SlideShare a Scribd company logo

Ethicak hacking

Download as PPTX, PDF
Kshitij Rokde
Kshitij Rokde

Independent computer security Professionals breaking into the computer systems. Neither damage the target systems nor steal information.

Technology
1 of 14
Ethical Hacking Overview Kshitij Rokde. Email id: terabytekshitij@gmail.com
Objectives  Introduction to Ethical Hacking.  Hacker Attacks  Spoofing  Modes of Computer Security • Password Security • Network Security • Web Security • Distributed Systems Security • Database Security
Ethical Hacking • Independent computer security Professionals breaking into the computer systems. • Neither damage the target systems nor steal information. • Evaluate target systems security and report back to owners about the vulnerabilities found.
Introduction to Ethical Hacking  Ethical hackers  Employed by companies to perform penetration tests  Penetration test  Legal attempt to break into a company’s network to find its weakest link  Tester only reports findings, does not solve problems  Security test  More than an attempt to break in; also includes analyzing company’s security policy and procedures  Tester offers solutions to secure or protect the network
Types of Hacker Attack • Active Attacks • Denial of Service • Breaking into a site  Intelligence Gathering  Resource Usage  Deception • Passive Attacks  Sniffing  Passwords  Network Traffic  Sensitive Information • Information Gathering
Modes of Hacker Attack • Over the Internet • Over LAN • Locally • Offline • Theft • Deception
Spoofing Definition: An attacker alters his identity so that some one thinks he is some one else – Email, User ID, IP Address, … – Attacker exploits trust relation between user and networked machines to gain access to machines Types of Spoofing: 1. IP Spoofing: 2. Email Spoofing 3. Web Spoofing
IP Spoofing – Flying-Blind Attack Definition: Attacker uses IP address of another computer to acquire information or gain access. • Attacker changes his own IP address to spoofed address • Attacker can send messages to a machine masquerading as spoofed machine • Attacker can not receive messages from that Mach
Email Spoofing Definition: Attacker sends messages masquerading as some one else What can be the repercussions? Types of Email Spoofing: 1. Create an account with similar email address – rahuljain@yahoo.com: A message from this account can perplex the students 2. Modify a mail client – Attacker can put in any return address he wants to in the mail he sends 3. Telnet to port 25 – Most mail servers use port 25 for SMTP. Attacker logs on to this port and composes a message for the user.
Web Spoofing • Basic – Attacker registers a web address matching an entity e.g. votebush.com, geproducts.com, gesucks.com • Man-in-the-Middle Attack – Attacker acts as a proxy between the web server and the client – Attacker has to compromise the router or a node through which the relevant traffic flows • URL Rewriting – Attacker redirects web traffic to another site that is controlled by the attacker – Attacker writes his own web site address before the legitimate link
Password Attacks • A hacker can exploit a weak passwords & uncontrolled network modems easily • Steps – Hacker gets the phone number of a company – Hacker runs war dialer program • If original number is 555-5532 he runs all numbers in the 555-55xx range • When modem answers he records the phone number of modem – Hacker now needs a user id and password to enter company network • Companies often have default accounts e.g. temp, anonymous with no password • Often the root account uses company name as the password • For strong passwords password cracking techniques exist
Password Attacks - Types • Dictionary Attack – Hacker tries all words in dictionary to crack password – 70% of the people use dictionary words as passwords • Brute Force Attack – Try all permutations of the letters & symbols in the alphabet • Hybrid Attack – Words from dictionary and their variations used in attack • Social Engineering – People write passwords in different places – People disclose passwords naively to others • Shoulder Surfing – Hackers slyly watch over peoples shoulders to steal passwords • Dumpster Diving – People dump their trash papers in garbage which may contain information to crack passwords
Conclusions • For our own security we should know the ethical hacking and networking, • Computer Security is a continuous battle -As computer security gets tighter hackers are getting smarter
Thank You.

