SlideShare a Scribd company logo

php&mysql with Ethical Hacking

Download as DOC, PDF
BCET
BCET

The document is a summer training report submitted by Saikat Das, who completed training in Developing Dynamic Web Application with MYSQL and PHP (Part A), and Introduction to Security and Ethical Hacking (Part B). For Part A, the training covered topics like installing WAMP, using PHP and MySQL to build dynamic websites, managing databases and queries. For Part B, the training discussed the importance of security, threats/attacks, hardening systems, and ethical hacking techniques. The report provides details of the course agenda, concepts, and commands covered during the training.

Education
1 of 26
SUMMER TRAINNING REPORT TOPIC :- 1. Developing Dynamic Web Application with MYSQL and PHP. 2. Introduction to Security and Ethical Hacking. STUDENT’S DETAIL’S :- NAME : Saikat Das ROLL NO : 74037309 DEPT : Information Technology. TRAINNING INSTITUTE : NIIT Limited ( Camac Street,Kolkata-17)
[PART–A] .Developing Dynamic Web Application with. .MYSQL and PHP. Objective:-[ course status – under progress] This instructor-led training is for planning on developing application that makes use of MYSQL and PHP . Implementation of PHP and MYSQL as a cohesive platform for the development of complex dynamic web application. [PART-B] .Introduction to Security and Ethical Hacking. Objective:- [course status – complete] Importance of implementing security in order to protect and safeguard the IT resources of an enterprise. basic aspect is associated with implementing security ,common threats and various attacks .the concept of ethical hacking and various type of hacking techniques.
[Part–A] Course Agenda – 1. Verify the correct installation of the WAMP component. 2. Utilize the basic components of PHP to build a foundation for more complex Web application. 3. Understand the basic components of MySQL to build a foundation for the development of fully dynamic and data driven sites. 4. Manage Database and tables within MySQL. 5. Utilize SQL query commands and SQL expression to retrieve data (using join operation) from the MySQL Database. 6. Manipulate table data using the SQL DML commands. 7. Utilize session , error and exception handling within PHP during program execution. 8. Integrate PHP’s object orient programming functionality into design of web application.
9. Securing PHP and MySQL to improve the integrity of application and subsequent data. WAMP ::: WAMP refers to a solution stack of software , usually free and open source software, used to run dynamic Web sites or servers. The original expansion is as follows: W => Windows => Operating System A => Apache => Web server M => MySQL => Database Management System P => PHP => Scripting language PHP What is PHP ? PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Example <body>
<?php phpinfo(); ?> </body> Feature of PHP  PHP can be used on all major operating systems.  PHP has also support for most of the web servers today.  you also have the choice of using procedural programming or object oriented programming, or a mixture of them.  It supports a wide range of Databases. PHP tags ::: Tag style Start tag End tag Standard tag <?php ?>
Short tag <? ?> ASP tag <% %? Script tags <script </script> language=”php” > PHP Data type ::: Scalar Data types Scalar Data Type is identified as being able to hold one value at a time. In PHP there are four types of scalar data 1) Boolean : for that there is only two value True(1) & False(0). Default set as True(1). 2) Integer : It is a whole numeric value , not contain any fraction. 3) Float : Float point numbers are any number. 4) String : It is series of characters that are associate with each order in a defined manner. Compound Data Types Its allow s for multiple values to be associated with single entity. 1) Arrays : Series of same type of values that are assigned to individual variable with each individual value being referenced with unique identifier.
2) Object : It is the key to the object oriented programming . it can thought as Black Box. Special Data Types 1) Resources : PHP can interact with some external data sources; 2)Null : Null does not mean a blank space or zero, it truly mean no value . Flow Control loop ::: ‘If…else’…’else if’ >> if statement to be valid is if(condition) true . Syntax …… if(test_condition){ … statement… }else if (test_condition2){ …statement2… }else { …statement3…}; Switch >> It works on the principle of comparing a give value with specified constant and acting upon the first constant that is matched. Syntax …… switch(variable){ Case option1 :
…statement…. Break; Case option2: …statement… Break; Default: …statement… }; While >> It is the simplest of all the iterative control statement. Statement is repeated as long as condition remains true. Syntax …… while(expression){ …statement… }; Do while >> It is same as while loop . But here first statement is executed then condition is checked. Syntax …… do{ …statement… }while (expression); For >> It is more complex sibling of while function. It provide three expressions. It help to repeat the loop. Syntax …… for(condition1 ; condition2 ; condition3) { … statement … } Foreach >> It is the iterative control statement that is designed specifically for handling array.
Syntax …… Foreach (array_expression as $value) { … statement… } Break and continue >> It used to manually interrupting the flow of the loops. Define a variable :::: In PHP , all variables are identified by $ symbol. Example …… <?php $a=”Hello” ; $b=”World”; ?> To Display statement & variable :::: In PHP you can use any function to display the all statement and print the value of the variable. To understand more see the example. Example …… <?php print(`<p>Its print function</p>`) ; Print `<p> Display variable` .$var. `in php</p>`; Echo ”<p>Its also print string</p>”; Printf(`<p> %d Euro = $%01.2f US Dollar</p>`,1,1.3);
Function ::::: In PHP we can also create our own function. Its called user define function. Syntax …… function function name( $argu1, $argu2 ) { // function code here } Define an Array :::: array is a list of variable. It contains multiple elements indexed by numbers or strings. There are two way to make a array , $arrayname = array (“Raja”,”Rohan”,”Rohit”); $arrayname[0]=”Raja”; $arrayname[1]=”Rohan”; $arrayname[2]=”Rohit”; Join an array :::: Join array elements with a glue string. $array = array('Rohit', 'Sharma', 'Kolkata'); $comma_separated = join(",", $array); echo $comma_separated; // output will be “Rohit , Sharma , Kolkata”
To replace a string :::: Replace all occurrences of the search string with the replacement string. Syntax …… str_replace ( $search , $replace , $subject) To repeat a string :::: string str_repeat ( string $input , int $multiplier ) connecting to MySQL :::: Mysql_connect() function is used to established an initial connection to the mysql server. Syntax …… mysql_connect ( [hostname [:port] [:/path/to/socket] [,username] [,password] ]) Databases connect :::: Syntax…… mysql_select_db($db_name,$link_id) or die(“could not found”); Querying Mysql ::::
Syntax….. $query_results=mysql_query($query,$link_id); Display the query :::: Syntax…… mysql_result($query_results,$row_id, $column_name); Authentication ::::
