• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
How hackers do it
 

How hackers do it

on

  • 3,951 views

Slides to accompany a demonstration I did for the Pacific Computing Society in Suva, Fiji in late 2006. It demoed the anatomy of a hacker attack.

Slides to accompany a demonstration I did for the Pacific Computing Society in Suva, Fiji in late 2006. It demoed the anatomy of a hacker attack.

Statistics

Views

Total Views
3,951
Views on SlideShare
3,665
Embed Views
286

Actions

Likes
5
Downloads
116
Comments
0

5 Embeds 286

http://techvideos.humourbox.info 256
http://labtel.blogspot.com 20
http://www.slideshare.net 8
http://64.233.179.104 1
http://wikimundo6a.wikispaces.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    How hackers do it How hackers do it Presentation Transcript

    • how do hackers do it?
    • 1. gather info on the target host
    • whois Organization: Fiji ABCDEFG Inc. Admin-Name: Josese Bula Admin-Mailbox: [email_address] Tech-Name: Maciu Vinaka Tech-Mailbox: [email_address] NS1-Hostname: dns1.somenetwork.com.fj NS1-Netaddress: 202.151.23.2
    • Google Find vulnerabilities, revealing error messages, usernames and sometimes even passwords on your target host, all without ever connecting to it see http://johnny.ihackstuff.com/
    • 2. scan/sniff to find a way in
    • nmap superscan
    • tcpdump wireshark (formerly ethereal) dsniff
    • nessus
    • 3. exploit vulnerabilities
    • metasploit framework
    • john the ripper cain and abel thc-hydra
    • 4. cover your tracks
    • nc -L -d -t -p 23 -e cmd.exe rootkits
    • edit logs
    • help! what can i do?
    • . remove all unnecessary services . firewall services that do not need remote access . actively patch vulnerabilities . use strong passwords most importantly: . educate your users again and again and again
    • chris hammond-thrasher, cissp [email_address]