Lesson 1

850 views

Published on

Class I was asked to teach at a High School I was consulting at reconfiguring there whole it infrastructure. The class was a test case. This is lecture 2 of 3 created...

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
850
On SlideShare
0
From Embeds
0
Number of Embeds
10
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Lesson 1

  1. 1. Information Systems Security & HardwareSecurity & Computer Hardware Course for Teens<br />Lesson 1<br />Being a Hacker<br />
  2. 2. Rules<br />Homework Assignments<br />No Late Homework<br />Discussion with your classmates is encouraged; however, you must not copy each other’s work.<br />The school has a strict policy against plagiarism.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />2<br />
  3. 3. Rules<br />If you copy a sentence, it shall be in italics with proper reference. If<br /> you copy a paragraph, it is considered plagiarism.<br />If two students use the exactly same sentence on the homework, both receive zero credits for the homework.<br />If two students submit identical homework, both get F.<br />A report goes to the academic office and associate dean.<br />Cheating on an exam or quiz will result in a 0 on the exam quiz and an F for the course.<br />A report goes to the academic office and associate dean.<br />You are encouraged to discuss the homework, but DO NOT look at each other’s homework.<br />Zero tolerance on violation of academic integrity.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />3<br />
  4. 4. What is a hacker?<br />Someone who plays golf poorly <br />Someone who is inexperienced or unskilled in a particular activity<br />an expert at programming and solving problems with a computer (White/Grey Hat) <br />a person who illegally gains access to and sometimes tampers with information in a computer system (Black Hat) <br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />4<br />
  5. 5. Learning<br />Hacking, in reality, is a creative process that is based more on lifestyle than lesson.<br />What we teach today may not be relevant tomorrow.<br />You must embrace the habits of being constantly vigilant in learning.<br />Only then will you become a great hacker.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />5<br />
  6. 6. Are you a kiddie…? <br />It is much better for you to embrace hacker learning habits, which are probably the most vital part of hacking and will separate you from the script kiddie (a person who runs hacking tools without knowing how or why they work).<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />6<br />
  7. 7. Concepts<br />If you do not understand a concept then:<br />Ask me…<br />Research it<br />Please SPEAK UP!<br />Ignoring concepts will only make it difficult for you to understand concepts in other workbooks and parts of this and future lessons.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />7<br />
  8. 8. Investigation<br />You will need to investigate concepts and topics<br />Use:<br />Computers<br />Hacking <br />Internet<br />Books<br />Magazines<br />Etc.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />8<br />
  9. 9. Who makes a good hacker?<br />Great hackers are well rounded and creative. Many of them are painters, writers, and designers.<br />Hacking skills can also be applied to other fields, such as Political Science (see The Prince by Machiavelli for an example).<br />Remember, hacking is about figuring out how things work regardless of how they were designed to work.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />9<br />
  10. 10. Books<br />Those paper things collecting dust on your shelves at home.<br />Yes, those old musty “books” actually hold a wealth of knowledge.<br />…and you do not need to plug them in…WOW!<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />10<br />
  11. 11. More Books<br />Nothing will help you more than reading a current book on the subject.<br />Books get old right? How can a old book help you?<br />The secret is to learn to see the fundamental structure underneath the thin skin of details.<br />Computers are still based on Boolean Logic.<br />What is Boolean Logic? (Research it…)<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />11<br />
  12. 12. Even More Books<br />The Art of War by Sun Tzu covers fundamental principles that still apply today, and it was written in the 8th Century B.C.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />12<br />
  13. 13. Yep! We are still on Books…<br />A writer spending a year writing a book is more likely to check facts than someone who is updating a blog six times a day<br />Remember – accurate does not mean unbiased<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />13<br />
  14. 14. Do you need to read cover to cover?<br />No!<br />Jump through the book, backwards and forwards, just as you would bounce from link to link in a web page.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />14<br />
  15. 15. Magazines<br />Timely information<br />Short not in depth<br />“Pop Journalism” isn't always “Accurate journalism”<br />Good for social engineering<br />What is Social Engineering? (Research it…)<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />15<br />
