail and file/print servers Workstations, laptops, and tablet PCs Mobile devices (such as PDAs and cell phones) that store confidential information Client and server operating systems Client and server applications, such as e-mail or other in-house systems
Start with the most vulnerable systems, and consider the following factors: Where the computer or application resides on the network Which operating system and application(s) it runs The amount or type of critical information stored on it
Creating Testing Standards When the tests are performed, along with the overall timeline? What tests are performed? How the tests are performed, and from where? How much knowledge of the systems you acquire in advance? What you do when a major vulnerability is discovered?
Timing he practice of having a computer dial large numbers of telephone numbers in search of devices that can be exploited, such as fax machines or modems.(war dial) Password cracking is the process of using an application program to identify an unknown or forgotten password to a computer or network resource.
Specific tests You may have been charged with performing a general penetration test, or you may want to perform specific tests, such as cracking passwords or war-dialing into a network. A good way to provide evidence of what was tested, when it was tested, and more is to enable logging on the systems youre testing.
Blind versus knowledge assessments It may be good to have some knowledge of the systems youre testing, but its not required. The best approach is to plan on unlimited attacks, wherein any test is possible. A false sense of vigilance can be created if too many insiders know about your testing which can end up negating the hard work youre putting into this.
Location The tests youre performing dictate where you must run them from. Your goal is to hack your systems from locations where malicious hackers can access the systems. You can perform some tests, such as password cracking and network- infrastructure assessments, from the comfort of your office inside the network. For your external hacks that require network connectivity, you may have tog o off-site (a good excuse to work from home) or use an external proxy server.
Reacting to major exploits that you find Determine ahead of time whether youll stop or keep going when you find a critical security hole. Your manager or your customer may not ask you to, but I think its best to keep going to see what else you can discover. Im not saying to keep hacking until the end of time or until you crash all your systems.
Silly assumptions Computers, networks, and people are available when youre testing. You have all the proper hacking tools. The hacking tools youre using wont crash your systems. Your hacking tools actually work. You know all the risks of your tests.
Selecting Tools The required security-assessment tools (hacking tools) depend on the tests youre running. You can perform some ethical hacking tests with a pair of sneakers, a telephone, and a basic workstation on the network. However, comprehensive testing is easier with hacking tools.
Opensource security tools: @stake L0phtcrack (now called LC4) Ethereal Foundstone SuperScan Qualys QualysGuard GFI LANguard Network Security Scanner John the Ripper Network Stumbler Nessus Nikto Nmap Pwdump2 SPI Dynamics WebInspect THC-RUT ToneLoc Wellenreiter WildPackets EtherPeek and AiroPeek
Characteristics In The Tools You Select For Ethical Hacking: Adequate documentation. Detailed reports on the vulnerabilities, including how they may be exploited and fixed. Updates and support when needed. High-level reports that can be presented to managers or other non- techie types.
HACKING METHODOLOGY Setting the Stage Track what worked in previous tests and why. Help prove that you didnt maliciously hack the systems. Correlate your testing with intrusion-detection systems and other log files if questions arise.
If youre performing ethical hacking for a customer, you may go the blind assessment route and start with just the company name and no other information that gives you a leg up, such as: IP addresses Host names Software versions Firewall rules Phone numbers Employee names
Seeing What Others See Start by using a Web browser to search the Web for information about your organization. Discover more-specific information about your systems from a hackers viewpoint. You can determine this information by running network scans, probing ports, and assessing vulnerability.
Gathering public information Web search Employee names and contact info Important company dates Incorporation filings for private companies SEC filings for public companies Press releases on moves, organizational changes, and new products Mergers and acquisitions Patents and trademarks Presentations, articles, and Webcasts
With Google, you can search the Internet several ways: By typing keywords By performing more advanced Web searches By using switches to dig deeper into a Web site Web crawling The Web site layout and configuration offline. The HTML source code of Web pages. Comment fields.
Web sites Government and business Web sites: www.hoovers.com and finance.yahoo.com for detailed information about public companies www.sec.gov/edgar.shtml for SEC filings on public companies www.uspto.gov for patent and trademark registrations Background checks through companies such as ChoicePoint (www.choicepoint.com) and USSearch (www.ussearch.com)
Mapping the network Who is The best starting point is to perform a Whois lookup by using any one of the Whois tools available on the Internet. Whois is the tool youve most likely used to check whether a particular Internet domain name is available.
The following list runs down various lookup sites for other categories Government: whois.nic.gov Military: whois.nic.mil AfriNIC: www.afrinic.org (emerging Regional Internet Registry for Africa) APNIC: www.apnic.net/search/index.html (Regional Internet Registry for the Asia Pacific Region) ARIN: www.arin.net/whois/index.html (Regional Internet Registry for North America, a portion of the Caribbean, and subequatorial Africa) LACNIC: Latin American and Caribbean Internet Addresses Registry www.lacnic.net RIPE Network Coordination Centre: www.ripe.net/db/whois/whois.html (Europe, Central
Google Groups The Google Groups at groups.google.com can reveal surprising public network information. Search for such information as your hostnames, IP addresses, and usernames. You can search hundreds of millions of Usenet posts back to 1981 for public and often very private information.
