The document discusses ethical hacking, which involves authorized security testing of systems to identify vulnerabilities. Ethical hackers use the same techniques as criminal hackers but work with an organization's consent to improve security. Originally, some early computer users engaged in benign intrusions out of curiosity, but some later turned to purposefully destructive attacks. The document outlines the history of ethical hacking and how organizations came to realize independent security testing was valuable to evaluate threats.
Puppetnets and Botnets: Information Technology Vulnerability Exploitsecarrow
The focus of this paper is to identify dominant trends of
information security threats to the Internet 2001 to 2007. This
paper is intended to provide an understanding of the new
emphasis of attacks through use of robotic networks and how
some users and organizations are already preparing a response
using innovative visualization techniques in conjunction with
traditional methods. The scope of research will focus on basic
enterprise level services that are commonly provided by various
corporations; e.g., e-mail, browser applications, wireless and
mobile devices, IP telephony, and online banking. The research
will first review the network infrastructure common to most
corporate organizations and assume basic enterprise components
and functionality in response to the current security threats. The
second emphasis will consider the impact of malware robotic
networks (Botnets and Puppetnets) on the corporate network
infrastructure and how to address these threats with new and
innovative techniques. This approach is pragmatic in application
and focuses on assimilation of existing data to present a
functional rationale of attacks to anticipate and prepare for this
coming year.
Create an Artificially Intelligent (AI) Computer virus , which can modify its signature to avoid detection from an Anti Virus software.
A computer virus which can stop all its infectious activities and go into the state of incubation when a full system scan is going on through an Anti Virus scan. What is the possibility of seeing such computer viruses in near future?
Booz Allen Hamilton focuses on defining the vulnerabilities
further and identifying the potential mobile security exploits that could harm or damage a business. This article covers Booz Allen's approach to helping organizations develop a secure and effective mobile application security program.
This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS. It highlights whether one techniques provide more easy implementation, investigation and handling or not, what common differences examiners may encounter and what they should as concept be involved to forensic handling with these platforms because a Playbook OS is completely a new approach.
http://hakin9.org/dont-be-mocked-secure-your-system-0512-2/
Puppetnets and Botnets: Information Technology Vulnerability Exploitsecarrow
The focus of this paper is to identify dominant trends of
information security threats to the Internet 2001 to 2007. This
paper is intended to provide an understanding of the new
emphasis of attacks through use of robotic networks and how
some users and organizations are already preparing a response
using innovative visualization techniques in conjunction with
traditional methods. The scope of research will focus on basic
enterprise level services that are commonly provided by various
corporations; e.g., e-mail, browser applications, wireless and
mobile devices, IP telephony, and online banking. The research
will first review the network infrastructure common to most
corporate organizations and assume basic enterprise components
and functionality in response to the current security threats. The
second emphasis will consider the impact of malware robotic
networks (Botnets and Puppetnets) on the corporate network
infrastructure and how to address these threats with new and
innovative techniques. This approach is pragmatic in application
and focuses on assimilation of existing data to present a
functional rationale of attacks to anticipate and prepare for this
coming year.
Create an Artificially Intelligent (AI) Computer virus , which can modify its signature to avoid detection from an Anti Virus software.
A computer virus which can stop all its infectious activities and go into the state of incubation when a full system scan is going on through an Anti Virus scan. What is the possibility of seeing such computer viruses in near future?
Booz Allen Hamilton focuses on defining the vulnerabilities
further and identifying the potential mobile security exploits that could harm or damage a business. This article covers Booz Allen's approach to helping organizations develop a secure and effective mobile application security program.
This approach mainly based on examines how many differences do exist between BlackBerry OS and new BlackBerry OS based on QNX OS. It highlights whether one techniques provide more easy implementation, investigation and handling or not, what common differences examiners may encounter and what they should as concept be involved to forensic handling with these platforms because a Playbook OS is completely a new approach.
http://hakin9.org/dont-be-mocked-secure-your-system-0512-2/
Malicious software or “malware” is the biggest network security threat facing organizations today. Cybercriminals target enterprises that hold a great deal of money or conduct a high volume of transactions on a daily basis. A network intrusion can cost an organization as much as $5 million. And, the damage to a company’s reputation can be irreparable. Statistics show that if a major security breach occurs against a U.S. enterprise, that organization
has a 90 percent chance of going out of business within two years. This is particularly alarming considering that malware is currently the fastest growing trend in the misuse of network resources.
This course focuses on SCADA/ ICS systems. The title of this course is: Advanced Threat Detection in ICS – SCADA Environments.
In this course we take a look at the effectiveness of honeypots within a SCADA/ ICS context. A honeypot typically consists of data, or a network site that appears to be part of the organization’s network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.
Case Study On Social Engineering Techniques for Persuasion Full Text graphhoc
There are plenty of security software in market; each claiming the best, still we daily face problem of viruses and other malicious activities. If we know the basic working principal of such malware then we can very easily prevent most of them even without security software. Hackers and crackers are experts in psychology to manipulate people into giving them access or the information necessary to get access. This paper discusses the inner working of such attacks. Case study of Spyware is provided. In this case study, we got 100% success using social engineering techniques for deception on Linux operating system, which is considered as the most secure operating system. Few basic principal of defend, for the individual as well as for the organization, are discussed here, which will prevent most of such attack if followed.