MySQL How MySQL works ?? Parse Optimize Retrieve store Pluggable Storage Engines When we enter a query to the query browser, then 1st the query is checked by the parse to find the syntax error. After that optimize the query. Then the data retrieve from the database with the help of pluggable storage engines. Basically engines fetch the data. There are different storage engines available . • MyISAM • InnoDB • Memory • NDB
IMPOTANT COMMANDS … … … … … … … … To see database :::: show databases ; To create databases :::: create database db_name; To use databases :::: use db_name; To delete databases :::: drop database db_name; To display database structure :::: show create database db_nameG; To create table :::: create table <table name>( <column name><column type>[<column option>], <column name><column type>[<column option>],…,] [<index list>])[<table option>]; To display table creation information :::: Show create table <table name>G; To Altering column :::: Alter table <table name> add <column name> <column type> [<column option>]; drop <column name>;
modify <new column name><column type>[<option>]; change <old column><new column><column type> [<new column option>]; To rename a table :::: rename table <old name> to <new name>; To see the contain of the table :::: Select [<clause option>] <column list > [from] <table name> [<clause option >]; Clauses Definition DISTINCT Eliminates duplicate row FROM Specifies from where to retrieve the data WHERE Decides what data to show ODER BY Sorts data by specific order criteria LIMIT Reduces the amount of records recive
Object Oriented PHP  PHP treats objects in the same way as references or handles, meaning that each variable contains an object reference rather than a copy of the entire object.  Two terms are often heard when discussing OOP are class and object.A class is essentially a description of an object , while an object is an instance of that class. Working with Objects o The methods in a class represent either things that an object can do itself,or that another object can cause the class to do.
o Method and properties can be declared one of the three ways:-public,private,or protected.  Class: Every class definition begins with the keyword class, followed by a class name, followed by a pair of curly braces which enclose the definitions of the class's properties and methods. A class may contain its own constants,variables and functions. Class declaration :::: <?php class SimpleClass{ // property declaration public $var = 'a default value'; // method declaration public function displayVar() { echo $this->var; }} ?> New ::::: To create an instance of a class, a new object must be created and assigned to a variable. An object will
always be assigned when creating a new object unless the object has a constructor defined that throws an exception on error. Classes should be defined before instantiation (and in some cases this is a requirement). Creating an instance <?php $instance = new SimpleClass(); ?> PHP Configurations The first step in any process of securing an application is checking the configuration components that the software is running under. Running PHP in Safe Mode When running PHP in a shared server environment,the use of safe mode needs to be considered and when possible implemented. • Safe mode-When this mode is set to 1(on),the following condition apply: Input/output functions
External scripts UserID with Authentication MySQL User Data Encryption: Data encryption is the process of scrambling stored or transmitted information so that it is unintelligible until it is unscrambled by the intended recipient.The following are a list of common encryption function in PHP. • md5():-The md5() function returns a 128-bit hash that can then be then be stored with the ultimate outcome of comparing it for security purposes. Example of an encryption …….. <?php $string=”I am A big FanofIce Cream”: $string_md5=md5($string);
If(md5($string)=$string_md5) { Print “$string=md5($string_md5)”; } ?> Will print: I am A big FanofIce Cream = md5(673d924425c45b1f221fdfcbe21 60cf) Securing the MySQL Server(mysqld) • MySQL process must run under a unique UID/GID that is not used by any other system process. • MySQL root’s account must be protected by a hard to guess password. • The administrator’s account should be renamed. MySQL Access Privelege System:
shell>mysql –user=<username> --password=<password> db-name [Part–B] Course Agenda – 1.Identify the importance of implementing security(building blocks) in an enterprise. 2.Understand cryptographic security. 3.Various threats and attacks against hardware,software and network. 4.Understanding the importance of hardening. 5.Inside out of an enterprise work. 6.Best practices that should be adopted to secure various services and system. 7.Concept of hacking and ethical hacking. 8.Identyfy the types of hackers and their techniques.
Module1:-Security –The key to Protection. 1 . Ever-increasing need to secure information accessed over the network for data. 2. Information security seeks to protect the following three specific element:- CONFIDENTIALITY,INTEGRITY,and AVAILABILITY. 3. Major authentication method in use today:- User name and password authentication, Token authentication, biometric authentication. 4. Cryptography is the science of hiding or encrypting information. 5. Certificate-based security involves the use of digital certificates.
6. A security policy is formalized statement that defines how security will be implemented with a particular organization. Module2:- Identifying Threats and Attacks. 1. To secure IT infrastructure against various threats like --Unauthorized access, Data theft, Hacking. 2. Hackers can use social engineering, a hacking technique that exploits user’s trust and use physical method and psychological tricks, to collect information. 3. Different social engineering techniques- Impersonation, Bribery, Deception, Conformity. 4. A network attack is a type of attack that is targeted towards getting access to and breaking into a network to disrupt the network connectivity and delay access to the network.
5.A hardware attack is an attack that targets a computer’s physical components and peripherals such as hard disk, mother board, keyboard, network cable or USB device. Module3:- Hardening Internal System and services. 1. Hardening is a general term for any security procedure wherin the default configuration of a system is configured to prevent attacks. 2. Few common operating system vulnerabilities: Default Install, Default Accounts, Built-in Application, Physical Access. 3. A directory service is a network that stores information about all the objects, such as user’s groups, servers client computers, printers and network services in a particular network. 4. It is extremely important to protect the company’s Web servers from attack.
5.Most of the attacks target public service network,commercial networks and website. Module4:-Hacking and the Ethics Involved. 1. Hacking refers to the practice of breaking into information systems. 2. Ethics are principles that distinguish between right and wrong. 3. System administrator use hacking to check security gaps in networks and software products. 4. Eathical hacking is a combination of integrity, transparency and independence. 5. Ethical hacking of networks and systems should be performed on a regular basis, to detect new
vulnerabilities and possible breach of security or hacking attempts. 6. To hack a system ,hackers have to first find possible security gaps and vulnerabilities with in the system. 7.Common techniques:-Sniffing attacks, Scanning, Reconnaissance, Internet foot printing , Pharming.