Scanning Systems Use the information provided by your Whois lookups and start testing other closely related IP addresses and host names. Scan your internal hosts Hosts The basic ping utility thats built into your operating system A third-party utility that allows you to ping multiple addresses at the same time, such as SuperScan (www.foundstone.com) and NetScanTools Pro (www.netscantools.com) for Windows and fping for UNIX (which allows you to ping more than one address)
Modems and open ports Check for unsecured modems with war-dialing software, such as ToneLoc, PhoneSweep, and THC-Scan. Scan network ports with SuperScan or Nmap (www.insecure.org/nmap). You can use a happy-clicky-GUI version made for Windows called NMapWin, Listen to network traffic with a network analyzer such as Ethereal. I cover this topic in various chapters throughout the book.
Determining Whats Running on Open Ports Protocols in use, such as IP, IPX, and NetBEUI Services running on the hosts, such as e-mail and database applications Available remote-access services, such as Windows Terminal Services and Secure Shell (SSH) VPN services, such as PPTP, SSL, and IPSec Required authentication for network shares
Assessing Vulnerabilities Common Vulnerabilities and Exposures (cve.mitre.org/cve) CERT/CC Vulnerability Notes Database (www.kb.cert.org/vuls) NIST ICAT Metabase (icat.nist.gov/icat.cfm)
Penetrating the System Gain further information about the host and its data. Start or stop certain services or applications. Access other systems. Disable logging or other security controls. Capture screen shots. Install such hacker tools as rootkits (hacker programs that masquerade as legitimate OS programs) and network analyzers for later backdoor entry. Capture keystrokes. Send an e-mail as the administrator. Perform a buffer-overflow attack. Launch another type of DoS attack. Upload a file proving your victory.
The End

Recommended

Hacking
HackingHacking
Hacking
VipinYadav257
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
sourabh_sipPPT.pptx
sourabh_sipPPT.pptxsourabh_sipPPT.pptx
sourabh_sipPPT.pptx
SourabhRuhil4
Ethical Hacking.pptx Hacker Presentation
Ethical Hacking.pptx Hacker PresentationEthical Hacking.pptx Hacker Presentation
Ethical Hacking.pptx Hacker Presentation
sahilhussain2006bth
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Rishabha Garg
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
vamshimatangi
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
VipinYadav257
Web hacking 1.0
Web hacking 1.0Web hacking 1.0
Web hacking 1.0
Q Fadlan
Ethical Hacking and Defense Penetration
Ethical Hacking and Defense PenetrationEthical Hacking and Defense Penetration
Ethical Hacking and Defense Penetration
Jay Nagar
Ethical Hacking Redefined
Ethical Hacking RedefinedEthical Hacking Redefined
Ethical Hacking Redefined
Pawan Patil
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
ankit sarode
All about Hacking
All about HackingAll about Hacking
All about Hacking
Madhusudhan G
cybersecurity notes important points.pptx
cybersecurity notes important points.pptxcybersecurity notes important points.pptx
cybersecurity notes important points.pptx
dhumaletiku
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
Murali Mohan
Ethics in IT and System Usage
Ethics in IT and System UsageEthics in IT and System Usage
Ethics in IT and System Usage
tushki92
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
Computer security
Computer securityComputer security
Computer security
Mahesh Singh Madai
unit 2. cyber offences_how criminals plan them.ppt
unit 2. cyber offences_how criminals plan them.pptunit 2. cyber offences_how criminals plan them.ppt
unit 2. cyber offences_how criminals plan them.ppt
Dimple Relekar
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1
Anpumathews
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
ambemPrashanthi
Understanding Hackers: Types, Techniques, and Prevention Strategies.pptx
Understanding Hackers: Types, Techniques, and Prevention Strategies.pptxUnderstanding Hackers: Types, Techniques, and Prevention Strategies.pptx
Understanding Hackers: Types, Techniques, and Prevention Strategies.pptx
Sunipa Bera
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Institute of Information Security (IIS)
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptxMateri Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Bernad Bear
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
GovandJamalSaeed
Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking
Theko Moima
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and tools
chrizjohn896
Session 際際滷
Session 際際滷Session 際際滷
Session 際際滷
Muralidharan Radhakrishnan
Seminar PPT on ETHICAL HACKING .pptx
Seminar PPT on ETHICAL HACKING .pptxSeminar PPT on ETHICAL HACKING .pptx
Seminar PPT on ETHICAL HACKING .pptx
vishnudevjayakumar54
UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...
UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...
UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...
