Ethical Hacking & Cyber Security

i3indya Technologies (A unit of I THREE INFOTECH PVT LTD)

Address: G-85, Main Vikas Marg, Preet Vihar, New Delhi-110092 Contact: Email: info@i3indya.com Website: www.i3indya.com Office: 011 42815252

About company
I3indya technologies, a unit of I THREE INFOTECH PVT LTD, one of Indias leading companies into the education field is exploring indefinitely in the innovative world of education services and as a technology service provider. It was conceptualized with a motive to spread the magic of technology amongst students all over the country. The company started by a group of entrepreneurs with a motive to conduct workshops and training programs in various Engineering colleges and to provide the most comprehensive and fulfilling services by creating an ambiance of creativity and an approach towards seeking logical solution to everyday problem. The company was so named with having a core value of i 3 as innovation, information and intelligence.

The workshops provided by the company covers all these aspects. The objective of organization is to generate a need of various technologies engineering colleges across India. We deliver workshops on 3D animation, Ethical Hacking cyber security, Robotics, Web Technologies and many more. Within no span of time, we have covered the top most colleges of India which include IIT Bombay, IT Roorkee, IITdelhi, IIT Kanpur, IIT Hyderabad, IIT Allahabad,ISM Dhanbad, NIT Waragal,NIT Calicut ,NIT kurukshetra, NIT hamirpur and may more. The mission is to provide comprehensive solution to all technical problems concerning the software application, competition, learning, developmentactivity and generation of interest in science &technology among students and to become a name synonymous with workshops and training programs by providing the most comprehensive and fulfilling services.

Scanning Scanning is the process of finding out open/close ports, vulnerabilities in remote system, server & networks. Scanning will reveal IP addresses, operating system, services running on remote computer. There are three types of scanning. -> Port scanning. -> Network scanning. -> Vulnerability scanning.

TCP 3 Handshaking

The computer a initiates a connection to the server B via a packet with only the SYN the set. The replies a packet with both the SYN and the ACK flag set. For The final step, the client responds back to the Server with a single ACK packet. If these three steps Are completed without complication, then a TCP connection has been established between the client and the server.

Port scanning Port scanning is one of the most popular technique attacker use to discover the service they into. All machine connected to a LAN or connected to internet via a modem run many service that listen at well known and not so well-known port. There are 1 to 65535 port are available in the computer. By port scanning the attacker finds which ports are available.

Open ports

Ports The port numbers are unique only within a computer System. Port numbers are 16-bit unsigned number. The port numbers are divided into three ranges:1. Well known ports (01023), 2. The registered port (102449151) 3. The Dynamic and /or private ports (4915265535). Well known port: Echo ftp-data tcp ssh telnet domain 7/tcp echo

20/udp file transfer [default data] 21/tcp file transfer [control] 22/tcp SSH remote login protocol 23/tcp telnet 53/udp Domain name server

www-http 80/tcp World wide web HTTP Smtp 25/tcp Simple mail transfer protocol

Registered port Wins 1512/tcp Microsoft windows internet name service Radi- 1812.ud- RADIUS Authentication protocol us p Yaho 5010 -o X11 Yahoo!messenger

6000X window system. 6063/tcp Registered

Angry IP Scanner Angry IP Scanner is a very fast and simple program which scans the IPs in the network and lets you know The wins name, computer name, MAC addresses and The user currently signed in.

VULNERABILITY SCANNING Vulnerability scanning is a procedure designed to map System and search for weakness in an application, computer or network. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing for the occurrence of these flows and generating a report of the finding that an individual or an enterprise can to use to tighten the networks security.

NESSUS (VULNERABILITY SCANNING

Nessus is a great tool designed to automate and discovery of known security problems.nessus features hight-speed discovery, configuration auditing. Asset Profiling. Sensitive data discovery and vulnerability Analysis of your security posture.

ACUNETIX WEB VULNEABILITY SCANNING Acunetix web vulnerability scanning is a tool designed to discover security holes in your web application that an attacker would likely abuse to gain illicit access to your system and. It looks for multiple vulnerability including SQL injection,cross sity scripting, and weak password.

JSKY Jsky is a windows based gui web application security vulnerablity scanner.it is web site automatic assessment tool.

System Hacking:

System hacking is a process which includes cracking password of a system. System hacking is basically taking control of the system by cracking the passwords by exploiting the operating system. We can protect our system by keeping a strong password. Using an updated antivirus, updated operating. Implementing proper policies and proper restrictions

On the system.in this way you can be protected from well known. PASSWORD FILE IN WINDOWS C:\windows\system32\config SAM- system account manager. It contains username And passwords of the local system.

