4. • The other day, the NASA network was
attacked by a kid from Russia who
managed to control a spaceship in space.
So imagine being able to do something like
that! More recently, there’s something
called the Stuxnet Worm. Everybody says
that the US government created the virus
and what the virus did was that it attacked
only the Iranian nuclear department
computer. So the next world war, if it ever
happens, may actually be through the
internet. You don’t necessarily need to go
with tanks and bombs and airplanes to take
over a country anymore.
6. • Internet Worm
– Robert T. Morris made an internet worm. It spread
through the internet and crashed about 6000 systems.
• Cuckoo’s Egg
– Clifford Stoll caught the hackers who are the German
hackers applied by KGB
– IP Spoof
• Kevin Mitnick was caught by Tsutomu Shimomura who was
security expert. Kevin Mitnick uses the IP Spoof attack in this
accident
7. • Hack
– Cut with repeated irregular blows
– Examine something very minutely
• Hacker
– The person who hacks
• Cracker
– System intruder/destroyer
8. • Just for fun
• Show off
• Hack other systems secretly
• Notify many people their thought
• Steal important information
• Destroy enemy’s computer network during
the war
9. Let me jus see, what
he saves on his
system
Goddamn this
computer is
hacked again
10. • How much fun can you derive from prying into
people’s private details?
Let me see
what’s on his
facebook
account
13. White Hats, in contrast, are hackers who
use their talent to protect and defend
networks.
Black Hats who are highly skilled, but have
malevolent and detrimental intent
Gray Hats hack for different reasons
either ethically or unethically depending
on the situation and circumstances at
hand
14. • Install irc related program
– identd, irc, bitchx, eggdrop, bnc
• Install scanner program
– mscan, sscan, nmap
• Install exploit program
• Install denial of service program
• Use all of installed programs silently
15.
16.
17. An ethical hacker is usually somebody hired by
a company and given permission to hack into
their network and in the process get to know
what the security loopholes are. In the
process, they will create a report saying “Hey
these are your problems and this is how you
can fix them”. So this is what an ethical hacker
does. He takes the knowledge of the criminal
and uses it against him.
18.
19. • Study C/C++/assembly language
• Study computer architecture
• Study operating system
• Study computer network
• Examine the hacking tools for a month
• Think the problem of the computer
20. • To become a hacker you need four things: You
need to know about programming, you need
to know networking,the basics of Linux and,
most importantly, you need to know how to
think like a criminal.
21. • The first three things can be learned but the
fourth thing you have to learn on your own.
It’s a talent you have to develop, and I classify
thinking like a criminal as a talent which you
definitely require if you want to be successful
as a hacker.
22.
23.
24. • the biggest risk in an organization is its
own employees…
• Does that mean that all the companies
are sitting there reading all the emails
that we are sending out from the
company account?
• Of course. In the U.S, employees have to
sign a document authorizing the company
to look into their email accounts
whenever they wish. I don’t know about
Mauritius but in India they don’t make
employees sign anything but go through
the employees’ emails nevertheless.
25. • Patch security hole often
• Encrypt important data
– Ex) pgp, ssh
• Do not run unused daemon
• Remove unused setuid/setgid program
• Setup loghost
• Backup the system often
26. • Shutdown the system
– Or turn off the system
• Separate the system from network
• Restore the system with the backup
– Or reinstall all programs
• Connect the system to the network
• It can be good to call the police