Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ethical hacking


Published on

Published in: Technology
  • Be the first to comment

Ethical hacking

  1. 1. ETHICAL HACKING Jeni Varghese Patents Dept .
  2. 2. What is Ethical Hacking? <ul><li>Ethical hacking is broadly defined as the methodology that ethical hackers adopt to discover existing vulnerabilities (security issues) in an information system’s (computer or network or software application) operating environment </li></ul>
  3. 3. Can Hacking be Ethical? <ul><li>The term hacking has over the time earned a negative reputation and has been associated with destructive and undesirable activities. The following terms come across commonly in context of hacking </li></ul><ul><li>Hacker (noun) = A person who enjoys learning the details of computer systems and stretching its capabilities </li></ul><ul><li>Hacking (verb) = Describes rapid development of new programs or reverse-engineering existing software to make code better and more efficient </li></ul><ul><li>Cracker = A person who employs his/her hacking skills for offensive purposes </li></ul><ul><li>Ethical Hacker = Computer security professionals who employ their hacking skills for defensive purposes </li></ul>
  4. 4. Essential terminologies <ul><li>Threat </li></ul><ul><ul><li>An action or event that might compromise security </li></ul></ul><ul><li>Vulnerability </li></ul><ul><ul><li>Existence of weakness, design/implementation error that can lead to an unexpected, undesirable event compromising the security of the system </li></ul></ul><ul><li>Exploit </li></ul><ul><ul><li>A defined way to breach the security of an IT system through vulnerability </li></ul></ul><ul><li>Target of evaluation </li></ul><ul><ul><li>An IT system, product or component that is identified as requiring security evaluation </li></ul></ul><ul><li>Attack </li></ul><ul><ul><li>An attack is any action that violates security </li></ul></ul>
  5. 5. Why is Computer Security Important? <ul><li>More number of network based applications </li></ul><ul><li>Technology focused on ease of use </li></ul><ul><li>Low skill level needed for hacking </li></ul><ul><li>A security breach directly impacts the corporate asset base and goodwill </li></ul><ul><li>Computer infrastructure management is getting complex day by day </li></ul>
  6. 6. Security, Functionality and Ease of Use Triangle Functionality Security Ease of Use Moving the ball towards security means moving away from functionality and ease of use
  7. 7. Elements of Security <ul><li>Security </li></ul><ul><ul><li>A state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering and disruption of information and services is kept low and tolerable </li></ul></ul><ul><li>Essential Security Elements </li></ul><ul><ul><li>Confidentiality: concealment of information or resources </li></ul></ul><ul><ul><li>Authenticity: identification and assurance of origin of information </li></ul></ul><ul><ul><li>Integrity: trustworthiness of data and resources in terms of preventing improper and unauthorized changes </li></ul></ul><ul><ul><li>Availability: ability to use the information or resource desired by the authorized personnel. </li></ul></ul><ul><li>A hacking event will affect any one or more of the essential security elements </li></ul>
  8. 8. <ul><li>Malicious hacker steals, tampers or denies access to information. Various phases are: </li></ul><ul><li>Reconnaissance </li></ul><ul><ul><li>This is the phase where the attacker gathers information about a target </li></ul></ul><ul><li>Scanning </li></ul><ul><ul><li>Attacker begins to actively probe the target for vulnerabilities </li></ul></ul><ul><li>Gaining Access </li></ul><ul><ul><li>If vulnerability is detected attacker exploit it to gain access to system </li></ul></ul><ul><li>Maintaining Access </li></ul><ul><ul><li>Once access is gained, attacker usually maintains access to fulfill his/her purpose </li></ul></ul><ul><li>Covering Tracks </li></ul><ul><ul><li>Attacker tries to destroy all evidence of the attack to evade legal punitive actions </li></ul></ul>Malicious Hacking
  9. 9. Ethical Hacking <ul><li>Ethical hackers are also known as White Hats </li></ul><ul><li>Ethical hacking is done to test and evaluate the security of an information system, network, etc. </li></ul><ul><li>Ethical hacking is done in a similar fashion as malicious hacking </li></ul><ul><li>The major difference is the intent which is to identify security threats and provide a solution </li></ul><ul><li>Whereas the intent in malicious hacking is to steal, destroy or restrict access of digital information </li></ul>
  10. 10. How to Conduct Ethical Hacking? <ul><li>Determine the need for testing </li></ul><ul><li>Obtain written permission to test </li></ul><ul><li>Prepare a team and draw up a testing schedule </li></ul><ul><li>Conduct the test </li></ul><ul><li>Analyze the results and prepare a report including corrective actions </li></ul>