arivazhaganrajangam
Final Round of technical quiz on Chandrayaan
Final Round of technical quiz on ChandrayaanFinal Round of technical quiz on Chandrayaan
Final Round of technical quiz on Chandrayaan
kamesh sonti

More Related Content

Similar to building foundation for ethical hacking.ppt (20)

Ethical Hacking and Defense Penetration
Ethical Hacking and Defense PenetrationEthical Hacking and Defense Penetration
Ethical Hacking and Defense Penetration
Jay Nagar
Ethical Hacking Redefined
Ethical Hacking RedefinedEthical Hacking Redefined
Ethical Hacking Redefined
Pawan Patil
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
ankit sarode
All about Hacking
All about HackingAll about Hacking
All about Hacking
Madhusudhan G
cybersecurity notes important points.pptx
cybersecurity notes important points.pptxcybersecurity notes important points.pptx
cybersecurity notes important points.pptx
dhumaletiku
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
Murali Mohan
Ethics in IT and System Usage
Ethics in IT and System UsageEthics in IT and System Usage
Ethics in IT and System Usage
tushki92
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
Computer security
Computer securityComputer security
Computer security
Mahesh Singh Madai
unit 2. cyber offences_how criminals plan them.ppt
unit 2. cyber offences_how criminals plan them.pptunit 2. cyber offences_how criminals plan them.ppt
unit 2. cyber offences_how criminals plan them.ppt
Dimple Relekar
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1
Anpumathews
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
ambemPrashanthi
Understanding Hackers: Types, Techniques, and Prevention Strategies.pptx
Understanding Hackers: Types, Techniques, and Prevention Strategies.pptxUnderstanding Hackers: Types, Techniques, and Prevention Strategies.pptx
Understanding Hackers: Types, Techniques, and Prevention Strategies.pptx
Sunipa Bera
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Institute of Information Security (IIS)
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptxMateri Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Bernad Bear
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
GovandJamalSaeed
Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking
Theko Moima
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and tools
chrizjohn896
Session 際際滷
Session 際際滷Session 際際滷
Session 際際滷
Muralidharan Radhakrishnan
Seminar PPT on ETHICAL HACKING .pptx
Seminar PPT on ETHICAL HACKING .pptxSeminar PPT on ETHICAL HACKING .pptx
Seminar PPT on ETHICAL HACKING .pptx
vishnudevjayakumar54
Ethical Hacking and Defense Penetration
Ethical Hacking and Defense PenetrationEthical Hacking and Defense Penetration
Ethical Hacking and Defense Penetration
Jay Nagar
Ethical Hacking Redefined
Ethical Hacking RedefinedEthical Hacking Redefined
Ethical Hacking Redefined
Pawan Patil
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
ankit sarode
All about Hacking
All about HackingAll about Hacking
All about Hacking
Madhusudhan G
cybersecurity notes important points.pptx
cybersecurity notes important points.pptxcybersecurity notes important points.pptx
cybersecurity notes important points.pptx
dhumaletiku
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
Murali Mohan
Ethics in IT and System Usage
Ethics in IT and System UsageEthics in IT and System Usage
Ethics in IT and System Usage
tushki92
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
Computer security
Computer securityComputer security
Computer security
Mahesh Singh Madai
unit 2. cyber offences_how criminals plan them.ppt
unit 2. cyber offences_how criminals plan them.pptunit 2. cyber offences_how criminals plan them.ppt
unit 2. cyber offences_how criminals plan them.ppt
Dimple Relekar
Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1Introduction to Cyber Forensics Module 1
Introduction to Cyber Forensics Module 1
Anpumathews
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
ambemPrashanthi
Understanding Hackers: Types, Techniques, and Prevention Strategies.pptx
Understanding Hackers: Types, Techniques, and Prevention Strategies.pptxUnderstanding Hackers: Types, Techniques, and Prevention Strategies.pptx
Understanding Hackers: Types, Techniques, and Prevention Strategies.pptx
Sunipa Bera
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Institute of Information Security (IIS)
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptxMateri Keamanan Siber Prinsip Keamanan Jaringan.pptx
Materi Keamanan Siber Prinsip Keamanan Jaringan.pptx
Bernad Bear
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
GovandJamalSaeed
Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking Computer security chapter 2: About Hacking
Computer security chapter 2: About Hacking
Theko Moima
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and tools
chrizjohn896
Session 際際滷
Session 際際滷Session 際際滷
Session 際際滷
Muralidharan Radhakrishnan
Seminar PPT on ETHICAL HACKING .pptx
Seminar PPT on ETHICAL HACKING .pptxSeminar PPT on ETHICAL HACKING .pptx
Seminar PPT on ETHICAL HACKING .pptx
vishnudevjayakumar54

Recently uploaded (20)

UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...
UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...
UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...
arivazhaganrajangam
