The document discusses ethical hacking. It defines ethical hackers as those who test systems and networks for vulnerabilities with authorization from the client. Ethical hackers follow guidelines such as maintaining confidentiality and not damaging systems. The document outlines the phases of hacking including reconnaissance, scanning, gaining access, and covering tracks. It emphasizes that ethical hacking is important for improving security when done properly.
Ethical hacking also known as penetration testing or white-hat hacking, involves the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is legal. Ethical hacking is performed with the target’s permission. The intent of ethical hacking is to discover vulnerabilities from a hacker’s
viewpoint so systems can be better secured. It’s part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.
In present world, where computers/laptops and smart phone made it possible to extract other's secrets, a need has been imminent to handle such problems by Cyber Security Regime, which not only be launched by individuls(IT Expert) of organizations but the governments of the country should also play a vital role.
Ethical hacking also known as penetration testing or white-hat hacking, involves the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is legal. Ethical hacking is performed with the target’s permission. The intent of ethical hacking is to discover vulnerabilities from a hacker’s
viewpoint so systems can be better secured. It’s part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.
In present world, where computers/laptops and smart phone made it possible to extract other's secrets, a need has been imminent to handle such problems by Cyber Security Regime, which not only be launched by individuls(IT Expert) of organizations but the governments of the country should also play a vital role.
This will give you knowledge about basics of what ethical hacking is and few attacks. This document edited in Ubuntu. Types of hackers explained in detail. what kind of language is used by the hacker. How attacks happen with the help of scanning and access point for the system which is helpfull for the hacker after doing attacks gaining the access and maintaining the access. how to protect the system from the attackers and what to do after the attack happened.
This is a presentation I gave to senior high school students. The 1st part is an overview the 2nd part is more detailed on the ways to perform the Ethical Hacking.
Need my help? Contact Keith Brooks via one of the following ways:
Blog http://blog.vanessabrooks.com
Twitter http://twitter.com/lotusevangelist
http://about.me/keithbrooks
This will give you knowledge about basics of what ethical hacking is and few attacks. This document edited in Ubuntu. Types of hackers explained in detail. what kind of language is used by the hacker. How attacks happen with the help of scanning and access point for the system which is helpfull for the hacker after doing attacks gaining the access and maintaining the access. how to protect the system from the attackers and what to do after the attack happened.
This is a presentation I gave to senior high school students. The 1st part is an overview the 2nd part is more detailed on the ways to perform the Ethical Hacking.
Need my help? Contact Keith Brooks via one of the following ways:
Blog http://blog.vanessabrooks.com
Twitter http://twitter.com/lotusevangelist
http://about.me/keithbrooks
Animetrics Webinar: How Law Enforcement is Closing Cases with Face Biometric ...Animetrics
Animetrics Webinar - How Law Enforcement is Closing Cases with Face Biometric Technology
Learn how Pennsylvania police are identifying suspects and furthering investigations with facial recognition and ForensicaGPS, Animetrics’ new facial identity biometric solution
This informative webinar from the face recognition experts at Animetrics is about new facial recognition and facial identity biometric solutions for law enforcement. Learn how police and forensic analysts in Pennsylvania are using new advanced investigative 2D-3D facial recognition and facial identity analytic tools in their casework to more quickly and accurately ID criminal suspects caught on photo or video surveillance.
This presentation outlines the use case for facial identity biometrics in law enforcement, diving deep into ForensicaGPS, Animetrics’ new investigative 2D-3D facial identity analysis and comparison solution, which is part of the Pennsylvania Justice Network’s award-winning face biometric program.
ForensicaGPS is a powerful new facial biometric tool for local, state and federal law enforcement that enables police to swiftly and accurately identify criminal suspects, even from a low-resolution photo or video surveillance. Its advanced facial forensic tools enable law enforcement to analyze and compare multiple images for faster, more precise identification of suspects.
ForensicaGPS translates 2D facial images from a digital photo or video frame into a 3D image via Animetrics’ patented 3D face-reco technology. ForensicaGPS’s unique facial creation and image quality enhancement tool converts photos and video frames of a person’s face into “ID ready” images including facial pose correction. This makes it easier for victims to identify suspects or for law enforcement to compare the images against mug shots within correction facilities and criminal databases or facial recognition systems.
