Published on

  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • .
  • Ch03

    1. 1. Lesson 3-Hacker Techniques
    2. 2. Overview <ul><li>Hacker’s motivation. </li></ul><ul><li>Historical hacking techniques. </li></ul><ul><li>Advanced techniques. </li></ul><ul><li>Malicious code. </li></ul><ul><li>Methods used by untargeted hacker. </li></ul><ul><li>Methods used by targeted hacker. </li></ul>
    3. 3. Hacker’s Motivation <ul><li>The term “hacker” was originally coined for an _________ __________________________________________ </li></ul><ul><li>A hacker currently refers to an individual who _________ ______________________________________________ </li></ul><ul><ul><li>Cracker is another term you might hear to refer to ________________________ who breaks into computer and computer networks </li></ul></ul>
    4. 4. Hacker’s Motivation <ul><li>Originally, the most common motivation for hacking into computer systems is the </li></ul><ul><ul><li>The challenge motivation is usually associated with an ______________________________ </li></ul></ul><ul><li>An untargeted hacker is one who ____________________ ______________________________ </li></ul><ul><li>The _________________________________________ ___________________________________________ </li></ul>
    5. 5. Hacker’s Motivation <ul><li>Sites having _______________________ (software, money, information) are primary targets for hackers motivated by _________________________. </li></ul><ul><li>Malicious attacks focus on ________________________ </li></ul><ul><li>The hacker motivated by malicious intent aims at ________________________________________ </li></ul><ul><li>The risk of a hacker being caught and convicted is ______. </li></ul><ul><li>The potential gain from hacking is _______________. </li></ul>
    6. 6. Historical Hacking Techniques <ul><li>____________________________ : </li></ul><ul><ul><li>When the Internet was originally created, most systems were configured to _______________________________________ given much consideration. </li></ul></ul><ul><ul><li>Older versions of Network File System (NFS) used by UNIX allowed ______________________________________________________. </li></ul></ul><ul><ul><ul><li>Hackers used this open file sharing to ___________________________ _____________________________________________ </li></ul></ul></ul><ul><ul><ul><li>NOTE: NFS is still used, is up to version 4 and has since made security much more robust. </li></ul></ul></ul>
    7. 7. Historical Hacking Techniques <ul><li>Open sharing (continued): </li></ul><ul><ul><li>Many operating systems were shipped out with the _________ ______________________________________________. </li></ul></ul><ul><ul><li>What is the danger in this? </li></ul></ul><ul><ul><li>Another vulnerability related to open sharing is __________ </li></ul></ul><ul><ul><li>Rlogin allows users to access ________________________ _______________________________________ </li></ul></ul><ul><ul><ul><li>Hackers can get into a system with remote access, ___________ ____________________________________________________ </li></ul></ul></ul>
    8. 8. Historical Hacking Techniques <ul><li>Weak passwords: </li></ul><ul><ul><li>__________________________________________________________________________________________________ </li></ul></ul><ul><ul><ul><li>A two-character password is easier to guess than an eight-character one. </li></ul></ul></ul><ul><ul><li>Easy to guess passwords allow hackers a quick entry into the system. </li></ul></ul><ul><ul><ul><li>Often through a ____________________________________ _______________________________________________ </li></ul></ul></ul>
    9. 9. Password Supplement to text <ul><li>Passwords are the ________________________________________ on a system </li></ul><ul><li>Password file stored in </li></ul><ul><ul><li>Directory /etc/passwd or /etc/shadow in Unix systems </li></ul></ul><ul><li>Password can be cracked if an attacker has gained _________________ ___________________________________________________ </li></ul><ul><ul><li>Or he must resort to </li></ul></ul><ul><li>Password Cracking – ________________________________________ ________________________________________________________ </li></ul>
    10. 10. Password Supplement to text <ul><li>Question: If an attacker can only obtain a user-level password what kind of threat is that to your system? </li></ul><ul><li>One way to protect passwords is to _____ ____________________________________________________________________________________________________________ even if the password files are obtained. </li></ul><ul><ul><li>Password cracking programs have already been made to work around a one-way hash. </li></ul></ul>
