Hacking-Over the years Presented by Praveen Desani Overview: Importance of security. Hacking. Methodologies. Motives. Importance of Security: Computers and internet are becoming pervasive. Consequence of being online.
Importance of security.
Computers and internet are becoming pervasive.
Consequence of being online.
It has become a part of product design, developing and deployment.
There are even organizations which provide “Security as a service”
We need to know how computer attacks are performed.
Modification of a program/device to give user access to features that were otherwise unavailable to them.
Its usually a technical activity.
usually internal employees eg., booting with floppy or taking the system part physically
low level privilages
Exploit un-patched security vulnerabilities.
Valid account names/Cracking weak passwords
Exploiting common security vulnerabilities (buffer overflow).
During all these procedures, Network traffice would look normal.
1. Foot printing.
Getting complete profile and security arrangements
Information of interest including the technology the use (like internet, intranet, remote access)
Security policies and procedures.
2. Network Enumeration.
Attacker tries to find out domain names and associated Networks related.
3. DNS Interrogation.
After NE is done , query the DNS.
Revealing info about the organizations.
Zone Transfer Mechanism.
Leak of private DNS information.
Identifying the potential target.
Try to map network topologies and identify paths.
Eg: trace route program
Knocking the walls.
Which systems are alive and reachable?
Ping sweeps, port scans, automatic discovery tools.
At this point IDS warns, but not yet attacked.
1. Acquiring passwords.
2. Clear Text Sniffing.
There is no encryption of passwords with protocols like telnet, FTP, HTTP.
Easy for attackers to eavesdrop using network protocol analyzers to obtain password.
3. Encryption sniffing.
How about encrypted passwords?
Decryption using dictionary, brute force attack
No need to decrypt.
Reprogram the client software.
5. Password file stealing.
/etc/passwd in Unix
SAM in WinNT
Steal these files and run cracking programs.
Usage of long and difficult to guess passwords.
Attackers with physical access.
Cracking techniques that rely on weakness in users
ie., admin, operators.
Calling up systems operator posing as a field service technician with urgent access problem.
8. Software Bugs.
Vulnerabilities brought by bugs in S/W
Buffer overflow are found by
buffer vulnerabilities on certain programs.
Searching for these bugs directly.
Examining every place the program prompts for input and trying to overflow it with random data.
Does it help? Yes…
Developing more efficient ways to protect the system.
49% -- discovery learning, challenge, knowledge and pleasure
24% -- recognition, excitement
(of doing something illegal)
27% -- self-gratification, addiction, espionage, theft and profit.
Addiction and curiosity.
Talented techies, programmers and Scientists
(mostly from MIT )
Forward thinking to recognize the potential of computer niche.
Young people who used PC and entertainment value of PC and began developing games(illegal copying,cracking the copy right protection)
Claim that motivation was curiosity/hunger for knowledge.
Focusing on securing IT systems.
Have clearly defined code of ethics.
Improve discovered security breaches.
no personnel gain, no malicious intentions.
testing and monitoring.
Black Hat :
crackers/they are criminals.
maintain knowledge of vulnerabilities.
Doesn’t reveal to general public/manufacturing for corrections.
Intrinsically and Globally imperfect.
There are many holes(not just technical ones)
They also stem from bad-security practices and procedures.
Educating the users, Security Administrators
Securing the Environment
Whom to blame?
Who should be liable?
Should government step in and regulate?
Is it upto the individual computer users and companies to stay on top of technology?
Should we blame the software industry for selling insecure products?
Lack of liability?
Building a security product with no liability is of no use.
There are different rules and regulations in the situation of drug release.
But Are there any regulations and rules in a Software Release??