Final Round of technical quiz on Chandrayaan
Final Round of technical quiz on ChandrayaanFinal Round of technical quiz on Chandrayaan
Final Round of technical quiz on Chandrayaan
kamesh sonti
P_Type_N_Type_Semiconductors_Detailed.pptx
P_Type_N_Type_Semiconductors_Detailed.pptxP_Type_N_Type_Semiconductors_Detailed.pptx
P_Type_N_Type_Semiconductors_Detailed.pptx
VinayPaul17
UHV UNIT-3 HARMONY IN THE FAMILY AND SOCIETY.pptx
UHV UNIT-3 HARMONY IN THE FAMILY AND SOCIETY.pptxUHV UNIT-3 HARMONY IN THE FAMILY AND SOCIETY.pptx
UHV UNIT-3 HARMONY IN THE FAMILY AND SOCIETY.pptx
arivazhaganrajangam
BCS401 ADA Module 1 PPT 2024-25 IV SEM.pptx
BCS401 ADA Module 1 PPT 2024-25 IV SEM.pptxBCS401 ADA Module 1 PPT 2024-25 IV SEM.pptx
BCS401 ADA Module 1 PPT 2024-25 IV SEM.pptx
VENKATESHBHAT25
Transformer ppt for micro-teaching (2).pptx
Transformer ppt for micro-teaching (2).pptxTransformer ppt for micro-teaching (2).pptx
Transformer ppt for micro-teaching (2).pptx
GetahunShankoKefeni
Azure AI-900 Fundamentals Microsoft Exam
Azure AI-900 Fundamentals Microsoft ExamAzure AI-900 Fundamentals Microsoft Exam
Azure AI-900 Fundamentals Microsoft Exam
subha8077raghavan
Chemical_Safety | Chemical Safety Management | Gaurav Singh Rajput
Chemical_Safety | Chemical Safety Management | Gaurav Singh RajputChemical_Safety | Chemical Safety Management | Gaurav Singh Rajput
Chemical_Safety | Chemical Safety Management | Gaurav Singh Rajput
Gaurav Singh Rajput
Supervised Learning Ensemble Techniques Machine Learning
Supervised Learning Ensemble Techniques Machine LearningSupervised Learning Ensemble Techniques Machine Learning
Supervised Learning Ensemble Techniques Machine Learning
ShivarkarSandip
22PCOAM16 _ML_ Unit 2 Full unit notes.pdf
22PCOAM16 _ML_ Unit 2 Full unit notes.pdf22PCOAM16 _ML_ Unit 2 Full unit notes.pdf
22PCOAM16 _ML_ Unit 2 Full unit notes.pdf
Guru Nanak Technical Institutions
chapter 2 combustion engineering for second semester
chapter 2 combustion engineering for second semesterchapter 2 combustion engineering for second semester
chapter 2 combustion engineering for second semester
MeleseLegamo
UHV Unit - 4 HARMONY IN THE NATURE AND EXISTENCE.pptx
UHV Unit - 4 HARMONY IN THE NATURE AND EXISTENCE.pptxUHV Unit - 4 HARMONY IN THE NATURE AND EXISTENCE.pptx
UHV Unit - 4 HARMONY IN THE NATURE AND EXISTENCE.pptx
arivazhaganrajangam
Introduction to CLoud Computing Technologies
Introduction to CLoud Computing TechnologiesIntroduction to CLoud Computing Technologies
Introduction to CLoud Computing Technologies
cloudlab1
Chapter 1- Introduction-chemical bonding.pptx
Chapter 1- Introduction-chemical bonding.pptxChapter 1- Introduction-chemical bonding.pptx
Chapter 1- Introduction-chemical bonding.pptx
venomalvi2
Reinventando el CD_ Unificando Aplicaciones e Infraestructura con Crossplane-...
Reinventando el CD_ Unificando Aplicaciones e Infraestructura con Crossplane-...Reinventando el CD_ Unificando Aplicaciones e Infraestructura con Crossplane-...
Reinventando el CD_ Unificando Aplicaciones e Infraestructura con Crossplane-...
Alberto Lorenzo
4. "Exploring the Role of Lubrication in Machinery Efficiency: Mechanisms, Ty...
4. "Exploring the Role of Lubrication in Machinery Efficiency: Mechanisms, Ty...4. "Exploring the Role of Lubrication in Machinery Efficiency: Mechanisms, Ty...
4. "Exploring the Role of Lubrication in Machinery Efficiency: Mechanisms, Ty...
adityaprakashme26
he ne laser description regarding the no
he ne laser description regarding the nohe ne laser description regarding the no
he ne laser description regarding the no
rjraj1886
22PCOAM16_ML_Unit 1 notes & Question Bank with answers.pdf
22PCOAM16_ML_Unit 1 notes & Question Bank with answers.pdf22PCOAM16_ML_Unit 1 notes & Question Bank with answers.pdf
22PCOAM16_ML_Unit 1 notes & Question Bank with answers.pdf
Guru Nanak Technical Institutions
Tantrayukti.pptx. It is a ppt on tantrayukti
Tantrayukti.pptx. It is a ppt on tantrayuktiTantrayukti.pptx. It is a ppt on tantrayukti
Tantrayukti.pptx. It is a ppt on tantrayukti
AnuragKumar682871
BSS_1_E1.2_ElectromobilityElectromobility.pdf
BSS_1_E1.2_ElectromobilityElectromobility.pdfBSS_1_E1.2_ElectromobilityElectromobility.pdf
BSS_1_E1.2_ElectromobilityElectromobility.pdf
jungdan064
UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...
UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...
UHV UNIT-5 IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON P...
arivazhaganrajangam
Final Round of technical quiz on Chandrayaan
Final Round of technical quiz on ChandrayaanFinal Round of technical quiz on Chandrayaan
Final Round of technical quiz on Chandrayaan
kamesh sonti
P_Type_N_Type_Semiconductors_Detailed.pptx
P_Type_N_Type_Semiconductors_Detailed.pptxP_Type_N_Type_Semiconductors_Detailed.pptx
P_Type_N_Type_Semiconductors_Detailed.pptx
VinayPaul17
UHV UNIT-3 HARMONY IN THE FAMILY AND SOCIETY.pptx
UHV UNIT-3 HARMONY IN THE FAMILY AND SOCIETY.pptxUHV UNIT-3 HARMONY IN THE FAMILY AND SOCIETY.pptx
UHV UNIT-3 HARMONY IN THE FAMILY AND SOCIETY.pptx
arivazhaganrajangam
BCS401 ADA Module 1 PPT 2024-25 IV SEM.pptx
BCS401 ADA Module 1 PPT 2024-25 IV SEM.pptxBCS401 ADA Module 1 PPT 2024-25 IV SEM.pptx
BCS401 ADA Module 1 PPT 2024-25 IV SEM.pptx
VENKATESHBHAT25
Transformer ppt for micro-teaching (2).pptx
