ethical hacking a licence to hack n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
ETHICAL HACKING A LICENCE TO HACK PowerPoint Presentation
Download Presentation
ETHICAL HACKING A LICENCE TO HACK

Loading in 2 Seconds...

play fullscreen
1 / 26

ETHICAL HACKING A LICENCE TO HACK - PowerPoint PPT Presentation


  • 108 Views
  • Uploaded on

ETHICAL HACKING A LICENCE TO HACK. Submitted By: Usha Kalkal M.Tech (1 st Sem ) Information technology . NEED OF ETHICAL HACKING.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'ETHICAL HACKING A LICENCE TO HACK' - ronald


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
ethical hacking a licence to hack

ETHICAL HACKINGA LICENCE TO HACK

Submitted By:

UshaKalkal

M.Tech(1stSem)

Information technology

need of ethical hacking
NEED OF ETHICAL HACKING
  • Companies are worried about the possibility of being “hacked” and potential customers are worried about maintaining control of personal information.
  • Ethical Hacking is not an automated hacker program rather it is an audit that both identifies the vulnerabilities of a system and provide advice on how to eliminate them.
  • To catch a thief ,think like a thief.
who is a hacker
WHO IS A HACKER
  • A Person who enjoys learning the details of computer systems and how to stretch their capabilities.
  • One who program enthusiastically.
  • Enjoys programming rather than just theorizing about it.
kind of hackers
Kind of Hackers
  • Old School Hackers:1960s style Stanford or MIT hackers. Do not have malicious intent, but do have lack of concern for privacy and proprietary information. They believe the Internet was designed to be an open system.
  • Script Kiddies or Cyber-criminals:Between 12-30; bored in school; get caught due to bragging online; intent is to vandalize or disrupt systems.
  • Professional Criminals or Crackers:Make a living by breaking into systems and selling the information.
  • Coders and Virus Writers:See themselves as an elite; programming background and write code but won’t use it themselves; have their own networks called “zoos”; leave it to others to release their code into “The Wild” or Internet.
effect of attacks on various sites
EFFECT OF ATTACKS ON VARIOUS SITES

January - 2005

Defacement Statistics for Indian Websites

Source: CERT-India

slide6

INCREMENT IN ATTACKS WITH TIME

Total Number of Incidents

Source: CERT/CC

introduction
INTRODUCTION
  • Ethical hacking is a scheme of having independent computer security professionals who attempt to break into the system to find vulnerabilities in the system.
  • Dynamic process.
  • Also known as penetration testing.
  • Neither damage the target systems nor steal information.
  • Evaluate target systems security and report back to owners about the vulnerabilities found.
the role of security and penetration testers
The Role of Security and Penetration Testers
  • Hackers
    • Access computer system or network without authorization
    • Breaks the law; can go to prison
  • Crackers
    • Break into systems to steal or destroy data
    • U.S. Department of Justice calls both hackers
  • Ethical hacker
    • Performs most of the same activities but with owner’s permission
the ethical hacker
The “Ethical Hacker”

Someone who is

  • Skilled
          • Programming and networking skills
          • Installation and maintenance skills
          • System management skills
  • Knowledgeable
          • Hardware and software
  • Trustworthy
  • Patient and Persistent
  • Certified
get out of jail free card
Get Out of Jail Free Card
  • When doing a penetration test, have a written contract giving you permission to attack the network
  • Using a contract is just good business
  • Contracts may be useful in court
  • Have an attorney read over your contract before sending or signing it
types of hacker
TYPES OF HACKER

Black Hat Hacker:Use knowledge for personal gain.

White Hat Hacker:Use skills for defensive purposes.

Grey Hat Hacker: Work both offensively & defensively.

methodology of hacking
METHODOLOGY OF HACKING

Five steps of hacking:

  • Footprinting
  • Scanning and enumeration
  • Gaining access
  • Maintaining access
  • Clearing tracks
footprinting
FOOTPRINTING

• Objective

Target Address range, namespace, acquisition and information gathering are essential to a surgical attack.

• Techniques & Tools

  • Open source search
  • Samspade
  • Email tracker & visual route
scanning enumeration
SCANNING & ENUMERATION

• Objective

Make blue print of target network.

• Techniques & Tools

  • War dialing
  • Pinger
  • Port Scanning
  • Nmap(Network Mapper)
  • Enumeration
gaining access
GAINING ACCESS

• Objective

Enough data has been gathered at this point to make an informed attempt to access the target.

• Techniques & Tools

  • Password eavesdropping
  • LoftCrack
  • Priviledge Escalation
  • Metaspoilt
  • Man in Middle Attack
maintaining access
MAINTAINING ACCESS

• Objective

Now hacker is inside the system. Next aim is to make an easier path to get in when he comes next time.

• Techniques & Tools

  • Key Stroke Logger
  • Create rogue user accounts
  • Infect startup files
  • Install monitoring mechanisms
  • Wrappers
  • Replace applications with trojans
  • Elitewrap
clearing tracks
CLEARING TRACKS

• Objective

Once total ownership of the target is secured, hiding the fact that hacker is here from system administrators becomes paramount.

• Techniques & Tools

  • Auditpol.exe
  • Eslave
  • Evidence Eliminator
  • Winzapper
slide18

Social

Engineering

Automated

Attacks

Organizational

Attacks

Restricted

Data

Accidental Breaches in Security

Denial of

Service (DoS)

Viruses, Trojan Horses,

and Worms

Different kinds of system attacks

advantages
ADVANTAGES
  • Helps in closing the open holes in the system network
  • Provides security to banking and financial establishments
  • Prevents website defacements
  • An evolving technique
disadvantages
DISADVANTAGES
  • All depends upon the trustworthiness of the ethical hacker.
  • Hiring professionals is expensive.
conclusion
CONCLUSION

Main aim of seminar is to make you understand that there are so many tools through which a hacker can get in to a system.

Various needs from various perspectives:

  • Student:A student should understand that no software is made with zero Vulnerabilities.
  • Professionals: Professionals should understand that business is directly related to Security. So they should make new software with vulnerabilities as less as possible.
  • Users: If software is highly secure but user is unaware of security then it would be like a secured building with all doors open by insider.
references
REFERENCES

1.http://netsecurity.about.com2. http://researchweb.watson.ibm.com3. http://www.eccouncil.org4. http://www.ethicalhacker.net5. http://www.infosecinstitute.com6. http://searchsecurity.techtarget.com