SlideShare a Scribd company logo

How hackers attack networks

Download as PPT, PDF
Adeel Javaid
Adeel Javaid

Learn the ways hackers may use to attack your network. It will help you to secure your networks from vulnerabilities.

Technology
1 of 31
How Hackers Attack Networks Muhammad Adeel Javaid
Common platforms for attacks   Windows 98/Me/XP Home Edition Linux, OpenBSD, Trinux, and other low-cost forms of UNIX
Local and remote attacks   Local: Attacks performed with physical access to the machine Remote: Attacks launched over the network
Why worry about local attacks on workstations?    Hackers can collect more information about a network and its users. Hackers can obtain the administrator password on a workstation, which can lead to server access. Spyware can be installed to gather more sensitive information.
Common local attacks  Getting admin/root at the local machine  Windows Workstation: Rename or delete c:winntsystem32configSAM  Linux: at LILO prompt, type linux s  Cracking local passwords  L0phtcrack   (LC) Removing hard drive to install in another box Exploiting files or commands available upon login  C:Documents and SettingsAll UsersStart MenuProgramsStartup  Registry commands, such as adding users
Cracking over the network: A four-step program 1. 2. 3. 4. Footprinting Scanning and enumerating Researching Exploiting
Footprinting Finding out what an organization owns:  Find the network block.  Ping the network broadcast address.
Scanning and enumerating    What services are running? What accounts exist? How are things set up?
Scanning and enumerating: Methods and tools  Port scanning   Sniffing   Nmap ngrep SNMP  Solarwinds  Null session   NBTenum Nbtdump
Scanning and enumerating: Methods and tools (cont.)  Null session    NBTenum Nbtdump NetBIOS browsing   Netview Legion  Vulnerability scanners    Nessus Winfingerprint LANGuard
Researching Researching security sites and hacker sites can reveal exploits that will work on the systems discovered during scanning and enumerating.      http://www.securityfocus.com/ http://www.networkice.com/advice/Exploits/Ports http://www.hackingexposed.com http://www.ntsecurity.net/ http://www.insecure.org/
Exploits      Brute force/dictionary attacks Software bugs Bad input Buffer overflows Sniffing
Countering hackers  Port scanning     Block all ports except those you need Block ICMP if practical NT: IPsec; Linux: iptables Sniffing    Use switched media Use encrypted protocols Use fixed ARP entries
Countering hackers (cont.)  Null  sessions Set the following registry value to 2 [HKEY_LOCAL_MACHINESYSTEMCurren tControlSetControlLsaRestrictAnonymous]  Use   IDS Snort BlackICE
Identifying attacks     On Windows, check the event log under Security. On Linux, check in /var/log/. Review IIS logs at winntsystem32LogFiles. Check Apache logs at /var/log/httpd.
Administrative shares:    Make life easier for system admins. Can be exploited if a hacker knows the right passwords. Standard admin shares:    Admin$ IPC$ C$ (and any other drive in the box)
Control the target  Establish connection with target host.    Use Computer Management in MMC or Regedit to change system settings. Start Telnet session.   net use se-x-xipc$ /u:se-x-xadministrator at se-x-x 12:08pm net start telnet Turning off file sharing thwarts these connections.
Counters to brute force/dictionary attacks  Use good passwords.      Use account lockouts. Limit services.   No dictionary words Combination of alpha and numeric characters At least eight-character length If you don’t need, it turn it off. Limit scope.
Buffer overflow Cracker sends more data then the buffer can handle, at the end of which is the code he or she wants executed. Code Allotted space on stack Code Data sent Stack smashed; Egg may be run.
Hacker = Man in the middle
Sniffing on local networks    On Ethernet without a switch, all traffic is sent to all computers. Computers with their NIC set to promiscuous mode can see everything that is sent on the wire. Common protocols like FTP, HTTP, SMTP, and POP3 are not encrypted, so you can read the passwords as plain text.
Sniffing: Switched networks    Switches send data only to target hosts. Switched networks are more secure. Switches speed up the network.
ARP Spoofing Hackers can use programs like arpspoof to change the identify of a host on the network and thus receive traffic not intended for them.
ARP spoofing steps 1. Set your machine to forward packets: Linux: echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv4/ip_forward BSD: sysctl -w net.inet.ip.forwarding=1 2. Start arpspoofing (using two terminal windows) arpspoof -t 149.160.x.x 149.160.y.y arpspoof -t 149.160.y.y 149.160.x.x 3. Start sniffing ngrep host 149.160.x.x | less OR Dsniff | less
Counters to ARP spoofing   Static ARP tables ARPWatch  Platforms: AIX, BSDI, DG-UX, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD, SCO, Solaris, SunOS, True64 UNIX, Ultrix, UNIX
IP spoofing:     Fakes your IP address. Misdirects attention. Gets packets past filters. Confuses the network.
DoS Denial of service attacks make it slow or impossible for legitimate users to access resources.  Consume resources    Drive space Processor time Consume Bandwidth   Smurf attack DDoS
SYN flooding   Numerous SYN packets are transmitted, thus tying up connections. Spoofing IP prevents tracing back to source.
Smurf attack    Ping requests are sent to the broadcast address of a Subnet with a spoofed packet pretending to be the target. All the machines on the network respond by sending replies to the target. Someone on a 56K line can flood a server on a T1 by using a network with a T3 as an amplifier.  Example command: nemesis-icmp -I 8 -S 149.160.26.29 -D 149.160.31.255
Distributed denial of service Use agents (zombies) on computers connected to the Internet to flood targets. Client Master Agent Agent Master Agent Target Master Agent Agent
Common DDoS zombie tools: Trinoo  TFN  Stacheldraht  Troj_Trinoo  Shaft Sniff the network to detect them or use ZombieZapper from Razor Team to put them back in their graves. 