Transformer ppt for micro-teaching (2).pptxTransformer ppt for micro-teaching (2).pptx
Transformer ppt for micro-teaching (2).pptx
GetahunShankoKefeni
Azure AI-900 Fundamentals Microsoft Exam
Azure AI-900 Fundamentals Microsoft ExamAzure AI-900 Fundamentals Microsoft Exam
Azure AI-900 Fundamentals Microsoft Exam
subha8077raghavan
Chemical_Safety | Chemical Safety Management | Gaurav Singh Rajput
Chemical_Safety | Chemical Safety Management | Gaurav Singh RajputChemical_Safety | Chemical Safety Management | Gaurav Singh Rajput
Chemical_Safety | Chemical Safety Management | Gaurav Singh Rajput
Gaurav Singh Rajput
Supervised Learning Ensemble Techniques Machine Learning
Supervised Learning Ensemble Techniques Machine LearningSupervised Learning Ensemble Techniques Machine Learning
Supervised Learning Ensemble Techniques Machine Learning
ShivarkarSandip
22PCOAM16 _ML_ Unit 2 Full unit notes.pdf
22PCOAM16 _ML_ Unit 2 Full unit notes.pdf22PCOAM16 _ML_ Unit 2 Full unit notes.pdf
22PCOAM16 _ML_ Unit 2 Full unit notes.pdf
Guru Nanak Technical Institutions
chapter 2 combustion engineering for second semester
chapter 2 combustion engineering for second semesterchapter 2 combustion engineering for second semester
chapter 2 combustion engineering for second semester
MeleseLegamo
UHV Unit - 4 HARMONY IN THE NATURE AND EXISTENCE.pptx
UHV Unit - 4 HARMONY IN THE NATURE AND EXISTENCE.pptxUHV Unit - 4 HARMONY IN THE NATURE AND EXISTENCE.pptx
UHV Unit - 4 HARMONY IN THE NATURE AND EXISTENCE.pptx
arivazhaganrajangam
Introduction to CLoud Computing Technologies
Introduction to CLoud Computing TechnologiesIntroduction to CLoud Computing Technologies
Introduction to CLoud Computing Technologies
cloudlab1
Chapter 1- Introduction-chemical bonding.pptx
Chapter 1- Introduction-chemical bonding.pptxChapter 1- Introduction-chemical bonding.pptx
Chapter 1- Introduction-chemical bonding.pptx
venomalvi2
Reinventando el CD_ Unificando Aplicaciones e Infraestructura con Crossplane-...
Reinventando el CD_ Unificando Aplicaciones e Infraestructura con Crossplane-...Reinventando el CD_ Unificando Aplicaciones e Infraestructura con Crossplane-...
Reinventando el CD_ Unificando Aplicaciones e Infraestructura con Crossplane-...
Alberto Lorenzo
4. "Exploring the Role of Lubrication in Machinery Efficiency: Mechanisms, Ty...
4. "Exploring the Role of Lubrication in Machinery Efficiency: Mechanisms, Ty...4. "Exploring the Role of Lubrication in Machinery Efficiency: Mechanisms, Ty...
4. "Exploring the Role of Lubrication in Machinery Efficiency: Mechanisms, Ty...
adityaprakashme26
he ne laser description regarding the no
he ne laser description regarding the nohe ne laser description regarding the no
he ne laser description regarding the no
rjraj1886
22PCOAM16_ML_Unit 1 notes & Question Bank with answers.pdf
22PCOAM16_ML_Unit 1 notes & Question Bank with answers.pdf22PCOAM16_ML_Unit 1 notes & Question Bank with answers.pdf
22PCOAM16_ML_Unit 1 notes & Question Bank with answers.pdf
Guru Nanak Technical Institutions
Tantrayukti.pptx. It is a ppt on tantrayukti
Tantrayukti.pptx. It is a ppt on tantrayuktiTantrayukti.pptx. It is a ppt on tantrayukti
Tantrayukti.pptx. It is a ppt on tantrayukti
AnuragKumar682871
BSS_1_E1.2_ElectromobilityElectromobility.pdf
BSS_1_E1.2_ElectromobilityElectromobility.pdfBSS_1_E1.2_ElectromobilityElectromobility.pdf
BSS_1_E1.2_ElectromobilityElectromobility.pdf
jungdan064

building foundation for ethical hacking.ppt

  • 1. MODULE - I Building Foundation for Ethical Hacking Introduction of ethical hacking, types of attacks, ethical hacking commandments, ethical hacking process, cracking the hacker mindset, developing hacking plan, hacking methodology
  • 2. HOW HACKERS BEGET ETHICAL HACKERS: INTRODUCTION Defining hacker Traditionally, a hacker is someone who likes to tinker(work) with software or electronic systems. Hackers enjoy exploring and learning how computer systems operate. They love discovering new ways to work electronically. Recently, hacker has taken on a new meaning someone who maliciously breaks into systems for personal gain. Technically, these criminals are crackers (criminal hackers). Crackers break into (crack) systems with malicious intent. They are out for personal gain: fame, profit, and even revenge. They modify, delete, and steal critical information, often making other people miserable.
  • 3. The good-guy (white-hat) hackers dont like being in the same category as the bad-guy (black-hat) hackers. (These terms come from Western movies where the good guys wore white cowboy hats and the bad guys wore black cowboy hats.) Whatever the case, most people give hacker a negative connotation. Hackers (or bad guys) try to compromise computers. Ethical hackers (or good guys) protect computers against illicit(illegal) entry.
  • 4. Ethical Hacking Ethical hacking also known as penetration testing or white-hat hacking involves the same tools, tricks, and techniques that hackers use, but with one major difference: Ethical hacking is legal. Ethical hacking is performed with the targets permission. The intent of ethical hacking is to discover vulnerabilities(quality) from a hackers viewpoint so systems can be better secured. Its part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors claims about the security of their products are legitimate(rule).