    11. 11. Password Supplement to text <ul><li>Three general methods for cracking passwords </li></ul><ul><ul><li>____________________________________ ____________________________________ </li></ul></ul><ul><ul><ul><li>Countermeasures- enforceable policies and filters </li></ul></ul></ul><ul><ul><li>__________________________ builds upon the dictionary method by _____________________ _____________________________________ </li></ul></ul><ul><ul><ul><li>Slight modifications of dictionary words </li></ul></ul></ul><ul><ul><ul><li>Example: using a password of </li></ul></ul></ul><ul><ul><ul><li>This would satisfy filters </li></ul></ul></ul>
    12. 12. Password Supplement to text <ul><li>Last of the three general methods for cracking passwords </li></ul><ul><ul><li>_____________________ will always recover the password- it’s just a matter of time. </li></ul></ul><ul><ul><ul><li>Most ___________________________________ ________________________________ </li></ul></ul></ul><ul><ul><ul><li>Countermeasures- ____________________________________________ ______________________________________________________________ </li></ul></ul></ul><ul><ul><ul><li>How feasible is that? </li></ul></ul></ul><ul><li>Why would a system administrator want to use a password cracking tool? </li></ul>
    13. 13. Password Supplement to text <ul><li>Different password auditing programs </li></ul><ul><ul><li>__________________________ can be used on Unix or Windows machines </li></ul></ul><ul><ul><ul><li>Fast and configurable </li></ul></ul></ul><ul><ul><li>_______________________- can be used on Windows NT/2000/XP machines </li></ul></ul><ul><ul><ul><li>Newest version- ____________ (there is a fee for this program) </li></ul></ul></ul><ul><ul><ul><li>Can crack using any method talked about earlier </li></ul></ul></ul><ul><ul><ul><li>Configurable and easy to use </li></ul></ul></ul>
    14. 14. Password Supplement to text <ul><li>Example of a Strong Password Policy </li></ul><ul><ul><li>Password change </li></ul></ul><ul><ul><li>Accounts locked </li></ul></ul><ul><ul><li>All passwords must contain ______________ _________________________________ </li></ul></ul><ul><ul><li>Can’t </li></ul></ul>
    15. 15. Historical Hacking Techniques <ul><li>Programming flaws and social engineering: </li></ul><ul><ul><li>Hackers have used ________________________________ ___________________________________________________ </li></ul></ul><ul><ul><li>Many shopping Websites store information entered by the buyer on a _______________________________________________ </li></ul></ul><ul><ul><li>_____________________ is the use of non-technical means to gain unauthorized access to information or systems. </li></ul></ul><ul><ul><ul><li>Includes “dumpster diving”- </li></ul></ul></ul><ul><ul><li>The ______________________ are the most powerful tools used by a hacker using the social engineering technique. </li></ul></ul>
    16. 16. Historical Hacking Techniques <ul><li>Buffer overflow: </li></ul><ul><ul><li>Buffer overflow is _______________________________________ _____________________________________________________ </li></ul></ul><ul><ul><li>A hacker can exploit a buffer overflow to ______________________ _______________________________________________ </li></ul></ul><ul><ul><li>Buffer overflows cause ______________________ such as allowing _______________________________________, cause another application to start, cause a change in a configuration file. </li></ul></ul><ul><ul><li>Buffer overflows exist because ______________________________ ______________________________________________________ </li></ul></ul><ul><ul><ul><li>Widely used functions exist in ______________________ with buffer overflow issues </li></ul></ul></ul>
    17. 17. Historical Hacking Techniques <ul><li>Denial-of-Service (DoS): </li></ul><ul><ul><li>__________________ are malicious acts to deny legitimate users access to a system, network, application, or information. </li></ul></ul><ul><ul><li>Most DoS attacks originate from ______________________. </li></ul></ul><ul><ul><li>In a single-source DoS attack , a ____________________ ________________________________ </li></ul></ul><ul><ul><li>The ________________________ are some of the single-source DoS attacks that have been identified. </li></ul></ul><ul><ul><ul><li>Ping of Death- sending of large amount of data in a ping packet </li></ul></ul></ul>
