Ethical Hacking Prince Singh Varanasi

Slides:



Advertisements
Similar presentations
ETHICAL HACKING A LICENCE TO HACK
Advertisements

Introduction to Ethical Hacking, Ethics, and Legality.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
System Security Scanning and Discovery Chapter 14.
What is hacking? Taeho Oh
Forces that Have Brought the world to it’s knees over the centuries.
Ethical Hacking Adapted from Zephyr Gauray’s slides found here: And from Achyut Paudel’s.
Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Network Security Testing Techniques Presented By:- Sachin Vador.
1 Colorado University Guest Lecture: Vulnerability Assessment Chris Triolo Spring 2007.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
ETHICAL HACKING ETHICAL HACKING A LICENCE TO HACK Submitted By: Usha Kalkal M.Tech(1 st Sem) Information technology.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 4 Finding Network Vulnerabilities By Whitman, Mattord, & Austin© 2008 Course Technology.
Honeypot and Intrusion Detection System
Software Security Testing Vinay Srinivasan cell:
CIS 450 – Network Security Chapter 3 – Information Gathering.
Lesson 5 Knowing the Threat. Unauthorized use of Computer Systems 2000 CSI/FBI Survey Trend.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Information Systems Security Operations Security Domain #9.
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
1 Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise your system.
Ethical Hacking KaaShiv InfoTech For Inplant Training / Internship, please download the "Inplant training registration form" from our website
Ethical Hacking KaaShiv InfoTech For Inplant Training / Internship, please download the "Inplant training registration form" from our website
KaaShiv InfoTech Ethical Hacking For Inplant Training / I nternship, please download th e "Inplant training registration form" fr om our website
Understand Malware LESSON Security Fundamentals.
Ethical Hacking Keith Brooks CIO and Director of Services
Web Security Introduction to Ethical Hacking, Ethics, and Legality.
Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.
Computer Security Sample security policy Dr Alexei Vernitski.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Filip Chytrý Everyone of you in here can help us improve online security....
General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.
PRESENTED BY : Bhupendra Singh
Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
Network security Vlasov Illia
Botnets A collection of compromised machines
Topic 5 Penetration Testing 滲透測試
Seminar On Ethical Hacking Submitted To: Submitted By:
Computer Security and Ethical Hacking
Chapter 15: Security.
Working at a Small-to-Medium Business or ISP – Chapter 8
Chapter 7: Identifying Advanced Attacks
Footprinting and Scanning
Instructor Materials Chapter 7 Network Security
Backdoor Attacks.
Secure Software Confidentiality Integrity Data Security Authentication
The Security Problem Security must consider external environment of the system, and protect it from: unauthorized access. malicious modification or destruction.
Answer the questions to reveal the blocks and guess the picture.
Footprinting and Scanning
Botnets A collection of compromised machines
Teaching Computing to GCSE
Security in Networking
Faculty of Science IT Department By Raz Dara MA.
Security.
Securing Windows 7 Lesson 10.
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
Computer Security By: Muhammed Anwar.
How hackers do it Ron Woerner Security Administrator CSG Systems, Inc.
WJEC GCSE Computer Science
Operating System Concepts
Test 3 review FTP & Cybersecurity
6. Application Software Security
Presentation transcript:

Ethical Hacking Prince Singh Varanasi Priashishsingh@gmail.com Site- Prince1020.wordpress.com/ps

“How often have I said to you that when you have eliminated the impossible, whatever remains, however improbable, must be the truth? “ Or a modern variation: "If you eliminate the impossible, whatever remains, however improbable, must be the truth." 2nd Quote is from Spock in Star Trek (2009) but really from Sir Arthur Conan Doyle’s infamous Detective, Sherlock Holmes as seen above

Anonymous As for the literal operation of Anonymous, becoming part of it is as simple as going onto its Internet Relay Chat forums and typing away. The real-life people involved in Anonymous could be behind their laptops anywhere, from an Internet café in Malaysia to a Michigan suburb. Anonymous appears to have no spokesperson or leader. One could participate for a minute or a day in a chat room, and then never go back again. Anonymous is the future form of Internet-based social activism. They laud the "hactivists" for their actions.