Recommended

Intro To Hacking
Intro To HackingIntro To Hacking
Intro To Hacking
nayakslideshare
 
Telehack: May the Command Line Live Forever
Telehack: May the Command Line Live ForeverTelehack: May the Command Line Live Forever
Telehack: May the Command Line Live Forever
Gregory Hanis
 
Linux Network Security
Linux Network SecurityLinux Network Security
Linux Network Security
Amr Ali
 
hacking and crecjing
hacking and crecjinghacking and crecjing
hacking and crecjing
parth jasani
 
Introduction To Linux Security
Introduction To Linux SecurityIntroduction To Linux Security
Introduction To Linux Security
Michael Boman
 
How to-simulate-network-devices
How to-simulate-network-devicesHow to-simulate-network-devices
How to-simulate-network-devices
Susant Sahani
 
BackTrack 4 R2 - SFISSA Presentation
BackTrack 4 R2 - SFISSA PresentationBackTrack 4 R2 - SFISSA Presentation
BackTrack 4 R2 - SFISSA Presentation
Jorge Orchilles
 
Linux Virus
Linux VirusLinux Virus
Linux Virus
Akhil Kadangode
 

Recommended

Intro To Hacking
Intro To HackingIntro To Hacking
Intro To Hacking
nayakslideshare
 
Telehack: May the Command Line Live Forever
Telehack: May the Command Line Live ForeverTelehack: May the Command Line Live Forever
Telehack: May the Command Line Live Forever
Gregory Hanis
 
Linux Network Security
Linux Network SecurityLinux Network Security
Linux Network Security
Amr Ali
 
hacking and crecjing
hacking and crecjinghacking and crecjing
hacking and crecjing
parth jasani
 
Introduction To Linux Security
Introduction To Linux SecurityIntroduction To Linux Security
Introduction To Linux Security
Michael Boman
 
How to-simulate-network-devices
How to-simulate-network-devicesHow to-simulate-network-devices
How to-simulate-network-devices
Susant Sahani
 
BackTrack 4 R2 - SFISSA Presentation
BackTrack 4 R2 - SFISSA PresentationBackTrack 4 R2 - SFISSA Presentation
BackTrack 4 R2 - SFISSA Presentation
Jorge Orchilles
 
Linux Virus
Linux VirusLinux Virus
Linux Virus
Akhil Kadangode
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
Anton Chuvakin
 
Shutdown agent for_v_mware_esx
Shutdown agent for_v_mware_esxShutdown agent for_v_mware_esx
Shutdown agent for_v_mware_esx
moy725
 
Linux Vulnerabilities
Linux VulnerabilitiesLinux Vulnerabilities
Linux Vulnerabilities
SecurityTube.Net
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Eric Vanderburg
 
Know Your Worm (Conficker)
Know Your Worm (Conficker)Know Your Worm (Conficker)
Know Your Worm (Conficker)
avahe
 
Essential security for linux servers
Essential security for linux serversEssential security for linux servers
Essential security for linux servers
Juan Carlos Pérez Pardo
 