CRACKING PASSWORD FILE IN WINDOWS This SAM file cannot be copied, cut or moved until that operating system is in sleeping state. It can be copied by booting with an alternative operating system.

Example:Backtrack,auditor.etc.

Types of password attacks Passive on line attacks :Basically sniffing of network traffic to sniff user names, password and other authentication sequence. It is hard to perpetrate and have long amount of tools available on internet. Active online attacks : main in the middle attack after getting access to the communication channel or network.

Offline attack: Tryping different password until one works it takes long time,easily detected and requires hung amount of brand width. It successed with the system having weak or bad password. CAIN AND ABEL

SAM INSIDE

LC5 PASSWORD CRACKERS

ERD COMMANDER

OPHCRACK Ophcrack is a window password crackers based on the faster time-memory trade-off. It user the rainbow tables ophcrack supports graphical user interface and run on windows, Mac os x(intel cpu) , and linux Feactures: Ophcrack cracks 99% of : Password of length 6 or less composed buy the characters in this set. Alphanumeric password of length 7 ( lower-and upper case ) Alphanumeric password of length 8 (lower case only)

COUNTERMEASURES -> Enforce 8-12 character alphanumeric passwords -> Set the password change policy to 30 day -> Physically isolate and protect the server -> Use SYSKEY utility to store hashes on disk -> Monitor the server logs for brute force attack on user account

SYSKEY UTILITY The key use to encrypt the password is randomly generated by the syskey utility.

->Encryption prevents compromise of the passwords. ->Skykey uses 128-bit encryption to encrypt the system hash. ->Syskey must be present for the system the boot.

007 SPY 1. It allows to secretly and record users activities on a computer, such as websites visited, windows opend,every key pressed, application executed, internet charts, Email send ,and even take snapshots of the entire windows desktop at set intervals.

2. It can record all application windows activity taken place can log windows title, the opening and closing time of windows, and current user name. 3. It can take picture of the windows desktop and capture images in a few second. 4. It is the most securely Spy program since it is password.

ACE Spy Ace spy secretly record everything that is done on the also can block particular web sites or programs. This premium spy software will immediately forward all emails and instant messages directly to your

personal email address. Enter a list of programs or web sites that you want to want to be blocked if anything on the list is encountered; ace spy ill immediately close it and send an option alert to your mobile phone. ACE spy separately records Email, chat conversation, websites, keystrokes, and webcam snapshots.

Data Hiding Techniques

Outline Introduction to Data Hiding. -> Motivation -> Applications and Requirements Introductiontosteganography. Digital watermarking basics. Future research.

Data Hiding Definition: The process of secretly embedding

information inside a data source without changing its perceptual quality. 1. New and highly multidisciplinary field 2. Multimedia signal processing 3. Communication theory

4. 5. 6. 7.

cryptography Information theory and coding theory theory of human perceptual systems. Law, multimedia industry, consumer electronics

Motivation
The rapid revolution in digital multimedia and the ease of generating identical and unauthorized digital data. USA Today, Jan. 2000:Estimated lost revenue from digital audio piracy US $8,500,000,000.00 The need to establish reliable methods for copyright protection and authentication. The need to establish secure invisible channels for covert communications. Adding caption and other additional information.

Data Hiding main Disciplines

 Steganography- (covered writing) the process of secretly embedding information into a data source in such a way its very existence is concealed. Copyright marking Digital watermarking: A short sequence of information embedded in a way that is difficult to erase. Fingerprinting: trace copyright violators.

Data Hiding Requirements

Imperceptibility- The watermarked and original data source should be perceptually identical. Robustness- The embedded data should survive any signal processing operation the host signal goes through and preserve its fidelity. Capacity-Maximize data embedding payload. Security- Security is in the key.

Data Hiding Dilemma

Additional factors Security. System embedding and extraction complexity. Availability of original signal during extraction process.

General data hiding system

Steganography
Embed information in such a way, its very existence is concealed. Goal Hide information in undetectable way both perceptually and statistically. Security, prevent extraction of the hidden information.

 Different concept than cryptography, but use some of its basic principles.

The prisoners problem and the subliminal channel

Alice and Bob are in jail and wish to hatch an escape plan. Alice's and Bob's communication pass through Willy. Alice's and Bob's goal is to hide their ciphertext in innocuous looking way so that Willy will not become suspicious. If Willy is a passive warden he will not do any thing to Alice's and Bob's communication. If Willy is an active warden he will alter the data being sent between Alice and Bob.

