Escolar Documentos
Profissional Documentos
Cultura Documentos
SHYAM S.V.
systems
vulnerability to
attacks (auditing the
system) also termed Analyze and
‘white hat’ hacking. Improve system
Defenses
WHY ETHICAL HACKING??
“The Best Defense Is A Good Offense.”
• Growth of the Internet, computer security has
become a major concern for businesses and
governments.
• organizations realized best ways to evaluate
the intruder threat would be to have
independent computer security professionals
attempt to break into their computer
systems.
• Website defacements increased to alarming
rates
WHY ETHICAL HACKING??
June 01, 2004 to Dec.31, 2004
Domains No of Defacements
.com 922
.gov.in 24
.org 53
.net 39
.biz 12
.co.in 48
.ac.in 13
.info 3
.nic.in 2
.edu 2
other 13
Total 1131
Social
Engineering
Automated
Organizational Attacks
Attacks
Restricted
Data
Accidental
Breaches in
Security Denial of
Viruses, Trojan Service (DoS)
Horses,
and Worms
WHO ARE ETHICAL HACKERS?
WORKING ETHICALLY:-
HIGH PROFESSIONAL MORALS AND PRINCIPLES
NO HIDDEN AGENDA
TRUSTWORTHINESS-THE ULTIMATE TENET
RESPECTING PRIVACY:-
ALL APPLICATION INFORMATIONS TO BE KEPT PRIVATE
• Insider attack
• Outsider attack
• Stolen equipment attack
• Physical entry
• Bypassed authentication attack (wireless
access points)
• Social engineering attack
ANATOMY OF HACKING-
METHODOLOGY
1. Footprinting
2. Scanning
3. Enumeration
4. Gaining acess
5. Escalating privilage
6. Pilfering
7. Covering tracks
8. Creating backdoors
9. Denial of service
1.FOOTPRINTING
• OBJECTIVE :
Target address range, acquisition and
information gathering
• TECHNIQUES :
Open source search
Whois
Web interface to whois
DNS zone transfer
2.SCANNING
• OBJECTIVE :
Bulk target assessment and
identification of listing services
Focuses on most promising avenues of
entry
• TECHNIQUES :
Ping sweep
TCP/UDP port scan
OS Detection
3.ENUMERATION
• OBJECTIVE :
More intrusive probing by attacker
identification of valid user accounts
Poorly protected resource shares
• TECHNIQUES :
List user accounts
List file shares
Identify applications
4.GAINING ACCESS
• OBJECTIVE :
Acquiring enough data to access the
target
User Level Access Obtained
• TECHNIQUES :
Password eavesdropping
File share brute forcing
Password file grab
Buffer overflows
5.ESCALATING PREVILEGES
• OBJECTIVE :
Attacker seeks complete control of the
system
• TECHNIQUES :
password cracking
6.PILFERING
• OBJECTIVE :
Information gathering process to gain
access to trusted systems
Aim is to gain total control
• TECHNIQUES :
Elevate trust
Search for clearnet passwords
7.COVERING TRACKS
• OBJECTIVE :
Total ownership of target secured
These facts are hided from
administrators
• TECHNIQUES :
Clear logs
Hide tools
8.CREATING BACKDOORS
• OBJECTIVE :
Laying trap doors at different parts of
the system to gain easy access at whim
of the intruder
• TECHNIQUES :
Creating rogue user accounts
Schedule batch jobs
Infect startup files
Plant remote control services
Install monitoring mechanisms
Replace apps with Trojans
9.DENIAL OF SERVICE (DOS)
• OBJECTIVE :
Used in case of unsuccessful attack
Attacker disables the target as the last
resort
• TECHNIQUES :
SYN flood
Identical SYN requests
ICMP techniques
DDOS
Out of bounds TCP options (OOB)
ETHICAL HACKING TOOLS
Samspade :
Provides us information about a
particular host.
This tool is very much helpful in
finding the addresses, phone
numbers etc.
Samspade GUI
ETHICAL HACKING TOOLS
• E-mail tracker :
– To find out the server sending spam
messages.
– Every mail has a header associated with it
and this is used to identify the source
server.
• Virtual route:
– A tool which displays the location a
particular server with the help of IP
addresses.
– Connected with e-mail tracker to find exact
location of the server
E-mail tracker GUI
Visual route GUI
REPORTING
Methodology
Exploited Conditions & Vulnerabilities that
could not be exploited
Proof for Exploits - Trophies
Practical Security solutions
Detailed reporting about the
vulnerabilities
ADVANTAGES & DISADVANTAGES
ADVANTAGES:
• “To catch a thief you have to think like a thief”
• Provides security to banking establishments
• Prevents website defacements
• Evolving technique
DISADVANTAGES:
• Question of trust !!
• Expensive as salaries are very high!!
FUTURE ENHANCEMENTS
Students:
no S/W is made with zero vulnerabilities
Learn to avoid these vulnerabilities
Professionals:
Business is directly related with security
Develop S/W with least vulnerabilities
Keep updated about new tools and techniques