    18. 18. SYN flood DoS attack <ul><li>Solutions: </li></ul><ul><li>________________________________________________________ </li></ul><ul><li>Obtain a device to ___________________ </li></ul><ul><li>Both these solutions are not always successful in protecting systems from a SYN Flood attack. </li></ul>
    19. 19. Historical Hacking Techniques <ul><li>Distributed Denial-of-Service (DDoS): </li></ul><ul><ul><li>DDoS attacks originate from a _____________________ _____________________________________________ </li></ul></ul><ul><ul><li>A Smurf attack is an example of a DDoS attack </li></ul></ul><ul><ul><ul><li>See next slide </li></ul></ul></ul><ul><ul><li>There are a number of tools available which enable a hacker to launch a DDoS attack. </li></ul></ul>
    20. 20. Smurf DDos attack Gets all the ping responses from all members of the broadcast
    21. 21. Historical Hacking Techniques <ul><li>DDoS process using sophisticated tools: </li></ul><ul><ul><li>A hacker talks to a _____________________________________ _______________________________________ </li></ul></ul><ul><ul><li>The ______________________________________ that have been placed on _____________________________. The slaves, also called __________ , perform the ___________ against the target system. </li></ul></ul><ul><li>The attacks could be comprised of UDP packets, TCP SYN flood packets or ICMP traffic </li></ul><ul><li>See next slide for example… </li></ul>
    22. 22. Historical Hacking Techniques The architecture of DDoS attacks.
    23. 23. Advanced Techniques <ul><li>Sniffing switch networks. </li></ul><ul><li>IP spoofing. </li></ul>
    24. 24. Sniffer suppliment <ul><li>Recall: A sniffer is a _____________________ __________________________________________________________________________________________ </li></ul><ul><ul><li>Packets could contain </li></ul></ul><ul><ul><li>NOTE: sniffers can also be ___________________________ ________________________________________, but software based sniffers are far more common </li></ul></ul><ul><li>Sniffers were much easier to use back when they were used ________________________________ (with devices connected to a hub ) </li></ul><ul><ul><li>The hub would “broadcast” data to every device. Only the device with a matching MAC address would process the data. </li></ul></ul><ul><ul><ul><li>But a sniffer </li></ul></ul></ul>
    25. 25. Sniffing Switch Networks <ul><li>In a switched environment, the hacker must cause the switch to </li></ul><ul><li>Can someone tell me how a switch works once it receives a frame? </li></ul><ul><li>What is ARP used for? </li></ul>
    26. 26. Sniffing Switch Networks <ul><li>Sniffing through ARP spoofing: </li></ul><ul><ul><li>A sniffer may ______________________________________ ____________________________________________ </li></ul></ul><ul><ul><li>The sniffer must then _____________________________ _______________________________________________ </li></ul></ul><ul><ul><li>ARP spoofing is possible only on local subnets. Why would that be? </li></ul></ul>
    27. 27. Sniffing Switch Networks <ul><li>Sniffing through ______________________: </li></ul><ul><ul><li>________________________________________ is another way of getting the switch to redirect the traffic to the sniffer . </li></ul></ul><ul><ul><li>Software is available ______________________ on Windows systems </li></ul></ul><ul><ul><li>On Unix systems, the ability is </li></ul></ul><ul><li>Sniffing through DNS Spoofing: </li></ul><ul><ul><li>A sniffer responds to the sending system’s DNS requests. </li></ul></ul><ul><ul><ul><li>______________________________________________________________________________________________________________________ </li></ul></ul></ul><ul><ul><li>DNS Spoofing is possible if the sniffer is ______________________ ______________________________________________________ </li></ul></ul>
    28. 28. Sniffing Switch Networks <ul><li>Sniffing by </li></ul><ul><ul><li>When the memory used by switches to store the mappings between MAC addresses and physical ports is full, some switches will </li></ul></ul><ul><ul><ul><li>____________________________________________________________________________________________________ </li></ul></ul></ul><ul><ul><ul><li>Effectively turning </li></ul></ul></ul><ul><ul><li>Sniffing requires that the hacker have a system on the ____________________________ </li></ul></ul>