Underground Toolkit Arms Hackers For Java Flaw By Antone Gonsalves, CRN March 29, 2012 3:57 PM ET A software toolkit popular among cyber-criminals has been updated to include malicious code targeting a critical Java vulnerability that experts say many Internet users have yet to patch. … A patch for the Java bug was released in February, but based on the Java patching behavior of 28 million Internet users, Rapid7 estimates that from 60 percent to 80 percent of computers running Java are vulnerable. The bug affects all operating systems, including Windows, starting with XP, Ubuntu and Mac OS X. In general, up to 60 percent of Java installations are never updated to the latest version, according to Rapid7. http://www.crn.com/news/security/232700528/underground-toolkit-arms-hackers-for-java-flaw.htm;jsessionid=aN-QwyraKe6tlMxNtzWh5A**.ecappj03?cid=nl_sec

Federal Statute 2B1.1. - Protected Computer - Civil Penalty Protected Computer Cases.--In the case of an offense involving unlawfully accessing, or exceeding authorized access to, a "protected computer" as defined in 18 U.S.C. § 1030(e)(2), actual loss includes the following pecuniary harm, regardless of whether such pecuniary harm was reasonably foreseeable: reasonable costs to the victim of conducting a damage assessment, and restoring the system and data to their condition prior to the offense, and any lost revenue due to interruption of service. (B) Gain.--The court shall use the gain that resulted from the offense as an alternative measure of loss only if there is a loss but it reasonably cannot be determined. (C) Estimation of Loss.--The court need only make a reasonable estimate of the loss. The sentencing judge is in a unique position to assess the evidence and estimate the loss based upon that evidence.

Why Do People Hack To make security stronger ( Ethical Hacking ) Just for fun Show off Hack other systems secretly Notify many people their thought Steal important information Destroy enemy’s computer network during the war

What is Ethical Hacking Also Called – Attack & Penetration Testing, White-hat hacking, Red teaming It is Legal Permission is obtained from the target Part of an overall security program Identify vulnerabilities visible from the Internet Ethical hackers possesses same skills, mindset and tools of a hacker but the attacks are done in a non-destructive manner Hacking Process of breaking into systems for: Personal or Commercial Gains Malicious Intent – Causing sever damage to Information & Assets Conforming to accepted professional standards of conduct Red teaming – used for the first time by US government for testing its systems early 90’s Black & white hat terminology comes from the Hollywood movies where good guys wear white hats and bad guys wear black hats 7

Types of Hackers White Hat Hackers: A White Hat who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems. Black Hat Hackers: A Black Hat is the villain or bad guy, especially in a western movie in which such a character would stereotypically wear a black hat in contrast to the hero's white hat. Gray Hat Hackers: A Grey Hat, in the hacking community, refers to a skilled hacker whose activities fall somewhere between white and black hat hackers on a variety of spectra

Why Can’t We Defend Against Hackers? There are many unknown security hole Hackers need to know only one security hole to hack the system Admin need to know all security holes to defend the system

Protection from possible External Attacks Why Do We Need Ethical Hacking Protection from possible External Attacks Viruses, Trojan Horses, and Worms Social Engineering Automated Attacks Accidental Breaches in Security Denial of Service (DoS) Organizational Restricted Data

Ethical Hacking - Commandments Working Ethically Trustworthiness Misuse for personal gain Respecting Privacy Not Crashing the Systems

What do hackers do after hacking? (1) Patch security hole The other hackers can’t intrude Clear logs and hide themselves Install rootkit ( backdoor ) The hacker who hacked the system can use the system later It contains trojan virus, and so on Install irc related program identd, irc, bitchx, eggdrop, bnc

What do hackers do after hacking? (2) Install scanner program mscan, sscan, nmap Install exploit program Install denial of service program Use all of installed programs silently

Basic Knowledge Required The basic knowledge that an Ethical Hacker should have about different fields, is as follows: Should have basic knowledge of ethical and permissible issues Should have primary level knowledge of session hijacking Should know about hacking wireless networks Should be good in sniffing Should know how to handle virus and worms Should have the basic knowledge of cryptography Should have the basic knowledge of accounts administration Should know how to perform system hacking

Basic Knowledge Required (con’t) Should have the knowledge of physical infrastructure hacking Should have the primary knowledge of social engineering Should know to how to do sacking of web servers Should have the basic knowledge of web application weakness Should have the knowledge of web based password breaking procedure Should have the basic knowledge of SQL injection Should know how to hack Linux Should have the knowledge of IP hacking Should have the knowledge of application hacking

Denial of Service If an attacker is unsuccessful in gaining access, they may use readily available exploit code to disable a target as a last resort Techniques SYN flood ICMP techniques Identical SYN requests Overlapping fragment/offset bugs Out of bounds TCP options (OOB) DDoS

How Can We Protect The System? Patch security hole often Encrypt important data Ex) pgp, ssh Do not run unused daemon Remove unused setuid/setgid program Setup loghost Backup the system often Setup firewall Setup IDS Ex) snort

What should do after hacked? Shutdown the system Or turn off the system Separate the system from network Restore the system with the backup Or reinstall all programs Connect the system to the network

Many topics of hacking still remain to be covered and there are more slides in this presentation for your review later. Thank You !!!

