SlideShare a Scribd company logo

Anatomy of Aman

Download as PPTX, PDF
D
daniyalqureshi712
1 of 19
MUHAMMAD DANIYAL (CS-13-32)
THREAT:anaction oreventthatmightcompromise security. Athreat isapotential violationofsecurity. VULNERABILITY–existenceofaweakness,design,or implementation errorthatcanleadtoanunexpectedand undesirableeventcompromisingthesecurityofthesystem. EXPLOIT–adefinedwaytobreachthesecurityofanITsystem throughavulnerability. ATTACK–anassaultonthesystemsecuritythatisderivedfrom anintelligentthreat. Anattackisanyactionthatviolatessecurity. WHAT YOU SHOULD KNOW FIRST ...
HACKER CATEGORIES… BLACK HAT… individualswithextraordinary computing skills,resorting to maliciousordestructive activities. Alsoknownascrackers. WHITE HAT… individualsprofessing hacker skillsandusingthem for defensive purposes. Alsoknownassecurity analysts. GRAY HAT… individuals who work both offensively and defensively at various times. SUICIDERS… individualswhoaimtobringdowncritical infrastructure for a “cause” (Hacktivism) anddonotworryaboutpunishment.
HACKER QUALITIES… A HACKER SHOULD… HAVEdeepknowledgeoftargetplatforms,suchasWindows, UnixandLinux  Havebasicknowledgeofnetworkingandrelatedhardwareand software befamiliarwithvulnerabilitystudy. be“highlytechnical”tolaunchsophisticatedattacks bepreparedtofollowastrictcodeofconduct(whitehats) Professionalsneedtoknowwhatitistheyaretryingtoprotect, againstwhom,andwhatresourcesitiswillingtoexpendinorderto gainprotection.
PHASES OF HACKING… Reconnaissance Scanning Gaining Access Maintaining Access Cleaning
1. RECONAISSANCE… Reconnaissancereferstothepreparatoryphasewhereanattacker seekstogatherasmuchinformationaspossibleaboutatargetprior tolaunchinganattack. TYPES OF RECONAISSANCE… Passivereconnaissanceinvolvesacquiringinformationwithoutdirectlyinteracting withthetarget. Ex:Searchingpublicrecordsornewsreleases. Activereconnaissanceinvolvesinteractingwiththetargetdirectlybyanymeans. Ex:Telephonecallstohelpdeskortechnicaldepartments
2. SCANNING… iTreferstothepre-attackphasewhenthehackerscansthenetwork forspecificinformationonthebasisofinformationgatheredduring reconnaissance.Hackershavetogetasinglepointofentrytolaunch anattack.
TYPES OF SCANNING…  Portscanning–aseriesofmessagessenttoacomputertolearnaboutservices.  NetworkScanning–aprocedureforidentifyingactivehostsonanetwork.  VulnerabilityScanning–automatedprocessofproactivelyidentifyingvulnerabilitiesof computingsystems.
PHASES OF SCANNING… Check for live systems Identify services Banner grabbing OS fingerprinting Scan for vulnerabilities Draw network diagrams of vulnerable hosts Prepare proxiesAttack
3. GAINING ACCESS…  Gainingaccessreferstothepenetrationphase. Thehackerexploitsthe vulnerabilityinthesystem.  Thehackercangainaccessattheoperatingsystemlevel,applicationlevel, ornetworklevel.
HOW TO GAIN ACCESS ??! Thereareseveralwaysanattackercangainaccesstoasystem. Theattackermustbeabletoexploitaweaknessorvulnerabilityin asystem.
HOW TO GAIN ACCESS ??! Applyingpatchesandhotfixesarenoteasyintoday’scomplex networks.  AttackerslookforOSvulnerabilities andexploitthemtogain accesstoanetworksystem. OS ATTACKS… APPLICAION LEVEL ATTACKS SHRINK WRAP CODE… MISCONFG. ATTACKS
HOW TO GAIN ACCESS ??! Securityisoftenanafterthoughtandusuallydeliveredasan“add-on” component.Poorornon-existenterrorcheckinginapplicationsleadstobuffer overflowattacks. OS ATTACKS… APPLICAION LEVEL ATTACKS SHRINK WRAP CODE… MISCONFG. ATTACKS
HOW TO GAIN ACCESS ??! WhenyouinstallanOSorapplication,itcomeswithtonsofsamplescriptsto makethelifeofanadministratoreasy.Theproblemis“notcustomizingthese scripts”.Thiswillleadtodefaultcodeorshrinkwrapcodeattack OS ATTACKS… APPLICAION LEVEL ATTACKS SHRINK WRAP CODE… MISCONFG. ATTACKS
HOW TO GAIN ACCESS ??! Inordertomaximizeyourchancesofconfiguringamachinecorrectly,remove anyunneededservicesorsoftware. OS ATTACKS… APPLICAION LEVEL ATTACKS SHRINK WRAP CODE… MISCONFG. ATTACKS
4. MAINTAINING ACCESS… Thephasewherethehackertriestoretainownershipofthe system. Compromisingoftarget Hackerscanupload,download,ormanipulatedata,applications, andconfigurationsontheownedsystem.
5. COVERING TRACKS…  Coveringtracksreferstotheactivitiesthatthehackerdoestohide theiractions. Examplesincludesteganography,tunneling,andalteringlogfiles.
Conclusion…  Hackingisanart,notascience.  Hackersneedonlyasinglepointofentry.  You’reonlyasstrongasyourweakestlink.  Wherethere’sawill,there’saway.  NeverunderestimateaHacker’sdetermination.  Securityshouldneverbeanafterthought.
IF THERE IS ANY QUESTION, PLEASE ASK