Instant Messaging is both boon and bane in the corporate world, where security professionals alternately lock users out or throw up their hands helplessly -- finding the middle ground begins with solid user education.
Insiders Guide to Social Engineering - End-Users are the Weakest LinkRichard Common
This book is your guide to helping you detect and prevent social engineering attacks, and to better understand how to defend your company from what has grown to become the dominant global cyber threat.
This slide gives a brief description of social engineering, its classcification, attack environment and various impersonation scenario which will give the audinece a sound knowledge on social engineering technique.
Malicious software or “malware” is the biggest network security threat facing organizations today. Cybercriminals target enterprises that hold a great deal of money or conduct a high volume of transactions on a daily basis. A network intrusion can cost an organization as much as $5 million. And, the damage to a company’s reputation can be irreparable. Statistics show that if a major security breach occurs against a U.S. enterprise, that organization
has a 90 percent chance of going out of business within two years. This is particularly alarming considering that malware is currently the fastest growing trend in the misuse of network resources.
This course focuses on SCADA/ ICS systems. The title of this course is: Advanced Threat Detection in ICS – SCADA Environments.
In this course we take a look at the effectiveness of honeypots within a SCADA/ ICS context. A honeypot typically consists of data, or a network site that appears to be part of the organization’s network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.
Case Study On Social Engineering Techniques for Persuasion Full Text graphhoc
There are plenty of security software in market; each claiming the best, still we daily face problem of viruses and other malicious activities. If we know the basic working principal of such malware then we can very easily prevent most of them even without security software. Hackers and crackers are experts in psychology to manipulate people into giving them access or the information necessary to get access. This paper discusses the inner working of such attacks. Case study of Spyware is provided. In this case study, we got 100% success using social engineering techniques for deception on Linux operating system, which is considered as the most secure operating system. Few basic principal of defend, for the individual as well as for the organization, are discussed here, which will prevent most of such attack if followed.
Instant Messaging is both boon and bane in the corporate world, where security professionals alternately lock users out or throw up their hands helplessly -- finding the middle ground begins with solid user education.
Insiders Guide to Social Engineering - End-Users are the Weakest LinkRichard Common
This book is your guide to helping you detect and prevent social engineering attacks, and to better understand how to defend your company from what has grown to become the dominant global cyber threat.
This slide gives a brief description of social engineering, its classcification, attack environment and various impersonation scenario which will give the audinece a sound knowledge on social engineering technique.
Ransomware like CryptoLocker has infiltrated countless businesses, encrypted files and demanded a pound of flesh for their safe release. With no relief in sight and new variations emerging regularly, ransomware continues to be one of the most widespread and damaging threats to businesses today. Now, more than ever, businesses need to have rock solid backup and disaster recovery systems in place to ensure continuity.
This is for educational purposes only and not to be used as a means to scam or attack.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Qazi Anwar
Hacking
History Of Hacking
Types of Hacking
The Most World’s famous Hackers
Types Of Hackers
Scope Of Ethical Hackers
Cyber Laws for Hacking and their Punishments in Pakistan
How to Prevent Hacking
Cyber Warfare is the current single greatest emerging threat to National Security. Network security has become an essential component of any computer network. As computer networks and systems become ever more fundamental to modern society, concerns about security has become increasingly important. There are a multitude of different applications open source and proprietary available for the protection +-system administrator, to decide on the most suitable format for their purpose requires knowledge of the available safety measures, their features and how they affect the quality of service, as well as the kind of data they will be allowing through un flagged. A majority of methods currently used to ensure the quality of a networks service are signature based. From this information, and details on the specifics of popular applications and their implementation methods, we have carried through the ideas, incorporating our own opinions, to formulate suggestions on how this could be done on a general level. The main objective was to design and develop an Intrusion Detection System. While the minor objectives were to; Design a port scanner to determine potential threats and mitigation techniques to withstand these attacks. Implement the system on a host and Run and test the designed IDS. In this project we set out to develop a Honey Pot IDS System. It would make it easy to listen on a range of ports and emulate a network protocol to track and identify any individuals trying to connect to your system. This IDS will use the following design approaches: Event correlation, Log analysis, Alerting, and policy enforcement. Intrusion Detection Systems (IDSs) attempt to identify unauthorized use, misuse, and abuse of computer systems. In response to the growth in the use and development of IDSs, we have developed a methodology for testing IDSs. The methodology consists of techniques from the field of software testing which we have adapted for the specific purpose of testing IDSs. In this paper, we identify a set of general IDS performance objectives which is the basis for the methodology. We present the details of the methodology, including strategies for test-case selection and specific testing procedures. We include quantitative results from testing experiments on the Network Security Monitor (NSM), an IDS developed at UC Davis. We present an overview of the software platform that we have used to create user-simulation scripts for testing experiments. The platform consists of the UNIX tool expect and enhancements that we have developed, including mechanisms for concurrent scripts and a record-and-replay feature. We also provide background information on intrusions and IDSs to motivate our work.
