Successfully reported this slideshow.
Your SlideShare is downloading. ×


Upcoming SlideShare
Slides internet technology
Slides internet technology
Loading in …3

Check these out next

1 of 79 Ad

More Related Content

Similar to WEEK-01.pdf (20)

Recently uploaded (20)



  1. 1. Course Name: Ethical Hacking Faculty Name: Prof. Indranil Sen Gupta Department : Computer Science and Engineering Topic Lecture 1: IntroducDon to Ethical Hacking
  2. 2. q What is ethical hacking? q Penetra1on tes1ng q Role of the ethical hacker
  3. 3. What is Ethical Hacking? • It refers to the act of loca1ng weaknesses and vulnerabili1es of computer and informa1on systems by replica1ng the intent and ac1ons of malicious hackers. • It is also known as penetra'on tes'ng, intrusion tes'ng or red teaming. 3
  4. 4. IntroducDon to Ethical Hacking • Ethical Hackers • Employed by companies to perform penetra1on test. • PenetraDon Test • Legal aCempt to break into the company’s network to find the weak links. • Tester only report findings, does not provide solu1ons. • Security Test • Also includes analyzing company’s security policy and procedures. • Tester offers solu1ons to secure or protect the network. 4
  5. 5. Some Terminologies • Hacking - showing computer exper1se. • Cracking - breaching security on soMware or systems. • Spoofing - faking the origina1ng IP address in a datagram. • Denial of Service (DoS) - flooding a host with sufficient network traffic so that it cannot respond anymore. • Port Scanning - searching for vulnerabili1es. 5
  6. 6. Gaining access • Front door • Password guessing • Password/key stealing • Back doors • OMen leM by original developers as debug and/or diagnos1c tools. • Trojan Horses • Usually hidden inside of soMware that we download and install from the net. • Many install backdoors. • SoMware vulnerability exploitaDon • OMen adver1sed on the OEMs web site along with security patches. • Fer1le ground for script kiddies looking for something to do. 6
  7. 7. Once inside, the hacker can... • Modify logs • To cover their tracks. • Steal files • Some1mes destroy aMer stealing. • An expert hacker would steal and cover their tracks to remain undetected. • Modify files • To let you know they were there. • To cause mischief. • Install back doors • So they can get in again. • ACack other systems 7
  8. 8. The Role of Security and PenetraDon Testers • Script kiddies or packet monkeys • Young or inexperienced hackers. • Copy codes and techniques from knowledgeable hackers. • Experienced penetra1on testers write programs or scripts using • Perl, C, C++, Python, JavaScript, Visual Basic, SQL, and many others. 8
  9. 9. PenetraDon-TesDng Methodologies • Tiger box • Collec1on of OSs and hacking tools. • Usually on a laptop. • Helps penetra1on testers and security testers conduct vulnerabili1es assessments and aCacks. • White box model • Tester is told everything about the network topology and technology. • Tester is authorized to interview IT personnel and company employees. • Makes tester’s job a liCle easier. 9
  10. 10. • Black box model • Tester is not given details about the network. • Burden is on the tester to find the details. • Gray box model • Hybrid of the white and black box models. • Company gives tester par1al informa1on. 10
  11. 11. What You Can Do Legally • Laws involving technology change as rapidly as technology itself. • Find what is legal for you locally. • Laws change from place to place. • Be aware of what is allowed and what is not allowed. 11
  12. 12. Laws of the Land • Tools on your computer might be illegal to possess. • Contact local law enforcement agencies before installing hacking tools. • WriCen words are open to interpreta1on. • Governments are gehng more serious about punishment for cybercrimes. 12
  13. 13. What You Cannot Do Legally • Accessing a computer without permission is illegal. • Other illegal ac1ons: • Installing worms or viruses • Denial of Service aCacks • Denying users access to network resources • Be careful your ac1ons do not prevent customers from doing their jobs. 13
  14. 14. Ethical Hacking in a Nutshell • What it takes to be a security tester? • Knowledge of network and computer technology. • Ability to communicate with management and IT personnel. • Understanding of the laws. • Ability to use necessary tools. 14
  15. 15. In this course, we shall cover: • Relevant networking technologies • Basic cryptographic concepts • Case studies of secure applica1ons • Unconven1onal aCacks • Tools demonstra1on 15
  16. 16. 16
