Ethical hacking involves using the same techniques as malicious hackers but in a lawful and legitimate way to test an organization's security and help improve it. An ethical hacker obtains permission, then attempts to find and report on vulnerabilities to help organizations fix security issues before criminals can exploit them. The goal is to maintain authorized access, avoid damaging systems, and respect confidentiality and privacy. Ethical hacking follows steps like reconnaissance, scanning, access, reporting results and recommending solutions. It helps balance security, functionality and ease of use.

1. ETHICAL HACKING Jeni Varghese Patents Dept .

2. What is Ethical Hacking? Ethical hacking is broadly defined as the methodology that ethical hackers adopt to discover existing vulnerabilities (security issues) in an information system’s (computer or network or software application) operating environment

3. Can Hacking be Ethical? The term hacking has over the time earned a negative reputation and has been associated with destructive and undesirable activities. The following terms come across commonly in context of hacking Hacker (noun) = A person who enjoys learning the details of computer systems and stretching its capabilities Hacking (verb) = Describes rapid development of new programs or reverse-engineering existing software to make code better and more efficient Cracker = A person who employs his/her hacking skills for offensive purposes Ethical Hacker = Computer security professionals who employ their hacking skills for defensive purposes

4. Essential terminologies Threat An action or event that might compromise security Vulnerability Existence of weakness, design/implementation error that can lead to an unexpected, undesirable event compromising the security of the system Exploit A defined way to breach the security of an IT system through vulnerability Target of evaluation An IT system, product or component that is identified as requiring security evaluation Attack An attack is any action that violates security

5. Why is Computer Security Important? More number of network based applications Technology focused on ease of use Low skill level needed for hacking A security breach directly impacts the corporate asset base and goodwill Computer infrastructure management is getting complex day by day

6. Security, Functionality and Ease of Use Triangle Functionality Security Ease of Use Moving the ball towards security means moving away from functionality and ease of use

7. Elements of Security Security A state of well-being of information and infrastructures in which the possibility of successful yet undetected theft, tampering and disruption of information and services is kept low and tolerable Essential Security Elements Confidentiality: concealment of information or resources Authenticity: identification and assurance of origin of information Integrity: trustworthiness of data and resources in terms of preventing improper and unauthorized changes Availability: ability to use the information or resource desired by the authorized personnel. A hacking event will affect any one or more of the essential security elements

8. Malicious hacker steals, tampers or denies access to information. Various phases are: Reconnaissance This is the phase where the attacker gathers information about a target Scanning Attacker begins to actively probe the target for vulnerabilities Gaining Access If vulnerability is detected attacker exploit it to gain access to system Maintaining Access Once access is gained, attacker usually maintains access to fulfill his/her purpose Covering Tracks Attacker tries to destroy all evidence of the attack to evade legal punitive actions Malicious Hacking

9. Ethical Hacking Ethical hackers are also known as White Hats Ethical hacking is done to test and evaluate the security of an information system, network, etc. Ethical hacking is done in a similar fashion as malicious hacking The major difference is the intent which is to identify security threats and provide a solution Whereas the intent in malicious hacking is to steal, destroy or restrict access of digital information

10. How to Conduct Ethical Hacking? Determine the need for testing Obtain written permission to test Prepare a team and draw up a testing schedule Conduct the test Analyze the results and prepare a report including corrective actions

11. Approaches to Ethical Hacking Ethical hacker may attempt to perform attack over various channels: Remote network – attack launched against firewalls and filtering routers from outside the network(LAN) Local Network – simulate an employee or authorized person who has legal/authorized connection to organization’s network Stolen equipment – Verify security of Laptops or other portable medium which can be stolen. This may contain confidential information, password, authentication data which can compromise an organization’s network Social Engineering – The test evaluates the integrity and awareness of a target organization’s personnel. Physical entry – This test is primarily targeted to check whether or not security policies are enforced.

12. Stages of Ethical Hacking Ethical hacking on a system is done in step-wise manner and the vulnerability is analyzed in each stage Foot printing – determine the target system’s physical location, IP address, Operating system etc. Scanning – actively scan for services or open ports Enumeration – extraction of user names, machine names, network resources, shares and services System Hacking Password Cracking – guessing, cracking tools, packet sniffers, key loggers, etc. Escalating Privileges – to administrator or full access Executing Applications – execute desired applications Hiding Files – leave Trojans, Viruses, Worms or Rootkits for further actions Covering Tracks – remove all trace logs *Denial of Service (DoS) attacks – make the system unavailable by flooding the system with numerous unwanted requests

13. Malwares – Virus, Trojan, Worm, Rootkit, Adware, Spyware Virus – self-replicating computer program which spreads through network or file system Trojan – a hidden computer program which steals information from the target computer Worm – self-replicating computer program which evolves by exploiting vulnerabilities and transmits to different systems in network Rootkit – program enables continued privileged access and remains hidden Dishonest Adware – automatically plays, displays advertisements Spyware – collects information about users without their knowledge Malware – general term for all of the above

14. How to Prevent a Malicious Attack? Do not disable anti-virus Update anti-virus regularly Do not disable firewall (windows firewall) Update operating system regularly (automatic updates in windows) Do not open emails, attachments from unknown senders Keep phishing filter on Do not install un-verified software Change password of system regularly Lock the computer when away from desk Verify digital certificates for secure authentication

15. Cyber Crime Laws – INDIA IT Act 2008 – Chapter IX. PENALTIES , COMPENSATION AND ADJUDICATION – Section 43 Penalty and Compensation for damage to computer, computer system, etc. If any person without permission of the owner or any other person who is in-charge of a computer, computer system or computer network - (a) accesses or secures access to such computer, computer system or computer network or computer resource (b) downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium (c) introduces or causes to be introduced any computer contaminant or computer virus into any computer, computer system or computer network (d) damages or causes to be damaged any computer, computer system or computer network, data, computer data base or any other programs residing in such computer, computer system or computer network

16. (e) disrupts or causes disruption of any computer, computer system or computer network (f) denies or causes the denial of access to any person authorized to access any computer, computer system or computer network by any means (g) provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made thereunder (h) charges the services availed of by a person to the account of another person by tampering with or manipulating any computer, computer system, or computer network (i) destroys, deletes or alters any information residing in a computer resource or diminishes its value or utility or affects it injuriously by any means (i) Steals, conceals, destroys or alters or causes any person to steal, conceal, destroy or alter any computer source code used for a computer resource with an intention to cause damage, He/she shall be liable to pay damages by way of compensation. Cyber Crime Laws – INDIA (contd.)

17. Section 66: Computer related offences.- If any person, dishonestly or fraudulently, does any act referred to in section 43, he shall be punishable with imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees or with both.

18. How to become a Ethical Hacker? Proficient Networking skills Good knowledge on Operating system administration Programming knowledge Certification like CEH or CISSP covers the process

19. Ethical Hacking THANK YOU