Hire Trusted Website Hackers – We, at EvolutionHackers have got you covered with the Top Website Hackers to meet your requirements. Visit for more info!
Are you looking at a professional hacker? Evolution Hackers is a professional hacker that provides the best hacking service for email and phone hacking.
Do you want to hire a professional hacker for the hacking service? We bring the best hacking service you with all professional hackers to help with all hacking projects.
Cyber security
Online protection is the act of safeguarding PCs, organizations, programming applications, basic frameworks and information from likely advanced dangers. Associations are answerable for safeguarding information to keep up with client trust and meet administrative consistence. They use network safety measures and devices to safeguard delicate information from unapproved access and forestall interruption of business tasks due to undesirable digital action. Associations carry out network protection by smoothing out computerized safeguards across individuals, cycles, and innovation. For what reason is network safety significant? Organizations in ventures as different as energy, transportation, retail and assembling utilize computerized frameworks and high velocity network to give proficient client care and run savvy business tasks. They must safeguard their digital assets and systems from unauthorized access in the same way that they safeguard their physical assets. The occasion of purposely harming and acquiring unapproved admittance to a PC framework, organization or associated office is known as a digital assault. An effective digital assault can bring about the revelation, robbery, erasure or modification of classified information. Network safety measures safeguard against digital assaults and bring the accompanying advantages.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
2. form of practical jokes. However, these intrusions did This method of evaluating the security of a system
not stay benign for long. Occasionally the less talented, has been in use from the early days of computers.
or less careful, intruders would accidentally bring down In one early ethical hack, the United States Air Force
a system or damage its files, and the system adminis- conducted a “security evaluation” of the Multics op-
trators would have to restart it or make repairs. Other erating systems for “potential use as a two-level
times, when these intruders were again denied ac- (secret/top secret) system.” 4 Their evaluation found
cess once their activities were discovered, they would that while Multics was “significantly better than other
react with purposefully destructive actions. When the conventional systems,” it also had “ . . . vulnerabil-
number of these destructive computer intrusions be- ities in hardware security, software security, and pro-
came noticeable, due to the visibility of the system cedural security” that could be uncovered with “a
or the extent of the damage inflicted, it became relatively low level of effort.” The authors performed
“news” and the news media picked up on the story. their tests under a guideline of realism, so that their
Instead of using the more accurate term of “com- results would accurately represent the kinds of ac-
puter criminal,” the media began using the term cess that an intruder could potentially achieve. They
“hacker” to describe individuals who break into com- performed tests that were simple information-gath-
puters for fun, revenge, or profit. Since calling some- ering exercises, as well as other tests that were out-
one a “hacker” was originally meant as a compliment, right attacks upon the system that might damage its
computer security professionals prefer to use the integrity. Clearly, their audience wanted to know
term “cracker” or “intruder” for those hackers who both results. There are several other now unclassi-
fied reports that describe ethical hacking activities
turn to the dark side of hacking. For clarity, we will
within the U.S. military. 5–7
use the explicit terms “ethical hacker” and “crim-
inal hacker” for the rest of this paper.
With the growth of computer networking, and of the
Internet in particular, computer and network vul-
nerability studies began to appear outside of the mil-
What is ethical hacking?
itary establishment. Most notable of these was the
With the growth of the Internet, computer security work by Farmer and Venema, 8 which was originally
has become a major concern for businesses and gov- posted to Usenet 9 in December of 1993. They dis-
ernments. They want to be able to take advantage cussed publicly, perhaps for the first time, 10 this idea
of the Internet for electronic commerce, advertis- of using the techniques of the hacker to assess the
ing, information distribution and access, and other security of a system. With the goal of raising the over-
pursuits, but they are worried about the possibility all level of security on the Internet and intranets, they
of being “hacked.” At the same time, the potential proceeded to describe how they were able to gather
customers of these services are worried about main- enough information about their targets to have been
taining control of personal information that varies able to compromise security if they had chosen to
from credit card numbers to social security numbers do so. They provided several specific examples of
and home addresses. 2 how this information could be gathered and exploited
to gain control of the target, and how such an attack
could be prevented.
In their search for a way to approach the problem,
organizations came to realize that one of the best Farmer and Venema elected to share their report
ways to evaluate the intruder threat to their inter- freely on the Internet in order that everyone could
ests would be to have independent computer secu- read and learn from it. However, they realized that
rity professionals attempt to break into their com- the testing at which they had become so adept might
puter systems. This scheme is similar to having be too complex, time-consuming, or just too boring
independent auditors come into an organization to for the typical system administrator to perform on
verify its bookkeeping records. In the case of com- a regular basis. For this reason, they gathered up all
puter security, these “tiger teams” or “ethical hack- the tools that they had used during their work, pack-
ers” 3 would employ the same tools and techniques aged them in a single, easy-to-use application, and
as the intruders, but they would neither damage the gave it away to anyone who chose to download it. 11
target systems nor steal information. Instead, they Their program, called Security Analysis Tool for Au-
would evaluate the target systems’ security and re- diting Networks, or SATAN, was met with a great
port back to the owners with the vulnerabilities they amount of media attention around the world. Most
found and instructions for how to remedy them. of this early attention was negative, because the tool’s
770 PALMER IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001
3. capabilities were misunderstood. The tool was not ability testing, but are equally important when pre-
an automated hacker program that would bore into paring the report for the client after the test.