  • 5. Understanding the Need to Hack Your Own Systems To catch a thief, think like a thief. Thats the basis for ethical hacking. Your overall goals as an ethical hacker should be as follows: Hack your systems in a nondestructive fashion. Enumerate vulnerabilities and, if necessary, prove to upper management that vulnerabilities exist. Apply results to remove vulnerabilities and better secure your systems.
  • 6. UNDERSTANDING THE DANGERS YOUR SYSTEMS FACE TYPES OF ATTACKS Nontechnical attacks Physical attacks can include dumpster diving(Dumpster diving is a cyberattack where the attacker gets their hands on sensitive documents or data you carelessly threw into the trash bin) Network-infrastructure attacks Connecting into a network through a rogue modem(A rogue access point is a wireless access point that has been installed on a secure network without explicit authorization from a local network administrator, whether added by a well-meaning employee or by a malicious attacker.) attached to a computer behind a firewall Exploiting weaknesses in network transport mechanisms, such as TCP/IP and NetBIOS Flooding a network with too many requests, creating a denial of service (DoS) for legitimate requests Installing a network analyzer on a network and capturing every packet that travels across it, revealing confidential information in clear text Piggybacking (to use something that someone else has made or done in order to get an advantage)onto a network through an insecure 802.11b wireless configuration
  • 7. Understanding the Dangers Your Systems Face Operating-system attacks Exploiting specific protocol implementations Attacking built-in authentication systems Breaking file-system security Cracking passwords and encryption mechanisms
  • 8. Application and other specialized attacks Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) applications Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) applications are frequently attacked because most firewalls and other security mechanisms are configured to allow full access to these programs from the Internet. Malicious software (malware) includes viruses, worms, Trojan horses, and spyware. Malware clogs networks and takes down systems. Spam (junk e-mail) is wreaking havoc on system availability and storage space. And it can carry malware. Understanding the Dangers Your Systems Face
  • 9. Working ethically Respecting privacy Not crashing your systems Obeying the Ethical Hacking Commandments(RULE)
  • 10. THE ETHICAL HACKING PROCESS Formulating your plan Specific systems to be tested Risks that are involved When the tests are performed and your overall timeline How the tests are performed How much knowledge of the systems you have before you start testing What is done when a major vulnerability is discovered The specific deliverables
  • 11. THE ETHICAL HACKING PROCESS Selecting tools To crack passwords, you need a cracking tool such as LC4, John the Ripper, or pwdump. For an in-depth analysis of a Web application, a Web-application assessment tool (such as Whisker or WebInspect) is more appropriate than a network analyzer (such as Ethereal).
  • 12. open-source security tools: Nmap EtherPeek SuperScan QualysGuard WebInspect LC4 (formerly called L0phtcrack) LANguard Network Security Scanner Network Stumbler ToneLoc The Ethical Hacking Process
  • 13. other popular tools: Internet Scanner Ethereal Nessus Nikto Kismet THC-Scan THE ETHICAL HACKING PROCESS
  • 14. Characteristics In EH Tools Adequate documentation. Detailed reports on the discovered vulnerabilities, including how they may be exploited and fixed. Updates and support when needed. High-level reports that can be presented to managers or nontechie types. THE ETHICAL HACKING PROCESS
  • 15. Executing the plan Search the Internet for your organizations name, your computer and network system names, and your IP addresses. Narrow your scope, targeting the specific systems youre testing. Further narrow your focus with a more critical eye. Perform actual scans and other detailed tests on your systems. Perform the attacks, if thats what you choose to do.
  • 16. Evaluating results Assess your results to see what you uncovered, assuming that the vulnerabilities havent been made obvious before now. This is where knowledge counts. Evaluating the results and correlating the specific vulnerabilities(quality) discovered is a skill that gets better with experience. Youll end up knowing your systems as well as anyone else.
  • 17. CRACKING THE HACKER MINDSET What Youre Up Against The definition of hacker has transformed from harmless tinkerer to malicious criminal. Hackers often state that the general public misunderstands them, which is mostly true. Its easy to prejudge what you dont understand. Hackers can be classified by both their abilities and underlying motivations. Some are skilled, and their motivations are benign; theyre merely seeking more knowledge. At the other end of the spectrum, hackers with malicious intent seek some form of personal gain. Unfortunately, the negative aspects of hacking usually overshadow the positive aspects, resulting in the stereotyping.
  • 18. Who Hacks Script kiddies: Intermediate hackers: Elite hackers Cyberterrorists
  • 19. Why Hackers Hack Many hackers get a kick out of outsmarting corporate and government IT and security administrators. Some common hacker motives are revenge, basic bragging rights, curiosity, boredom, challenge, vandalism, theft for financial gain, sabotage, blackmail, extortion, and corporate espionage. Hackers often promote individualism or at least the decentralization of information
  • 20. Hacking continues to get easier for several reasons: Increasing use of networks and Internet connectivity Anonymity provided by computer systems working over the Internet Increasing number and availability of hacking tools Computer-savvy children Unlikelihood that hackers are investigated or prosecuted if caught
  • 21. Planning and Performing Attacks Some hackers prepare far in advance of a large attack. Other hackers usually, the inexperienced script kiddies act before they think things through
  • 22. Aspects Of Real-world Security The majority of systems that hackers want to attack arent managed properly. Most network and security administrators simply cant keep up with the deluge of new vulnerabilities. Information systems grow more complex every year. This is yet another reason why overburdened administrators find it difficult to know whats happening across the wire and on the hard drives of their systems.