  17. 17. Course Name: Ethical Hacking Faculty Name: Prof. Indranil Sen Gupta Department : Computer Science and Engineering Topic Lecture 2: Basic Concepts of Networking (Part I)
  18. 18. q Types of computer networks q Circuit switching and packet switching q Virtual circuits
  19. 19. Networking: Basic Concepts • Computer Network • A communica;on system for connec;ng computers / hosts • Why? • Be@er connec;vity • Be@er communica;on • Be@er sharing of resources • Bring people together 3
  20. 20. Types of Computer Networks • Local Area Network (LAN) • Connects hosts within a rela;vely small geographical area vSame room vSame building vSame campus • Wide Area Network (WAN) • Hosts may be widely dispersed vAcross campuses vAcross ci;es / countries/ con;nents 4 Faster Cheaper Slower Expensive
  21. 21. Data CommunicaLon over a Network • Broadly two approaches: a) Circuit switching b) Packet switching 5 A B C D E F G H
  22. 22. Circuit Switching • A dedicated communica;on path is established between two sta;ons. • The path follows a fixed sequence of intermediate links. • A logical channel gets defined on each physical link. vDedicated to the connec;on. A B C D E F G H 6
  23. 23. Circuit Switching (contd.) • Three steps are required for communica;on: a) ConnecLon establishment • Required before data transmission. b) Data transfer • Can proceed at maximum speed. c) ConnecLon terminaLon • Required aUer data transmission is over. • For dealloca;on of network resources. 7
  24. 24. Circuit Switching (contd.) • Drawbacks: • Channel capacity is dedicated during the en;re dura;on of communica;on. vAcceptable for voice communica;on. vVery inefficient for bursty traffic like data. • There is an ini;al delay. vFor connec;on establishment. 8
  25. 25. Packet Switching • Modern form of long-distance data communica;on. • Network resources are not dedicated. • A link can be shared. • The basic technology has evolved over ;me. • Basic concept has remained the same. 9
  26. 26. Packet Switching (contd.) • Data are transmi@ed in short packets (~ Kbytes). • A longer message is broken up into smaller chunks. • The chunks are called packets. • Every packet contains a header. vRelevant informa;on for rou;ng, etc. 10 Message H H H PACKETS
  27. 27. Packet Switching (contd.) • Packet switching is based on store-and-forward concept. • Each intermediate network node receives a whole packet. • Decides the route. • Forwards the packet along the selected route. • Each intermediate node (router) maintains a table. 11
  28. 28. Packet Switching (contd.) • Advantages: • Links can be shared; so link u;liza;on is be@er. • Suitable for computer-generated (bursty) traffic. • Buffering and data rate conversion can be performed easily. • Some packets may be given priority over others, if desired. 12
  29. 29. Packet Switching (contd.) • How are packets transmi@ed? • Two alterna;ve approaches: a) Virtual Circuits b) Datagram • The abstract network model: A B C D E F G H 13
  30. 30. (a) Virtual Circuit Approach • Similar in concept to circuit switching. • A route is established before packet transmission starts. • All packets follow the same path. • The links comprising the path are not dedicated. vDifferent from circuit switching in this respect. • Analogy: • Telephone system. 14
  31. 31. (a) Virtual Circuit Approach (contd.) • How it works? • Route is established a priori. • Packet forwarded from one node to the next using store-and-forward scheme. • Only the virtual circuit number need to be carried by a packet. vEach intermediate node maintains a table. vCreated during route establishment. vUsed for packet forwarding. • No dynamic rou;ng decision is taken by the intermediate nodes. 15
  32. 32. 16
  33. 33. Course Name: Ethical Hacking Faculty Name: Prof. Indranil Sen Gupta Department : Computer Science and Engineering Topic Lecture 3: Basic Concepts of Networking (Part II)
  34. 34. q Datagrams q Layered network architecture
  35. 35. (b) Datagram Approach • Basic concept: • No route is established beforehand. • Each packet is transmi>ed as an independent en?ty. • Does not maintain any history. • Analogy: • Postal system. 3
  36. 36. Datagram Approach (contd.) • Every intermediate node has to take rou?ng decisions dynamically. • Makes use of a rou$ng table. • Every packet must contain source and des$na$on addresses. • Problems: • Packets may be delivered out of order. • If a node crashes momentarily, all of its queued packets are lost. • Duplicate packets may also be generated. 4
  37. 37. Datagram Approach (contd.) • Advantages: • Faster than virtual circuit for smaller number of packets. vNo route establishment and termina?on. • More flexible. • Packets between two hosts may follow different paths. vCan handle conges?on/failed link. 5 A B C D E F G H
