Your SlideShare is downloading. ×
  • Like
basic knowhow hacking
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

basic knowhow hacking

  • 20,967 views
Published

a simple presentation with introduction on hacking, presented by anant shrivastava on behalf of linux academy at rkdf bhopal http://academylinux.com and contact anant at http://anantshri.info

a simple presentation with introduction on hacking, presented by anant shrivastava on behalf of linux academy at rkdf bhopal http://academylinux.com and contact anant at http://anantshri.info

Published in Technology , News & Politics
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • thanks..
    Are you sure you want to
    Your message goes here
  • thanks
    Are you sure you want to
    Your message goes here
  • cool... easydev10@gmail.com
    Are you sure you want to
    Your message goes here
No Downloads

Views

Total Views
20,967
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
912
Comments
3
Likes
9

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Work Shop on Hacking
  • 2. Understand The difference
    • Hacking
    • &
    • Cracking
  • 3. Understand The difference
    • hackers build things,
    • crackers break them
  • 4. Literal Definitions
    • Cracker : some one who destructs things.
    • Hacker : Someone who uses hacks.
    • Hacks : A different approach with some significant advantage over the current approach.
  • 5. Some more definitions
    • Phreakers : phone System Manipulators
    • Script kiddies : those who are slaves of tools for each and every work they do, but think of themselves as true hackers.
  • 6. Reasons behind cracking
    • Just for fun
    • Show off
    • crack other systems secretly
    • Notify many people their thought
    • Steal important information
    • Destroy enemy’s computer network during the war
  • 7. Security
    • With Hacking and cracking comes the concept of Security.
    • So what do you think is the :
    • “ MOST SECURED SYSTEM”
    By : Linux Academy
  • 8. “ Most Secured System”
    • A system with power cable removed and sealed inside a many inch thick wall is also not a complete secure system
    • This whole concept of secured system in itself is a flawed concept.
    By : Linux Academy
  • 9. Common Causes of cracking attempts
    • Ignorance
    • Ignorance
    • Ignorance
    • Ignorance
    • Ignorance
    • Ignorance
    By : Linux Academy
  • 10. Social enginnering
      • Pretexting
      • Phishing
      • Dumpster diving
    By : Linux Academy
  • 11. Pretexting
    • Pretexting is the act of creating and using an invented scenario to persuade a target to release information (e.g. date of birth, Social Security Number, last bill amt.)
    • In Pretexting an individual lies about his identity or purpose to obtain privileged data about another individual. A pretexter may then use this data to engage in identity theft or corporate espionage .
    • Pretexting may be employed by telephone or email, through customer service instant messaging or a company Web site .
  • 12. Phishing
    • Phishing is an e-mail fraud method in which the perpetrator sends out email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well known and trustworthy Web sites.
    • Phishers attempt to fraudulently acquire sensitive information, such as usernames, passwords and credit card details
    • ebay and paypal are two of the most targeted companies, and online banks are also common targets
  • 13. Dumpster diving
    • Dumpster diving, also known as trashing , is another popular method of social engineering. A huge amount of information can be collected through company dumpsters.
    • Potential security leaks items are commonly “company phone books, organizational charts, memos, company policy manuals, calendars of meetings, events and vacations, system manuals, printouts of sensitive data or login names and passwords, printouts of source code, disks and tapes, company letterhead and memo forms, and outdated hardware.”
  • 14. Targets of social enginnering
    • Unaware of info value — receptionist
    • Special privileges — helpdesk tech support
    • Manufacturer/vendor — vendors
    • Specific departments — accounting, HR
  • 15. Port
    • A Port is a virtual data connection that can be used by programs to exchange data directly, instead of going through a file or other temporary storage location. The most common of these are TCP and UDP ports which are used to exchange data between computers on the Internet .