  16. 16. Magazines continued…<br />Consider the theme or topic<br />A Microsoft magazine will play down Apple and vise-versa<br />Read an interesting fact in a magazine, look into it further<br />Pretend that you believe it, and look for confirmations, then pretend that you don't believe it, and look for rebuttals.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />16<br />
  17. 17. In Class Exercise 1<br />Search the Web for 3 online magazines regarding Security<br />How did you find these magazines?<br />Are all three magazines about computer security?<br />Do you believe the material on the site? <br />Yes, why? <br />No, why not?<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />17<br />
  18. 18. Do you have a zine I can borrow?<br />Zines are small, often free magazines that have a very small distribution.<br />Is the New York Times a zine?<br />How about “Bob’s house of rocks and stones”?<br />Ever hear of 2600?<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />18<br />
  19. 19. 2600<br />www.2600.com <br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />19<br />Autumn 2009 <br />February 1987<br />
  20. 20. Blogs or Bogs I always forget…<br />Blogs are a modernization of the zine.<br />Like zines, however, anyone may criticize a story and show an opposing opinion. <br />Remember…Question and do not take information at face value.<br />Always ask yourself “Does the author have a ulterior motive?”<br />Are they trying to SELL you something.<br />Best test: “If you found a gold mine would you share it?”<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />20<br />
  21. 21. In Class Exercise 2<br />Search the Web for 3 zines regarding computer security.<br />How did you find these zines?<br />Why do you classify these as zines? Remember, just because they market it as a zine or put “zine” in the title does not mean it is one.<br />Search the Web for 3 blogs regarding computer security.<br />What communities are these associated with?<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />21<br />
  22. 22. The Invisible Web…ohhhh!<br />Did anyone see the invisible web slide….it was here a minute ago?<br />Welcome to: Forums and Mailing Lists<br />Many forums and mailing lists are not searchable through major search engines.<br />Opps…sorry Google <br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />22<br />
  23. 23. Forums & Mailing Lists<br />You can find forums on almost any topic and many online magazines and newspapers offer forums for readers to write opinions regarding published articles.<br />This information is called “the invisible web” as it contains information and data that is invisible to many since a very specific search is needed, often through meta-search engines or only directly on the website of the forum.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />23<br />
  24. 24. In Class Exercise 3<br />Find 3 computer security forums<br />How did you find these forums?<br />Can you determine the whole theme of the website?<br />Do the topics in the forums reflect the theme of the website hosting them?<br />Find 3 computer security mailing lists.<br />Who is the “owner” of these lists?<br />On which list would you expect the information to be more factual? Why?<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />24<br />
  25. 25. You snooze you news…<br />Which is older the web or news groups?<br />If you said my gym socks under you bed you are so right. <br />The correct answer is: NEWS GROUPS.<br />Guess who bought the ENTIRE archive of newsgroups and put them online at http://groups.google.com?<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />25<br />
  26. 26. R.I.P<br />Newsgroups are not as popular and are steadily being replaced by new web services like blogs and forums.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />26<br />
  27. 27. In Class Exercise 4<br />Using Google's groups, find the oldest newsgroup posting you can about security.<br />Find other ways to use newsgroups - are there applications you can use to read newsgroups?<br />How many newsgroups can you find that talk about computer hacking?<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />27<br />
  28. 28. What is de facto standard for sharing information?<br />The World Wide Web (WWW)<br />You call it “the web” it’s real name is Pneumonoultramicroscopicsilicovolcanoconiosis or <br />Web Services<br />E-mail is a web service.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />28<br />
  29. 29. Do you have some cache I can borrow?<br />A cache is an area of memory on the search engine's server where the search engine stores pages that matched your search criteria.<br />http://www.archive.org<br />What do you see?<br />Cached versions of whole websites from over the years.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />29<br />
  30. 30. You can trust me…honest!<br />Should you trust a web site that comes up in a search engine?<br />No WAY!<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />30<br />
  31. 31. Trust must be earned!<br />WOT did he say?<br />Web of trust (W.O.T)<br />http://www.mywot.com<br />WOT is a free Internet security add-on for your browser. It will keep you safe from some online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />31<br />
