This document discusses ethical hacking and network defense. It defines ethical hacking as using hacking skills to identify vulnerabilities in a system in order to strengthen its security, without causing damage. Various types of hackers are described, including black hat hackers who perform malicious acts, white hat hackers who use their skills ethically, and grey hat hackers who work both offensively and defensively. The need for information security and common types of security controls are also outlined. Ethical hacking is presented as using the same tools as malicious hackers but to fix issues rather than exploit systems.

1. ETHICAL HACKING AND
NETWORK DEFENSE
~ S. Janani, Assistant Professor/CSE
Kamaraj College of Engineering and Technology

2. Unit Contents
 Understanding the importance of security
 Concept of ethical hacking and essential
Terminologies- Threat, Attack, Vulnerabilities,
Target of Evaluation, Exploit
 Phases involved in hacking

3. Introduction
 Ethical Hacking
 Hackers
 Why Hacking
 Types of Hackers
 What should do after hacked
 Hacking stages
 Need of Ethical Hacking
 Skills required for Ethical Hacking

4. Ethical Hacking
 Ethical Hacking is an authorized practice of
bypassing system security to identify potential
data breaches and threats in a network
 Evaluate target systems security and report
back to the owners about the bugs found
 Neither damage the system nor steal
information

5. Hackers
 A person who enjoys learning details of a
programming language or system
 A person who enjoys actually doing
programming rather theorizing about it
 A person capable of appreciating someone
else’s hacking
 A person who picks up programming quickly
 A person who is expert at a particular
programming language or system

6. Why hacking
 Just for fun
 Show off
 Hack others system secretly
 Notify many people their thought
 Steal important information
 Destroy enemy’s computer network during the
war

7. Types of hackers
 Black hat hacker
 White hat hacker
 Grey hat hacker

8.  Black hat hacker
 Extraordinary computing skills resorting to malicious or
destructive activities
 Use their knowledge and skill for their own personal gain
and probably hurting others
 White hat hacker
 Professing hacker skills and using them for defensive
purposes
 Use their knowledge and skill for the good of others and for
the common good
 Grey hat hacker
 Who work both offensively and defensively at various times

9. What should do after hacked
 Shut down or turn off the system
 Separate the system form network
 Restore the system with the backup or reinstall
all the programs
 Intimate the professional

10. Hacking stages
 Foot printing
 Scanning
 Gaining Access
 Maintaining Access

11.  Foot printing
 Whatis lookup
 NS lookup
 IP lookup
• Scanning
 Port scanning
 Network scanning
 Fingerprinting
 Fire walking
• Gaining Access
 Password attacks
 Social Engineering
 Viruses
• Maintaining Access
 OS backdoors
 Trojan
 Clears Tracks

12. Need of Ethical Hacking
 Protection form possible external attacks

13. Skills required for Ethical
Hacking
 Microsoft
 Linux
 Firewall
 Routers
 Mainframes
 Network protocol
 Project Management

14. Understanding the importance of
security
 Security relates to the protection of valuable
assets against unavailability, loss, misuse,
disclosure or damage.
 In this context, valuable assets are the information
recorded on, processed by, stored in, shared by,
transmitted from or retrieved from any medium.
 The information must be protected against harm
from threats leading to different types of impacts,
such as loss, inaccessibility, alteration or wrongful
disclosure
 Threats include errors and omissions, fraud,
accidents, and intentional damage.

15. How Cyber Crimes Affect
Information Security
 According to Cisco, the number of connected
devices could increase to 50 billion by 2020
 Since these connected devices contain a huge
volume of data that need to be protected,
cybercrime could become a major threat to every
business in the world
 Although cybersecurity initiatives are being
undertaken by national and international
governments, ultimately it is organizations that are
responsible for protecting their own data
 As a result, businesses are now focusing on
developing secure systems that enhance
information security

16. Need for Information Security
1) To prevent data breaches
A data breach resulting in the loss of critical
business information is quite common. Due to a
large amount of data stored on company
servers, businesses often become the main
target of cyber-criminals if the network is
unprotected. The breaches involving business
secrets, confidential health information, and
intellectual property can greatly impact the
overall health of a business

17. 2) To check for compromised credentials and
broken authentication
Data breaches and other cyber attacks are
usually a result of lax authentication, weak
passwords, and poor certificate or key
management. Companies often struggle with
assigning permissions to appropriate users or
departments, resulting in identity theft.

18. 3) To avoid account hijacking
Phishing, fraud, and software exploitations are
still very common. Companies relying on cloud
services are especially at risk because they are
an easy target for cybercriminals, who can
eavesdrop on activities, modify data and
manipulate transactions. These third-party
applications can be used by attackers to launch
other attacks as well

19. 4) To mitigate cyber threats from malicious
insiders
An existing or former employee, a cunning
business partner, a system administrator or an
intruder can destroy the whole information
infrastructure or manipulate data for their own
purpose. Therefore, it is the responsibility of an
organization to take effective measures to
control the encryption process and keys.
Effective monitoring, logging, and auditing
activities are extremely important to keep
everything under control

20. Types of Information Security
Controls
There are three different types of information
security controls used to protect data.
 Physical Control: Physical controls are the
simplest form of information security. These
are the things that can actually be touch and
seen, such as password-protected locks to
avoid unauthorized entry to a secure server
room, alarm systems, fences and more

21.  Administrative Control: These controls mainly
involve manual efforts to ensure data security. These
include enforcing policies, standards, guidelines and
following procedures to ensure business continuity
and data protection. Some of the examples of
administrative controls include disaster recovery
plans, internet usage policies and termination
procedures.
 Technical Control: These controls are considered the
most effective of all because they make use of the
latest technologies and systems to limit access to
information. Some of the examples of technical
controls include firewalls, anti-virus software, file
permissions, access control lists and cutting-edge
data security technologies that are hard to penetrate.

22. Concept of ethical hacking
 same software tools and techniques as
malicious hackers to find the security
weakness in computer networks and systems
 apply the necessary fix or patch to prevent the
malicious hacker from gaining access to the
data
 never-ending cycle as new weaknesses are
constantly being discovered in computer
systems and patches are created by the
software vendors to mitigate the risk of attack.

23.  Ethical hackers are usually security professionals
or network penetration testers who use their
hacking skills and toolsets for defensive and
protective purposes
 The term cracker describes a hacker who uses
their hacking skills and toolset for destructive or
offensive purposes such as disseminating viruses
or performing denial-of service (DoS) attacks to
compromise or bring down systems and networks
 these hackers are sometimes paid to damage
corporate reputations or steal or reveal credit card
information, while slowing business processes
and compromising the integrity of the organization