Ethical hacking

1,112 views

Published on

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,112
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
39
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Ethical hacking

  1. 1. Ethical Hacking Pratheeba Murugesan
  2. 2. HACKER
  3. 3. AENDA <ul><li>What is Ethical Hacking? </li></ul><ul><li>Who are ethical hackers? </li></ul><ul><li>Every Website-A Target </li></ul><ul><li>Get out of jail free card </li></ul><ul><li>Kinds of Testing </li></ul><ul><li>Final Report </li></ul>
  4. 4. Ethical Hacking <ul><li>Independent computer security Professionals breaking into the computer systems. </li></ul><ul><li>Neither damage the target systems nor steal information. </li></ul><ul><li>Evaluate target systems security and report back to owners about the vulnerabilities found. </li></ul>
  5. 5. Ethical Hackers but not Criminal Hackers <ul><li>Completely trustworthy. </li></ul><ul><li>Strong programming and computer networking skills. </li></ul><ul><li>Learn about the system and trying to find its weaknesses. </li></ul><ul><li>Techniques of Criminal hackers-Detection-Prevention. </li></ul><ul><li>Published research papers or released security software. </li></ul><ul><li>No Ex-hackers. </li></ul>
  6. 6. Being Prepared <ul><li>What can an intruder see on the target systems? </li></ul><ul><li>What can an intruder do with that information? </li></ul><ul><li>Does anyone at the target notice the intruder's attempts or successes? </li></ul><ul><li>What are you trying to protect? </li></ul><ul><li>Who are you trying to protect against? </li></ul><ul><li>How much time, effort, and money are you willing to expend to obtain adequate protection? </li></ul>
  7. 7. Get out of Jail free card <ul><li>Security evaluation plan </li></ul><ul><ul><ul><ul><li>Identify system to be tested </li></ul></ul></ul></ul><ul><ul><ul><ul><li>How to test? </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Limitations on that testing </li></ul></ul></ul></ul><ul><li>Evaluation done under a “no-holds-barred” approach. </li></ul><ul><li>Clients should be aware of risks. </li></ul><ul><li>Limit prior knowledge of test. </li></ul>
  8. 8. Kinds of Testing <ul><li>Remote Network </li></ul><ul><li>Remote dial-up network </li></ul><ul><li>Local network </li></ul><ul><li>Stolen laptop computer </li></ul><ul><li>Social engineering </li></ul><ul><li>Physical entry </li></ul><ul><li>1.Total outsider </li></ul><ul><li>2.Semi-outsider </li></ul><ul><li>3.Valid user </li></ul>
  9. 9. Final Report <ul><li>Collection of all discoveries made during evaluation. </li></ul><ul><li>Specific advice on how to close the vulnerabilities. </li></ul><ul><li>Testers techniques never revealed. </li></ul><ul><li>Delivered directly to an officer of the client organization in hard-copy form. </li></ul><ul><li>Steps to be followed by clients in future. </li></ul>
  10. 10. Suggestions?

×