Conficker
ConfickerConficker
Conficker
emartinez.romero
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hacking
leminhvuong
 
How Microsoft will MiTM your network
How Microsoft will MiTM your networkHow Microsoft will MiTM your network
How Microsoft will MiTM your network
Brandon DeVault
 
Hacking and Computer Forensics
Hacking and Computer ForensicsHacking and Computer Forensics
Hacking and Computer Forensics
Kristian Arjianto
 
Unix Security
Unix SecurityUnix Security
Unix Security
replay21
 
Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoE
amiable_indian
 
snortinstallguide
snortinstallguidesnortinstallguide
snortinstallguide
Liễu Hồng
 
Shellshock bug
Shellshock bugShellshock bug
Shellshock bug
Raashid Muhammed
 
Conficker
ConfickerConficker
Conficker
Bobmathews
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
Narudom Roongsiriwong, CISSP
 
Backtrack Manual Part8
Backtrack Manual Part8Backtrack Manual Part8
Backtrack Manual Part8
Nutan Kumar Panda
 
Shell Shock (Bash Bug)
Shell Shock (Bash Bug)Shell Shock (Bash Bug)
Shell Shock (Bash Bug)
Kurapati Vishwak
 
MacOS forensics and anti-forensics (DC Lviv 2019) presentation
MacOS forensics and anti-forensics (DC Lviv 2019) presentationMacOS forensics and anti-forensics (DC Lviv 2019) presentation
MacOS forensics and anti-forensics (DC Lviv 2019) presentation
OlehLevytskyi1
 
Shellshock - A Software Bug
Shellshock - A Software BugShellshock - A Software Bug
Shellshock - A Software Bug
vwchu
 
An Introduction to Kerberos
An Introduction to KerberosAn Introduction to Kerberos
An Introduction to Kerberos
Shumon Huque
 
Biometric security using cryptography
Biometric security using cryptographyBiometric security using cryptography
Biometric security using cryptography
Sampat Patnaik
 

More Related Content

What's hot

Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
Anton Chuvakin
 
Shutdown agent for_v_mware_esx
Shutdown agent for_v_mware_esxShutdown agent for_v_mware_esx
Shutdown agent for_v_mware_esx
moy725
 
Linux Vulnerabilities
Linux VulnerabilitiesLinux Vulnerabilities
Linux Vulnerabilities
SecurityTube.Net
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Eric Vanderburg
 
Know Your Worm (Conficker)
Know Your Worm (Conficker)Know Your Worm (Conficker)
Know Your Worm (Conficker)
avahe
 
Essential security for linux servers
Essential security for linux serversEssential security for linux servers
Essential security for linux servers
Juan Carlos Pérez Pardo
 
Conficker
ConfickerConficker
Conficker
emartinez.romero
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hacking
leminhvuong
 
How Microsoft will MiTM your network
How Microsoft will MiTM your networkHow Microsoft will MiTM your network
How Microsoft will MiTM your network
Brandon DeVault
 
Hacking and Computer Forensics
Hacking and Computer ForensicsHacking and Computer Forensics
Hacking and Computer Forensics
Kristian Arjianto
 
Unix Security
Unix SecurityUnix Security
Unix Security
replay21
 
Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoE
amiable_indian
 
snortinstallguide
snortinstallguidesnortinstallguide
snortinstallguide
Liễu Hồng
 
Shellshock bug
Shellshock bugShellshock bug
Shellshock bug
Raashid Muhammed
 
Conficker
ConfickerConficker
Conficker
Bobmathews
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
Narudom Roongsiriwong, CISSP
 
Backtrack Manual Part8
Backtrack Manual Part8Backtrack Manual Part8
Backtrack Manual Part8
Nutan Kumar Panda
 
Shell Shock (Bash Bug)
Shell Shock (Bash Bug)Shell Shock (Bash Bug)
Shell Shock (Bash Bug)
Kurapati Vishwak
 
MacOS forensics and anti-forensics (DC Lviv 2019) presentation
MacOS forensics and anti-forensics (DC Lviv 2019) presentationMacOS forensics and anti-forensics (DC Lviv 2019) presentation
MacOS forensics and anti-forensics (DC Lviv 2019) presentation
OlehLevytskyi1
 
Shellshock - A Software Bug
Shellshock - A Software BugShellshock - A Software Bug
Shellshock - A Software Bug
vwchu
 

What's hot (20)

Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
 
Shutdown agent for_v_mware_esx
Shutdown agent for_v_mware_esxShutdown agent for_v_mware_esx
Shutdown agent for_v_mware_esx
 
Linux Vulnerabilities
Linux VulnerabilitiesLinux Vulnerabilities
Linux Vulnerabilities
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
 
Know Your Worm (Conficker)
Know Your Worm (Conficker)Know Your Worm (Conficker)
Know Your Worm (Conficker)
 
Essential security for linux servers
Essential security for linux serversEssential security for linux servers
Essential security for linux servers
 
Conficker
ConfickerConficker
Conficker
 
Module 8 System Hacking
Module 8 System HackingModule 8 System Hacking
Module 8 System Hacking
 
How Microsoft will MiTM your network
How Microsoft will MiTM your networkHow Microsoft will MiTM your network
How Microsoft will MiTM your network
 
Hacking and Computer Forensics
Hacking and Computer ForensicsHacking and Computer Forensics
Hacking and Computer Forensics
 
Unix Security
Unix SecurityUnix Security
Unix Security
 
Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoE
 
snortinstallguide
snortinstallguidesnortinstallguide
snortinstallguide
 
Shellshock bug
Shellshock bugShellshock bug
Shellshock bug
 
Conficker
ConfickerConficker
Conficker
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
 
Backtrack Manual Part8
Backtrack Manual Part8Backtrack Manual Part8
Backtrack Manual Part8
 
Shell Shock (Bash Bug)
Shell Shock (Bash Bug)Shell Shock (Bash Bug)
Shell Shock (Bash Bug)
 
MacOS forensics and anti-forensics (DC Lviv 2019) presentation
MacOS forensics and anti-forensics (DC Lviv 2019) presentationMacOS forensics and anti-forensics (DC Lviv 2019) presentation
MacOS forensics and anti-forensics (DC Lviv 2019) presentation
 
Shellshock - A Software Bug
Shellshock - A Software BugShellshock - A Software Bug
Shellshock - A Software Bug
 

Viewers also liked

An Introduction to Kerberos
An Introduction to KerberosAn Introduction to Kerberos
An Introduction to Kerberos
Shumon Huque
 
Biometric security using cryptography
Biometric security using cryptographyBiometric security using cryptography
Biometric security using cryptography
Sampat Patnaik
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
Hansa Nidushan
 
DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attack
stollen_fusion
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
Ahmed Ghazey
 
Network Security
Network SecurityNetwork Security
Network Security
Raymond Jose
 
Kerberos
KerberosKerberos
Kerberos
Sudeep Shouche
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
Amandeep Kaur
 
Biometric's final ppt
Biometric's final pptBiometric's final ppt
Biometric's final ppt
Ankita Vanage
 
Biometric Security advantages and disadvantages
Biometric Security advantages and disadvantagesBiometric Security advantages and disadvantages
Biometric Security advantages and disadvantages
Prabh Jeet
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
Colin058
 

Viewers also liked (11)

An Introduction to Kerberos
An Introduction to KerberosAn Introduction to Kerberos
An Introduction to Kerberos
 
Biometric security using cryptography
Biometric security using cryptographyBiometric security using cryptography
Biometric security using cryptography
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
 
DoS or DDoS attack
DoS or DDoS attackDoS or DDoS attack
DoS or DDoS attack
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
Network Security
Network SecurityNetwork Security
Network Security
 
Kerberos
KerberosKerberos
Kerberos
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Biometric's final ppt
Biometric's final pptBiometric's final ppt
Biometric's final ppt
 
Biometric Security advantages and disadvantages
Biometric Security advantages and disadvantagesBiometric Security advantages and disadvantages
Biometric Security advantages and disadvantages
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 

Similar to How hackers attack networks

Threats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxThreats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in Linux
Amitesh Bharti
 
Modul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptModul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.ppt
cemporku
 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdf
tehkotak4
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumeration
leminhvuong
 
Intrusion Techniques
Intrusion TechniquesIntrusion Techniques
Intrusion Techniques
Festival Software Livre
 
Server hardening
Server hardeningServer hardening
Server hardening
Teja Babu
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Need
amiable_indian
 
Technology to Stop Hackers
Technology to Stop Hackers Technology to Stop Hackers
Technology to Stop Hackers
Greater Noida Institute Of Technology
 
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad AlmajaliPresentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
webhostingguy
 
CEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical HackerCEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical Hacker
David Sweigert
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunick
amiable_indian
 
