Ethical Hacking

Only available on StudyMode
  • Topic: Black hat, White hat, Hacker
  • Pages : 14 (1100 words )
  • Download(s) : 409
  • Published : September 11, 2011
Open Document
Text Preview
TWINCLING Society

Ethical Hacking

19th ofAugust, 2006 Hyderabad, India

TWINCLING Society

We appreciate

Outline


Know your enemy History and Trends Anatomy of a hack System Hacking Sniffers Denial of Service Buffer Overflows Social Engineering



TWINCLING Society













Know your enemy

Sun Tzu says in the 'Art of War',

TWINCLING Society

“If you know yourself but not the enemy, for every victory gained, you will suffer defeat.” “If you know the enemy and know yourself, you need not fear the result of a hundred battles.”

Know your enemy


Hacker (n) – refers to a person who enjoys learning the details of computer systems and stretch their capabilities. Hacking (v) – describes the rapid development of new programs or reverse engineering of already existing software to make the code better and efficient. Cracker – refers to a person who uses his hacking skills for offensive purposes. Phreak – a hacker variant with an interest in telephones and telephone systems. Hactivism – refers to an act of hacking in order to communicate a politically or socially motivated message. An Internet enabled way to practice civil disobedience and protest.



TWINCLING Society







Know you enemy


Ethical Hacker – refers to security professional who apply their hacking skills for defensive purposes on behalf of its owners. Ethical Hacking – is also known as penetration testing, intrusion testing, red teaming Ethical hacker looks for the following four basic questions: ● What information/locations/systems can an intruder gain access? ● What can an intruder see on the target? ● What can an intruder do with available information? ● Does anyone at the target system notice the attempts?

TWINCLING Society





Know your enemy


Hacker Classes
– –



Ethical hacker classes
– – –

Script Kiddie Black hats White hats Grey hats

Former Black hats White hats Consulting firms

TWINCLING Society

– –

Know your enemy

TWINCLING Society

Information Security = C I A ( Confidentiality, Integrity, Authentication ) It remains a fact however, that gaining unauthorized access is a crime, no matter what the intent.

History / Trends in Hacking Culture

TWINCLING Society

Anatomy of a hack

TWINCLING Society

Anatomy of a hack (Reconnaissance)


Refers to a preparatory phase where an attacker seeks to gather as much information as possible about the target of evaluation prior to launching an attack. Passive reconnaissance involves monitoring network data for patterns and clues. Active reconnaissance involves probing the network for ● Accessible hosts ● Open ports ● Location of routers ● Operating system details (if possible services)

TWINCLING Society





Anatomy of a hack (Reconnaissance)


Footprinting – is a blueprinting of the security profile of an organization, undertaken in a methodological manner. Scanning – refers to a pre-attack phase when the hacker scans the network with a specific information gathered during footprinting. Enumeration – involves active connections to systems and directed queries



TWINCLING Society



Anatomy of a hack (Scanning)


This stage of a hack can be considered to be a logical extension of active reconnaissance Get a single point of entry to launch an attack and could be point of exploit when vulnerability of the system is detected. Objectives of port scanning. ● Open ports ● Host operating system ● Software or service versions ● Vulnerable software versions



TWINCLING Society



Anatomy of a hack (Gaining Access)


Gaining access refers to the true attack phase. The exploit can occur over a LAN, locally, Internet, offline, as a deception or theft. ●



TWINCLING Society



System Hacking Sniffers Social Engineering Denial of Service Session Hijacking Buffer Overflows Rootkits

Hacking Web servers Web application...
tracking img