systems and steal their secrets. Rather, the tool per-
formed an audit that both identified the vulnerabil- Finally, good candidates for ethical hacking have
ities of a system and provided advice on how to elim- more drive and patience than most people. Unlike
inate them. Just as banks have regular audits of their the way someone breaks into a computer in the mov-
accounts and procedures, computer systems also
need regular checking. The SATAN tool provided that
auditing capability, but it went one step further: it
also advised the user on how to correct the prob-
lems it discovered. The tool did not tell the user how
the vulnerability might be exploited, because there Just as in sports or warfare,
would be no useful point in doing so. knowledge of the skills
and techniques of your opponent
is vital to your success.
Who are ethical hackers?
These early efforts provide good examples of eth-
ical hackers. Successful ethical hackers possess a va-
riety of skills. First and foremost, they must be com-
ies, the work that ethical hackers do demands a lot
pletely trustworthy. While testing the security of a
of time and persistence. This is a critical trait, since
client’s systems, the ethical hacker may discover in-
formation about the client that should remain se- criminal hackers are known to be extremely patient
cret. In many cases, this information, if publicized, and willing to monitor systems for days or weeks
could lead to real intruders breaking into the sys- while waiting for an opportunity. A typical evalua-
tems, possibly leading to financial losses. During an tion may require several days of tedious work that
evaluation, the ethical hacker often holds the “keys is difficult to automate. Some portions of the eval-
to the company,” and therefore must be trusted to uations must be done outside of normal working
exercise tight control over any information about a hours to avoid interfering with production at “live”
target that could be misused. The sensitivity of the targets or to simulate the timing of a real attack.
information gathered during an evaluation requires When they encounter a system with which they are
that strong measures be taken to ensure the security unfamiliar, ethical hackers will spend the time to
of the systems being employed by the ethical hack- learn about the system and try to find its weaknesses.
ers themselves: limited-access labs with physical se- Finally, keeping up with the ever-changing world of
curity protection and full ceiling-to-floor walls, mul- computer and network security requires continuous
tiple secure Internet connections, a safe to hold paper education and review.
documentation from clients, strong cryptography to
protect electronic results, and isolated networks for One might observe that the skills we have described
testing. could just as easily belong to a criminal hacker as
to an ethical hacker. Just as in sports or warfare,
Ethical hackers typically have very strong program-
knowledge of the skills and techniques of your op-
ming and computer networking skills and have been
ponent is vital to your success. In the computer se-
in the computer and networking business for several
years. They are also adept at installing and main- curity realm, the ethical hacker’s task is the harder
taining systems that use the more popular operating one. With traditional crime anyone can become a
systems (e.g., UNIX** or Windows NT**) used on tar- shoplifter, graffiti artist, or a mugger. Their poten-
get systems. These base skills are augmented with tial targets are usually easy to identify and tend to
detailed knowledge of the hardware and software be localized. The local law enforcement agents must
provided by the more popular computer and net- know how the criminals ply their trade and how to
working hardware vendors. It should be noted that stop them. On the Internet anyone can download
an additional specialization in security is not always criminal hacker tools and use them to attempt to
necessary, as strong skills in the other areas imply break into computers anywhere in the world. Eth-
a very good understanding of how the security on ical hackers have to know the techniques of the crim-
various systems is maintained. These systems man- inal hackers, how their activities might be detected,
agement skills are necessary for the actual vulner- and how to stop them.
IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001 PALMER 771
4. Given these qualifications, how does one go about swers to questions similar to those posed by Gar-
finding such individuals? The best ethical hacker can- finkel and Spafford: 13
didates will have successfully published research pa-
pers or released popular open-source security soft- 1. What are you trying to protect?
ware. 12 The computer security community is strongly 2. What are you trying to protect against?
self-policing, given the importance of its work. Most 3. How much time, effort, and money are you will-
ethical hackers, and many of the better computer and ing to expend to obtain adequate protection?
network security experts, did not set out to focus on
these issues. Most of them were computer users from
various disciplines, such as astronomy and physics, A surprising number of clients have difficulty pre-
mathematics, computer science, philosophy, or lib- cisely answering the first question: a medical center
eral arts, who took it personally when someone dis- might say “our patient information,” an engineer-
rupted their work with a hack. ing firm might answer “our new product designs,”
and a Web retailer might answer “our customer da-
tabase.”
