How hackers do it

2,463 views

Published on

Slides to accompany a demonstration I did for the Pacific Computing Society in Suva, Fiji in late 2006. It demoed the anatomy of a hacker attack.

Published in: Technology
  • Be the first to comment

How hackers do it

  1. 1. how do hackers do it?
  2. 2. 1. gather info on the target host
  3. 3. whois Organization: Fiji ABCDEFG Inc. Admin-Name: Josese Bula Admin-Mailbox: [email_address] Tech-Name: Maciu Vinaka Tech-Mailbox: [email_address] NS1-Hostname: dns1.somenetwork.com.fj NS1-Netaddress: 202.151.23.2
  4. 4. Google Find vulnerabilities, revealing error messages, usernames and sometimes even passwords on your target host, all without ever connecting to it see http://johnny.ihackstuff.com/
  5. 5. 2. scan/sniff to find a way in
  6. 6. nmap superscan
  7. 7. tcpdump wireshark (formerly ethereal) dsniff
  8. 8. nessus
  9. 9. 3. exploit vulnerabilities
  10. 10. metasploit framework
  11. 11. john the ripper cain and abel thc-hydra
  12. 12. 4. cover your tracks
  13. 13. nc -L -d -t -p 23 -e cmd.exe rootkits
  14. 14. edit logs
  15. 15. help! what can i do?
  16. 16. . remove all unnecessary services . firewall services that do not need remote access . actively patch vulnerabilities . use strong passwords most importantly: . educate your users again and again and again
  17. 17. chris hammond-thrasher, cissp [email_address]

×