Recommended

Dhams hacking
Dhams hackingDhams hacking
Dhams hacking
dharmesh ram
 
Isys20261 lecture 03
Isys20261 lecture 03Isys20261 lecture 03
Isys20261 lecture 03
Wiliam Ferraciolli
 
hacking basics
hacking basicshacking basics
hacking basics
dharmesh ram
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
Dharmesh Makwana
 
Hacking version 2
Hacking version 2Hacking version 2
Hacking version 2
mubeenm50
 
Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking Overview
Subhoneel Datta
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
achint20
 
Computer hacking and security - Social Responsibility of IT Professional by M...
Computer hacking and security - Social Responsibility of IT Professional by M...Computer hacking and security - Social Responsibility of IT Professional by M...
Computer hacking and security - Social Responsibility of IT Professional by M...
Mark John Lado, MIT
 

Recommended

Dhams hacking
Dhams hackingDhams hacking
Dhams hacking
dharmesh ram
 
Isys20261 lecture 03
Isys20261 lecture 03Isys20261 lecture 03
Isys20261 lecture 03
Wiliam Ferraciolli
 
hacking basics
hacking basicshacking basics
hacking basics
dharmesh ram
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
Dharmesh Makwana
 
Hacking version 2
Hacking version 2Hacking version 2
Hacking version 2
mubeenm50
 
Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking Overview
Subhoneel Datta
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
achint20
 
Computer hacking and security - Social Responsibility of IT Professional by M...
Computer hacking and security - Social Responsibility of IT Professional by M...Computer hacking and security - Social Responsibility of IT Professional by M...
Computer hacking and security - Social Responsibility of IT Professional by M...
Mark John Lado, MIT
 
Ethical hacking 2016
Ethical hacking 2016 Ethical hacking 2016
Ethical hacking 2016
arohan6
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
arohan6
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
arohan6
 
Hackers
HackersHackers
Hackers
kaneesha1234
 
CSSE-Ethical-Hacking-ppt.pptx
CSSE-Ethical-Hacking-ppt.pptxCSSE-Ethical-Hacking-ppt.pptx
CSSE-Ethical-Hacking-ppt.pptx
VishnuVarma47
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Priyanshu Ratnakar
 
module 3 Cyber Risks and Incident Management.pptx
module 3 Cyber Risks and Incident Management.pptxmodule 3 Cyber Risks and Incident Management.pptx
module 3 Cyber Risks and Incident Management.pptx
Gautam708801
 
Ethical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptxEthical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptx
MaheshDhope1
 
Introduction to Hacking
Introduction to HackingIntroduction to Hacking
Introduction to Hacking
Rishabha Garg
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
AnshumaanTiwari2
 
What is Hacking? AND Types of Hackers
What is Hacking? AND Types of HackersWhat is Hacking? AND Types of Hackers
What is Hacking? AND Types of Hackers
infosavvy
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
VishnuVarma47
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
vishakha bhagwat
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
shreya_omar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Alapan Banerjee
 
Hackers final
Hackers finalHackers final
Hackers final
Mirna Hanna
 
Hackers final
Hackers finalHackers final
Hackers final
Mirna Hanna
 
Information security
Information securityInformation security
Information security
Varshil Patel
 
PPIT Lecture 17
PPIT Lecture 17PPIT Lecture 17
PPIT Lecture 17
Kashif Sohail
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
zing12345
 

More Related Content

Similar to Anatomy of Aman

CSSE-Ethical-Hacking-ppt.pptx
CSSE-Ethical-Hacking-ppt.pptxCSSE-Ethical-Hacking-ppt.pptx
CSSE-Ethical-Hacking-ppt.pptx
VishnuVarma47
 
module 3 Cyber Risks and Incident Management.pptx
module 3 Cyber Risks and Incident Management.pptxmodule 3 Cyber Risks and Incident Management.pptx
module 3 Cyber Risks and Incident Management.pptx
Gautam708801
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
VishnuVarma47
 

Similar to Anatomy of Aman (20)

Ethical hacking 2016
Ethical hacking 2016 Ethical hacking 2016
Ethical hacking 2016
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hackers
HackersHackers
Hackers
 
CSSE-Ethical-Hacking-ppt.pptx
CSSE-Ethical-Hacking-ppt.pptxCSSE-Ethical-Hacking-ppt.pptx
CSSE-Ethical-Hacking-ppt.pptx
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
module 3 Cyber Risks and Incident Management.pptx
module 3 Cyber Risks and Incident Management.pptxmodule 3 Cyber Risks and Incident Management.pptx
module 3 Cyber Risks and Incident Management.pptx
 
Ethical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptxEthical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptx
 
Introduction to Hacking
Introduction to HackingIntroduction to Hacking
Introduction to Hacking
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
 
What is Hacking? AND Types of Hackers
What is Hacking? AND Types of HackersWhat is Hacking? AND Types of Hackers
What is Hacking? AND Types of Hackers
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hackers final
Hackers finalHackers final
Hackers final
 
Hackers final
Hackers finalHackers final
Hackers final
 
Information security
Information securityInformation security
Information security
 
PPIT Lecture 17
PPIT Lecture 17PPIT Lecture 17
PPIT Lecture 17
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 

Anatomy of Aman