Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Introduction to the Basics

Published byAllyson York Modified over 6 years ago

Similar presentations

Presentation on theme: "An Introduction to the Basics"— Presentation transcript:

1 An Introduction to the Basics
Pre An Introduction to the Basics

2 Modes of Ethical Hacking
Insider attack Outsider attack Stolen equipment attack Physical entry Bypassed authentication attack Social engineering attack

3

4 The Attacker’s Process

5 The Attacker’s Process
Performing Reconnaissance Scanning and enumeration Gaining access Escalation of privilege Maintaining access Covering tracks and placing backdoors

6

7 Performing Reconnaissance
Systematic attempt to locate, gather, identify, and record information about the target. First step is passive information gathering.

8

9 Passive Info Gathering
Google is your friend!!! Corporate Web Site Job Listings WHOIS/DNS/nslookup Analog/Digital Surveillance Public Records Dumpster Diving for Fun and Profit Social Engineering

10

11 Wikto and Spud

12 http://serversniff.com visual ip trace http://centralops.net

13

14 Macrosoft E-mail Spider
Goog-mail.py

15

16 Nifty Google Search Stuff
MySQL Dumps mysql dump filetype:sql RedHat Config Files # kickstart filetype:cfg Allinurl: tsweb site:.edu

17

18

19

20

21

22

23 Scanning and Enumeration
Considered the second pre-attack phase. Scanning is the active step of attempting to connect to systems to elicit a response. Enumeration is used to gather more in-depth information about the target, such as open shares and user account information.

24

25

26

27

28

29

30 http://www.irongeek.com - nmap tutorials

31

32

Download ppt "An Introduction to the Basics"

Similar presentations

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Introduction to Ethical Hacking, Ethics, and Legality.

Introduction to Ethical Hacking, Ethics, and Legality.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.

Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.
Forces that Have Brought the world to it’s knees over the centuries.

Forces that Have Brought the world to it’s knees over the centuries.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.

 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.
Resources. Overview Problem Report WebCT Faculty & Student Support Searching.

Resources. Overview Problem Report WebCT Faculty & Student Support Searching.
Chapter 1 Introduction. Art of War  If you know the enemy and know yourself, you need not fear the result of a hundred battles.  If you know yourself.

Chapter 1 Introduction. Art of War  If you know the enemy and know yourself, you need not fear the result of a hundred battles.  If you know yourself.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Authorization and Policy. Is principal P permitted to perform action A on object O? – Authorization system will provide yes/no answer Authorization.

Authorization and Policy. Is principal P permitted to perform action A on object O? – Authorization system will provide yes/no answer Authorization.
The Business of Penetration Testing

The Business of Penetration Testing
Penetration Testing.

Penetration Testing.
Sam Cook April 18, 2013. Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
Performing a Penetration Test.  Penetration Tester  Attempts to reveal potential consequences of a real attack  Security Audit / Vulnerability Assessment.

Performing a Penetration Test.  Penetration Tester  Attempts to reveal potential consequences of a real attack  Security Audit / Vulnerability Assessment.
13Computer Intrusions Dr. John P. Abraham Professor UTPA.

13Computer Intrusions Dr. John P. Abraham Professor UTPA.
Www.TASK.to GOOGLE HACKING FOR PENETRATION TESTERS Chris Chromiak SentryMetrics March 27 th, 2007.

GOOGLE HACKING FOR PENETRATION TESTERS Chris Chromiak SentryMetrics March 27 th, 2007.
Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind.

Network Security Kevin Diep. Outline The five phrases of network penetration How to prevent exploitations and network vulnerability Ethical issues behind.
Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.

Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.
CIS 450 – Network Security Chapter 3 – Information Gathering.

CIS 450 – Network Security Chapter 3 – Information Gathering.

Similar presentations

Ads by Google