Penetration Testing Boot CAMP
Penetration Testing Boot CAMPPenetration Testing Boot CAMP
Penetration Testing Boot CAMP
Shaikh Jamal Uddin l CISM, QRadar, Hack Card Recovery Expert
 
Living off the land and fileless attack techniques
Living off the land and fileless attack techniquesLiving off the land and fileless attack techniques
Living off the land and fileless attack techniques
Symantec Security Response
 
Presentación1
Presentación1Presentación1
Presentación1
davidalbanc
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigations
Mukesh Chaudhari
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
Information Technology
 
Windows network security
Windows network securityWindows network security
Windows network security
Information Technology
 
Hacking
HackingHacking
Hacking
rameswara reddy venkat
 
Hacking
HackingHacking
Hacking
Roshan Chaudhary
 
Network security
Network securityNetwork security
Network security
Greater Noida Institute Of Technology
 

Similar to How hackers attack networks (20)

Threats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxThreats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in Linux
 
Modul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.pptModul 2 - Footprinting Scanning Enumeration.ppt
Modul 2 - Footprinting Scanning Enumeration.ppt
 
modul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdfmodul2-footprintingscanningenumeration.pdf
modul2-footprintingscanningenumeration.pdf
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumeration
 
Intrusion Techniques
Intrusion TechniquesIntrusion Techniques
Intrusion Techniques
 
Server hardening
Server hardeningServer hardening
Server hardening
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Need
 
Technology to Stop Hackers
Technology to Stop Hackers Technology to Stop Hackers
Technology to Stop Hackers
 
Presentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad AlmajaliPresentation Prepared By: Mohamad Almajali
Presentation Prepared By: Mohamad Almajali
 
CEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical HackerCEH v9 cheat sheet notes Certified Ethical Hacker
CEH v9 cheat sheet notes Certified Ethical Hacker
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunick
 
Penetration Testing Boot CAMP
Penetration Testing Boot CAMPPenetration Testing Boot CAMP
Penetration Testing Boot CAMP
 
Living off the land and fileless attack techniques
Living off the land and fileless attack techniquesLiving off the land and fileless attack techniques
Living off the land and fileless attack techniques
 
Presentación1
Presentación1Presentación1
Presentación1
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigations
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
 
Windows network security
Windows network securityWindows network security
Windows network security
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Network security
Network securityNetwork security
Network security
 

More from Adeel Javaid

Cybersecurity threat assessment manual
Cybersecurity threat assessment manualCybersecurity threat assessment manual
Cybersecurity threat assessment manual
Adeel Javaid
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applications
Adeel Javaid
 
Electronic voting system security
Electronic voting system securityElectronic voting system security
Electronic voting system security
Adeel Javaid
 
Cloud computing security and privacy
Cloud computing security and privacyCloud computing security and privacy
Cloud computing security and privacy
Adeel Javaid
 
Proposed pricing model for cloud computing
Proposed pricing model for cloud computingProposed pricing model for cloud computing
Proposed pricing model for cloud computing
Adeel Javaid
 
Wireless sensor networks software architecture
Wireless sensor networks software architectureWireless sensor networks software architecture
Wireless sensor networks software architecture
Adeel Javaid
 
What is ph d
What is ph dWhat is ph d
What is ph d
Adeel Javaid
 
How To Get a Good Job in Academia
How To Get a Good Job in AcademiaHow To Get a Good Job in Academia
How To Get a Good Job in Academia
Adeel Javaid
 
Secrets of success
Secrets of successSecrets of success
Secrets of success
Adeel Javaid
 
Smartphone healthcare
Smartphone healthcareSmartphone healthcare
Smartphone healthcare
Adeel Javaid
 
Share point presentation
Share point presentationShare point presentation
Share point presentation
Adeel Javaid
 
Project management
Project managementProject management
Project management
Adeel Javaid
 
Business continuity and disaster recovery
Business continuity and disaster recoveryBusiness continuity and disaster recovery
Business continuity and disaster recovery
Adeel Javaid
 
Inside the entreprenurial mind
Inside the entreprenurial mindInside the entreprenurial mind
Inside the entreprenurial mind
Adeel Javaid
 
Cloud architecture
Cloud architectureCloud architecture
Cloud architecture
Adeel Javaid
 
Template for marketing strategy
Template for marketing strategyTemplate for marketing strategy
Template for marketing strategy
Adeel Javaid
 