One rule that IBM’s ethical hacking effort had from
the very beginning was that we would not hire ex-
hackers. While some will argue that only a “real All of these answers fall short, since they only de-
hacker” would have the skill to actually do the work, scribe targets in a general way. The client usually has
we feel that the requirement for absolute trust elim- to be guided to succinctly describe all of the critical
inated such candidates. We likened the decision to information assets for which loss could adversely af-
that of hiring a fire marshal for a school district: while fect the organization or its clients. These assets
a gifted ex-arsonist might indeed know everything should also include secondary information sources,
about setting and putting out fires, would the par- such as employee names and addresses (which are pri-
ents of the students really feel comfortable with such vacy and safety risks), computer and network informa-
a choice? This decision was further justified when tion (which could provide assistance to an intruder),
the service was initially offered: the customers them- and other organizations with which this organization
selves asked that such a restriction be observed. Since collaborates (which provide alternate paths into the tar-
IBM’s ethical hacking group was formed, there have get systems through a possibly less secure partner’s
been numerous ex-hackers who have become secu- system).
rity consultants and spokespersons for the news me-
dia. While they may very well have turned away from A complete answer to (2) specifies more than just
the “dark side,” there will always be a doubt. the loss of the things listed in answer to (1). There
are also the issues of system availability, wherein a
denial-of-service attack could cost the client actual
What do ethical hackers do? revenue and customer loss because systems were un-
An ethical hacker’s evaluation of a system’s security available. The world became quite familiar with de-
seeks answers to three basic questions: nial-of-service attacks in February of 2000 when at-
tacks were launched against eBay**, Yahoo!**,
E*TRADE**, CNN**, and other popular Web sites.
● What can an intruder see on the target systems? During the attacks, customers were unable to reach
● What can an intruder do with that information? these Web sites, resulting in loss of revenue and
● Does anyone at the target notice the intruder’s at- “mind share.” The answers to (1) should contain
tempts or successes? more than just a list of information assets on the or-
ganization’s computer. The level of damage to an
While the first and second of these are clearly im- organization’s good image resulting from a success-
portant, the third is even more important: If the own- ful criminal hack can range from merely embarrass-
ers or operators of the target systems do not notice ing to a serious threat to revenue. As an example of
when someone is trying to break in, the intruders a hack affecting an organization’s image, on Janu-
can, and will, spend weeks or months trying and will ary 17, 2000, a U.S. Library of Congress Web site
usually eventually succeed. was attacked. The original initial screen is shown in
Figure 1, whereas the hacked screen is shown in Fig-
When the client requests an evaluation, there is quite ure 2. As is often done, the criminal hacker left his
a bit of discussion and paperwork that must be done or her nickname, or handle, near the top of the page
up front. The discussion begins with the client’s an- in order to guarantee credit for the break-in.
772 PALMER IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001
5. Figure 1 Library of Congress Web page before attack
Some clients are under the mistaken impression that administrators at UNICEF (United Nations Children’s
their Web site would not be a target. They cite nu- Fund) might very well have thought that no hacker
merous reasons, such as “it has nothing interesting would attack them. However, in January of 1998,
on it” or “hackers have never heard of my compa- their page was defaced as shown in Figures 3 and
ny.” What these clients do not realize is that every 4. Many other examples of hacked Web pages can
Web site is a target. The goal of many criminal hack- be found at archival sites around the Web. 14
ers is simple: Do something spectacular and then
make sure that all of your pals know that you did it. Answers to the third question are complicated by the
Another rebuttal is that many hackers simply do not fact that computer and network security costs come
care who your company or organization is; they hack in three forms. First there are the real monetary costs
your Web site because they can. For example, Web incurred when obtaining security consulting, hiring
IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001 PALMER 773
6. Figure 2 Hacked Library of Congress Web page
personnel, and deploying hardware and software to Because of Moore’s Law, 15 this may be less of an issue
support security needs. Second, there is the cost of for mainframe, desktop, and laptop machines. Yet,
usability: the more secure a system is, the more dif- it still remains a concern for mobile computing.
ficult it can be to make it easy to use. The difficulty
can take the form of obscure password selection The “get out of jail free card”
rules, strict system configuration rules, and limited
remote access. Third, there is the cost of computer Once answers to these three questions have been de-
and network performance. The more time a com- termined, a security evaluation plan is drawn up that
puter or network spends on security needs, such as identifies the systems to be tested, how they should
strong cryptography and detailed system activity log- be tested, and any limitations on that testing. Com-
ging, the less time it has to work on user problems. monly referred to as a “get out of jail free card,” this
774 PALMER IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001
7. Figure 3 UNICEF Web page before attack
is the contractual agreement between the client and importance, since a minor mistake could lead to the
the ethical hackers, who typically write it together. evaluation of the wrong system at the client’s instal-
This agreement also protects the ethical hackers lation or, in the worst case, the evaluation of some
against prosecution, since much of what they do dur- other organization’s system.
ing the course of an evaluation would be illegal in
most countries. The agreement provides a precise Once the target systems are identified, the agreement
description, usually in the form of network addresses must describe how they should be tested. The best
or modem telephone numbers, of the systems to be evaluation is done under a “no-holds-barred” ap-
evaluated. Precision on this point is of the utmost proach. This means that the ethical hacker can try
IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001 PALMER 775
8. Figure 4 Hacked UNICEF Web page
anything he or she can think of to attempt to gain “no-holds-barred” approach should be employed. An
access to or disrupt the target system. While this is intruder will not be playing by the client’s rules. If
the most realistic and useful, some clients balk at this the systems are that important to the organization’s
level of testing. Clients have several reasons for this, well-being, they should be tested as thoroughly as
the most common of which is that the target systems possible. In either case, the client should be made
are “in production” and interference with their op- fully aware of the risks inherent to ethical hacker eval-
eration could be damaging to the organization’s in- uations. These risks include alarmed staff and uninten-
terests. However, it should be pointed out to such tional system crashes, degraded network or system per-
clients that these very reasons are precisely why a formance, denial of service, and log-file size explosions.