    29. 29. Sniffer suppliment <ul><li>_____________________________ do the same things that sniffers do. </li></ul><ul><ul><li>Used to be that the __________________ the ____________________________________ </li></ul></ul><ul><ul><li>Protocol analyzers can be </li></ul></ul><ul><ul><li>Many good sniffers are </li></ul></ul><ul><ul><ul><li>Free tools are really all some incident handlers and security specialists use </li></ul></ul></ul><ul><ul><ul><li>Downside is that you have to </li></ul></ul></ul>
    30. 30. Sniffer suppliment <ul><li>No matter what your needs, interest or budget, there is most likely at least one sniffer out there that does what you want </li></ul><ul><li>Examples </li></ul><ul><ul><li>See next slide </li></ul></ul>
    31. 31. Examples of Sniffers Windows version of TCPdump Free Windump Sniffer that decodes and prints many common protocols Analyzes only layers 3 and 4 protocols Free TCPdump Also an IDS Free Snort Decodes many specialized protocols Commercial Network Associates Sniffer Specializes in switched networks and man-in-the-middle sniffing Free Ettercap Graphical sniffer with additional analysis functions Analyzes all 7 layers of the OSI model Free Ethereal Suite of sniffing tools; including tools for sniffing switched networks Free Dsniff Comments Availability Sniffer
    32. 32. Details OF IP Spoofing <ul><li>What is Spoofing an IP address? </li></ul><ul><ul><li>_________________________________________________________________________________________________ </li></ul></ul><ul><li>______________________________________________ enables the hacker to attempt an IP spoofing attack </li></ul>
    33. 33. IP Spoofing Details of IP spoofing Not sent back to Hacker’s machine The sequence number must be guessed and this must be done _________ ___________________________________________________________________________________
    34. 34. IP Spoof attack results <ul><li>If the attack progresses well, the hacker will have a legitimate connection to the target system </li></ul><ul><li>He will </li></ul>
    35. 35. IP Spoofing Example Using IP spoofing in the real world <ul><li>First- we know the target and trusted systems have a trust relationship. </li></ul><ul><li>The IP address of the trusted system will be allowed into the target system </li></ul><ul><li>Second- Trusted system must be silenced (with a DoS attack) </li></ul><ul><li>Third- Once we gain access to the target system (step 5), we can make changes- can you think of changes we can make? </li></ul>
    36. 36. Malicious Code <ul><li>Malicious codes include three types of programs: </li></ul>
    37. 37. Computer Viruses <ul><li>Computer viruses are __________________________ ______________________________________ </li></ul><ul><li>Virus codes execute when the ___________________ _____________________________________ </li></ul><ul><li>Malicious viruses may __________________________ _____________________________________________ </li></ul><ul><li>Some viruses just spread themselves to other systems without performing any malicious acts. </li></ul>
    38. 38. How computer viruses spread… <ul><li>When on an infected computer, the virus will _____________________________ ___________________________________________________________________ </li></ul><ul><li>More common method: read the e-mail address book of infected computer and _________________________________ </li></ul>
    39. 39. Trojan Horse Programs <ul><li>A Trojan horse is a </li></ul><ul><li>It is a program that looks benign but actually has a malicious purpose. </li></ul><ul><ul><li>_______________________________________________ _______________________________________________ </li></ul></ul><ul><li>Most Trojan horse programs contain a mechanism to _____ ______________________________________________ </li></ul><ul><li>May be spread through a harmless looking business utility or game etc. </li></ul>
    40. 40. Worms <ul><li>A worm is a program that _______________________ _____________________________________________ </li></ul><ul><ul><li>CodeRed and Slapper Worm are recent examples of worms. </li></ul></ul><ul><li>Hybrid is the combination of two types of malicious codes into </li></ul><ul><ul><li>Example: Nimda- spread like a Trojan horse but then infected the system like a worm </li></ul></ul>