The toyota production system
The toyota production systemThe toyota production system
The toyota production system
Adeel Javaid
 
Channel marketing
Channel marketingChannel marketing
Channel marketing
Adeel Javaid
 
Tps and lean manufacturing
Tps and lean manufacturingTps and lean manufacturing
Tps and lean manufacturing
Adeel Javaid
 
Cloud security
Cloud securityCloud security
Cloud security
Adeel Javaid
 

More from Adeel Javaid (20)

Cybersecurity threat assessment manual
Cybersecurity threat assessment manualCybersecurity threat assessment manual
Cybersecurity threat assessment manual
 
Hacking web applications
Hacking web applicationsHacking web applications
Hacking web applications
 
Electronic voting system security
Electronic voting system securityElectronic voting system security
Electronic voting system security
 
Cloud computing security and privacy
Cloud computing security and privacyCloud computing security and privacy
Cloud computing security and privacy
 
Proposed pricing model for cloud computing
Proposed pricing model for cloud computingProposed pricing model for cloud computing
Proposed pricing model for cloud computing
 
Wireless sensor networks software architecture
Wireless sensor networks software architectureWireless sensor networks software architecture
Wireless sensor networks software architecture
 
What is ph d
What is ph dWhat is ph d
What is ph d
 
How To Get a Good Job in Academia
How To Get a Good Job in AcademiaHow To Get a Good Job in Academia
How To Get a Good Job in Academia
 
Secrets of success
Secrets of successSecrets of success
Secrets of success
 
Smartphone healthcare
Smartphone healthcareSmartphone healthcare
Smartphone healthcare
 
Share point presentation
Share point presentationShare point presentation
Share point presentation
 
Project management
Project managementProject management
Project management
 
Business continuity and disaster recovery
Business continuity and disaster recoveryBusiness continuity and disaster recovery
Business continuity and disaster recovery
 
Inside the entreprenurial mind
Inside the entreprenurial mindInside the entreprenurial mind
Inside the entreprenurial mind
 
Cloud architecture
Cloud architectureCloud architecture
Cloud architecture
 
Template for marketing strategy
Template for marketing strategyTemplate for marketing strategy
Template for marketing strategy
 
The toyota production system
The toyota production systemThe toyota production system
The toyota production system
 
Channel marketing
Channel marketingChannel marketing
Channel marketing
 
Tps and lean manufacturing
Tps and lean manufacturingTps and lean manufacturing
Tps and lean manufacturing
 
Cloud security
Cloud securityCloud security
Cloud security
 

Recently uploaded

Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Malak Abu Hammad
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Speck&Tech
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Zilliz
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
Zilliz
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 

Recently uploaded (20)

Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfUnlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalizationFull-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
 
Infrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI modelsInfrastructure Challenges in Scaling RAG with Custom AI models
Infrastructure Challenges in Scaling RAG with Custom AI models
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 