It is available for a free trial at http://animetrics.com/forensicagps/
Headquartered in Conway, N.H., Animetrics is a leading developer of advanced face recognition applications and face identity management solutions, which are driving market acceptance of next generation facial biometrics in government, homeland security and law enforcement. Animetrics’ patented technology features FACEngine®, the advanced facial recognition engine behind all of Animetrics’ facial biometric solutions. Learn more at www.animetrics.com
Big Data and Machine Learning Workshop - Day 2 @ UTACMAmir Sedighi
اسلاید دومین روز از کارگاه ۷ روزه دادههای بزرگ و یادگیری ماشین که با تاکید بر یادگیری بدون نظارت و یک نمونه کاربردی خوشه بندی متن با استفاده از الگوریتمهای وزندهی به واژهها، کانوپی و کیمینز در تاریخ ۱۳ مرداد ۱۳۹۵ در محل دانشکده فنی دانشگاه تهران برگزار شد. این دوره به همت ایسیام دانشگاه تهران برگزار میشود
زمان هر جلسه ۲ ساعت است
Big Data and Machine Learning Workshop - Day 6 @ UTACMAmir Sedighi
اسلاید روز ششم از کارگاه ۷ روزه دادههای بزرگ و یادگیری ماشین که با تاکید بر یادگیری ژرف برگزار شد. جلسه ششم کارگاه نیز به یادگیری ژرف و کاربردها اختصاص خواهد یافت. این کارگاه به همت ایسیام دانشگاه تهران در محل دانشکده فنی برگزار میشود
زمان هر جلسه ۲ ساعت است
Understand what Ethical Hacking is, what are it's phases, and how it is different from Hacking.
Followed by screenshots of two common ethical hacking attacks.
PowerPoint Presentation On Ethical Hacking in Brief (Simple)Shivam Sahu
PowerPoint Presentation On Ethical Hacking in Brief (Simple) Easy To Understand for all MCA BCA Btech Mtech and all Student who want a best powerpoint or seminar presentation on Ethical Hacking
This is the brief description on Ethical Hacking.
You can surely download it & do ask me if any queries regarding any topic , will answer it soon as possible...
This is for educational purposes only and not to be used as a means to scam or attack.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
2. Ethical hackers are
motivated by different
reasons,but their purpose is
usually the same as that of
crackers: they’re trying to
determine what an intruder
can see on a network or
system and what the hacker
can do with that information
.This process of testing the
security of a system or
network is known as
penetration test or pen test.
3.
4. White Hat Hackers:
A White Hat who specializes in penetration testing and in other
testing methodologies to ensure the security of an organization's
information systems.
Black Hat Hackers:
A Black Hat is the villain or bad guy, especially in a western movie in
which such a character would stereotypically wear a black hat in
contrast to the hero's white hat.
Gray Hat Hackers:
A Grey Hat, in the hacking community, refers to a skilled hacker
whose activities fall somewhere between white and black hat hackers
on a variety of spectra
5. Hacking - showing computer expertise
Cracking - breaching security on software or systems
Phreaking - cracking telecom networks
Spoofing - faking the originating IP address in a
datagram
Denial of Service (DoS) - flooding a host with sufficient
network traffic so that it can’t respond anymore
Port Scanning - searching for vulnerabilities
6. Gain authorization from the client and have a signed contract
giving the tester permission to perform the test.
Maintain and follow a nondisclosure agreement(NDA) with the
client in case of confidential information disclosed during the test.
Maintain confidentiality when performing the test.Information
gathered may contain sensitive information.No information about
the test or company confidential data should ever be disclosed to
a third party
Perform the test up to but beyond the agreed upon limits. For
example,DoS attacks should only be run as part of the test if they
have previously been agreed upon with the client.Loss of
revenue,goodwill, and worse could befall an organisation whose
server or application are unavailable to customers as a result of
test.
