Ethical hacking


Published on

Ethical hacking also known as penetration testing or white-hat hacking, involves the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is legal. Ethical hacking is performed with the target’s permission. The intent of ethical hacking is to discover vulnerabilities from a hacker’s viewpoint so systems can be better secured. Its part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.

Published in: Technology, News & Politics
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Ethical hacking

  1. 1. INTRODUCTIONEthical hacking also known as penetration testing or white-hathacking, involves the same tools, tricks, and techniques that hackersuse, but with one major difference that Ethical hacking is legal.Ethical hacking is performed with the target’s permission. The intentof ethical hacking is to discover vulnerabilities from a hacker’sviewpoint so systems can be better secured. Its part of an overallinformation risk management program that allows for ongoingsecurity improvements. Ethical hacking can also ensure that vendors’claims about the security of their products are legitimate.Security: Security is the condition of being protected against dangeror loss. In the general sense, security is a concept similar to safety. Inthe case of networks the security is also called the informationsecurity. Information security means protecting information andinformation systems from unauthorized access, use, disclosure,disruption, modification, or destructionNeed for Security:Computer security is required because most organizations can bedamaged by hostile software or intruders. There may be dangerseveral forms of damage which are obviously interrelated which areproduced by the intruders. These include:● Lose of confidential data 1
  2. 2. ● Damage or destruction of data● Damage or destruction of computer system● Loss of reputation of a company Hacking Eric Raymond, compiler of “The New HackersDictionary”, defines a hacker as a clever programmer. A "good hack"is a clever solution to a programming problem and "hacking" is theact of doing it. Raymond lists five possible characteristics that qualifyone as a hacker, which we paraphrase here:● A person who enjoys learning details of a programming language orSystem● A person who enjoys actually doing the programming rather thanjust theorizing about it● A person capable of appreciating someone elses hacking● A person who picks up programming quickly● A person who is an expert at a particular programming language orsystemTypes of Hackers: Hackers can be broadly classified on the basis of whythey are hacking system or why they are indulging hacking. There aremainly three types of hacker on this basis 2
  3. 3. ● Black-Hat HackerA black hat hackers or crackers are individuals with extraordinarycomputing skills, resorting to malicious or destructive activities. Thatis black hat hackers use their knowledge and skill for their ownpersonal gains probably by hurting others.● White-Hat HackerWhite hat hackers are those individuals professing hacker skills andusing them for defensive purposes. This means that the white hathackers use their knowledge and skill for the good of others and forthe common good.● Grey-Hat HackersThese are individuals who work both offensively and defensively atvarious times. We cannot predict their behavior. Sometimes they usetheir skills for the common good while in some other times he usesthem for their personal gains. 3
  4. 4. ETHICAL HACKING Ethical hacking – defined as “a methodology adopted by ethicalhackers to discover the vulnerabilities existing in information systems’ operating environments.” With the growth of the Internet, computer security has become a Major concern for businesses and governments. In their search for a way to approach the problem, organizations came To realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to break into their computer systems. 4
  5. 5. What does an Ethical Hacker do? An ethical hacker is a person doing ethical hacking that is heis asecurity personal who tries to penetrate in to a network to find ifthere issome vulnerability in the system. An ethical hacker willalways have thepermission to enter into the target network. An ethicalhacker will first thinkwith a mindset of a hacker who tries to get in tothe system. He will first find out what an intruder cansee or what otherscan see. Finding these an ethical hacker will try to get intothe systemwith that information in whatever method he can. If he succeedsinpenetrating into the system then he will report to the company withadetailed report about the particular vulnerability exploiting whichhegot in to the system. He may also sometimes make patches forthatparticular vulnerability or he may suggest some methodstoprevent the vulnerability.Required Skills of an Ethical Hacker:Microsoft: skills in operation, configuration and management.Linux: knowledge of Linux/Unix; security setting, configuration, andservices.Firewalls: configurations, and operation of intrusion detectionsystems.Routers: knowledge of routers, routing protocols, and access controllistsMainframesNetwork Protocols: TCP/IP; how they function and can bemanipulated. 5
  6. 6. Project Management: leading, planning, organizing, and controlling apenetration testing teamHISTORY HIGHLIGHTSIn one early ethical hack, the United States Air Force conducted a“security evaluation” of the Multiuse operating systems for “potentialuse as a two-level (secret/top secret) system.” With the growth ofcomputer networking, and of the Internet in particular, computer andnetwork vulnerability studies began to appear outside of the militaryestablishment. Most notable of these was the work by Farmer andVenema, which was originally posted to Usenet in December of 1993.ETHICAL HACKING COMMANDMENTS:Every ethical hacker must abide by a few basic commandments. Ifnot, bad things can happen. The commandments are as follows:Workingethically:The word ethical in this context can be defined as working with highprofessional morals and principles. Everything you do as an ethicalhacker must be aboveboard and must support the company’s goals.No hidden agendas are allowed! Trustworthiness is the ultimate tenet.The misuse of information is absolutely forbidden. Respecting privacy:Treat the information gathered with the utmost respect. Allinformation you obtain during your testing from Web-application logfiles to clear-text passwords must be kept private. If you sense thatsomeone should know there’s a problem, consider sharing thatinformation with the appropriate manager. 6