    41. 41. Process of an attack <ul><ul><li>Step involves ______________________ ______________________________ </li></ul></ul><ul><ul><li>Done gathering info from various sources such as ____________________________ ____________ etc. (we will discuss some of these later on) </li></ul></ul><ul><ul><li>Think of this step as </li></ul></ul>
    42. 42. Process of an attack cont.. <ul><ul><li>Allows attacker to focus their efforts and attention on _________________________________________ </li></ul></ul><ul><ul><li>Identify </li></ul></ul><ul><ul><li>Analyze acceptable risk </li></ul></ul><ul><ul><li>Can use ______________ at this step </li></ul></ul><ul><ul><ul><li>best known and most flexible _________________ – used in both Windows and Unix environments </li></ul></ul></ul><ul><ul><ul><li>Finds ports and services (such as OSs) available </li></ul></ul></ul><ul><ul><ul><li>Uses IP packets for scanning </li></ul></ul></ul>
    43. 43. Process of an attack cont.. <ul><ul><li>Use of nbstat </li></ul></ul><ul><li>NOTE: the above 3 steps are involved in </li></ul>
    44. 44. Process of an attack cont.. <ul><ul><li>Through means such as _______________, __________________________ etc. </li></ul></ul><ul><ul><li>___________________ but NOT at level the hacker needs or wants to be at </li></ul></ul><ul><ul><ul><li>Will work on getting </li></ul></ul></ul><ul><ul><li>_____________________________________________________________________ </li></ul></ul>
    45. 45. Process of an attack cont.. <ul><ul><li>Once in- hacker will ________________ from system administrators and other hackers </li></ul></ul><ul><ul><li>Will also </li></ul></ul>
    46. 46. Methods Used by Untargeted Hacker <ul><li>From the beginning of the chapter, can someone tell me what an untargeted hacker is? </li></ul><ul><ul><li>____________________________________________________________________________________________________________________________________________________ </li></ul></ul><ul><ul><li>What is the primary motivation of untargeted hackers? </li></ul></ul>
    47. 47. Methods Used by Untargeted Hacker cont… <ul><li>Internet reconnaissance: </li></ul><ul><ul><li>Untargeted hackers look for ___________________________ they can find. </li></ul></ul><ul><ul><li>The hacker may perform a stealth scan, sometimes in conjunction with a ping sweep. </li></ul></ul><ul><ul><li>A stealth scan is _______________________________ ________________________________ (example on next slide) </li></ul></ul><ul><ul><li>A ping sweep is ___________________________________ ____________________________________________ </li></ul></ul>
    48. 48. Methods Used by Untargeted Hacker cont… Stealth scanning SYN I can send a reset because I know the system is up
    49. 49. Methods Used by Untargeted Hacker cont… Reset scans So… Indicates the target system exists
    50. 50. Methods Used by Untargeted Hacker cont… <ul><li>Some untargeted hackers may also perform the reconnaissance in several steps. </li></ul><ul><ul><li>The hacker may choose a domain name and attempt to perform a zone transfer of DNS against this domain. </li></ul></ul><ul><ul><ul><li>A zone transfer _______________________________________________ __________________________________________________ </li></ul></ul></ul><ul><li>From that list, the hacker may then run a tool such as Nmap to ______________________________________________ </li></ul><ul><li>A stealth scan may be used to ___________________________, and the final list may be used for the actual attacks. </li></ul>
    51. 51. Methods Used by Untargeted Hacker cont… <ul><li>Telephone and wireless reconnaissance: </li></ul><ul><ul><li>Wardialing is a ____________________________________ _______________________________________________ </li></ul></ul><ul><ul><li>Wardriving and Warchalking are methods of wireless reconnaissance (see next slide for definitions) </li></ul></ul>
    52. 52. Methods Used by Untargeted Hacker cont… <ul><li>Wardriving involves driving around with a computer and a wireless network adapter for the express _________________________ _______________________________________ </li></ul><ul><li>Warchalking means that the hacker uses ___________________ or sidewalk outside of a building to _______________________ ____________________________________________________ </li></ul><ul><li>An untargeted hacker will use reconnaissance methods to identify systems. They will look for systems that may be vulnerable to the available exploits. </li></ul>