7. Why Do We Need Ethical Hacking
Viruses, Trojan
Horses,
and Worms
Social
Engineering
Automated
Attacks
Accidental
Breaches in
Security Denial of
Service (DoS)
Organizational
Attacks
Restricted
Data
Protection from possible External Attacks
8. 1969 - Unix ‘hacked’ together
1971 - Cap ‘n Crunch phone exploit discovered
1988 - Morris Internet worm crashes 6,000 servers
1994 - $10 million transferred from CitiBank accounts
1995 - Kevin Mitnick sentenced to 5 years in jail
2000 - Major websites succumb to DDoS
2000 - 15,700 credit and debit card numbers stolen fromWestern Union (haked while web
database was undergoing maintenance)
2001 Code Red
exploitedbug in MS IIS to penetrate & spread
probes random IPs for systems running IIS
had trigger time for denial-of-service attack
2nd wave infected 360000 servers in 14 hours
Code Red 2 - had backdoor installed to allow remote control
Nimda -used multiple infection mechanisms email, shares, web client, IIS
2002 – SlammerWorm brings web to its knees by attacking MS SQL Server
9. To make security stronger ( Ethical Hacking )
Just for fun
Show off
Hack other systems secretly
Notify many people their thought
Steal important information
Destroy enemy’s computer network during
the war
10. Hackers
Access computer system or network without authorization
Breaks the law; can go to prison
Crackers
Break into systems to steal or destroy data
U.S. Department of Justice calls both hackers
Ethical hacker
Performs most of the same activities but with owner’s permission
Hands-On Ethical Hacking and Network Defense 10
11. Buffer overflow attack.
Denial of service(DoS) attacks.
Distributed Denial of Service(DDoS) attacks
Misconfigurations
Abuse of trust
Brute force attacks
CGI andWWW services
Backdoors andTrojans.
13. 28.02.13The CyberThreat: Planning for theWay Ahead
Director says network intrusions pose urgent threat to
nation’s security and economy.
05.02.13Sextortion Cons Like ‘Bieber Ruse’Targeted Minor
Girls
Tricks like an Alabama man’s claim to be Justin Bieber
target minors on social websites.
15. Reconnaissance refers to the preparatory
phase where an attacker gathers as much
information as possible about the target
prior to launching the attack. Also in this
phase, the attacker draws on competitive
intelligence to learn more about the
target. This phase may also involve
network scanning,either external or
internal, without authorization
16. Scanning is the method an attacker performs
prior to attacking the network. In scanning,
the attacker uses the details gathered during
reconnaissance to identify specific
vulnerabilities. Scanning can be considered a
logical extension (and overlap) of the active
reconnaissance. Often attackers use
automated tools such as network/host
scanners, and war dialers to locate systems
and attempt to discover vulnerabilities.
17.
18. Gaining access is the most important phase of
an attack in terms of potential damage.
Attackers need not always gain access to the
system to cause damage. For instance, denial-
of-service attacks can either exhaust resources
or stop services from running on the target
system. Stopping of service can be carried out by
killing processes, using a logic/time bomb, or
even reconfiguring and crashing the system.
Resources can be exhausted locally by filling up
outgoing communication links.
19.
20. Once an attacker gains access to the target
system, the attacker can choose to use both the
system and its resources, and further use the
system as a launch pad to scan and exploit other
systems, or to keep a low profile and continue
exploiting the system. Both these actions can
damage the organization. For instance, the
attacker can implement a sniffer to capture all
network traffic, including telnet and ftp sessions
with other systems.
21.
22. An attacker would like to destroy evidence of his/her presence and
activities for various reasons such as maintaining access and
evading punitive action. Erasing evidence of a compromise is a
requirement for any attacker who would like to remain obscure.
This is one of the best methods to evade trace back.This usually
starts with erasing the contaminated logins and any possible error
messages that may have been generated from the attack
process, e.g., a buffer overflow attack will usually leave a message
in the systemlogs. Next, the attention is turned to effecting
changes so that future logins are not logged. By manipulating and
tweaking the event logs, the system administrator can be
convinced that the output of his/her system is correct, and that no
intrusion or compromise has actually taken place
23.
24. To protect cyber crime
To protect secret information of any country’s
secret information
If you know how to rob somebody …..then
atleast you know how to protect your self.
25. Never use computer of untrusted
person/Cyber Cafe for E-BANKING!!!
Be careful in using PUBLICWI-FI
Facebook can be FUN but if possible avoid
using FACEBOOK Apps
Keep changing your PASSWORDS once in a
while !!!
Be careful in usingTorrents
Never leave your PC unattended
26. Ethical hacking is more than running hacking tools
and gaining unauthorized access to system just to see
what is accessible.When performed by a security
professional, ethical hacking encompasses all aspects
of reconnsissance and information gathering ,a
structured approach, and post attack analysis. Ethical
hacker require in-depth knowledge of systems and
tools as well as a great deal of patience and restraint
to ensure no damage is done to the target systems.
Hacking can be performed ethically and in fact is
being mandated by government and the private
sector to ensure systems security.