How hackers attack networks

  • 1. How Hackers Attack Networks Muhammad Adeel Javaid
  • 2. Common platforms for attacks   Windows 98/Me/XP Home Edition Linux, OpenBSD, Trinux, and other low-cost forms of UNIX
  • 3. Local and remote attacks   Local: Attacks performed with physical access to the machine Remote: Attacks launched over the network
  • 4. Why worry about local attacks on workstations?    Hackers can collect more information about a network and its users. Hackers can obtain the administrator password on a workstation, which can lead to server access. Spyware can be installed to gather more sensitive information.
  • 5. Common local attacks  Getting admin/root at the local machine  Windows Workstation: Rename or delete c:winntsystem32configSAM  Linux: at LILO prompt, type linux s  Cracking local passwords  L0phtcrack   (LC) Removing hard drive to install in another box Exploiting files or commands available upon login  C:Documents and SettingsAll UsersStart MenuProgramsStartup  Registry commands, such as adding users
  • 6. Cracking over the network: A four-step program 1. 2. 3. 4. Footprinting Scanning and enumerating Researching Exploiting
  • 7. Footprinting Finding out what an organization owns:  Find the network block.  Ping the network broadcast address.
  • 8. Scanning and enumerating    What services are running? What accounts exist? How are things set up?
  • 9. Scanning and enumerating: Methods and tools  Port scanning   Sniffing   Nmap ngrep SNMP  Solarwinds  Null session   NBTenum Nbtdump
  • 10. Scanning and enumerating: Methods and tools (cont.)  Null session    NBTenum Nbtdump NetBIOS browsing   Netview Legion  Vulnerability scanners    Nessus Winfingerprint LANGuard
  • 11. Researching Researching security sites and hacker sites can reveal exploits that will work on the systems discovered during scanning and enumerating.      http://www.securityfocus.com/ http://www.networkice.com/advice/Exploits/Ports http://www.hackingexposed.com http://www.ntsecurity.net/ http://www.insecure.org/
  • 13. Countering hackers  Port scanning     Block all ports except those you need Block ICMP if practical NT: IPsec; Linux: iptables Sniffing    Use switched media Use encrypted protocols Use fixed ARP entries
  • 14. Countering hackers (cont.)  Null  sessions Set the following registry value to 2 [HKEY_LOCAL_MACHINESYSTEMCurren tControlSetControlLsaRestrictAnonymous]  Use   IDS Snort BlackICE
  • 15. Identifying attacks     On Windows, check the event log under Security. On Linux, check in /var/log/. Review IIS logs at winntsystem32LogFiles. Check Apache logs at /var/log/httpd.
  • 16. Administrative shares:    Make life easier for system admins. Can be exploited if a hacker knows the right passwords. Standard admin shares:    Admin$ IPC$ C$ (and any other drive in the box)
  • 17. Control the target  Establish connection with target host.    Use Computer Management in MMC or Regedit to change system settings. Start Telnet session.   net use se-x-xipc$ /u:se-x-xadministrator at se-x-x 12:08pm net start telnet Turning off file sharing thwarts these connections.
  • 18. Counters to brute force/dictionary attacks  Use good passwords.      Use account lockouts. Limit services.   No dictionary words Combination of alpha and numeric characters At least eight-character length If you don’t need, it turn it off. Limit scope.
  • 19. Buffer overflow Cracker sends more data then the buffer can handle, at the end of which is the code he or she wants executed. Code Allotted space on stack Code Data sent Stack smashed; Egg may be run.
  • 20. Hacker = Man in the middle
  • 21. Sniffing on local networks    On Ethernet without a switch, all traffic is sent to all computers. Computers with their NIC set to promiscuous mode can see everything that is sent on the wire. Common protocols like FTP, HTTP, SMTP, and POP3 are not encrypted, so you can read the passwords as plain text.
  • 22. Sniffing: Switched networks    Switches send data only to target hosts. Switched networks are more secure. Switches speed up the network.
  • 23. ARP Spoofing Hackers can use programs like arpspoof to change the identify of a host on the network and thus receive traffic not intended for them.
  • 24. ARP spoofing steps 1. Set your machine to forward packets: Linux: echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv4/ip_forward BSD: sysctl -w net.inet.ip.forwarding=1 2. Start arpspoofing (using two terminal windows) arpspoof -t 149.160.x.x 149.160.y.y arpspoof -t 149.160.y.y 149.160.x.x 3. Start sniffing ngrep host 149.160.x.x | less OR Dsniff | less
  • 25. Counters to ARP spoofing   Static ARP tables ARPWatch  Platforms: AIX, BSDI, DG-UX, FreeBSD, HP-UX, IRIX, Linux, NetBSD, OpenBSD, SCO, Solaris, SunOS, True64 UNIX, Ultrix, UNIX
  • 26. IP spoofing:     Fakes your IP address. Misdirects attention. Gets packets past filters. Confuses the network.
  • 27. DoS Denial of service attacks make it slow or impossible for legitimate users to access resources.  Consume resources    Drive space Processor time Consume Bandwidth   Smurf attack DDoS
  • 28. SYN flooding   Numerous SYN packets are transmitted, thus tying up connections. Spoofing IP prevents tracing back to source.
  • 29. Smurf attack    Ping requests are sent to the broadcast address of a Subnet with a spoofed packet pretending to be the target. All the machines on the network respond by sending replies to the target. Someone on a 56K line can flood a server on a T1 by using a network with a T3 as an amplifier.  Example command: nemesis-icmp -I 8 -S 149.160.26.29 -D 149.160.31.255
  • 30. Distributed denial of service Use agents (zombies) on computers connected to the Internet to flood targets. Client Master Agent Agent Master Agent Target Master Agent Agent
  • 31. Common DDoS zombie tools: Trinoo  TFN  Stacheldraht  Troj_Trinoo  Shaft Sniff the network to detect them or use ZombieZapper from Razor Team to put them back in their graves. 