Ethical hacking


Published on

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • © Altacit Global 2009 Email:
  • Ethical hacking

    1. 1. ETHICAL HACKING Jeni Varghese Patents Dept .
    2. 2. What is Ethical Hacking? <ul><li>Ethical hacking is broadly defined as the methodology that ethical hackers adopt to discover existing vulnerabilities (security issues) in an information system’s (computer or network or software application) operating environment </li></ul>
    3. 3. Can Hacking be Ethical? <ul><li>The term hacking has over the time earned a negative reputation and has been associated with destructive and undesirable activities. The following terms come across commonly in context of hacking </li></ul><ul><li>Hacker (noun) = A person who enjoys learning the details of computer systems and stretching its capabilities </li></ul><ul><li>Hacking (verb) = Describes rapid development of new programs or reverse-engineering existing software to make code better and more efficient </li></ul><ul><li>Cracker = A person who employs his/her hacking skills for offensive purposes </li></ul><ul><li>Ethical Hacker = Computer security professionals who employ their hacking skills for defensive purposes </li></ul>
    4. 4. Essential terminologies <ul><li>Threat </li></ul><ul><ul><li>An action or event that might compromise security </li></ul></ul><ul><li>Vulnerability </li></ul><ul><ul><li>Existence of weakness, design/implementation error that can lead to an unexpected, undesirable event compromising the security of the system </li></ul></ul><ul><li>Exploit </li></ul><ul><ul><li>A defined way to breach the security of an IT system through vulnerability </li></ul></ul><ul><li>Target of evaluation </li></ul><ul><ul><li>An IT system, product or component that is identified as requiring security evaluation </li></ul></ul><ul><li>Attack </li></ul><ul><ul><li>An attack is any action that violates security </li></ul></ul>
    5. 5. Why is Computer Security Important? <ul><li>More number of network based applications </li></ul><ul><li>Technology focused on ease of use </li></ul><ul><li>Low skill level needed for hacking </li></ul><ul><li>A security breach directly impacts the corporate asset base and goodwill </li></ul><ul><li>Computer infrastructure management is getting complex day by day </li></ul>
    6. 6. Security, Functionality and Ease of Use Triangle Functionality Security Ease of Use Moving the ball towards security means moving away from functionality and ease of use
    7. 7. Elements of Security <ul><li>Security </li></ul><ul><ul><li>A state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering and disruption of information and services is kept low and tolerable </li></ul></ul><ul><li>Essential Security Elements </li></ul><ul><ul><li>Confidentiality: concealment of information or resources </li></ul></ul><ul><ul><li>Authenticity: identification and assurance of origin of information </li></ul></ul><ul><ul><li>Integrity: trustworthiness of data and resources in terms of preventing improper and unauthorized changes </li></ul></ul><ul><ul><li>Availability: ability to use the information or resource desired by the authorized personnel. </li></ul></ul><ul><li>A hacking event will affect any one or more of the essential security elements </li></ul>
    8. 8. <ul><li>Malicious hacker steals, tampers or denies access to information. Various phases are: </li></ul><ul><li>Reconnaissance </li></ul><ul><ul><li>This is the phase where the attacker gathers information about a target </li></ul></ul><ul><li>Scanning </li></ul><ul><ul><li>Attacker begins to actively probe the target for vulnerabilities </li></ul></ul><ul><li>Gaining Access </li></ul><ul><ul><li>If vulnerability is detected attacker exploit it to gain access to system </li></ul></ul><ul><li>Maintaining Access </li></ul><ul><ul><li>Once access is gained, attacker usually maintains access to fulfill his/her purpose </li></ul></ul><ul><li>Covering Tracks </li></ul><ul><ul><li>Attacker tries to destroy all evidence of the attack to evade legal punitive actions </li></ul></ul>Malicious Hacking
    9. 9. Ethical Hacking <ul><li>Ethical hackers are also known as White Hats </li></ul><ul><li>Ethical hacking is done to test and evaluate the security of an information system, network, etc. </li></ul><ul><li>Ethical hacking is done in a similar fashion as malicious hacking </li></ul><ul><li>The major difference is the intent which is to identify security threats and provide a solution </li></ul><ul><li>Whereas the intent in malicious hacking is to steal, destroy or restrict access of digital information </li></ul>
    10. 10. How to Conduct Ethical Hacking? <ul><li>Determine the need for testing </li></ul><ul><li>Obtain written permission to test </li></ul><ul><li>Prepare a team and draw up a testing schedule </li></ul><ul><li>Conduct the test </li></ul><ul><li>Analyze the results and prepare a report including corrective actions </li></ul>