776 PALMER IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001
9. Some clients insist that as soon as the ethical hack- The ethical hack itself
ers gain access to their network or to one of their
systems, the evaluation should halt and the client be Once the contractual agreement is in place, the test-
notified. This sort of ruling should be discouraged, ing may begin as defined in the agreement. It should
because it prevents the client from learning all that be noted that the testing itself poses some risk to
the ethical hackers might discover about their sys- the client, since a criminal hacker monitoring the
tems. It can also lead to the client’s having a false transmissions of the ethical hackers could learn the
sense of security by thinking that the first security same information. If the ethical hackers identify a
hole found is the only one present. The evaluation weakness in the client’s security, the criminal hacker
should be allowed to proceed, since where there is could potentially attempt to exploit that vulnerabil-
one exposure there are probably others. ity. This is especially vexing since the activities of the
ethical hackers might mask those of the criminal
The timing of the evaluations may also be impor- hackers. The best approach to this dilemma is to
tant to the client. The client may wish to avoid af- maintain several addresses around the Internet from
fecting systems and networks during regular work- which the ethical hacker’s transmissions will ema-
ing hours. While this restriction is not recommended, nate, and to switch origin addresses often. Complete
it reduces the accuracy of the evaluation only some- logs of the tests performed by the ethical hackers
what, since most intruders do their work outside of are always maintained, both for the final report and
the local regular working hours. However, attacks in the event that something unusual occurs. In ex-
done during regular working hours may be more eas- treme cases, additional intrusion monitoring software
ily hidden. Alerts from intrusion detection systems can be deployed at the target to ensure that all the
may even be disabled or less carefully monitored dur- tests are coming from the ethical hacker’s machines.
ing the day. Whatever timing is agreed to, the client However, this is difficult to do without tipping off
should provide contacts within the organization who the client’s staff and may require the cooperation of
can respond to calls from the ethical hackers if a sys- the client’s Internet service provider.
tem or network appears to have been adversely af-
fected by the evaluation or if an extremely danger- The line between criminal hacking and computer vi-
ous vulnerability is found that should be immediately rus writing is becoming increasingly blurred. When
corrected. requested by the client, the ethical hacker can per-
form testing to determine the client’s vulnerability
It is common for potential clients to delay the eval- to e-mail or Web-based virus vectors. However, it
uation of their systems until only a few weeks or days is far better for the client to deploy strong antivirus
before the systems need to go on-line. Such last- software, keep it up to date, and have a clear and
minute evaluations are of little use, since implemen- simple policy in place for the reporting of incidents.
tations of corrections for discovered security prob- IBM’s Immune System for Cyberspace 16,17 is another
lems might take more time than is available and may approach that provides the additional capability of
introduce new system problems. recognizing new viruses and reporting them to a cen-
tral lab that automatically analyzes the virus and pro-
In order for the client to receive a valid evaluation, vides an immediate vaccine.
the client must be cautioned to limit prior knowl-
edge of the test as much as possible. Otherwise, the As dramatized in Figure 5, there are several kinds
ethical hackers might encounter the electronic equiv- of testing. Any combination of the following may be
alent of the client’s employees running ahead of called for:
them, locking doors and windows. By limiting the
number of people at the target organization who ● Remote network. This test simulates the intruder
know of the impending evaluation, the likelihood launching an attack across the Internet. The pri-
that the evaluation will reflect the organization’s ac- mary defenses that must be defeated here are bor-
tual security posture is increased. A related issue that der firewalls, filtering routers, and Web servers.
the client must be prepared to address is the rela- ● Remote dial-up network. This test simulates the in-
tionship of the ethical hackers to the target organi- truder launching an attack against the client’s mo-
zation’s employees. Employees may view this “sur- dem pools. The primary defenses that must be de-
prise inspection” as a threat to their jobs, so the feated here are user authentication schemes. These
organization’s management team must be prepared kinds of tests should be coordinated with the local
to take steps to reassure them. telephone company.
IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001 PALMER 777
10. Figure 5 Different ways to attack computer security
DMZ
EXTRANET
STOLEN LAPTOPS
WEB
INTRANET
FIREWALL INTERNET
SERVICES
INSIDE BAD GUY OUTSIDE BAD GUY
● Local network. This test simulates an employee or phone numbers of the modem pool. Defending
other authorized person who has a legal connec- against this kind of attack is the hardest, because
tion to the organization’s network. The primary people and personalities are involved. Most peo-
defenses that must be defeated here are intranet ple are basically helpful, so it seems harmless to
firewalls, internal Web servers, server security mea- tell someone who appears to be lost where the
sures, and e-mail systems. computer room is located, or to let someone into
● Stolen laptop computer. In this test, the laptop com- the building who “forgot” his or her badge. The
puter of a key employee, such as an upper-level only defense against this is to raise security aware-
manager or strategist, is taken by the client with- ness.
out warning and given to the ethical hackers. They ● Physical entry. This test acts out a physical pene-
examine the computer for passwords stored in di- tration of the organization’s building. Special ar-
al-up software, corporate information assets, per- rangements must be made for this, since security
sonnel information, and the like. Since many busy guards or police could become involved if the eth-
users will store their passwords on their machine, ical hackers fail to avoid detection. Once inside
it is common for the ethical hackers to be able to the building, it is important that the tester not be
use this laptop computer to dial into the corpo- detected. One technique is for the tester to carry
rate intranet with the owner’s full privileges. a document with the target company’s logo on it.
● Social engineering. This test evaluates the target or- Such a document could be found by digging
ganization’s staff as to whether it would leak in- through trash cans before the ethical hack or by
formation to someone. A typical example of this casually picking up a document from a trash can
would be an intruder calling the organization’s or desk once the tester is inside. The primary de-
computer help line and asking for the external tele- fenses here are a strong security policy, security
778 PALMER IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001
11. guards, access controls and monitoring, and secu- self. He or she might choose to test the company’s
rity awareness. systems, possibly annoying system administrators or
even inadvertently hiding a real attack. The employee
Each of these kinds of testing can be performed from might also choose to test the systems of another or-
three perspectives: as a total outsider, a “semi-out- ganization, which is a felony in the United States
sider,” or a valid user. when done without permission.
A total outsider has very limited knowledge about The actual delivery of the report is also a sensitive
the target systems. The only information used is avail- issue. If vulnerabilities were found, the report could
able through public sources on the Internet. This test be extremely dangerous if it fell into the wrong hands.
represents the most commonly perceived threat. A A competitor might use it for corporate espionage,
well-defended system should not allow this kind of a hacker might use it to break into the client’s com-
intruder to do anything. puters, or a prankster might just post the report’s
contents on the Web as a joke. The final report is
A semi-outsider has limited access to one or more typically delivered directly to an officer of the client
of the organization’s computers or networks. This organization in hard-copy form. The ethical hack-
tests scenarios such as a bank allowing its deposi- ers would have an ongoing responsibility to ensure
tors to use special software and a modem to access the safety of any information they retain, so in most
information about their accounts. A well-defended cases all information related to the work is destroyed
system should only allow this kind of intruder to ac- at the end of the contract.
cess his or her own account information.
Once the ethical hack is done and the report deliv-
A valid user has valid access to at least some of the ered, the client might ask “So, if I fix these things
organization’s computers and networks. This tests I’ll have perfect security, right?” Unfortunately, this
whether or not insiders with some access can extend is not the case. People operate the client’s comput-
that access beyond what has been prescribed. A well- ers and networks, and people make mistakes. The
defended system should allow an insider to access longer it has been since the testing was performed,
only the areas and resources that the system admin- the less can be reliably said about the state of a cli-
istrator has assigned to the insider. ent’s security. A portion of the final report includes
recommendations for steps the client should con-
The actual evaluation of the client’s systems proceeds tinue to follow in order to reduce the impact of these
through several phases, as described previously by mistakes in the future.
Boulanger. 18
The final report Conclusions
The final report is a collection of all of the ethical The idea of testing the security of a system by trying
hacker’s discoveries made during the evaluation. to break into it is not new. Whether an automobile
Vulnerabilities that were found to exist are explained company is crash-testing cars, or an individual is test-
and avoidance procedures specified. If the ethical ing his or her skill at martial arts by sparring with
hacker’s activities were noticed at all, the response a partner, evaluation by testing under attack from
of the client’s staff is described and suggestions for a real adversary is widely accepted as prudent. It is,
improvements are made. If social engineering test- however, not sufficient by itself. As Roger Schell ob-
ing exposed problems, advice is offered on how to served nearly 30 years ago:
raise awareness. This is the main point of the whole
exercise: it does clients no good just to tell them that From a practical standpoint the security problem
they have problems. The report must include spe- will remain as long as manufacturers remain com-
cific advice on how to close the vulnerabilities and mitted to current system architectures, produced
keep them closed. The actual techniques employed without a firm requirement for security. As long
by the testers are never revealed. This is because the as there is support for ad hoc fixes and security pack-
person delivering the report can never be sure just ages for these inadequate designs and as long as the
who will have access to that report once it is in the illusory results of penetration teams are accepted as
client’s hands. For example, an employee might want demonstrations of a computer system security, proper
to try out some of the techniques for himself or her- security will not be a reality. 19
IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001 PALMER 779
12. Regular auditing, vigilant intrusion detection, good 11. See http://www.cs.ruu.nl/cert-uu/satan.html.
system administration practice, and computer secu- 12. This strategy is based on the ideal of raising the security of
the whole Internet by giving security software away. Thus,
rity awareness are all essential parts of an organi- no one will have any excuse not to take action to improve
zation’s security efforts. A single failure in any of security.
these areas could very well expose an organization 13. S. Garfinkel and E. Spafford, Practical Unix Security, First Edi-
to cyber-vandalism, embarrassment, loss of revenue tion, O’Reilly & Associates, Cambridge, MA (1996).