Recommended

Ethical hacking
Ethical hackingEthical hacking
Ethical hackingUnited Group Of Institution
 
Hacking
HackingHacking
HackingNadeem Ahmad
 
Computer hacking
Computer hackingComputer hacking
Computer hackingArjun Tomar
 
TYPES OF HACKING
TYPES OF HACKINGTYPES OF HACKING
TYPES OF HACKINGSHERALI445
 
Types of attack -Part2
Types of attack -Part2Types of attack -Part2
Types of attack -Part2SHUBHA CHATURVEDI
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical HackingNeel Kamal
 
Hacking
HackingHacking
Hackingvkradhika
 
Hacking and Ethical Hacking
Hacking and Ethical HackingHacking and Ethical Hacking
Hacking and Ethical HackingMasih Karimi
 

Recommended

Ethical hacking
Ethical hackingEthical hacking
Ethical hackingUnited Group Of Institution
 
Hacking
HackingHacking
HackingNadeem Ahmad
 
Computer hacking
Computer hackingComputer hacking
Computer hackingArjun Tomar
 
TYPES OF HACKING
TYPES OF HACKINGTYPES OF HACKING
TYPES OF HACKINGSHERALI445
 
Types of attack -Part2
Types of attack -Part2Types of attack -Part2
Types of attack -Part2SHUBHA CHATURVEDI
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical HackingNeel Kamal
 
Hacking
HackingHacking
Hackingvkradhika
 
Hacking and Ethical Hacking
Hacking and Ethical HackingHacking and Ethical Hacking
Hacking and Ethical HackingMasih Karimi
 
Hacking version 2
Hacking version 2Hacking version 2
Hacking version 2mubeenm50
 
Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575Gopal Rathod
 
hacking
hackinghacking
hackingmayank1293
 
Hacking Kishor
Hacking KishorHacking Kishor
Hacking Kishorkishor sharma
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentationZahid Rajeel
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingMultisoft Virtual Academy
 
National information security education & awareness program
National information security education & awareness programNational information security education & awareness program
National information security education & awareness programNeel Kamal
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmmandynova
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingarohan6
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingAdnan Mansha
 
Assignment 4
Assignment 4Assignment 4
Assignment 4noorulaindanish
 
Black hat hackers
Black hat hackersBlack hat hackers
Black hat hackersSantosh Kumar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingzing12345
 
Web defacement
Web defacementWeb defacement
Web defacementstudent
 
Website attack n defacement n its control measures
Website attack n defacement n its control measures Website attack n defacement n its control measures
Website attack n defacement n its control measures أحلام انصارى
 
Basic Introduction to hacking
Basic Introduction to hackingBasic Introduction to hacking
Basic Introduction to hackingSainath Volam
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingHarshit Upadhyay
 
presentation on ethical hacking
presentation on ethical hacking presentation on ethical hacking
presentation on ethical hacking Amol Deshmukh
 
Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Sumit Satam
 
Hackingppt 160730081605
Hackingppt 160730081605Hackingppt 160730081605
Hackingppt 160730081605RAKESH SHARMA
 
Did you know newsletter eau suppl 2015
Did you know newsletter eau suppl 2015Did you know newsletter eau suppl 2015
Did you know newsletter eau suppl 2015Europa UOMO
 
Manoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and release
Manoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and releaseManoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and release
Manoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and releaseManoj Kumar T
 

More Related Content

What's hot

Hacking version 2
Hacking version 2Hacking version 2
Hacking version 2mubeenm50
 
Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575Gopal Rathod
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentationZahid Rajeel
 
National information security education & awareness program
National information security education & awareness programNational information security education & awareness program
National information security education & awareness programNeel Kamal
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmmandynova
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingarohan6
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingzing12345
 
Web defacement
Web defacementWeb defacement
Web defacementstudent
 
Website attack n defacement n its control measures
Website attack n defacement n its control measures Website attack n defacement n its control measures
Website attack n defacement n its control measures أحلام انصارى
 
Basic Introduction to hacking
Basic Introduction to hackingBasic Introduction to hacking
Basic Introduction to hackingSainath Volam
 
presentation on ethical hacking
presentation on ethical hacking presentation on ethical hacking
presentation on ethical hacking Amol Deshmukh
 
Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Sumit Satam
 
Hackingppt 160730081605
Hackingppt 160730081605Hackingppt 160730081605
Hackingppt 160730081605RAKESH SHARMA
 

What's hot (20)

Hacking version 2
Hacking version 2Hacking version 2
Hacking version 2
 
Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575
 
hacking
hackinghacking
hacking
 
Hacking Kishor
Hacking KishorHacking Kishor
Hacking Kishor
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
National information security education & awareness program
National information security education & awareness programNational information security education & awareness program
National information security education & awareness program
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmm
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Assignment 4
Assignment 4Assignment 4
Assignment 4
 
Black hat hackers
Black hat hackersBlack hat hackers
Black hat hackers
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Web defacement
Web defacementWeb defacement
Web defacement
 
Website attack n defacement n its control measures
Website attack n defacement n its control measures Website attack n defacement n its control measures
Website attack n defacement n its control measures
 
Basic Introduction to hacking
Basic Introduction to hackingBasic Introduction to hacking
Basic Introduction to hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
presentation on ethical hacking
presentation on ethical hacking presentation on ethical hacking
presentation on ethical hacking
 
Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)
 
Hackingppt 160730081605
Hackingppt 160730081605Hackingppt 160730081605
Hackingppt 160730081605
 

Viewers also liked

Did you know newsletter eau suppl 2015
Did you know newsletter eau suppl 2015Did you know newsletter eau suppl 2015
Did you know newsletter eau suppl 2015Europa UOMO
 
Manoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and release
Manoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and releaseManoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and release
Manoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and releaseManoj Kumar T
 
Lgpl license
Lgpl licenseLgpl license
Lgpl licenseyadica20
 
Lgpl license
Lgpl licenseLgpl license
Lgpl licenseyadica20
 
Lgpl license
Lgpl licenseLgpl license
Lgpl licenseyadica20
 
Did You Know - June 2016
Did You Know - June 2016Did You Know - June 2016
Did You Know - June 2016Europa UOMO
 
Did you know N°1 2014
Did you know N°1 2014 Did you know N°1 2014
Did you know N°1 2014 Europa UOMO
 
Report e-Commerce
Report e-CommerceReport e-Commerce
Report e-CommerceSTELLA PATA
 
Collaborating web archives - Herbert van de Sompel
Collaborating web archives - Herbert van de SompelCollaborating web archives - Herbert van de Sompel
Collaborating web archives - Herbert van de SompelNetwerk Digitaal Erfgoed
 
Art and Science of Vulnerability Assessments
Art and Science of Vulnerability AssessmentsArt and Science of Vulnerability Assessments
Art and Science of Vulnerability AssessmentsVirtue Security
 
Ethical Hacking Services
Ethical Hacking ServicesEthical Hacking Services
Ethical Hacking ServicesVirtue Security
 
Ethical hacking Chapter 2 - TCP/IP - Eric Vanderburg
Ethical hacking Chapter 2 - TCP/IP - Eric VanderburgEthical hacking Chapter 2 - TCP/IP - Eric Vanderburg
Ethical hacking Chapter 2 - TCP/IP - Eric VanderburgEric Vanderburg
 
SBS Company Brochure
SBS Company BrochureSBS Company Brochure
SBS Company BrochureAdrian Smith
 
Did you know Newsletter September 2015
Did you know Newsletter September 2015Did you know Newsletter September 2015
Did you know Newsletter September 2015Europa UOMO
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionBharat Thakkar
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information SecurityAjay Dhamija
 
Hacking & its types
Hacking & its typesHacking & its types
Hacking & its typesSai Sakoji
 

Viewers also liked (20)

Did you know newsletter eau suppl 2015
Did you know newsletter eau suppl 2015Did you know newsletter eau suppl 2015
Did you know newsletter eau suppl 2015
 
Manoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and release
Manoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and releaseManoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and release
Manoj_4yearExperienced_SoftwareConfigurationManagement & CI & Build and release
 
Lgpl license
Lgpl licenseLgpl license
Lgpl license
 
Transformación del esfuerzo - problema
Transformación del esfuerzo - problemaTransformación del esfuerzo - problema
Transformación del esfuerzo - problema
 
