1 / 13

The Complete Break-in

The Complete Break-in. Agenda. Famous Break-ins Anatomy of a break-in Steps taken in lab Easy Break-in using Knoppix STD. Famous Breakins.

ziazan
Download Presentation

The Complete Break-in

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Complete Break-in

  2. Agenda • Famous Break-ins • Anatomy of a break-in • Steps taken in lab • Easy Break-in using Knoppix STD ECE 4112 - Internetwork Security

  3. Famous Breakins • 1995 – Vladimir Levin, a graduate of St. Petersburg Teknologichesky University, convinced Citibank’s computers to transfer $10 million dollars from its accounts to his. Interpol caught him soon after and Citibank got most of the money back. • 1995 – FBI catch Kevin Mitnick. First person charged with gaining access to an interstate computer network for criminal purposes. Charged with stealing at least $1 million worth of sensitive project data from computer systems and remotely controlling New York and California’s telephone switching hubs. ECE 4112 - Internetwork Security

  4. Famous Breakins • 1990 – Kevin Poulsen took over all telephone lines going into Los Angeles area radio station KIIS-FM, assuring that he would be the 102nd caller. Poulsen won a Porsche 944 S2 for his efforts. ECE 4112 - Internetwork Security

  5. Anatomy of a break-in • Reconnaissance • Gaining vital information about a company that is publicly available • Scanning • Network Mapping • Port Mapping • Operating System Detection • Vulnerability Assessment • Penetration • Gaining access to the system using existing vulnerabilities • Privilege escalation if needed ECE 4112 - Internetwork Security

  6. Anatomy of a break-in • Pillaging • Installation of attackers programs • Stealing of important information • Covering Tracks • Cleaning of log files ECE 4112 - Internetwork Security

  7. Reconnaissance • Assume this has already been done and the target has been chosen. ECE 4112 - Internetwork Security

  8. Scanning • Use nmap to scan the target. • Learn what ports are open, what operating system is in use, and assess vulnerabilities ECE 4112 - Internetwork Security

  9. Penetration • Use a known vulnerability to gain access to the system. • Imap server is susceptible to buffer overflow • Vulnerability already grants root access so no privilege escalation is needed. ECE 4112 - Internetwork Security

  10. Pillaging • Lrk4 rootkit installation • Knark kernel level rootkit used to direct /bin/login to the lrk4 login ECE 4112 - Internetwork Security

  11. Covering Tracks • Cleaning of log files ECE 4112 - Internetwork Security

  12. Forensics • Use Penguin Sleuth Kit to aid in analysis and correction of the victim machine. ECE 4112 - Internetwork Security

  13. Easy Break-in using Knoppix • Access to password file using Knoppix ECE 4112 - Internetwork Security

More Related