14. For a collection of previously hacked Web sites, see http://
or mind share, or worse. Any new technology has its www.2600.com/hacked_pages/ or http://defaced.alldes.de. Be
benefits and its risks. While ethical hackers can help forewarned, however, that some of the hacked pages may con-
clients better understand their security needs, it is tain pornographic images.
up to the clients to keep their guards in place. 15. In 1965, Intel cofounder Gordon Moore was preparing a
speech and made a memorable observation. When he started
to graph data about the growth in memory chip performance,
Acknowledgments he realized there was a striking trend. Each new chip con-
tained roughly twice as much capacity as its predecessor, and
The author would like to thank several people: the each chip was released within 18 –24 months of the previous
members of the Global Security Analysis Lab at IBM chip. In subsequent years, the pace slowed down a bit, but
data density has doubled approximately every 18 months, and
Research for sharing their amazing expertise and this is the current definition of Moore’s Law.
their ability to make just about anyone understand 16. J. O. Kephart, G. B. Sorkin, D. M. Chess, and S. R. White,
more about security; Chip Coy and Nick Simicich “Fighting Computer Viruses,” Scientific American 277, No.
for their trailblazing work in defining IBM’s Security 5, 88 –93 (November 1997).
Consulting Practice at the very beginning; and Paul 17. See http://www.research.ibm.com/antivirus/SciPapers.htm for
additional antivirus research papers.
Karger for his encyclopedic knowledge of computer 18. A. Boulanger, “Catapults and Grappling Hooks: The Tools
security research and for his amazing ability to pro- and Techniques of Information Warfare,” IBM Systems Jour-
duce copies of every notable paper on the subject nal 37, No. 1, 106 –114 (1998).
that was ever published. 19. R. R. Schell, P. J. Downey, and G. J. Popek, Preliminary Notes
on the Design of Secure Military Computer Systems, MCI-73-1,
**Trademark or registered trademark of the Open Group, Mi- ESD/AFSC, Hanscom Air Force Base, Bedford, MA (Jan-
crosoft Corporation, eBay Inc., Yahoo! Inc., E*TRADE Secu- uary 1973).
rities, Inc., or Cable News Network LP, LLLP.
Accepted for publication April 13, 2001.
Cited references and notes
Charles C. Palmer IBM Research Division, Thomas J. Watson
1. E. S. Raymond, The New Hacker’s Dictionary, MIT Press, Research Center, P.O. Box 218, Yorktown Heights, New York 10598
Cambridge, MA (1991). (electronic mail: ccpalmer@us.ibm.com). Dr. Palmer manages the
2. S. Garfinkel, Database Nation, O’Reilly & Associates, Cam- Network Security and Cryptography department at the IBM Tho-
bridge, MA (2000). mas J. Watson Research Center. His teams work in the areas of
3. The first use of the term “ethical hackers” appears to have cryptography research, Internet security technologies, JavaTM se-
been in an interview with John Patrick of IBM by Gary An- curity, privacy, and the Global Security Analysis Lab (GSAL),
thens that appeared in a June 1995 issue of ComputerWorld. which he cofounded in 1995. As part of the GSAL, Dr. Palmer
4. P. A. Karger and R. R. Schell, Multics Security Evaluation: worked with IBM Global Services to start IBM’s ethical hacking
Vulnerability Analysis, ESD-TR-74-193, Vol. II, Headquar- practice. He frequently speaks on the topics of computer and net-
ters Electronic Systems Division, Hanscom Air Force Base, work security at conferences around the world. He was also an
MA (June 1974). adjunct professor of computer science at Polytechnic University,
5. S. M. Goheen and R. S. Fiske, OS/360 Computer Security Pen- Hawthorne, New York, from 1993 to 1997. He holds four patents
etration Exercise, WP-4467, The MITRE Corporation, Bed- and has several publications from his work at IBM and Polytech-
ford, MA (October 16, 1972). nic.
6. R. P. Abbott, J. S. Chen, J. E. Donnelly, W. L. Konigsford,
and S. T. Tokubo, Security Analysis and Enhancements of Com-
puter Operating Systems, NBSIR 76-1041, National Bureau
of Standards, Washington, DC (April 1976).
7. W. M. Inglis, Security Problems in the WWMCCS GCOS Sys-
tem, Joint Technical Support Activity Operating System Tech-
nical Bulletin 730S-12, Defense Communications Agency
(August 2, 1973).
8. D. Farmer and W. Z. Venema, “Improving the Security of Your
Site by Breaking into It,” originally posted to Usenet (Decem-
ber 1993); it has since been updated and is now available at
ftp://ftp.porcupine.org/pub/security/index.html#documents.
9. See http://www.faqs.org/usenet/.
10. Who can really determine who said something first on the
Internet?
780 PALMER IBM SYSTEMS JOURNAL, VOL 40, NO 3, 2001