  38. 38. ComparaJve Study • Three types of delays must be considered: a) Propaga?on Delay • Time taken by a data signal to propagate from one node to the next. b) Transmission Time • Time taken to send out a packet by the transmi>er. c) Processing Delay • Time taken by a node to process a packet. 6
  39. 39. Circuit Switching • AUer ini?al circuit establishment, data bits sent con?nuously without any delay. 7
  40. 40. Virtual Circuit Packet Switching • The Call Request packet sent from source to des?na?on. • The Call Accept packet returns back. • Packets sent sequen?ally in a pipelined fashion. • Store-and-forward approach. 8
  41. 41. Datagram Packet Switching • No ini?al delay. • The packets are sent out independently. • May follow different paths. • Also follows store-and-forward approach. 9
  42. 42. Layered Network Architecture • Open systems interconnec?on (OSI) reference model. • Seven layer model. • Communica?on func?ons are par??oned into a hierarchical set of layers. • Objec?ve: • Systema?c approach to design. • Changes in one layer should not require changes in other layers. 10
  43. 43. The 7-layer OSI Model ApplicaJon PresentaJon Session Transport Network Datalink Physical Host-to-host Point-to-point 11
  44. 44. Layer FuncJons • Physical • Transmit raw bit stream over a physical medium. • Data Link • Reliable transfer of frames over a point-to-point link (flow control, error control). • Network • Establishing, maintaining and termina?ng connec?ons. • Routes packets through point-to-point links. 12 ApplicaJon PresentaJon Session Transport Network Datalink Physical
  45. 45. Layer FuncJons (contd.) • Transport • End-to-end reliable data transfer, with error recovery and flow control. • Session • Manages sessions. • PresentaJon • Provides data independence. • ApplicaJon • Interface point for user applica?ons. 13 ApplicaJon PresentaJon Session Transport Network Datalink Physical
  47. 47. Internetworking Devices • Hub • Extends the span of a single LAN. • Bridge / Layer-2 Switch • Connects two or more LANs together. • Works at data link layer level. • Router / Layer-3 Switch • Connects any combina?on of LANs and WANs. • Works at network layer level. 15
  48. 48. Typical Internetworking Structure 16
  49. 49. 17
  50. 50. Course Name: Ethical Hacking Faculty Name: Prof. Indranil Sen Gupta Department : Computer Science and Engineering Topic Lecture 4: TCP/IP Protocol Stack (Part I)
  51. 51. q TCP/IP protocol stack q Basic func5ons of TCP, UDP and IP q Data encapsula5on
  52. 52. IntroducGon • TCP/IP is the most fundamental protocol used in the Internet. • Allows computers to communicate / share resources. • Used as a standard. • To bridge the gap between non-compa5ble plaCorms. • Work on TCP/IP started in the 1970s. • Funded by US Military. • Advanced Research Project Agency (ARPA). 3
  53. 53. Network Layering in TCP/IP • In 1978, Interna5onal Standards Organiza5on (ISO) proposed the 7-layer OSI reference model for network services and protocols. • TCP/IP does not strictly follow the OSI model. • It follows a simplified 4-layer model. 4
  54. 54. The 7-layer OSI Model ApplicaGon PresentaGon Session Transport Network Datalink Physical Host-to-host Point-to-point 5 ApplicaGon Transport Network Datalink Frame transmission over link Packet delivery across Internet End-to-end message transfer Runs on top of layers 1,2,3 The 4-layer TCP/IP Model
  55. 55. Data Flow in 4-layer Model A B C ApplicaGon Transport Network Datalink ApplicaGon Transport Network Datalink Network Datalink 6
  56. 56. TCP/IP Protocol Suite • Refers to a family of protocols. • The protocols are built on top of connec5onless technology (datagrams). • Data sent from one node to another as a sequence of datagrams. • Each datagram is sent independently. • The datagrams corresponding to the same message may follow different routes. vVariable delay, arrival order at des5na5on. 7
  57. 57. TCP/IP Family Members (ParGal List) Datalink and Hardware Layer (e.g., Ethernet) Internet Protocol (IP) ICMP IGMP ARP RARP Transmission Control Protocol (TCP) User Datagram Protocol (UDP) FTP TFTP SMTP SNMP DNS User Process 8
  58. 58. • Address ResoluGon Protocol (ARP) • Map IP addresses to hardware (MAC) addresses. • Reverse Address ResoluGon Protocol (RARP) • Map hardware addresses to IP addresses. • Internet Control Message Protocol (ICMP) • A network device can send error messages and other informa5on. • Internet Group Management Protocol (IGMP) • A node can send its mul5cast group membership to adjacent routers. 9
