18 hacking

860 views

Published on

great ppt

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
860
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
29
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

18 hacking

  1. 1. HACKING BY J.MAHALAKSHMI CH.VINEELA COMPUTER SCIENCE ENGINEERING BVC INSTITUTE OF TECHNOLOGY&SCIENCE,BHATLAPALEM HACKING BY CH VINEELA J MAHALAKSHMI COMPUTER SCIENCE ENGINEERING BVC INSTITUTE OF TECH&SCIENCES
  2. 2. CONTENTS <ul><li>What is HACKING? </li></ul><ul><li>Area’s affected </li></ul><ul><li>Password cracking </li></ul><ul><li>Principle attack methods </li></ul><ul><li>PMP solution </li></ul><ul><li>How to protect our self </li></ul><ul><li>conclusion </li></ul>
  3. 3. INTRODUCTION <ul><li>Hacking became a buzzword for the world of security. </li></ul><ul><li>Unauthorized access of information </li></ul><ul><li>Hacker: enthusiastic and intelligent programmer </li></ul><ul><li>Cracker: misuser of his knowledge </li></ul>
  4. 4. AREA’S AFFECTED
  5. 5. PASSWORD CRACKING <ul><li>Process of retrieving passwords </li></ul><ul><li>What a cracker do? </li></ul><ul><li>Concentrating on infrastructure and applications </li></ul><ul><li>Common approach: Brute-force </li></ul><ul><li>Vulnerability of passwords </li></ul><ul><li>Disadvantages </li></ul>
  6. 6. Password management <ul><li>Way of storing </li></ul><ul><li>For a single system </li></ul><ul><li>For an organization or in the web </li></ul>
  7. 7. In single system
  8. 8. In an organization or web
  9. 9. Approach of attacker
  10. 10. BACKGROUND FOR PASSWORD CRACKING
  11. 11. Trojan horse attack Trojan horse attack Virus program Social engineering Reading password verification database Intercepting hashed passed over an open network Gaining access to hashed passwords
  12. 12. PRINCIPLE ATTACK METHODS <ul><li>Weak encryption </li></ul><ul><li>Guessing </li></ul><ul><li>Dictionary attack </li></ul><ul><li>Brute-force attack </li></ul><ul><li>Pre-computation </li></ul><ul><li>salting </li></ul>
  13. 14. An example cracking sesssion <ul><li>SQL> alter user scott identified by gf4h7; </li></ul><ul><li>User altered. </li></ul><ul><li>SQL> select password from dba_users where username='SCOTT'; </li></ul><ul><li>PASSWORD </li></ul><ul><li>------------------------------ </li></ul><ul><li>EF2D6ED2EDC1036B </li></ul><ul><li>D:orabf> orabf EF2D6ED2EDC1036B:SCOTT –c 3 –m 5 </li></ul><ul><li>orabf v0.7.2, (C)2005 orm@toolcrypt.org </li></ul><ul><li>--------------------------------------- </li></ul><ul><li>Trying default passwords </li></ul><ul><li>Starting brute force session </li></ul><ul><li>press 'q' to quit. any other key to see status </li></ul><ul><li>password found:SCOTT:GF4H7 </li></ul><ul><li>29307105 passwords tried. elapsed time 00:00:40. t/s:715700 </li></ul>
  14. 15. PMP solution <ul><li>Need for this </li></ul><ul><li>passwords at various levels. </li></ul><ul><li>Mismanagement of privileged passwords. </li></ul>
  15. 17. Features <ul><li>  Secure, Centralized Repository of Passwords. </li></ul><ul><li>Manage shared administrative passwords. </li></ul><ul><li>Role based access control for users. </li></ul><ul><li>Ad/ldap integration. </li></ul><ul><li>Enforcement of password policies. </li></ul><ul><li>Remote password synchronization. </li></ul><ul><li>Auditing all user access to passwords. </li></ul><ul><li>Personal password management for users. </li></ul><ul><li>Access through any web browser. </li></ul>
  16. 18. Look after…. <ul><li>Use good passwords and keep them secure </li></ul><ul><li>Backup your data </li></ul><ul><li>Report incidents/vulnerabilities </li></ul><ul><li>Secure your workplace </li></ul><ul><li>Keep your Anti-Virus software up-to-date </li></ul><ul><li>Keep your operating system and application software patched </li></ul><ul><li>Use e-mail carefully </li></ul><ul><li>Don’t download indiscriminately or run “unknown” programs </li></ul><ul><li>Classify all documents containing sensitive information </li></ul><ul><li>Dispose of sensitive information appropriately </li></ul><ul><li>Ensure you comply with all legal requirements </li></ul>
  17. 19. CONCLUSION <ul><li>Who ever the cause for this problem whether user, organization, or cracker we should secure our-self with the un authorized activity of cracking. </li></ul>
  18. 20. <ul><li>http://www.toolcrypt.org </li></ul><ul><li>http://www.passwordcrackers.com </li></ul><ul><li>http://www.google.co.in </li></ul>
  19. 21. THANK U QUERIES???

×