  • 23. Hack attacks can be carried out slowly, making them hard to detect. Theyre frequently carried out after typical business hours often, in the middle of the night. Defenses are often weaker at night with less physical security and less intrusion monitoring when the typical network administrator (or security guard) is sleeping.
  • 24. Maintaining Anonymity Smart hackers want to be as low-key as possible. Covering their tracks is a priority. Hackers often remain anonymous by using one of the following techniques: Borrowed or stolen dial-up accounts from friends or previous employers Public computers at libraries, schools, or kiosks at the local mall Internet proxy servers or anonymizer services Anonymous or disposable e-mail accounts from free e-mail services Open e-mail relays Unsecured computers also called zombies at other organizations Workstations or servers on the victims own network
  • 25. DEVELOPING YOUR ETHICAL HACKING PLAN As an ethical hacker, you must plan your ethical hacking efforts before you start. A detailed plan doesnt mean that your testing must be elaborate. It just means that youre very clear and concise on whats done. Given the seriousness of ethical hacking, make this as structured a process as possible. Even if youre just testing a single Web application or workgroup of computers, its critical to establish your goals, define and document the scope of what youll be testing, determine your testing standards, and gather and familiarize yourself with the proper tools for the task.
  • 26. Getting Your Plan Approved Getting approval for ethical hacking is critical. First, obtain project sponsorship. This approval can come from your manager, an executive, a customer, or yourself (if youre the boss). Otherwise, your testing may be canceled suddenly, or someone can deny authorizing the tests. There can even be legal consequences for unauthorized hacking. Always make sure that what youre doing is known and visible at least to the decision-makers.
  • 27. Establishing Your Goals Define more specific goals. Align these goals with your business objectives. Create a specific schedule with start and end dates. These dates are critical components of your overall plan.
  • 28. The following questions can start the ball rolling Does ethical hacking support the mission of the business and its IT and security departments? What business goals are met by performing ethical hacking? These goals may include the following: Prepping for the internationally accepted security framework of ISO 17799 or a security seal such as SysTrust or WebTrust Meeting federal regulations Improving the companys image How will ethical hacking improve security, IT, and the general business? What information are you protecting?
  • 29. How much money, time, and effort are you and your organization willing to spend on ethical hacking? What specific deliverables will there be? What specific outcomes do you want? After you know your goals, When will you start your ethical hacking? Will your ethical hacking be blind, in which you know nothing about the systems youre testing, or a knowledge-based attack, in which youre given specific information about the systems youre testing such as IP addresses, hostnames, and even usernames and passwords?
  • 30. Will this testing be technical in nature or involve physical security assessments or even social engineering? Will you be part of a larger ethical hacking team, often called a tiger team or red team? Will you notify your customers of what youre doing? If so, how? How will you notify customers that the organization is taking steps to enhance the security of their information? What measurements can ensure that these efforts are paying off?
  • 31. Determining What Systems to Hack You probably dont want or need to assess the security of all your systems at the same time. You may decide which systems to test based on a high-level risk analysis, answering questions such as: What are your most critical systems? Which systems, if hacked, would cause the most trouble or the greatest losses? Which systems appear to be most vulnerable to attack? Which systems are not documented, are rarely administered, or are the ones you know the least about?
  • 32. The following list includes systems and applications that you may consider performing your hacking tests on: Routers Firewalls Network infrastructure as a whole Wireless access points and bridges Web, application, and database servers E-mail and file/print servers Workstations, laptops, and tablet PCs Mobile devices (such as PDAs and cell phones) that store confidential information Client and server operating systems Client and server applications, such as e-mail or other in-house systems
  • 33. Start with the most vulnerable systems, and consider the following factors: Where the computer or application resides on the network Which operating system and application(s) it runs The amount or type of critical information stored on it
  • 34. Creating Testing Standards When the tests are performed, along with the overall timeline? What tests are performed? How the tests are performed, and from where? How much knowledge of the systems you acquire in advance? What you do when a major vulnerability is discovered?
  • 35. Timing he practice of having a computer dial large numbers of telephone numbers in search of devices that can be exploited, such as fax machines or modems.(war dial) Password cracking is the process of using an application program to identify an unknown or forgotten password to a computer or network resource.
  • 36. Specific tests You may have been charged with performing a general penetration test, or you may want to perform specific tests, such as cracking passwords or war-dialing into a network. A good way to provide evidence of what was tested, when it was tested, and more is to enable logging on the systems youre testing.
  • 37. Blind versus knowledge assessments It may be good to have some knowledge of the systems youre testing, but its not required. The best approach is to plan on unlimited attacks, wherein any test is possible. A false sense of vigilance can be created if too many insiders know about your testing which can end up negating the hard work youre putting into this.
  • 38. Location The tests youre performing dictate where you must run them from. Your goal is to hack your systems from locations where malicious hackers can access the systems. You can perform some tests, such as password cracking and network- infrastructure assessments, from the comfort of your office inside the network. For your external hacks that require network connectivity, you may have tog o off-site (a good excuse to work from home) or use an external proxy server.
  • 39. Reacting to major exploits that you find Determine ahead of time whether youll stop or keep going when you find a critical security hole. Your manager or your customer may not ask you to, but I think its best to keep going to see what else you can discover. Im not saying to keep hacking until the end of time or until you crash all your systems.