Ethical Hacking - Process Preparation Foot Printing Enumeration & Fingerprinting Identification of Vulnerabilities Attack – Exploit the Vulnerabilities Gaining Access Escalating Privilege Covering Tracks Creating Back Doors

1.Preparation Identification of Targets – company websites, mail servers, extranets, etc. Signing of Contract Agreement on protection against any legal issues Contracts to clearly specifies the limits and dangers of the test Specifics on Denial of Service Tests, Social Engineering, etc. Time window for Attacks Total time for the testing Prior Knowledge of the systems Key people who are made aware of the testing

2.Footprinting Collecting as much information about the target DNS Servers IP Ranges Administrative Contacts Problems revealed by administrators Information Sources Search engines Forums Databases – whois, ripe, arin, apnic Tools – PING, whois, Traceroute, DIG, nslookup, sam spade

3.Enumeration & Fingerprinting Specific targets determined Identification of Services / open ports Operating System Enumeration Methods Banner grabbing Responses to various protocol (ICMP &TCP) commands Port / Service Scans – TCP Connect, TCP SYN, TCP FIN, etc. Tools Nmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh, telnet, SNMP Scanner

4.Identification of Vulnerabilities Insecure Configuration Weak passwords Unpatched vulnerabilities in services, Operating systems, applications Possible Vulnerabilities in Services, Operating Systems Insecure programming Weak Access Control

4.Identification of Vulnerabilities Methods Unpatched / Possible Vulnerabilities – Tools, Vulnerability information Websites Weak Passwords – Default Passwords, Brute force, Social Engineering, Listening to Traffic Insecure Programming – SQL Injection, Listening to Traffic Weak Access Control – Using the Application Logic, SQL Injection

4.Identification of Vulnerabilities Tools Vulnerability Scanners - Nessus, ISS, SARA, SAINT Listening to Traffic – Ethercap, tcpdump Password Crackers – John the ripper, LC4, Pwdump Intercepting Web Traffic – Achilles, Whisker, Legion Websites Common Vulnerabilities & Exposures – http://cve.mitre.org Bugtraq – www.securityfocus.com Other Vendor Websites

5.Attack – Exploit the Vulnerabilities Obtain as much information (trophies) from the Target Asset Gaining Normal Access Escalation of privileges Obtaining access to other connected systems Last Ditch Effort – Denial of Service

5.Attack – Exploit the Vulnerabilities Network Infrastructure Attacks Connecting to the network through modem Weaknesses in TCP / IP, NetBIOS Flooding the network to cause DOS Operating System Attacks Attacking Authentication Systems Exploiting Protocol Implementations Exploiting Insecure configuration Breaking File-System Security

5.Attack – Exploit the Vulnerabilities Application Specific Attacks Exploiting implementations of HTTP, SMTP protocols Gaining access to application Databases SQL Injection Spamming

5.Attack – Exploit the Vulnerabilities Exploits Free exploits from Hacker Websites Customised free exploits Internally Developed Tools – Nessus, Metasploit Framework,

6. Gaining access: Enough data has been gathered at this point to make an informed attempt to access the target Techniques Password eavesdropping File share brute forcing Password file grab Buffer overflows

7. Escalating Privileges If only user-level access was obtained in the last step, the attacker will now seek to gain complete control of the system Techniques Password cracking Known exploits

8. Covering Tracks Once total ownership of the target is secured, hiding this fact from system administrators becomes paramount, lest they quickly end the romp. Techniques Clear logs Hide tools

9. Creating Back Doors Trap doors will be laid in various parts of the system to ensure that privileged access is easily regained at the whim of the intruder Techniques Create rogue user accounts Schedule batch jobs Infect startup files Plant remote control services Install monitoring mechanisms Replace apps with trojans