  11. 11. Approaches to Ethical Hacking <ul><li>Ethical hacker may attempt to perform attack over various channels: </li></ul><ul><li>Remote network – attack launched against firewalls and filtering routers from outside the network(LAN) </li></ul><ul><li>Local Network – simulate an employee or authorized person who has legal/authorized connection to organization’s network </li></ul><ul><li>Stolen equipment – Verify security of Laptops or other portable medium which can be stolen. This may contain confidential information, password, authentication data which can compromise an organization’s network </li></ul><ul><li>Social Engineering – The test evaluates the integrity and awareness of a target organization’s personnel. </li></ul><ul><li>Physical entry – This test is primarily targeted to check whether or not security policies are enforced. </li></ul>
  12. 12. Stages of Ethical Hacking <ul><li>Ethical hacking on a system is done in step-wise manner and the vulnerability is analyzed in each stage </li></ul><ul><li>Foot printing – determine the target system’s physical location, IP address, Operating system etc. </li></ul><ul><li>Scanning – actively scan for services or open ports </li></ul><ul><li>Enumeration – extraction of user names, machine names, network resources, shares and services </li></ul><ul><li>System Hacking </li></ul><ul><ul><li>Password Cracking – guessing, cracking tools, packet sniffers, key loggers, etc. </li></ul></ul><ul><ul><li>Escalating Privileges – to administrator or full access </li></ul></ul><ul><ul><li>Executing Applications – execute desired applications </li></ul></ul><ul><ul><li>Hiding Files – leave Trojans, Viruses, Worms or Rootkits for further actions </li></ul></ul><ul><ul><li>Covering Tracks – remove all trace logs </li></ul></ul><ul><li>*Denial of Service (DoS) attacks – make the system unavailable by flooding the system with numerous unwanted requests </li></ul>
  13. 13. Malwares – Virus, Trojan, Worm, Rootkit, Adware, Spyware <ul><li>Virus – self-replicating computer program which spreads through network or file system </li></ul><ul><li>Trojan – a hidden computer program which steals information from the target computer </li></ul><ul><li>Worm – self-replicating computer program which evolves by exploiting vulnerabilities and transmits to different systems in network </li></ul><ul><li>Rootkit – program enables continued privileged access and remains hidden </li></ul><ul><li>Dishonest Adware – automatically plays, displays advertisements </li></ul><ul><li>Spyware – collects information about users without their knowledge </li></ul><ul><li>Malware – general term for all of the above </li></ul>
  14. 14. How to Prevent a Malicious Attack? <ul><li>Do not disable anti-virus </li></ul><ul><li>Update anti-virus regularly </li></ul><ul><li>Do not disable firewall (windows firewall) </li></ul><ul><li>Update operating system regularly (automatic updates in windows) </li></ul><ul><li>Do not open emails, attachments from unknown senders </li></ul><ul><li>Keep phishing filter on </li></ul><ul><li>Do not install un-verified software </li></ul><ul><li>Change password of system regularly </li></ul><ul><li>Lock the computer when away from desk </li></ul><ul><li>Verify digital certificates for secure authentication </li></ul>
  15. 15. Cyber Crime Laws – INDIA <ul><li>IT Act 2008 – Chapter IX. PENALTIES , COMPENSATION AND ADJUDICATION – Section 43 </li></ul><ul><li>Penalty and Compensation for damage to computer, computer system, etc. </li></ul><ul><li>If any person without permission of the owner or any other person who is in-charge of a computer, computer system or computer network - </li></ul><ul><li>(a) accesses or secures access to such computer, computer system or computer network or computer resource </li></ul><ul><li>(b) downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium </li></ul><ul><li>(c) introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network </li></ul><ul><li>(d) damages or causes to be damaged any computer, computer system or computer network, data, computer data base or any other programs residing in such computer, computer system or computer network </li></ul>
  16. 16. <ul><li>(e) disrupts or causes disruption of any computer, computer system or computer network </li></ul><ul><li>(f) denies or causes the denial of access to any person authorized to access any computer, computer system or computer network by any means </li></ul><ul><li>(g) provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made thereunder </li></ul><ul><li>(h) charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system, or computer network </li></ul><ul><li>(i) destroys, deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means </li></ul><ul><li>(i) Steals, conceals, destroys or alters or causes any person to steal, conceal, destroy or alter any computer source code used for a computer resource with an intention to cause damage, </li></ul><ul><li>He/she shall be liable to pay damages by way of compensation. </li></ul>Cyber Crime Laws – INDIA (contd.)
  17. 17. <ul><li>Section 66: Computer related offences.- If any person, dishonestly or fraudulently, does any act referred to in section 43, he shall be punishable with imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees or with both. </li></ul>
  18. 18. How to become a Ethical Hacker? <ul><li>Proficient Networking skills </li></ul><ul><li>Good knowledge on Operating system administration </li></ul><ul><li>Programming knowledge </li></ul><ul><li>Certification like CEH or CISSP covers the process </li></ul>
  19. 19. Ethical Hacking <ul><li>THANK YOU </li></ul>