    • A 'port' is a point of contact between a process and a connection.
  • 16. Types Of Attack
  • 17. DOS (Denial of Service)‏
    • In computer security , a denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. Typically the targets are high-profile web servers, and the attack attempts to make the hosted web pages unavailable on the Internet. An attacker may be able to prevent you from accessing email, web sites, online accounts (banking, etc.) or other services that rely on the affected computer.
    • DoS attacks have two general forms:
    • Force the victim computer(s) to reset or consume its resources such that it can no longer provide its intended service.
    • Obstruct the communication media between the intended users and the victim so that they can no longer communicate adequately.
  • 18. PoD (Ping of Death)
    • A ping of death ("POD") is a type of attack on a computer that involves sending a malformed or otherwise malicious ping to a computer. A ping is normally 64 bytes in size; many computer systems cannot handle a ping larger than the maximum IP packet size, which is 65,535 bytes. Sending a ping of this size often crashes the target computer.
  • 19. DDoS (Distributed denial-of-service)
    • In a distributed denial-of-service (DDoS) attack, an attacker may use your computer to attack another computer. By taking advantage of security vulnerabilities or weaknesses , an attacker could take control of your computer. Attacker could force your computer to send huge amounts of data to a web site or send spam to particular email addresses. The attack is "distributed" because the attacker is using multiple computers, to launch the denial-of-service attack.
  • 20.
    • SYN flood
    • In which an attacker sends a succession of SYN ( synchronize ) requests to a target's system.
    • When a client attempts to start a TCP connection to a server, the client and server exchange a series of messages.
    • UDP
    • (User Datagram Protocol) is a stateless and connectionless protocol that runs on top of IP networks.
    • UDP flood attack can be initiated by sending a large number of UDP packets to random ports on the victim system. As a result it will determine what application is waiting on the destination port,
    • it will generate an ICMP packet of destination unreachable to the source address. Large number of such UDP packets will result in degraded service or a complete shutdown.
  • 21.
    • ICMP floods/Smurf
    • An assault on a network Attacks that floods it with excessive messages in order to impede normal traffic. It is accomplished by sending ping requests (ICMP echo requests) to a broadcast address on the target network or an intermediate network.
    • Teardrop Attack
    • It involves sending IP fragments with overlapping oversized payloads to the target machine. A bug in the TCP/IP fragmentation re-assembly code caused the fragments to be improperly handled, crashing the operating system as a result of this
  • 22. Sql Injection
    • Now a days
    • this
    • attack method is
    • HOT
  • 23. Reason
    • increase in the use of database.
    • A lot more increase in ignorant and novice programmers.
  • 24. How to secure your self
    • Primary work to beef up your security.
    • A good antivirus (AVG free / NOD32 trial)‏
    • A good firewall (Sygate personal)‏
    • A good spy ware / Trojan buster.
    • Use of genuine software.
    • Avoid ignoring even the simplest of things
  • 25. OR,
    • Start using
    • LINUX
  • 26. How open Source model HELP
    • With open source software comes the concept of publicly viewable codes
    • Which on one hand increases the chance of cracking attempt also on the other hand increases the chance of hacking.
  • 27. Google hacking
    • Google is the best tools now a days to access a site.
    • This game of using google to hack around is called
    • GOOGLE - HACKING
  • 28. Google hacking : EXAMPLE
    • Sony camera’s online
    • http://www.google.com/search?num=100&hl=en&lr=&ie=UTF-8&safe=off&q=intitle%3Asnc-rz30+inurl%3Ahome%2F+&btnG=Search
  • 29. How to become a hacker
    • The best approach is to gain as much knowledge about stuff as you can.
    • good command over C / C++ / Perl will definetely help.
    • But above all you need a good logical brain.
  • 30. Some reference’s for you
    • Hackthissite.org
    • Hellboundhackers.org
    • Hackquest.de
    • Hackits.de
    • http://johnny.ihackstuff.com
  • 31. Question’s Linux Academy +91 755 4270644 27, Noble Plaza, zone-II MP Nagar, Bhopal http://www.academylinux.com