  • 40. Silly assumptions Computers, networks, and people are available when youre testing. You have all the proper hacking tools. The hacking tools youre using wont crash your systems. Your hacking tools actually work. You know all the risks of your tests.
  • 41. Selecting Tools The required security-assessment tools (hacking tools) depend on the tests youre running. You can perform some ethical hacking tests with a pair of sneakers, a telephone, and a basic workstation on the network. However, comprehensive testing is easier with hacking tools.
  • 42. Opensource security tools: @stake L0phtcrack (now called LC4) Ethereal Foundstone SuperScan Qualys QualysGuard GFI LANguard Network Security Scanner John the Ripper Network Stumbler Nessus Nikto Nmap Pwdump2 SPI Dynamics WebInspect THC-RUT ToneLoc Wellenreiter WildPackets EtherPeek and AiroPeek
  • 43. Characteristics In The Tools You Select For Ethical Hacking: Adequate documentation. Detailed reports on the vulnerabilities, including how they may be exploited and fixed. Updates and support when needed. High-level reports that can be presented to managers or other non- techie types.
  • 44. HACKING METHODOLOGY Setting the Stage Track what worked in previous tests and why. Help prove that you didnt maliciously hack the systems. Correlate your testing with intrusion-detection systems and other log files if questions arise.
  • 45. If youre performing ethical hacking for a customer, you may go the blind assessment route and start with just the company name and no other information that gives you a leg up, such as: IP addresses Host names Software versions Firewall rules Phone numbers Employee names
  • 46. Seeing What Others See Start by using a Web browser to search the Web for information about your organization. Discover more-specific information about your systems from a hackers viewpoint. You can determine this information by running network scans, probing ports, and assessing vulnerability.
  • 47. Gathering public information Web search Employee names and contact info Important company dates Incorporation filings for private companies SEC filings for public companies Press releases on moves, organizational changes, and new products Mergers and acquisitions Patents and trademarks Presentations, articles, and Webcasts
  • 48. With Google, you can search the Internet several ways: By typing keywords By performing more advanced Web searches By using switches to dig deeper into a Web site Web crawling The Web site layout and configuration offline. The HTML source code of Web pages. Comment fields.
  • 49. Web sites Government and business Web sites: www.hoovers.com and finance.yahoo.com for detailed information about public companies www.sec.gov/edgar.shtml for SEC filings on public companies www.uspto.gov for patent and trademark registrations Background checks through companies such as ChoicePoint (www.choicepoint.com) and USSearch (www.ussearch.com)
  • 50. Mapping the network Who is The best starting point is to perform a Whois lookup by using any one of the Whois tools available on the Internet. Whois is the tool youve most likely used to check whether a particular Internet domain name is available.
  • 51. The following list runs down various lookup sites for other categories Government: whois.nic.gov Military: whois.nic.mil AfriNIC: www.afrinic.org (emerging Regional Internet Registry for Africa) APNIC: www.apnic.net/search/index.html (Regional Internet Registry for the Asia Pacific Region) ARIN: www.arin.net/whois/index.html (Regional Internet Registry for North America, a portion of the Caribbean, and subequatorial Africa) LACNIC: Latin American and Caribbean Internet Addresses Registry www.lacnic.net RIPE Network Coordination Centre: www.ripe.net/db/whois/whois.html (Europe, Central
  • 52. Google Groups The Google Groups at groups.google.com can reveal surprising public network information. Search for such information as your hostnames, IP addresses, and usernames. You can search hundreds of millions of Usenet posts back to 1981 for public and often very private information.
  • 53. Scanning Systems Use the information provided by your Whois lookups and start testing other closely related IP addresses and host names. Scan your internal hosts Hosts The basic ping utility thats built into your operating system A third-party utility that allows you to ping multiple addresses at the same time, such as SuperScan (www.foundstone.com) and NetScanTools Pro (www.netscantools.com) for Windows and fping for UNIX (which allows you to ping more than one address)
  • 54. Modems and open ports Check for unsecured modems with war-dialing software, such as ToneLoc, PhoneSweep, and THC-Scan. Scan network ports with SuperScan or Nmap (www.insecure.org/nmap). You can use a happy-clicky-GUI version made for Windows called NMapWin, Listen to network traffic with a network analyzer such as Ethereal. I cover this topic in various chapters throughout the book.
  • 55. Determining Whats Running on Open Ports Protocols in use, such as IP, IPX, and NetBEUI Services running on the hosts, such as e-mail and database applications Available remote-access services, such as Windows Terminal Services and Secure Shell (SSH) VPN services, such as PPTP, SSL, and IPSec Required authentication for network shares
  • 56. Assessing Vulnerabilities Common Vulnerabilities and Exposures (cve.mitre.org/cve) CERT/CC Vulnerability Notes Database (www.kb.cert.org/vuls) NIST ICAT Metabase (icat.nist.gov/icat.cfm)
  • 57. Penetrating the System Gain further information about the host and its data. Start or stop certain services or applications. Access other systems. Disable logging or other security controls. Capture screen shots. Install such hacker tools as rootkits (hacker programs that masquerade as legitimate OS programs) and network analyzers for later backdoor entry. Capture keystrokes. Send an e-mail as the administrator. Perform a buffer-overflow attack. Launch another type of DoS attack. Upload a file proving your victory.
AboutCopyright
息 2025 際際滷