Image steganography example

Least significant bit encoding Replace the LSB of each pixel with the secret message Pixels may be chosen randomly according to a key Comments: The simplest and most common steganographic tech. Premise=change to the least significant bit will be masked by noise commonly present in images.

Image steganography example

Principle of Digital watermarking

Embedded hidden information, which travels with the watermarked data, even after copying and redistribution. How can information be hidden in digital data? By exploiting perceptual headroom Human perception is imperfect Make modification to the original data without changing its perceptual quality, exploit masking principle (JND). Modifications can be detected via signal processing. What is a digital watermark? No standard definition, application dependent.

Digital watermarks categories

Robust watermark- Used for copyright protection.

Requirements: the watermark should be permanently intact to the host signal, removing the watermark result in destroying the perceptual quality of the signal. Fragile watermark- Used for tamper detection or as a digital signature. Requirements: Break very easily under any modification of the host signal. Semi Fragile watermark- used for data authentication. Requirements: Robust to some benign modifications, but brake very easily to other attacks. Provide information about the location and nature of attack

Types of water marking algorithms

Non-blind- use the original signal

 Semi-blind- does not use the original signal but use some side information and/or the original watermark. Blind- does not use the original signal or any side information (most challenging).

Limitations of digital watermarking

Digital watermarking does not prevent copying or distribution. Digital watermarking alone is not a complete solution for access/copy control or copyright protection. Digital watermarks cannot survive every possible attack.

Watermarking techniques
Spatial domain watermarking- Watermark embedded by directly modifying the pixel values. Usually use spread spectrum approach. Transform domain watermarking- Watermark embedded in the transform domain e.g., DCT, DFT, wavelet by modifying the coefficients of global or block transform.

Spread spectrum watermarking

Spatial domain technique Use spread spectrum to spread the watermark all over the host image.

S (n , n ) bi ( x , y ) I ( n , n ) i
1 2 1 2

Where

bi

is the the watermarking bit,

is a scaling factor

 ( x, y) is two-dimensional pseudo-random
sequence

I (n1, n2 )

Is the original image

Spread spectrum watermarking

Spread spectrum watermarking S (n1 , n2 ) into each
S ( x , y ) , S ( x , y ).

If the summation is greater than threshold as 1 else decode as 0

Decode

Spatial watermarking example

Transform domain technique

Watermark embedding- 1000 highest energy DCT coefficients are modulated with a Gaussian random sequence. The watermark is embedded as follows

(1

w ) Where X k Are the original DCT

k

coefficients and is the watermark scaling factor to increase its Strength also directly influencing watermark visibility.

NEC Scheme
Watermark detection: Subtract the original image from the watermarked image, and extract the watermark sequence Correlate
~ sim( w , w)

Where sim is a similarity ~ function w Represent one information bit

~ ~ w. w

~ with the original sequence w ww. w ~

Watermark detection

Watermarking example

DCT phase modulation (embed m bits)

Embedding algorithm Randomly select a group of low frequency DCT coefficients using a key. Generate a binary message as a watermark. Set the phase of the selected coefficients in accordance with the embedded watermark. Decoding algorithm Use the same key to select the coefficient. Extract the sign of the selected coefficients and decode according to the embedding rule.

Watermark attacks
Robustness attacks: Intended to remove the watermark. JPEG compression, filtering, cropping, histogram equalization additive noise etc.

 Presentation Attacks: Watermark detection failure. Geometric transformation, rotation,scaling, translation, change aspect ratio, line/frame dropping, affine transformation etc. Counterfeiting attacks: Render the original image useless, generate fake original, dead lock problem. Court of law attacks: take advantage of legal issues.

Geometric attacks
Fools the detector Resynchronization methods Searching techniques Computationally expensive, probability of false alarm Use of templates (embed a pattern of peaks) Can be located by attacker, can be removed

Finding pattern is like finding a watermark Invariant representation (DFT, Fourier-Mellin) Not robust to other attacks

Stir Mark attack (random geometric attack)

challenges in watermarking research

Lack of protocols, standards and benchmarking. Lack of comprehensive mathematical theory. Watermark survival for all attacks. Relating robustness, capacity, perceptual quality and security. Will it be used, and how the legal system adopt it?

Trends in watermarking research

Color image watermarking, and other multimedia signals. 2nd generation watermarking. Watermarking of maps graphics and cartoons. Information theoretic issues. Applications beyond copyright protection. Protocols and standardization.