  32. 32. Wait the internet is not safe...!?<br />Many hacker attacks and viruses are spread just by visiting a website or downloading programs to run.<br />Yes, Cute Fuzzy Bunnies 2.0 (may be a virus)<br />So do not download stuff from web sites you do not know.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />32<br />
  33. 33. Hi, you don’t know me but….<br />Can I have your credit card number….?<br />Do you use face book or My Space?<br />Put down you date of birth?<br />Home Address?<br />Best friends real name?<br />Other personal information?<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />33<br />
  34. 34. In Class Exercise 5<br />Google if Facebook & My Space are secure.<br />What did you learn?<br />What do you think now?<br />Going to make any changes on your Facebook & My Space page?<br />Rule of thumb: Do not post anything you do not want your mother to see.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />34<br />
  35. 35. Group Exercise 1<br />Open www.google.com<br />Type: “allintitle: "index of" .pdf”<br />Click on a link in the results and you should find one that looks like a directory listing.<br />Example: Index of /pub/irs-pdf/<br />This is called “Google hacking”<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />35<br />
  36. 36. In Class Exercise 6<br />Find 3 more directory listings which contain .xls files and .avi files.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />36<br />
  37. 37. Can you search for searchs?<br />Yep!<br />http://www.searchengine.com<br />Find 10 search engines which are NOT meta search engines<br />Search for “security testing and ethical hacking” and list the top 3 answers<br />Search for the same without the quotes and give the top 3 answers. Are they different? Why or Why not?<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />37<br />
  38. 38. How to search smarter<br />I am looking for a online resource of magazines for ethical hacking<br />Type in all this into the search bar<br />One gets a lot of results<br />If I was to make such a resource, what information would be in there and what key words could I pick from that information?<br />Now try “Ethical Hacking”<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />38<br />
  39. 39. In Class Exercise 7<br />Search for the following using smart search techniques.<br />my favorite list of magazines on ethical hacking<br />list of ethical hacking magazines<br />resources for ethical hackers<br />ethical hacking magazine<br />magazines ethical hacking security list resource<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />39<br />
  40. 40. In Class Exercise 7.1<br />Find the oldest website from Mozilla in the Internet Archive.<br />How?<br />Go to http://www.archive.org<br />Search in: www.mozilla.org<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />40<br />
  41. 41. Are you chatty or just clam chowder?<br />Which is older: AOL Instant Messeging, Internet Messenger or Internet Relay Chat (IRC)?<br />Research it…<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />41<br />
  42. 42. In Class Exercise 8<br />Find 3 chat programs to use for instant messaging. <br />What makes them different? <br />Can they all be used to talk to each other?<br />Find out what IRC is and how you can connect to it. <br />Once you are able to connect, enter the ISECOM chat room as announced on the front page of http://www.isecom.org<br />How do you know which channels exist to join in IRC?<br />Find 3 computer security channels and 3 hacker channels.<br /> Can you enter these channels? <br />Are there people talking or are they “bots”?<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />42<br />
  43. 43. Robot or Bot?<br />What is a bot?<br />(roBOT) A program used on the Internet that performs a repetitive function such as posting a message to multiple newsgroups or searching for information or news. Bots are used to provide comparison shopping. Bots also keep a channel open on the Internet Relay Chat (IRC). The term is used for all variety of macros and intelligent agents that are Internet or Web related. See botnet, spambot and agent.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />43<br />
  44. 44. P2P or PsP?<br />What do you think P2P stands for?<br />Peer to Peer<br />P2P, is a network inside the Internet<br />P2P computers communicate directly with each other through a network or the internet.<br />Do you know what Sneaker Net is?<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />44<br />
  45. 45. P2P <br />Most people associate P2P with the downloading of mp3s and pirated movie (bad!)<br />P2P networks can be a vital resource for finding information<br />There are also a lot of files on these networks that shouldn't be there. Don't be afraid to use P2P networks, but be aware of the dangers.<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />45<br />
  46. 46. Next time…more!<br />Windows Command Line<br />Linux!<br />Hardware….101!<br />IRON Geek! (kind of like Iron Chef) <br />Much much more…..<br />Course Design by. Peleg (based on the origianl Hacker High School and Youth Technology Corp)<br />46<br />

×