Lgpl license
Lgpl licenseLgpl license
Lgpl license
 
SBS Brochure
SBS BrochureSBS Brochure
SBS Brochure
 
Lgpl license
Lgpl licenseLgpl license
Lgpl license
 
Did You Know - June 2016
Did You Know - June 2016Did You Know - June 2016
Did You Know - June 2016
 
Did you know N°1 2014
Did you know N°1 2014 Did you know N°1 2014
Did you know N°1 2014
 
Report e-Commerce
Report e-CommerceReport e-Commerce
Report e-Commerce
 
Collaborating web archives - Herbert van de Sompel
Collaborating web archives - Herbert van de SompelCollaborating web archives - Herbert van de Sompel
Collaborating web archives - Herbert van de Sompel
 
Art and Science of Vulnerability Assessments
Art and Science of Vulnerability AssessmentsArt and Science of Vulnerability Assessments
Art and Science of Vulnerability Assessments
 
Ethical Hacking Services
Ethical Hacking ServicesEthical Hacking Services
Ethical Hacking Services
 
Ethical hacking Chapter 2 - TCP/IP - Eric Vanderburg
Ethical hacking Chapter 2 - TCP/IP - Eric VanderburgEthical hacking Chapter 2 - TCP/IP - Eric Vanderburg
Ethical hacking Chapter 2 - TCP/IP - Eric Vanderburg
 
SBS Company Brochure
SBS Company BrochureSBS Company Brochure
SBS Company Brochure
 
Did you know Newsletter September 2015
Did you know Newsletter September 2015Did you know Newsletter September 2015
Did you know Newsletter September 2015
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - Introduction
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information Security
 
Hacking & its types
Hacking & its typesHacking & its types
Hacking & its types
 

Similar to Ethicak hacking

Avirup_Ray_18700219054_Cyber_Security_1.pptx
Avirup_Ray_18700219054_Cyber_Security_1.pptxAvirup_Ray_18700219054_Cyber_Security_1.pptx
Avirup_Ray_18700219054_Cyber_Security_1.pptxAvirupRay2
 
Ethical Hacking : Why Do Hackers Attack And How ?
Ethical Hacking : Why Do Hackers Attack And How ?Ethical Hacking : Why Do Hackers Attack And How ?
Ethical Hacking : Why Do Hackers Attack And How ?HBServices7
 
hacking lecture 3c.ppt
hacking lecture 3c.ppthacking lecture 3c.ppt
hacking lecture 3c.pptpeter722626
 
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...GIRISHKUMARBC1
 
Information & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineInformation & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineSumanPramanik7
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber securitySumanPramanik7
 
Meletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information securityMeletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information securityMeletis Belsis MPhil/MRes/BSc
 

Similar to Ethicak hacking (20)

Avirup_Ray_18700219054_Cyber_Security_1.pptx
Avirup_Ray_18700219054_Cyber_Security_1.pptxAvirup_Ray_18700219054_Cyber_Security_1.pptx
Avirup_Ray_18700219054_Cyber_Security_1.pptx
 
Ethical Hacking : Why Do Hackers Attack And How ?
Ethical Hacking : Why Do Hackers Attack And How ?Ethical Hacking : Why Do Hackers Attack And How ?
Ethical Hacking : Why Do Hackers Attack And How ?
 
hacking lecture 3c.ppt
hacking lecture 3c.ppthacking lecture 3c.ppt
hacking lecture 3c.ppt
 
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
Cyber Security Module 3.pptx Cybersecurity is the practice of protecting syst...
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
 
Security Basics
Security BasicsSecurity Basics
Security Basics
 
hacking.ppt
hacking.ppthacking.ppt
hacking.ppt
 
2hacking.ppt
2hacking.ppt2hacking.ppt
2hacking.ppt
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Computer Security Hacking
Computer Security HackingComputer Security Hacking
Computer Security Hacking
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Cyber attack
Cyber attackCyber attack
Cyber attack
 
