• WHAT IS ‘HACKING’?
• WHY HACKING IS CONSIDERED AS
• WHAT IS ‘ETHICAL HACKING’?
• PROCESS INVOLVED
• GAINING ACCESS
• INTERNAL AND EXTERNAL ATTACKS
• LEGAL AND ETHICAL QUESTIONS.
• A Process of illegaly corrupting or extracting some
private informations from a computer system or
• One who attempts crashing private datas, overloading
thier system with traffic or stealing the data such as
credit and debit card details are known as ‘hackers’.
• Hackers are the one who programs enthusiastically or
simply who enjoys the programming rather than simply
theorizing about the programme.
• They code on basis of thier own needs.
TYPES OF HACKERS
• First know about ‘HACKERS vs CRACKERS’:
HACKERS are the good guys who breaks into the system and
tell the administrator how to prevent others from getting in.
CRACKERS are bad guys who break in and do damage.
TYPES OF HACKERS:
Black hat hackers- who involves in ‘cyber fraud’.
White hat hackers-who use thier skills for good purpose.
Adult hacker- who are underemployed and need some
recognition in hacker community.
Gray hat hackers-who works in need of money
• SOME OTHER ISSUES:
• PHREAKING- Cracking the telecom networks.
• SPOOFING- Facking the originating IP address in
datagram(Entering into an org. WIFI illegaly).
• DENIAL OF SERVICE(DOS)- Flooding a host with
sufficient network traffic.
• PORT SCANNING- Searching for vulnerabilities.
WHY HACKING IS CONSIDERED AS ‘CYBER FRAUD’?
(Old crimes,commited on or through the new medium of
internet but, New crimes are created within the internet
AGES THROUGH HACKING
• 1969 - Unix ‘hacked’ together
• 1971 - Cap ‘n Crunch phone exploit discovered
• 1988 - Morris Internet worm crashes 6,000 servers
• 1994 - $10 million transferred from CitiBank accounts
• 1995 - Kevin Mitnick sentenced to 5 years in jail
• 2000 - Major websites succumb to DDoS
• 2000 - 15,700 credit and debit card numbers stolen from Western Union (hacked
while web database was undergoing maintenance)
• 2001 Code Red
– exploited bug in MS IIS to penetrate & spread
– probes random IPs for systems running IIS
– had trigger time for denial-of-service attack
– 2nd wave infected 360000 servers in 14 hours
• Code Red 2 - had backdoor installed to allow remote
• Nimda -used multiple infection mechanisms email, shares, web client, IIS
• 2002 – Slammer Worm brings web to its knees by attacking MS SQL Server
• 2004-Monster case in India.
WHAT IS AN ‘ETHICAL HACKING’?
• RE-CONFIGURATION of a system or software to
function in ways not facilated by the Administrator or
• It is Legal.
• Permission is obtained from the target.
• It is a part of an overall secutiy from the programme.
• A well programming mind and skilled persons who
using ‘Unix or Linux’ is more than enough
• Eventhough it possess same skills and mindsets of
hackers and crackers, Attacks are done by NON-
o Identification of targets(company websites, mail
o Aware about total time for testing
o Key people who are made Aware of testing the target
o Collection of as much informations about target(IP
ranges, Adminstrator contact, problems evolved etc..)
o Aware about information sources(forums etc..)
• ENUMERATION OR FINGER PRINT:
o An operating system enumeration.
o Methods such as,
Responces to various protocols (such as, ICMP & TCP
• IDENTIFICATION OF VULNERABILITIES:
o INSECURE configuration
o INSECURE coding
o Weak passwords
o Weak Access controll
o Listening to traffic etc…
Password crackers- Pwddump,john the ripper & more
Vulnerability scanners- ISS,SARA.
Listening to traffic- Ethercad.
• FRONT DOOR- i) Password guessing
ii)Password / KEY stealing
• BACK DOOR- i)Forgot to remove before
ii)Often left by original
developers or debuggers
They are usually hidden inside the software that we
download and install from the net.
• SOFTWARE EXPLOITATION- :
• It is a Fertile ground for script kiddies looking for something
Eg:gray hat hackers
MY FEW SUGGESTIONS
• To prevent this in future,
Implement a Firewall and
develope the security.
Use hard to get Passwords
Disconnect your Internet when not in use.
Spam E-mail should not be opened.
Avoid giving your personal details on social networks
such as(facebook,twiteer,linkedin,nowell etc..)
Secure your Wireless network and keep your system
LEGAL AND ETHICAL QUESTIONS
• What is ‘Ethical’ hacking?
• How to react mischief on nuisances?
• Is scanning for vulnerabilities is LEGAL?
• Can private propety LAWS be applied on Network?