Recommended

Javascript
JavascriptJavascript
Javascriptmussawir20
 
Oop concepts in python
Oop concepts in pythonOop concepts in python
Oop concepts in pythonbaabtra.com - No. 1 supplier of quality freshers
 
Javascript 101
Javascript 101Javascript 101
Javascript 101Shlomi Komemi
 
eXo SEA - JavaScript Introduction Training
eXo SEA - JavaScript Introduction TrainingeXo SEA - JavaScript Introduction Training
eXo SEA - JavaScript Introduction TrainingHoat Le
 
Javascript Basics
Javascript BasicsJavascript Basics
Javascript Basicsmsemenistyi
 
JavaScript Tutorial
JavaScript TutorialJavaScript Tutorial
JavaScript TutorialBui Kiet
 
Intro to Javascript
Intro to JavascriptIntro to Javascript
Intro to JavascriptAnjan Banda
 
Fnt Software Solutions Pvt Ltd Placement Papers - PHP Technology
Fnt Software Solutions Pvt Ltd Placement Papers - PHP TechnologyFnt Software Solutions Pvt Ltd Placement Papers - PHP Technology
Fnt Software Solutions Pvt Ltd Placement Papers - PHP Technologyfntsofttech
 

Recommended

Javascript
JavascriptJavascript
Javascriptmussawir20
 
Oop concepts in python
Oop concepts in pythonOop concepts in python
Oop concepts in pythonbaabtra.com - No. 1 supplier of quality freshers
 
Javascript 101
Javascript 101Javascript 101
Javascript 101Shlomi Komemi
 
eXo SEA - JavaScript Introduction Training
eXo SEA - JavaScript Introduction TrainingeXo SEA - JavaScript Introduction Training
eXo SEA - JavaScript Introduction TrainingHoat Le
 
Javascript Basics
Javascript BasicsJavascript Basics
Javascript Basicsmsemenistyi
 
JavaScript Tutorial
JavaScript TutorialJavaScript Tutorial
JavaScript TutorialBui Kiet
 
Intro to Javascript
Intro to JavascriptIntro to Javascript
Intro to JavascriptAnjan Banda
 
Fnt Software Solutions Pvt Ltd Placement Papers - PHP Technology
Fnt Software Solutions Pvt Ltd Placement Papers - PHP TechnologyFnt Software Solutions Pvt Ltd Placement Papers - PHP Technology
Fnt Software Solutions Pvt Ltd Placement Papers - PHP Technologyfntsofttech
 
Java fundamentals
Java fundamentalsJava fundamentals
Java fundamentalsHCMUTE
 
PHP Web Programming
PHP Web ProgrammingPHP Web Programming
PHP Web ProgrammingMuthuselvam RS
 
Object oriented programming with python
Object oriented programming with pythonObject oriented programming with python
Object oriented programming with pythonArslan Arshad
 
Handout - Introduction to Programming
Handout - Introduction to ProgrammingHandout - Introduction to Programming
Handout - Introduction to ProgrammingCindy Royal
 
Parte II Objective C
Parte II Objective CParte II Objective C
Parte II Objective CPaolo Quadrani
 
Fantastic DSL in Python
Fantastic DSL in PythonFantastic DSL in Python
Fantastic DSL in Pythonkwatch
 
iPhone Seminar Part 2
iPhone Seminar Part 2iPhone Seminar Part 2
iPhone Seminar Part 2NAILBITER
 
Javascript essentials
Javascript essentialsJavascript essentials
Javascript essentialsBedis ElAchèche
 
Fundamental JavaScript [UTC, March 2014]
Fundamental JavaScript [UTC, March 2014]Fundamental JavaScript [UTC, March 2014]
Fundamental JavaScript [UTC, March 2014]Aaron Gustafson
 
Twig Brief, Tips&Tricks
Twig Brief, Tips&TricksTwig Brief, Tips&Tricks
Twig Brief, Tips&TricksAndrei Burian
 
3.1 javascript objects_DOM
3.1 javascript objects_DOM3.1 javascript objects_DOM
3.1 javascript objects_DOMJalpesh Vasa
 
Chap1introppt2php(finally done)
Chap1introppt2php(finally done)Chap1introppt2php(finally done)
Chap1introppt2php(finally done)monikadeshmane
 
Object Oriented PHP5
Object Oriented PHP5Object Oriented PHP5
Object Oriented PHP5Jason Austin
 
IO Streams, Files and Directories
IO Streams, Files and DirectoriesIO Streams, Files and Directories
IO Streams, Files and DirectoriesKrasimir Berov (Красимир Беров)
 
