Filip Chytrý Everyone of you in here can help us improve online security....

Slides:



Advertisements
Similar presentations
ETHICAL HACKING.
Advertisements

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Introduction to Ethical Hacking, Ethics, and Legality.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod5_L1 1 Implementing Secure Converged Wide Area Networks (ISCW)
CS682- Network Management and Security Prof. Katz.
Cryptography and Network Security Chapter 20 Intruders
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Forces that Have Brought the world to it’s knees over the centuries.
Ethical Hacking Adapted from Zephyr Gauray’s slides found here: And from Achyut Paudel’s.
Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Ethical Hacking by Shivam.
Network Security Testing Techniques Presented By:- Sachin Vador.
Hacking and Network Defense. Introduction  With the media attention covering security breaches at even the most tightly controlled organization, it is.
Computer Security and Penetration Testing
Penetration Testing Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802
Penetration Testing.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
ETHICAL HACKING ETHICAL HACKING A LICENCE TO HACK Submitted By: Usha Kalkal M.Tech(1 st Sem) Information technology.
Lecture 18 HACKING (CONTINUED). WHY DO PEOPLE HACK ?  JUST FOR FUN.  SHOW OF THEIR KNOWLEDGE.  HACK OTHER SYSTEM SECRETLY.  DESTROY ENEMY’S COMPUTER.
Hacking Windows Justin Bell Department of Computer Science University of Wisconsin, Platteville
 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
Honeypot and Intrusion Detection System
CIS 450 – Network Security Chapter 3 – Information Gathering.
COEN 350 Security Threats. Network Based Exploits Phases of an Attack  Reconnaissance  Scanning  Gaining Access  Expanding Access  Covering Tracks.
1.2 Security. Computer security is a branch of technology known as information security, it is applied to computers and networks. It is used to protect.
Lesson 5 Knowing the Threat. Unauthorized use of Computer Systems 2000 CSI/FBI Survey Trend.
Information Systems Security Operations Security Domain #9.
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
AASSA Conference 2012 Quito, Ecuador March 16 th 2012 All the rights reserved.Instructor: Francisco Bolaños, Ing. InterAmerican Academy Ethical Hacking.
System Hacking Active System Intrusion. Aspects of System Hacking System password guessing Password cracking Key loggers Eavesdropping Sniffers Man in.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
INTRUDERS BY VISHAKHA RAUT TE COMP OUTLINE INTRODUCTION TYPES OF INTRUDERS INTRUDER BEHAVIOR PATTERNS INTRUSION TECHNIQUES QUESTIONS ON INTRUDERS.
Cisco Router Hacking Group 8 Vernon Guishard Kelvin Aguebor ECE 4112.
1 cs591 chow Hacking Methodology (Steps) An excellent description inside of the back cover page of “Hacking Exposed” text by McClure et al. Scanning Footprinting.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.
COEN 250 Security Threats. Network Based Exploits Phases of an Attack Reconnaissance Scanning Gaining Access Expanding Access Covering Tracks.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
Ethical Hacking KaaShiv InfoTech For Inplant Training / Internship, please download the "Inplant training registration form" from our website
Ethical Hacking KaaShiv InfoTech For Inplant Training / Internship, please download the "Inplant training registration form" from our website
Ethical Hacking License to hack. OVERVIEW Ethical Hacking ? Why do ethical hackers hack? Ethical Hacking - Process Reporting Keeping It Legal.
Footprinting and Scanning
Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
Ethical Hacking Keith Brooks CIO and Director of Services
Web Security Introduction to Ethical Hacking, Ethics, and Legality.
 Terms:  “Security”: is a system’s ability to provide services while maintaining the five IA pillars  “Attack”: an action that violates one of the.
 Computer Network Attack  “… actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers.
Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Hacking Windows.
Topic 5 Penetration Testing 滲透測試
Seminar On Ethical Hacking Submitted To: Submitted By:
Computer Security and Ethical Hacking
Footprinting and Scanning
Ethical Hacking Prince Singh Varanasi
Common Operating System Exploits
Footprinting and Scanning
Network Security and Monitoring
The Internet of Unsecure Things
Learning objectives By the end of this unit you should: Explain
Game Mark Shtern.
How hackers do it Ron Woerner Security Administrator CSG Systems, Inc.
Intrusion.
EVAPI - Enumeration Auburn Hacking club
Presentation transcript:

Filip Chytrý

Everyone of you in here can help us improve online security....

Let's start with terminology.... Hacker The person who hack Cracker System intruder /destroyer

Why do people hack? To make security stronger ( Ethical Hacking ) Steal important information Destroy enemy’s computer network Just for fun!

Hackers need to know only one security hole to hack the system vs. Admin need to know all security holes to defend the system

9 steps of white hacking....

1. Preparation Identification of Targets Signing of Contract Specific attacks Time window Prior Knowledge of the systems Key people

2. Footprinting Collecting as much information about the target... Search engines Forums Databases – whois, ripe, arin, apnic Tools – PING, whois, Traceroute, DIG, nslookup

3. Enumeration & Fingerprinting Identification of Services / open ports Operating System Enumeration Banner grabbing Responses to various protocol (ICMP &TCP) commands Port / Service Scans – TCP Connect, TCP SYN, TCP FIN

4. Identification of Vulnerabilities Social engeneering Insecure Configuration Unpatched vulnerabilities Brute force

5. Attack – Exploit the Vulnerabilities Network Infrastructure Attacks Operating System Attacks Application Specific Attacks Exploits

6. Gaining access Enough data has been gathered at this point to make successful access/intrusion to the target Techniques Password eavesdropping Password file grab Buffer overflows

7. Escalating Privileges If only user-level access was obtained in the last step, the attacker will now seek to gain complete control of the system Techniques Password cracking Known exploits

8. Covering Tracks Once total ownership of the target is secured, hiding this fact from system administrators becomes priority. Otherwise there will be no long term fun! Techniques Clear logs Hide tools

9. Creating Back Doors Trap doors will be laid in various parts of the system to ensure that privileged access is easily gained Techniques Infect startup files Plant remote control services Replace apps with trojans

How many attacks you can expect in Czech republic within 24 hours?

MOBILE DIVECES IoT DEVICES (*source IDC) IoT DEVICES (*source Cisco) 212 B Connected devices by B 50 B 212 B 1.2 per person MOBILE DEVICES 6.6 per person IoT DEVICES 27.9 per person IoT DEVICES

90% of devices collecting one piece of personal information IoT Six out of ten devices are vulnerable to known attack 60% of devices using unencrypted network 50% of devices using unsecure way to storing data

It´s almost impossible for one solution to protect them all…

IoT vs IIoT

Seculu.com/sign

Filip Chytrý seculu.com

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.