    11. 11. Approaches to Ethical Hacking <ul><li>Ethical hacker may attempt to perform attack over various channels: </li></ul><ul><li>Remote network – attack launched against firewalls and filtering routers from outside the network(LAN) </li></ul><ul><li>Local Network – simulate an employee or authorized person who has legal/authorized connection to organization’s network </li></ul><ul><li>Stolen equipment – Verify security of Laptops or other portable medium which can be stolen. This may contain confidential information, password, authentication data which can compromise an organization’s network </li></ul><ul><li>Social Engineering – The test evaluates the integrity and awareness of a target organization’s personnel. </li></ul><ul><li>Physical entry – This test is primarily targeted to check whether or not security policies are enforced. </li></ul>
    12. 12. Stages of Ethical Hacking <ul><li>Ethical hacking on a system is done in step-wise manner and the vulnerability is analyzed in each stage </li></ul><ul><li>Foot printing – determine the target system’s physical location, IP address, Operating system etc. </li></ul><ul><li>Scanning – actively scan for services or open ports </li></ul><ul><li>Enumeration – extraction of user names, machine names, network resources, shares and services </li></ul><ul><li>System Hacking </li></ul><ul><ul><li>Password Cracking – guessing, cracking tools, packet sniffers, key loggers, etc. </li></ul></ul><ul><ul><li>Escalating Privileges – to administrator or full access </li></ul></ul><ul><ul><li>Executing Applications – execute desired applications </li></ul></ul><ul><ul><li>Hiding Files – leave Trojans, Viruses, Worms or Rootkits for further actions </li></ul></ul><ul><ul><li>Covering Tracks – remove all trace logs </li></ul></ul><ul><li>*Denial of Service (DoS) attacks – make the system unavailable by flooding the system with numerous unwanted requests </li></ul>
    13. 13. Malwares – Virus, Trojan, Worm, Rootkit, Adware, Spyware <ul><li>Virus – self-replicating computer program which spreads through network or file system </li></ul><ul><li>Trojan – a hidden computer program which steals information from the target computer </li></ul><ul><li>Worm – self-replicating computer program which evolves by exploiting vulnerabilities and transmits to different systems in network </li></ul><ul><li>Rootkit – program enables continued privileged access and remains hidden </li></ul><ul><li>Dishonest Adware – automatically plays, displays advertisements </li></ul><ul><li>Spyware – collects information about users without their knowledge </li></ul><ul><li>Malware – general term for all of the above </li></ul>
    14. 14. How to Prevent a Malicious Attack? <ul><li>Do not disable anti-virus </li></ul><ul><li>Update anti-virus regularly </li></ul><ul><li>Do not disable firewall (windows firewall) </li></ul><ul><li>Update operating system regularly (automatic updates in windows) </li></ul><ul><li>Do not open emails, attachments from unknown senders </li></ul><ul><li>Keep phishing filter on </li></ul><ul><li>Do not install un-verified software </li></ul><ul><li>Change password of system regularly </li></ul><ul><li>Lock the computer when away from desk </li></ul><ul><li>Verify digital certificates for secure authentication </li></ul>
    15. 15. Cyber Crime Laws – INDIA <ul><li>IT Act 2008 – Chapter IX. PENALTIES , COMPENSATION AND ADJUDICATION – Section 43 </li></ul><ul><li>Penalty and Compensation for damage to computer, computer system, etc. </li></ul><ul><li>If any person without permission of the owner or any other person who is in-charge of a computer, computer system or computer network - </li></ul><ul><li>(a) accesses or secures access to such computer, computer system or computer network or computer resource </li></ul><ul><li>(b) downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium </li></ul><ul><li>(c) introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network </li></ul><ul><li>(d) damages or causes to be damaged any computer, computer system or computer network, data, computer data base or any other programs residing in such computer, computer system or computer network </li></ul>
    16. 16. <ul><li>(e) disrupts or causes disruption of any computer, computer system or computer network </li></ul><ul><li>(f) denies or causes the denial of access to any person authorized to access any computer, computer system or computer network by any means </li></ul><ul><li>(g) provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made thereunder </li></ul><ul><li>(h) charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system, or computer network </li></ul><ul><li>(i) destroys, deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means </li></ul><ul><li>(i) Steals, conceals, destroys or alters or causes any person to steal, conceal, destroy or alter any computer source code used for a computer resource with an intention to cause damage, </li></ul><ul><li>He/she shall be liable to pay damages by way of compensation. </li></ul>Cyber Crime Laws – INDIA (contd.)
    17. 17. <ul><li>Section 66: Computer related offences.- If any person, dishonestly or fraudulently, does any act referred to in section 43, he shall be punishable with imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees or with both. </li></ul>
    18. 18. How to become a Ethical Hacker? <ul><li>Proficient Networking skills </li></ul><ul><li>Good knowledge on Operating system administration </li></ul><ul><li>Programming knowledge </li></ul><ul><li>Certification like CEH or CISSP covers the process </li></ul>
    19. 19. Ethical Hacking <ul><li>THANK YOU </li></ul>