Scalar data types
Scalar data typesScalar data types
Scalar data typesKrasimir Berov (Красимир Беров)
 
Clojure 7-Languages
Clojure 7-LanguagesClojure 7-Languages
Clojure 7-LanguagesPierre de Lacaze
 
AutoIt for the rest of us - handout
AutoIt for the rest of us - handoutAutoIt for the rest of us - handout
AutoIt for the rest of us - handoutBecky Yoose
 
Programming in Computational Biology
Programming in Computational BiologyProgramming in Computational Biology
Programming in Computational BiologyAtreyiB
 
Php & my sql
Php & my sqlPhp & my sql
Php & my sqlNorhisyam Dasuki
 
PHP Powerpoint -- Teach PHP with this
PHP Powerpoint -- Teach PHP with thisPHP Powerpoint -- Teach PHP with this
PHP Powerpoint -- Teach PHP with thisIan Macali
 
PHP Reviewer
PHP ReviewerPHP Reviewer
PHP ReviewerCecilia Pamfilo
 
lab4_php
lab4_phplab4_php
lab4_phptutorialsruby
 

More Related Content

What's hot

Java fundamentals
Java fundamentalsJava fundamentals
Java fundamentalsHCMUTE
 
Object oriented programming with python
Object oriented programming with pythonObject oriented programming with python
Object oriented programming with pythonArslan Arshad
 
Handout - Introduction to Programming
Handout - Introduction to ProgrammingHandout - Introduction to Programming
Handout - Introduction to ProgrammingCindy Royal
 
Fantastic DSL in Python
Fantastic DSL in PythonFantastic DSL in Python
Fantastic DSL in Pythonkwatch
 
iPhone Seminar Part 2
iPhone Seminar Part 2iPhone Seminar Part 2
iPhone Seminar Part 2NAILBITER
 
Fundamental JavaScript [UTC, March 2014]
Fundamental JavaScript [UTC, March 2014]Fundamental JavaScript [UTC, March 2014]
Fundamental JavaScript [UTC, March 2014]Aaron Gustafson
 
Twig Brief, Tips&Tricks
Twig Brief, Tips&TricksTwig Brief, Tips&Tricks
Twig Brief, Tips&TricksAndrei Burian
 
3.1 javascript objects_DOM
3.1 javascript objects_DOM3.1 javascript objects_DOM
3.1 javascript objects_DOMJalpesh Vasa
 
Chap1introppt2php(finally done)
Chap1introppt2php(finally done)Chap1introppt2php(finally done)
Chap1introppt2php(finally done)monikadeshmane
 
Object Oriented PHP5
Object Oriented PHP5Object Oriented PHP5
Object Oriented PHP5Jason Austin
 
AutoIt for the rest of us - handout
AutoIt for the rest of us - handoutAutoIt for the rest of us - handout
AutoIt for the rest of us - handoutBecky Yoose
 
Programming in Computational Biology
Programming in Computational BiologyProgramming in Computational Biology
Programming in Computational BiologyAtreyiB
 
PHP Powerpoint -- Teach PHP with this
PHP Powerpoint -- Teach PHP with thisPHP Powerpoint -- Teach PHP with this
PHP Powerpoint -- Teach PHP with thisIan Macali
 

What's hot (20)

Java fundamentals
Java fundamentalsJava fundamentals
Java fundamentals
 
PHP Web Programming
PHP Web ProgrammingPHP Web Programming
PHP Web Programming
 
Object oriented programming with python
Object oriented programming with pythonObject oriented programming with python
Object oriented programming with python
 
Handout - Introduction to Programming
Handout - Introduction to ProgrammingHandout - Introduction to Programming
Handout - Introduction to Programming
 
Parte II Objective C
Parte II Objective CParte II Objective C
Parte II Objective C
 
Fantastic DSL in Python
Fantastic DSL in PythonFantastic DSL in Python
Fantastic DSL in Python
 
iPhone Seminar Part 2
iPhone Seminar Part 2iPhone Seminar Part 2
iPhone Seminar Part 2
 
Javascript essentials
Javascript essentialsJavascript essentials
Javascript essentials
 
Fundamental JavaScript [UTC, March 2014]
Fundamental JavaScript [UTC, March 2014]Fundamental JavaScript [UTC, March 2014]
Fundamental JavaScript [UTC, March 2014]
 
Twig Brief, Tips&Tricks
Twig Brief, Tips&TricksTwig Brief, Tips&Tricks
Twig Brief, Tips&Tricks
 
3.1 javascript objects_DOM
3.1 javascript objects_DOM3.1 javascript objects_DOM
3.1 javascript objects_DOM
 
Chap1introppt2php(finally done)
Chap1introppt2php(finally done)Chap1introppt2php(finally done)
Chap1introppt2php(finally done)
 
Object Oriented PHP5
Object Oriented PHP5Object Oriented PHP5
Object Oriented PHP5
 
IO Streams, Files and Directories
IO Streams, Files and DirectoriesIO Streams, Files and Directories
IO Streams, Files and Directories
 
Scalar data types
Scalar data typesScalar data types
Scalar data types
 
Clojure 7-Languages
Clojure 7-LanguagesClojure 7-Languages
Clojure 7-Languages
 
AutoIt for the rest of us - handout
AutoIt for the rest of us - handoutAutoIt for the rest of us - handout
AutoIt for the rest of us - handout
 
Programming in Computational Biology
Programming in Computational BiologyProgramming in Computational Biology
Programming in Computational Biology
 
Php & my sql
Php & my sqlPhp & my sql
Php & my sql
 
PHP Powerpoint -- Teach PHP with this
PHP Powerpoint -- Teach PHP with thisPHP Powerpoint -- Teach PHP with this
PHP Powerpoint -- Teach PHP with this
 