  59. 59. Typical Scenario Datalink and Hardware Layer (e.g., Ethernet) IP TCP UDP User Process User Process 10
  60. 60. What does IP do? • IP transports datagrams (packets) from a source node to a des5na5on node. • Responsible for rou5ng the packets. • Breaks a packet into smaller packets, if required. • Unreliable service. vA packet may be lost in transit. vPackets may arrive out of order. vDuplicate packets may be generated. 11
  61. 61. What does TCP do? • TCP provides a connec5on-oriented, reliable service for sending messages. • Split a message into packets. • Reassemble packets at des5na5on. • Resend packets that were lost in transit. • Interface with IP: • Each packet forwarded to IP for delivery. • Error control is done by TCP. 12
  62. 62. What does UDP do? • UDP provides a connec5onless, unreliable service for sending datagrams (packets). • Messages small enough to fit in a packet (e.g., DNS query). • Simpler (and faster) than TCP. • Never split data into mul5ple packets. • Does not care about error control. • Interface with IP: • Each UDP packet sent to IP for delivery. 13
  63. 63. Addresses in TCP/IP Datalink and Hardware Layer (e.g., Ethernet) IP TCP UDP User Process User Process Port Address (16 bits) IP Address (32 bits) Physical Address (48 bits) 14
  64. 64. EncapsulaGon • Basic concept: • As data flows down the protocol hierarchy, headers (and trailers) get appended to it. • As data moves up the hierarchy, headers (and trailers) get stripped off. • An example to illustrate: • Trivial file transfer protocol (TFTP). • TFTP client transfers 200 bytes of data. • 4 bytes of TFTP header gets added. 15 TFTP client UDP IP Ethernet TFTP server UDP IP Ethernet
  65. 65. EncapsulaGon in TFTP Data Data Data Data Data H-TFTP H-TFTP H-TFTP H-TFTP H-UDP H-UDP H-UDP H-IP H-IP H-Eth T-Eth 14 20 8 4 200 4 TFTP message UDP packet IP packet Ethernet frame 16
  66. 66. 17
  67. 67. Course Name: Ethical Hacking Faculty Name: Prof. Indranil Sen Gupta Department : Computer Science and Engineering Topic Lecture 5: TCP/IP Protocol Stack (Part II)
  68. 68. q IP Datagrams q IP Header fields
  69. 69. IP Datagrams
  70. 70. The IP Layer • IP layer provides a connec7onless, unreliable delivery system for packets. • Each packet is independent of one another. • IP layer need not maintain any history. • Each IP packet must contain the source and des7na7on addresses. • IP layer does not guarantee delivery of packets. • IP layer encapsula7on • Receives a data chunk from the higher layer (TCP or UDP). • Prepends a header of minimum 20 bytes. vContaining relevant informa7on for handling rou7ng and flow control. 4
  71. 71. IllustraGon Data Data 20 bytes IP header 5
  72. 72. Format of IP Datagram Total Length IdenGficaGon Service type VER HLEN Fragment Offset Time to Live Protocol Flags Header Checksum Source IP Address DesGnaGon IP Address OpGons DATA --------- HEADER -------- 0 4 8 15 16 31 6
  73. 73. IP Header Fields • VER (4 bits) • Version of the IP protocol in use (typically 4). • HLEN (4 bits) • Length of the header, expressed as the number of 32-bit words. • Minimum size is 5, and maximum 15. • Total Length (16 bits) • Length in bytes of the datagram, including headers. • Maximum datagram size :: 216 = 65536 bytes. 7
  74. 74. IP Header Fields (contd.) • Service Type (8 bits) • Allows packet to be assigned a priority. • Router can use this field to route packets. • Time to Live (8 bits) • Prevents a packet from traveling in a loop. • Senders sets a value, that is decremented at each hop. If it reaches zero, packet is discarded. • Protocol (8 bits) • Iden7fies the higher layer protocol being used. 8
  75. 75. IP Header Fields (contd.) • Source IP address (32 bits) • Internet address of the sender. • DesGnaGon IP address (32 bits) • Internet address of the des7na7on. • IdenGficaGon, Flags, Fragment Offset • Used for handling fragmenta7on. • OpGons (variable width) • Can be given provided router supports. • Source rou7ng, for example. 9
  76. 76. IP Header Fields (contd.) • Header Checksum (16 bits) • Covers only the IP header. • How computed? vHeader treated as a sequence of 16-bit integers. vThe integers are all added using ones complement arithme7c. vOnes complement of the final sum is taken as the checksum. • A mismatch in checksum causes the datagram to be discarded. 10
  77. 77. Viewing IP Packets • We can use packet sniffers to view IP packets. • Some popular packet sniffers: • Wireshark • Windump • tcpdump • Tshark • SolarWinds • …. and many more 11
  78. 78. Wireshark … 12
  79. 79. 13