    53. 53. Methods Used by Untargeted Hacker cont… <ul><li>Use of Compromised Systems: </li></ul><ul><ul><li>Hackers normally place a ____________________________ ________________________________________________ </li></ul></ul><ul><ul><li>The back door entries are put together in a rootkit . </li></ul></ul><ul><ul><li>Hackers may close vulnerabilities they used to gain access, so that </li></ul></ul><ul><ul><li>A compromised system may be used to attack other systems or for reconnaissance purposes. </li></ul></ul><ul><ul><ul><li>Example: installing a password sniffer to capture password for </li></ul></ul></ul>
    54. 54. Rootkit <ul><li>A type of </li></ul><ul><li>A _______________________________ ___________________________________________________________________________ </li></ul><ul><li>Process: </li></ul><ul><ul><li>User level access is obtained by a vulnerability or cracking a password </li></ul></ul><ul><ul><li>Rootkit installed </li></ul></ul><ul><ul><li>User passwords and id’s obtained </li></ul></ul><ul><li>Today, rootkits are _______________________ on a network </li></ul>
    55. 55. Methods Used by Targeted Hacker <ul><li>A targeted hacker ________________________________ ___________________________________________ </li></ul><ul><li>A targeted hacker is motivated by a desire to ___________ _____________________________________________ </li></ul><ul><li>The skill level of targeted hackers tends to be higher than that of untargeted hackers. </li></ul>
    56. 56. Methods Used by Targeted Hacker <ul><li>Reconnaissance: </li></ul><ul><ul><li>Address reconnaissance is the _________________________ _____________________________________________ </li></ul></ul><ul><ul><ul><li>Addresses can be identified through ______________________ ___________________________________________ or through text searches at Network Solutions. </li></ul></ul></ul><ul><ul><li>Additional info on the target can be found by doing a zone transfer if allowed. </li></ul></ul><ul><ul><ul><li>What is a zone transfer? </li></ul></ul></ul>
    57. 57. Methods Used by Targeted Hacker <ul><li>Reconnaissance (continued): </li></ul><ul><ul><li>Phone number reconnaissance is more difficult than identifying network addresses. </li></ul></ul><ul><ul><ul><li>Hacker may attempt to look for __________________________ ________________________________________________ </li></ul></ul></ul><ul><ul><li>The hacker can perform wireless reconnaissance by walking or driving around the organization’s building. </li></ul></ul>
    58. 58. Methods Used by Targeted Hacker <ul><li>Reconnaissance (continued): </li></ul><ul><ul><li>System reconnaissance is used to ____________________ _______________________________________________ </li></ul></ul><ul><ul><li>Ping sweeps, stealth scans, or port scans may be used to identify systems. </li></ul></ul><ul><ul><ul><li>These can be done in such a way so as to not send up a flag from an IDS </li></ul></ul></ul><ul><ul><li>Identifying the operating system may be done by _______________ ________________________________ such as which port are open and ___________________ </li></ul></ul>
    59. 59. Methods Used by Targeted Hacker <ul><li>Reconnaissance (continued): </li></ul><ul><ul><li>Attacking or ____________________________________ ____________________ </li></ul></ul><ul><ul><li>Vulnerability scanners will provide information, but _________ ______________________________________________ </li></ul></ul><ul><ul><ul><li>See next slide for more info on vulnerability scanners </li></ul></ul></ul>
    60. 60. Vulnerability scanner supplement <ul><li>A Vulnerability scanner is a ___________ ______________________________________________________________________________________________________ </li></ul><ul><li>Vulnerabilities checked include ______________________________________________________________________________________________________ </li></ul>
    61. 61. Versions of vulnerability scanners <ul><ul><li>Takes a _____________________________ to securing computer networks. </li></ul></ul><ul><ul><ul><li>_________________________________________________ _________________________________________________________________________________________________ </li></ul></ul></ul><ul><ul><li>Most </li></ul></ul><ul><ul><li>Fast, reliable and includes a variety of plug-ins </li></ul></ul><ul><ul><li>Will not fix security holes- just __________________ ________________________________________ </li></ul></ul><ul><ul><li>Works on Unix-like systems but has a Windows version called </li></ul></ul>