Similar to php&mysql with Ethical Hacking

PHP Course (Basic to Advance)
PHP Course (Basic to Advance)PHP Course (Basic to Advance)
PHP Course (Basic to Advance)Coder Tech
 
Python: an introduction for PHP webdevelopers
Python: an introduction for PHP webdevelopersPython: an introduction for PHP webdevelopers
Python: an introduction for PHP webdevelopersGlenn De Backer
 
PHP - Introduction to PHP - Mazenet Solution
PHP - Introduction to PHP - Mazenet SolutionPHP - Introduction to PHP - Mazenet Solution
PHP - Introduction to PHP - Mazenet SolutionMazenetsolution
 
Php interview-questions and answers
Php interview-questions and answersPhp interview-questions and answers
Php interview-questions and answerssheibansari
 
Php 101 by David Menendez
Php 101 by David MenendezPhp 101 by David Menendez
Php 101 by David Menendezdm09f
 
Php interview questions
Php interview questionsPhp interview questions
Php interview questionssekar c
 
Php intro by sami kz
Php intro by sami kzPhp intro by sami kz
Php intro by sami kzsami2244
 

Similar to php&mysql with Ethical Hacking (20)

PHP Reviewer
PHP ReviewerPHP Reviewer
PHP Reviewer
 
lab4_php
lab4_phplab4_php
lab4_php
 
lab4_php
lab4_phplab4_php
lab4_php
 
PHP - Web Development
PHP - Web DevelopmentPHP - Web Development
PHP - Web Development
 
Php
PhpPhp
Php
 
PHP
PHPPHP
PHP
 
Training on php by cyber security infotech (csi)
Training on php by cyber security infotech (csi)Training on php by cyber security infotech (csi)
Training on php by cyber security infotech (csi)
 
PHP Course (Basic to Advance)
PHP Course (Basic to Advance)PHP Course (Basic to Advance)
PHP Course (Basic to Advance)
 
Python: an introduction for PHP webdevelopers
Python: an introduction for PHP webdevelopersPython: an introduction for PHP webdevelopers
Python: an introduction for PHP webdevelopers
 
unit 1.pptx
unit 1.pptxunit 1.pptx
unit 1.pptx
 
PHP - Introduction to PHP - Mazenet Solution
PHP - Introduction to PHP - Mazenet SolutionPHP - Introduction to PHP - Mazenet Solution
PHP - Introduction to PHP - Mazenet Solution
 
Php interview-questions and answers
Php interview-questions and answersPhp interview-questions and answers
Php interview-questions and answers
 
Php 101 by David Menendez
Php 101 by David MenendezPhp 101 by David Menendez
Php 101 by David Menendez
 
Php
PhpPhp
Php
 
Php interview questions
Php interview questionsPhp interview questions
Php interview questions
 
Php intro by sami kz
Php intro by sami kzPhp intro by sami kz
Php intro by sami kz
 
js.pptx
js.pptxjs.pptx
js.pptx
 
Introduction to php basics
Introduction to php basicsIntroduction to php basics
Introduction to php basics
 
Php1
Php1Php1
Php1
 
Php i basic chapter 3
Php i basic chapter 3Php i basic chapter 3
Php i basic chapter 3
 

More from BCET

Lect11 clipping in3d
Lect11 clipping in3dLect11 clipping in3d
Lect11 clipping in3dBCET
 
Lect9 transformation3d
Lect9 transformation3dLect9 transformation3d
Lect9 transformation3dBCET
 
Lect8 viewing in3d&transformation
Lect8 viewing in3d&transformationLect8 viewing in3d&transformation
Lect8 viewing in3d&transformationBCET
 
Lect7 viewing in2d
Lect7 viewing in2dLect7 viewing in2d
Lect7 viewing in2dBCET
 
Lect6 transformation2d
Lect6 transformation2dLect6 transformation2d
Lect6 transformation2dBCET
 
Lect5 filling color_models
Lect5 filling color_modelsLect5 filling color_models
Lect5 filling color_modelsBCET
 
Lect4 ellipse
Lect4 ellipseLect4 ellipse
Lect4 ellipseBCET
 
Lect2 scan convertinglines
Lect2 scan convertinglinesLect2 scan convertinglines
Lect2 scan convertinglinesBCET
 
Lect3 bresenham circlesandpolygons
Lect3 bresenham circlesandpolygonsLect3 bresenham circlesandpolygons
Lect3 bresenham circlesandpolygonsBCET
 
Lect2 scan convertinglines
Lect2 scan convertinglinesLect2 scan convertinglines
Lect2 scan convertinglinesBCET
 
Light pens
Light pensLight pens
Light pensBCET
 
Lcd
LcdLcd
LcdBCET
 
Graphics inputdevices
Graphics inputdevicesGraphics inputdevices
Graphics inputdevicesBCET
 
Crt
CrtCrt
CrtBCET
 
Colour models
Colour modelsColour models
Colour modelsBCET
 
Cathode ray tube
Cathode ray tubeCathode ray tube
Cathode ray tubeBCET
 
Plasma display pannel
Plasma display pannelPlasma display pannel
Plasma display pannelBCET
 

More from BCET (17)

Lect11 clipping in3d
Lect11 clipping in3dLect11 clipping in3d
Lect11 clipping in3d
 
Lect9 transformation3d
Lect9 transformation3dLect9 transformation3d
Lect9 transformation3d
 
Lect8 viewing in3d&transformation
Lect8 viewing in3d&transformationLect8 viewing in3d&transformation
Lect8 viewing in3d&transformation
 
Lect7 viewing in2d
Lect7 viewing in2dLect7 viewing in2d
Lect7 viewing in2d
 
Lect6 transformation2d
Lect6 transformation2dLect6 transformation2d
Lect6 transformation2d
 