  7. 7. Not crashing your systems:One of the biggest mistakes hackers try to hack their own systems isinadvertently crashing their systems. The main reason for this is poorplanning. These testers have not read the documentation ormisunderstand the usage and power of the security tools andtechniques.Methodology of Hacking: As described above there are mainly five steps inhacking likereconnaissance, scanning, gaining access, maintainingaccess and clearingtracks. But it is not the end of the process. Theactual hacking will be acircular one. Once the hacker completed thefive steps then the hacker willstart reconnaissance in that stage andthe preceding stages to get in to thenext level. The various stages inthe hacking methodology areReconnaissanceScanning & EnumerationGaining accessMaintaining accessClearing tracksReconnaissance: The literal meaning of the word reconnaissance means apreliminarysurvey to gaininformation.Thisis also known as foot-printing.Thisisthe firststageinthe methodology of hacking. As givenin the analogy, thisis the stage in which the hacker collectsinformation about the companywhich the personal is going to hack.This is one of the pre-attacking phases.Reconnaissance refers to the 7
  8. 8. preparatory phase where an attacker learnsabout all of the possibleattack vectors that can be used in their plan.Scanning & Enumeration:Scanning is the second phase in the hacking methodology in whichthehacker tries to make a blue print ofthe target network. It is similarto a thiefgoing through your neighborhood and checking every doorand window oneach house to see which ones are open and which onesare locked. The blueprint includes the ip addresses of the targetnetwork which are live, theservices which are running on thosesystems and so on. Usually the services run on predetermined ports.There are different tools used for scanning wardialing and pingerswere used earlier but now a day’s both could be detectedeasily andhence are not in much use. Modern portscanning usesTCPprotocol todo scanning and they could even detect the operatingsystems runningon the particular hosts.Enumeration: Enumeration is the ability of a hacker to convince some servers togivethem information that is vital to them to make an attack. Bydoing this thehacker aims to find what resources and shares can befound in the system,what valid user account and user groups are therein the network, whatapplications will be there etc. Hackers may usethis also to find other hostsin the entire network.Gaining access: 8
  9. 9. This is the actual hacking phase in which the hacker gainsaccessto thesystem. The hacker will make use of allthe informationhecollectedinthe pre-attacking phases.Usually the main hindrancetogaining accessto a systemisthe passwords. System hacking canbeconsidered as many steps. First the hacker will try to get in to thesystem.Once he gets in to the system the next thing he wants will beto increase hisprivileges so that he can have more control over thesystem. As a normaluser the hacker may not be able to see theconfidential details or cannotupload or run the different hack tools forhis own personal interest.Anotherway to crack in to a system is by theattacks like man in the middle attack.Password Cracking: There are many methods for cracking the password andthen get in to the system. The simplest method is to guess thepassword. But this is a tedious work. But in order to make this workeasier there are many automated tools for password guessing likelegion. Legion actually has an inbuilt dictionary in it and the softwarewill automatically. That is the software itself generates the passwordusing the dictionary and will check the responsesTechniques used in password cracking are: Dictionary cracking Brute force cracking Hybrid cracking Social engineeringPrivilege escalation: 9
  10. 10. Privilege escalation is the process of raising the privilegesonce thehacker gets in to the system. That is the hacker may get in asanordinary user. And now he tries to increase his privileges to that ofanadministrator who can do many things. There are many types oftoolsavailable for this. There are some tools like getadmin attachesthe user tosome kernel routine so that the services run by the userlook like a systemroutine ratherthan userinitiated program.Theprivilege escalationprocess usually uses the vulnerabilities present inthe host operatingsystem or the software. There aremanytoolslikehk.exe,metasploitetc. One such community of hackersis the metasploit.Maintaining Access: Now the hacker is inside the system by some means bypassword guessing or exploiting some of its vulnerabilities. Thismeans that he is now in a position to upload some files and downloadsome of them. The next aim will be to make an easier path to get inwhen he comes the next time. This is analogous to making a smallhidden door in the building so that he can directly enter in to thebuilding through the door easily. In the network scenario the hackerwill do it by uploading some software’s like Trojan horses, sniffers,key stroke loggers etc.Clearing Tracks: Now we come to the final step in the hacking.Thereisasayingthat “everybody knows a good hacker but nobodyknows agreat hacker”. This means that a good hacker can alwaysclear tracks 10