    62. 62. Methods Used by Targeted Hacker <ul><li>Reconnaissance (continued): </li></ul><ul><ul><li>Business reconnaissance will help the hacker identify the __________ ____________________________________________________ </li></ul></ul><ul><ul><li>Studying the employees of the organization may prove valuable for the purpose of </li></ul></ul><ul><ul><li>The hacker may gain access to the organization through its _______ ___________________________________________________________ </li></ul></ul><ul><ul><li>Targeted hackers use physical reconnaissance extensively. </li></ul></ul><ul><ul><ul><li>Weaknesses in physical security may be used to gain access to the site. </li></ul></ul></ul><ul><ul><li>The hacker may also find information by searching a dumpster if trash and paper to be recycled is dumped into it. </li></ul></ul><ul><ul><ul><li>What is this called? </li></ul></ul></ul>
    63. 63. Methods Used by Targeted Hacker <ul><li>Electronic attack methods: </li></ul><ul><ul><li>The hacker may attempt to hide the attack from the intrusion detection system by </li></ul></ul><ul><ul><li>The hacker must make the system ___________________ _________________ if the attack is successful. </li></ul></ul><ul><ul><ul><li>Only removing log files which show hacker’s presence </li></ul></ul></ul><ul><ul><li>The hacker will _________________________ to allow repeated access to a compromised system. </li></ul></ul>
    64. 64. Methods Used by Targeted Hacker <ul><li>Electronic attack methods (continued): </li></ul><ul><ul><li>Systems with _________________ are prime targets for attacks via _______________________ </li></ul></ul><ul><ul><li>The hacker may send a virus or a Trojan horse program to an employee’s home system to gain access. </li></ul></ul><ul><ul><li>Wireless networks may provide the easiest access path. </li></ul></ul><ul><ul><ul><li>May be part of the organization’s internal network but have _______________________________________________ </li></ul></ul></ul>
    65. 65. Methods Used by Targeted Hacker <ul><li>Physical attack methods: </li></ul><ul><ul><li>Social engineering is the safest physical attack method. </li></ul></ul><ul><ul><ul><li>It may lead to electronic information. </li></ul></ul></ul><ul><ul><li>Checking the dumpster or __________________________ ____________________ are other methods of physical attack. </li></ul></ul>
    66. 66. Summary <ul><li>A hacker may be motivated by the challenge of breaking in, greed, or malicious intent. </li></ul><ul><li>Open file sharing, weak passwords, programming flaws, and buffer overflows were exploited by hackers to break into systems. </li></ul><ul><li>In social engineering, the hacker uses human nature and the ability to lie, to access information. </li></ul>
    67. 67. Summary <ul><li>In Denial-of-Service attacks, legitimate users are denied access to the system, network, information, or applications. </li></ul><ul><li>In Distributed Denial-of-Service attacks, many systems are coordinated to attack a single target. </li></ul><ul><li>Sniffing switch networks involves getting the switch to either redirect traffic to the sniffer or send all traffic to all ports. </li></ul>
    68. 68. Summary <ul><li>ARP spoofing, MAC duplicating, and DNS spoofing are the three methods of redirecting traffic. </li></ul><ul><li>IP spoofing involves modifying the source address to make the packet appear as if coming from elsewhere. </li></ul><ul><li>Viruses, Trojan horse programs, and worms are the three types of malicious codes. </li></ul>
    69. 69. Summary <ul><li>Untargeted hackers do not aim at accessing particular information or organizations, but look for any system that can be compromised. </li></ul><ul><li>Targeted hackers have a reason for attacking a organization. </li></ul>
    70. 70. Homework due next class <ul><li>Essay/ research project described below: </li></ul><ul><ul><li>Find a recent (no longer than 1 year old) security article that covers a topic discussed in chapter 2. Print out article including the source and write an article summary. </li></ul></ul><ul><ul><li>The summary should be 1 or 2 paragraphs in length and summarize the article. Feel free to also give your opinions. </li></ul></ul><ul><ul><li>You may be asked to present your finding to the class </li></ul></ul><ul><li>Key Term Quiz and Multiple Choice Quiz </li></ul><ul><ul><li>P. 89- 92 ALL </li></ul></ul><ul><li>First Exam on Chapters 1, 2 and 3 coming up </li></ul><ul><li>Wrap up lab work </li></ul>