Lect5 filling color_models
Lect5 filling color_modelsLect5 filling color_models
Lect5 filling color_models
 
Lect4 ellipse
Lect4 ellipseLect4 ellipse
Lect4 ellipse
 
Lect2 scan convertinglines
Lect2 scan convertinglinesLect2 scan convertinglines
Lect2 scan convertinglines
 
Lect3 bresenham circlesandpolygons
Lect3 bresenham circlesandpolygonsLect3 bresenham circlesandpolygons
Lect3 bresenham circlesandpolygons
 
Lect2 scan convertinglines
Lect2 scan convertinglinesLect2 scan convertinglines
Lect2 scan convertinglines
 
Light pens
Light pensLight pens
Light pens
 
Lcd
LcdLcd
Lcd
 
Graphics inputdevices
Graphics inputdevicesGraphics inputdevices
Graphics inputdevices
 
Crt
CrtCrt
Crt
 
Colour models
Colour modelsColour models
Colour models
 
Cathode ray tube
Cathode ray tubeCathode ray tube
Cathode ray tube
 
Plasma display pannel
Plasma display pannelPlasma display pannel
Plasma display pannel
 

Recently uploaded

Industrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training ReportIndustrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training ReportAvinash Rai
 
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...Nguyen Thanh Tu Collection
 
Keeping Your Information Safe with Centralized Security Services
Keeping Your Information Safe with Centralized Security ServicesKeeping Your Information Safe with Centralized Security Services
Keeping Your Information Safe with Centralized Security ServicesTechSoup
 
How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17Celine George
 
Research Methods in Psychology | Cambridge AS Level | Cambridge Assessment In...
Research Methods in Psychology | Cambridge AS Level | Cambridge Assessment In...Research Methods in Psychology | Cambridge AS Level | Cambridge Assessment In...
Research Methods in Psychology | Cambridge AS Level | Cambridge Assessment In...Abhinav Gaur Kaptaan
 
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfINU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfbu07226
 
How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17Celine George
 
Basic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersBasic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersPedroFerreira53928
 
Salient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxSalient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxakshayaramakrishnan21
 
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General QuizPragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General QuizPragya - UEM Kolkata Quiz Club
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXMIRIAMSALINAS13
 
The impact of social media on mental health and well-being has been a topic o...
The impact of social media on mental health and well-being has been a topic o...The impact of social media on mental health and well-being has been a topic o...
The impact of social media on mental health and well-being has been a topic o...sanghavirahi2
 
The Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational ResourcesThe Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational Resourcesaileywriter
 
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptxMARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptxbennyroshan06
 
Benefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational ResourcesBenefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational Resourcesdimpy50
 
Sectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdfSectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdfVivekanand Anglo Vedic Academy
 
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...Denish Jangid
 

Recently uploaded (20)

Industrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training ReportIndustrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training Report
 
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
 
Keeping Your Information Safe with Centralized Security Services
Keeping Your Information Safe with Centralized Security ServicesKeeping Your Information Safe with Centralized Security Services
Keeping Your Information Safe with Centralized Security Services
 
How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17
 
Research Methods in Psychology | Cambridge AS Level | Cambridge Assessment In...
Research Methods in Psychology | Cambridge AS Level | Cambridge Assessment In...Research Methods in Psychology | Cambridge AS Level | Cambridge Assessment In...
Research Methods in Psychology | Cambridge AS Level | Cambridge Assessment In...
 
Operations Management - Book1.p - Dr. Abdulfatah A. Salem
Operations Management - Book1.p - Dr. Abdulfatah A. SalemOperations Management - Book1.p - Dr. Abdulfatah A. Salem
Operations Management - Book1.p - Dr. Abdulfatah A. Salem
 
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfINU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
 
How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17
 
Basic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersBasic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumers
 
Salient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptxSalient features of Environment protection Act 1986.pptx
Salient features of Environment protection Act 1986.pptx
 
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General QuizPragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
The impact of social media on mental health and well-being has been a topic o...
The impact of social media on mental health and well-being has been a topic o...The impact of social media on mental health and well-being has been a topic o...
The impact of social media on mental health and well-being has been a topic o...
 
The Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational ResourcesThe Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational Resources
 
NCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdfNCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdf
 
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptxMARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
 
Benefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational ResourcesBenefits and Challenges of Using Open Educational Resources
Benefits and Challenges of Using Open Educational Resources
 
Introduction to Quality Improvement Essentials
Introduction to Quality Improvement EssentialsIntroduction to Quality Improvement Essentials
Introduction to Quality Improvement Essentials
 
Sectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdfSectors of the Indian Economy - Class 10 Study Notes pdf
Sectors of the Indian Economy - Class 10 Study Notes pdf
 