Hacking
HackingHacking
Hacking
 
Information & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineInformation & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. online
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
 
Hacking
HackingHacking
Hacking
 
Meletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information securityMeletis Belsis - Introduction to information security
Meletis Belsis - Introduction to information security
 

Recently uploaded

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 

Recently uploaded (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 

Ethicak hacking

  • 1. Ethical Hacking Overview Kshitij Rokde. Email id: terabytekshitij@gmail.com
  • 2. Objectives  Introduction to Ethical Hacking.  Hacker Attacks  Spoofing  Modes of Computer Security • Password Security • Network Security • Web Security • Distributed Systems Security • Database Security
  • 3. Ethical Hacking • Independent computer security Professionals breaking into the computer systems. • Neither damage the target systems nor steal information. • Evaluate target systems security and report back to owners about the vulnerabilities found.
  • 4. Introduction to Ethical Hacking  Ethical hackers  Employed by companies to perform penetration tests  Penetration test  Legal attempt to break into a company’s network to find its weakest link  Tester only reports findings, does not solve problems  Security test  More than an attempt to break in; also includes analyzing company’s security policy and procedures  Tester offers solutions to secure or protect the network
  • 5. Types of Hacker Attack • Active Attacks • Denial of Service • Breaking into a site  Intelligence Gathering  Resource Usage  Deception • Passive Attacks  Sniffing  Passwords  Network Traffic  Sensitive Information • Information Gathering
  • 6. Modes of Hacker Attack • Over the Internet • Over LAN • Locally • Offline • Theft • Deception
  • 7. Spoofing Definition: An attacker alters his identity so that some one thinks he is some one else – Email, User ID, IP Address, … – Attacker exploits trust relation between user and networked machines to gain access to machines Types of Spoofing: 1. IP Spoofing: 2. Email Spoofing 3. Web Spoofing
  • 8. IP Spoofing – Flying-Blind Attack Definition: Attacker uses IP address of another computer to acquire information or gain access. • Attacker changes his own IP address to spoofed address • Attacker can send messages to a machine masquerading as spoofed machine • Attacker can not receive messages from that Mach
  • 9. Email Spoofing Definition: Attacker sends messages masquerading as some one else What can be the repercussions? Types of Email Spoofing: 1. Create an account with similar email address – rahuljain@yahoo.com: A message from this account can perplex the students 2. Modify a mail client – Attacker can put in any return address he wants to in the mail he sends 3. Telnet to port 25 – Most mail servers use port 25 for SMTP. Attacker logs on to this port and composes a message for the user.
  • 10. Web Spoofing • Basic – Attacker registers a web address matching an entity e.g. votebush.com, geproducts.com, gesucks.com • Man-in-the-Middle Attack – Attacker acts as a proxy between the web server and the client – Attacker has to compromise the router or a node through which the relevant traffic flows • URL Rewriting – Attacker redirects web traffic to another site that is controlled by the attacker – Attacker writes his own web site address before the legitimate link
  • 11. Password Attacks • A hacker can exploit a weak passwords & uncontrolled network modems easily • Steps – Hacker gets the phone number of a company – Hacker runs war dialer program • If original number is 555-5532 he runs all numbers in the 555-55xx range • When modem answers he records the phone number of modem – Hacker now needs a user id and password to enter company network • Companies often have default accounts e.g. temp, anonymous with no password • Often the root account uses company name as the password • For strong passwords password cracking techniques exist
  • 12. Password Attacks - Types • Dictionary Attack – Hacker tries all words in dictionary to crack password – 70% of the people use dictionary words as passwords • Brute Force Attack – Try all permutations of the letters & symbols in the alphabet • Hybrid Attack – Words from dictionary and their variations used in attack • Social Engineering – People write passwords in different places – People disclose passwords naively to others • Shoulder Surfing – Hackers slyly watch over peoples shoulders to steal passwords • Dumpster Diving – People dump their trash papers in garbage which may contain information to crack passwords
  • 13. Conclusions • For our own security we should know the ethical hacking and networking, • Computer Security is a continuous battle -As computer security gets tighter hackers are getting smarter