A simple presentation discussing briefly about the basics of Ethical Hacking and the methodology of hacking.A brief intro of HACKING has also been presented in the beginning

1. BASICS
OF
ETHICAL HACKING
By Vamshi TG

2. 1. Refers to the of
working with computers
into computer systems
.
2

3. 3

4. In the year 1990 in the US a hacker named KEVIN
POULSEN had hacked all the phone lines in the LA City.
It was announced on the radio station that the
102nd caller who would call in the contest hosted by the
channel would receive a PORSCHE as a gift and Kevin
hacked all the phone lines in the city to secure his
victory.
A bad idea, but what an idea!
4

5. VLADIMIR LEVIN, a big time hacker of his time,
managed to penetrate banking network of
Citigroup and transferred around $10 million
into his bank accounts in the UK, Germany,
Finland, Holland, Israel and other places in the
year 1995.
It was a daring feat, indeed. He was later
arrested by the Interpol but only after he had
successfully committed the big time forgery.
5

6. On November 24, 2014, a hacker group which identified itself by the
name "Guardians of Peace" (GOP) leaked a release of confidential
data from the film studio Sony pictures.
The data included personal information about Sony Pictures
employees and their families, e-mails between employees,
information about executive salaries at the company, copies of
then-unreleased Sony films, and other information.
6

7. 7

8.  Hacking is a casual hobby for some hackers
 Some are obsessive about gaining notoriety or defeating
computer systems, and some have criminal intentions.
 To steal important Information of an organization and to
transmit it to the open internet
 To brag about their skills.
8

9. Quote about hackers
9

10. 10
It is the process of locating weaknesses and vulnerabilities of
computer and information systems by duplicating the intent and
actions of malicious hackers.
It is also known as
•PENETRATION TESTING
•INTRUSION TESTING
•RED TEAMING

11. 11

12. 12

13. 13
•Individual professing hacker skills and
using them for defensive purposes
• Also known as security analysts

14. 14
•Individuals with extraordinary computing
skills, resorting to malicious or destructive
activities
• Also know as crackers.

15. 15
Individuals who work both offensively and defensively at
various times.
BLACK GRAY WHITE

16. SUICIDE HACKERS
Individuals who aim to
bring down critical
infrastructure for a
“cause” and are not
worried about facing
jail terms or any other
punishment
SCRIPT KIDDIES
An unskilled who
compromises system
by running scripts,
tools and software
developed by real
hackers.
CYBER TERRORISTS
Individuals with wide
range of skills
motivated by religious
or political beliefs to
create fear by large
scale disruption of
computer networks
16

17. 17
•To prevent hackers from gaining access to information
breaches
•To fight against terrorism and national security breaches
•To build a system that avoids hackers from penetrating
•To test if organization’s security settings are in fact secure

18. 18

19. • Has in-depth knowledge of major
operating environments , such as
Windows, Unix & Linux
Platform
Knowledge
• Has in-depth knowledge of
Networking Concepts, technologies
and related hardware and software
Network
Knowledge
• Should be a computer expert adept
at technical domains
Computer
Expert
• Has knowledge of security areas and
related issues
Security
Knowledge

20. 1. Is a method of examining the weakness and
vulnerabilities of Computer and Network
Security.
2. It helps to measure the effectiveness of
System Security or ineffectiveness of the
Sytem Security
.
20

22. What information/locations/systems can an attacker gain access?
What can an attacker see on the target?
What can an attacker do with available information?
Does anyone at the target system notice the attempts?
.
22
By conducting penetration tests, an ethical hacker looks to answer the
following four basic questions :

23. 23

24. 24
Phase-1
• RECONNAISSANCE
Phase-2
• SCANNING
Phase-3
• GAINING ACCESS
Phase-4
• MAINTAINING ACCESS
Phase-5
• COVERING TRACKS

25. •This is the stage in which the hacker collects information about
the company which the personal is going to hack.
• This is one of the pre-attacking phases.
•Reconnaissance refers to the preparatory phase where an
attacker learns about all of the possible attack vectors that can
be used in their plan.

26. •It refers to scan for all the open as well as closed ports
•Tries to make a blue print of the target network.
•The blue print includes the ip addresses of the target network
which are live, the services which are running on those system
and so on.

27. •It can be gained at OS level ,system level or even network
level
•From normal access hacker can even proceed with
privilege escalation
•It often includes password cracking ,DoS attack etc.

28. It is where the hacker strives to retain its control over
target with backdoors or Trojans

29. •To avoid being exposed or caught ,a good hacker will
leave no impressions of his presence.
•So he attempts to overwrite the system and application
logs

30. 30
Thank
You