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
 

php&mysql with Ethical Hacking

  • 1. SUMMER TRAINNING REPORT TOPIC :- 1. Developing Dynamic Web Application with MYSQL and PHP. 2. Introduction to Security and Ethical Hacking. STUDENT’S DETAIL’S :- NAME : Saikat Das ROLL NO : 74037309 DEPT : Information Technology. TRAINNING INSTITUTE : NIIT Limited ( Camac Street,Kolkata-17)
  • 2. [PART–A] .Developing Dynamic Web Application with. .MYSQL and PHP. Objective:-[ course status – under progress] This instructor-led training is for planning on developing application that makes use of MYSQL and PHP . Implementation of PHP and MYSQL as a cohesive platform for the development of complex dynamic web application. [PART-B] .Introduction to Security and Ethical Hacking. Objective:- [course status – complete] Importance of implementing security in order to protect and safeguard the IT resources of an enterprise. basic aspect is associated with implementing security ,common threats and various attacks .the concept of ethical hacking and various type of hacking techniques.
  • 3. [Part–A] Course Agenda – 1. Verify the correct installation of the WAMP component. 2. Utilize the basic components of PHP to build a foundation for more complex Web application. 3. Understand the basic components of MySQL to build a foundation for the development of fully dynamic and data driven sites. 4. Manage Database and tables within MySQL. 5. Utilize SQL query commands and SQL expression to retrieve data (using join operation) from the MySQL Database. 6. Manipulate table data using the SQL DML commands. 7. Utilize session , error and exception handling within PHP during program execution. 8. Integrate PHP’s object orient programming functionality into design of web application.
  • 4. 9. Securing PHP and MySQL to improve the integrity of application and subsequent data. WAMP ::: WAMP refers to a solution stack of software , usually free and open source software, used to run dynamic Web sites or servers. The original expansion is as follows: W => Windows => Operating System A => Apache => Web server M => MySQL => Database Management System P => PHP => Scripting language PHP What is PHP ? PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. Example <body>
  • 5. <?php phpinfo(); ?> </body> Feature of PHP  PHP can be used on all major operating systems.  PHP has also support for most of the web servers today.  you also have the choice of using procedural programming or object oriented programming, or a mixture of them.  It supports a wide range of Databases. PHP tags ::: Tag style Start tag End tag Standard tag <?php ?>
  • 6. Short tag <? ?> ASP tag <% %? Script tags <script </script> language=”php” > PHP Data type ::: Scalar Data types Scalar Data Type is identified as being able to hold one value at a time. In PHP there are four types of scalar data 1) Boolean : for that there is only two value True(1) & False(0). Default set as True(1). 2) Integer : It is a whole numeric value , not contain any fraction. 3) Float : Float point numbers are any number. 4) String : It is series of characters that are associate with each order in a defined manner. Compound Data Types Its allow s for multiple values to be associated with single entity. 1) Arrays : Series of same type of values that are assigned to individual variable with each individual value being referenced with unique identifier.
  • 7. 2) Object : It is the key to the object oriented programming . it can thought as Black Box. Special Data Types 1) Resources : PHP can interact with some external data sources; 2)Null : Null does not mean a blank space or zero, it truly mean no value . Flow Control loop ::: ‘If…else’…’else if’ >> if statement to be valid is if(condition) true . Syntax …… if(test_condition){ … statement… }else if (test_condition2){ …statement2… }else { …statement3…}; Switch >> It works on the principle of comparing a give value with specified constant and acting upon the first constant that is matched. Syntax …… switch(variable){ Case option1 :
  • 8. …statement…. Break; Case option2: …statement… Break; Default: …statement… }; While >> It is the simplest of all the iterative control statement. Statement is repeated as long as condition remains true. Syntax …… while(expression){ …statement… }; Do while >> It is same as while loop . But here first statement is executed then condition is checked. Syntax …… do{ …statement… }while (expression); For >> It is more complex sibling of while function. It provide three expressions. It help to repeat the loop. Syntax …… for(condition1 ; condition2 ; condition3) { … statement … } Foreach >> It is the iterative control statement that is designed specifically for handling array.
  • 9. Syntax …… Foreach (array_expression as $value) { … statement… } Break and continue >> It used to manually interrupting the flow of the loops. Define a variable :::: In PHP , all variables are identified by $ symbol. Example …… <?php $a=”Hello” ; $b=”World”; ?> To Display statement & variable :::: In PHP you can use any function to display the all statement and print the value of the variable. To understand more see the example. Example …… <?php print(`<p>Its print function</p>`) ; Print `<p> Display variable` .$var. `in php</p>`; Echo ”<p>Its also print string</p>”; Printf(`<p> %d Euro = $%01.2f US Dollar</p>`,1,1.3);
  • 10. Function ::::: In PHP we can also create our own function. Its called user define function. Syntax …… function function name( $argu1, $argu2 ) { // function code here } Define an Array :::: array is a list of variable. It contains multiple elements indexed by numbers or strings. There are two way to make a array , $arrayname = array (“Raja”,”Rohan”,”Rohit”); $arrayname[0]=”Raja”; $arrayname[1]=”Rohan”; $arrayname[2]=”Rohit”; Join an array :::: Join array elements with a glue string. $array = array('Rohit', 'Sharma', 'Kolkata'); $comma_separated = join(",", $array); echo $comma_separated; // output will be “Rohit , Sharma , Kolkata”
  • 11. To replace a string :::: Replace all occurrences of the search string with the replacement string. Syntax …… str_replace ( $search , $replace , $subject) To repeat a string :::: string str_repeat ( string $input , int $multiplier ) connecting to MySQL :::: Mysql_connect() function is used to established an initial connection to the mysql server. Syntax …… mysql_connect ( [hostname [:port] [:/path/to/socket] [,username] [,password] ]) Databases connect :::: Syntax…… mysql_select_db($db_name,$link_id) or die(“could not found”); Querying Mysql ::::
  • 12. Syntax….. $query_results=mysql_query($query,$link_id); Display the query :::: Syntax…… mysql_result($query_results,$row_id, $column_name); Authentication ::::
  • 13. MySQL How MySQL works ?? Parse Optimize Retrieve store Pluggable Storage Engines When we enter a query to the query browser, then 1st the query is checked by the parse to find the syntax error. After that optimize the query. Then the data retrieve from the database with the help of pluggable storage engines. Basically engines fetch the data. There are different storage engines available . • MyISAM • InnoDB • Memory • NDB