  11. 11. or anyrecord that they may be present in the networkto provethathewashere.Whenever a hacker downloadssome file or installs somesoftware, its logwillbe storedinthe serverlogs.Soin orderto erase thehackeruses man tools. One such tool is windows resource kit’sauditpol.exe. This isa command line tool with which the intruder caneasily disable auditing.Another tool which eliminates any physicalevidence is the evidenceeliminator. Sometimes apart from the serverlogs some other in formationsmay be stored temporarily. TheEvidence Eliminator deletes all suchevidences.Ethical hacking tools: Ethical hackers utilize and have developed variety oftools tointrude into different kinds of systems and to evaluate thesecurity levels.Thenature of these tools differs widely. Here wedescribe some of the widelyused tools in ethical hacking.Samspade:Samspadeis a simple tool which provides us informationaboutaparticular host. This tool is very much helpful in finding theaddresses,phone numbers etc 11
  12. 12. The above fig 2.1 represents the GUI of the samspade tool. In thetextfield in the top left corner of the window we just need to put theaddressof the particular host. Then we can find out variousinformation available.The information given may be phone numbers,contact names, IPaddresses, email ids, address range etc. We maythink that what is thebenefit of getting the phone numbers, email ids,addresses etc.But one of the best ways to get information about a company is tojustpick up the phone and ask the details. Thus we can get muchinformationin just one clickEmail Tracker and Visual Route:We often usedtoreceive many spam messagesin ourmailbox.We don’tknow where it comes from. Email tracker is softwarewhich 12
  13. 13. helps us to find from which server the mail does actually camefrom.Every message we receive will have a header associated with it.Theemail tracker uses this header information for find the location.The above fig 2.2 shows the GUI of the email trackersoftware.One ofthe options in the email tracker is to import the mailheader. In thissoftware we just need to import the mails header to it.Then thesoftware finds from which area that mail comes from.Thatiswe willgetinformation like from which region does the message comefromlike Asia pacific, Europe etc.To be more specific we can useanothertool visual route to pinpoint the actual location of the server.Theoption of connecting to visual route is available in the emailtracker. Visual route is a tool which displaysthe location a particularserver withthe help ofIP addresses.When we connect this with theemail trackerwe can find the server which actually sends the mail. We 13
  14. 14. can use this forfinding the location of servers of targets also visuallyin a map.The above fig 2.3 depicts the GUI of the visual route tool. The visualroute GUI have a world map drawn to it. The software will locate theposition of the server in that world map. It will also depict the paththough which the message came to our system. This software willactually provide us with information about the routers through whichthe message or the path traced by the mail from the source to thedestinationSome other important tools used are:War DialingPingersSuper ScanNmap etc… 14
  15. 15. Reporting: Assess your results to see what you uncovered, assuming thatthevulnerabilities haven’t been made obvious before now. This iswhereknowledge counts. Evaluating the results and correlating thespecificvulnerabilities discovered is a skill that gets better withexperience. You’llend up knowing your systems as well as anyoneelse. This makes theevaluation process much simpler movingforward. Submit a formal report toupper management or to yourcustomer, outlining your resultsAdvantages and disadvantages: Ethical hacking nowadays is the backbone of network security.Each dayits relevance is increasing, the major pros & cons of ethicalhacking are givenbelow:Advantages “To catch a thiefyou have to think like a thief” Helps in closing the open holes in the system network Provides security to banking and financial establishments Prevents website defacements An evolving techniqueDisadvantages All depends upon the trustworthiness of the ethical hacker Hiring professionals is expensive 15
  16. 16. Future enhancements:  As it an evolving branch the scope of enhancement intechnology is immense. No ethical hacker can ensure the system security by using the same technique repeatedly. He would have to improve, develop and explore new avenues repeatedly.  More enhanced software’s should be used for optimumprotection. Tools used, need to be updated regularly and more efficient ones need to be developed ConclusionOne of the main aims of the seminar is to make others understand thatthereare so many tools through which a hacker can get in to a system.Let’s checkits various needs from various perspectives.  Student A student should understand that no software is made with zero Vulnerability. So while they are studying they should study the various possibilities and should study how to prevent that because they are the professionals of tomorrow.  Professionals Professionals should understand that business is directly related toSecurity. So they should make new software with vulnerabilities as less aspossible. If they are not aware of these then they won’t be cautious enoughin security matters. 16
  17. 17.  In the preceding sections we saw themethodology of hacking, why should we aware of hacking and some toolswhich a hacker may use. Now we can see what we can do against hacking orto protect ourselves from hacking.  The first thing we should do is to keep ourselves updated about those software’sus and using for official and reliable sources.  Educate the employees and the users against black hat hacking.  Use every possible security measures like Honey pots, Intrusion Detection Systems, Firewalls etc.  Every time make our password strong by making it harder and longer to be cracked. Reference1. 17
  18. 18. 2. 18