  • 14. IMPOTANT COMMANDS … … … … … … … … To see database :::: show databases ; To create databases :::: create database db_name; To use databases :::: use db_name; To delete databases :::: drop database db_name; To display database structure :::: show create database db_nameG; To create table :::: create table <table name>( <column name><column type>[<column option>], <column name><column type>[<column option>],…,] [<index list>])[<table option>]; To display table creation information :::: Show create table <table name>G; To Altering column :::: Alter table <table name> add <column name> <column type> [<column option>]; drop <column name>;
  • 15. modify <new column name><column type>[<option>]; change <old column><new column><column type> [<new column option>]; To rename a table :::: rename table <old name> to <new name>; To see the contain of the table :::: Select [<clause option>] <column list > [from] <table name> [<clause option >]; Clauses Definition DISTINCT Eliminates duplicate row FROM Specifies from where to retrieve the data WHERE Decides what data to show ODER BY Sorts data by specific order criteria LIMIT Reduces the amount of records recive
  • 16. Object Oriented PHP  PHP treats objects in the same way as references or handles, meaning that each variable contains an object reference rather than a copy of the entire object.  Two terms are often heard when discussing OOP are class and object.A class is essentially a description of an object , while an object is an instance of that class. Working with Objects o The methods in a class represent either things that an object can do itself,or that another object can cause the class to do.
  • 17. o Method and properties can be declared one of the three ways:-public,private,or protected.  Class: Every class definition begins with the keyword class, followed by a class name, followed by a pair of curly braces which enclose the definitions of the class's properties and methods. A class may contain its own constants,variables and functions. Class declaration :::: <?php class SimpleClass{ // property declaration public $var = 'a default value'; // method declaration public function displayVar() { echo $this->var; }} ?> New ::::: To create an instance of a class, a new object must be created and assigned to a variable. An object will
  • 18. always be assigned when creating a new object unless the object has a constructor defined that throws an exception on error. Classes should be defined before instantiation (and in some cases this is a requirement). Creating an instance <?php $instance = new SimpleClass(); ?> PHP Configurations The first step in any process of securing an application is checking the configuration components that the software is running under. Running PHP in Safe Mode When running PHP in a shared server environment,the use of safe mode needs to be considered and when possible implemented. • Safe mode-When this mode is set to 1(on),the following condition apply: Input/output functions
  • 19. External scripts UserID with Authentication MySQL User Data Encryption: Data encryption is the process of scrambling stored or transmitted information so that it is unintelligible until it is unscrambled by the intended recipient.The following are a list of common encryption function in PHP. • md5():-The md5() function returns a 128-bit hash that can then be then be stored with the ultimate outcome of comparing it for security purposes. Example of an encryption …….. <?php $string=”I am A big FanofIce Cream”: $string_md5=md5($string);
  • 20. If(md5($string)=$string_md5) { Print “$string=md5($string_md5)”; } ?> Will print: I am A big FanofIce Cream = md5(673d924425c45b1f221fdfcbe21 60cf) Securing the MySQL Server(mysqld) • MySQL process must run under a unique UID/GID that is not used by any other system process. • MySQL root’s account must be protected by a hard to guess password. • The administrator’s account should be renamed. MySQL Access Privelege System:
  • 21. shell>mysql –user=<username> --password=<password> db-name [Part–B] Course Agenda – 1.Identify the importance of implementing security(building blocks) in an enterprise. 2.Understand cryptographic security. 3.Various threats and attacks against hardware,software and network. 4.Understanding the importance of hardening. 5.Inside out of an enterprise work. 6.Best practices that should be adopted to secure various services and system. 7.Concept of hacking and ethical hacking. 8.Identyfy the types of hackers and their techniques.
  • 22. Module1:-Security –The key to Protection. 1 . Ever-increasing need to secure information accessed over the network for data. 2. Information security seeks to protect the following three specific element:- CONFIDENTIALITY,INTEGRITY,and AVAILABILITY. 3. Major authentication method in use today:- User name and password authentication, Token authentication, biometric authentication. 4. Cryptography is the science of hiding or encrypting information. 5. Certificate-based security involves the use of digital certificates.
  • 23. 6. A security policy is formalized statement that defines how security will be implemented with a particular organization. Module2:- Identifying Threats and Attacks. 1. To secure IT infrastructure against various threats like --Unauthorized access, Data theft, Hacking. 2. Hackers can use social engineering, a hacking technique that exploits user’s trust and use physical method and psychological tricks, to collect information. 3. Different social engineering techniques- Impersonation, Bribery, Deception, Conformity. 4. A network attack is a type of attack that is targeted towards getting access to and breaking into a network to disrupt the network connectivity and delay access to the network.
  • 24. 5.A hardware attack is an attack that targets a computer’s physical components and peripherals such as hard disk, mother board, keyboard, network cable or USB device. Module3:- Hardening Internal System and services. 1. Hardening is a general term for any security procedure wherin the default configuration of a system is configured to prevent attacks. 2. Few common operating system vulnerabilities: Default Install, Default Accounts, Built-in Application, Physical Access. 3. A directory service is a network that stores information about all the objects, such as user’s groups, servers client computers, printers and network services in a particular network. 4. It is extremely important to protect the company’s Web servers from attack.
  • 25. 5.Most of the attacks target public service network,commercial networks and website. Module4:-Hacking and the Ethics Involved. 1. Hacking refers to the practice of breaking into information systems. 2. Ethics are principles that distinguish between right and wrong. 3. System administrator use hacking to check security gaps in networks and software products. 4. Eathical hacking is a combination of integrity, transparency and independence. 5. Ethical hacking of networks and systems should be performed on a regular basis, to detect new
  • 26. vulnerabilities and possible breach of security or hacking attempts. 6. To hack a system ,hackers have to first find possible security gaps and vulnerabilities with in the system. 7.Common techniques:-Sniffing attacks, Scanning, Reconnaissance, Internet foot printing , Pharming.