anatomy of aman
TRANSCRIPT
MUHAMMAD DANIYAL (CS-13-32)
THREAT: an action or event that might compromise
security. A threat is a potential violation of security.
VULNERABILITY –existence of a weakness, design, or
implementation error that can lead to an unexpected and
undesirable event compromising the security of the system.
EXPLOIT–a defined way to breach the security of an IT system
through a vulnerability.
ATTACK– an assault on the system security that is derived from
an intelligent threat. An attack is any action that violates security.
WHAT YOU SHOULD KNOW FIRST ...
HACKER CATEGORIES…
BLACK HAT…
individuals with extraordinary computing skills, resorting to
malicious or destructive activities. Also known as crackers.
WHITE HAT…
individuals professing hacker skills and using them for
defensive purposes. Also known as security analysts.
GRAY HAT…
individuals who work both offensively and
defensively at various times.
SUICIDERS…
individuals who aim to bring down critical infrastructure for a
“cause” (Hacktivism) and do not worry about punishment.
HACKER QUALITIES…
A HACKER SHOULD…
HAVE deep knowledge of target platforms, such as Windows,
Unix and Linux
Have basic knowledge of networking and related hardware and
software
be familiar with vulnerability study.
be “highly technical” to launch sophisticated attacks
be prepared to follow a strict code of conduct (white hats)
Professionals need to know what it is they are trying to protect,
against whom, and what resources it is willing to expend in order to
gain protection.
PHASES OF HACKING…
Reconnaissance
Scanning
Gaining Access
Maintaining Access
Cleaning
1. RECONAISSANCE…
Reconnaissance refers to the preparatory phase where an attacker
seeks to gather as much information as possible about a target prior
to launching an attack.
TYPES OF RECONAISSANCE…
Passive reconnaissance involves acquiring information without directly interacting
with the target.
Ex: Searching public records or news releases.
Active reconnaissance involves interacting with the target directly by any means.
Ex: Telephone calls to help desk or technical departments
2. SCANNING…
iT refers to the pre-attack phase when the hacker scans the network
for specific information on the basis of information gathered during
reconnaissance. Hackers have to get a single point of entry to launch
an attack.
TYPES OF SCANNING…
Port scanning–a series of messages sent to a computer to learn about services.
Network Scanning–a procedure for identifying active hosts on a network.
Vulnerability Scanning–automated process of proactively identifying vulnerabilities of
computing systems.
PHASES OF SCANNING…
Check for live systems
Identify servicesBanner grabbing
OS fingerprinting
Scan for vulnerabilities
Draw network diagrams of
vulnerable hostsPrepare proxiesAttack
3. GAINING ACCESS…
Gaining access refers to the penetration phase. The hacker exploits the
vulnerability in the system.
The hacker can gain access at the operating system level, application level,
or network level.
HOW TO GAIN ACCESS ??!
There are several ways an attacker can gain access to a system.
The attacker must be able to exploit a weakness or vulnerability in
a system.
HOW TO GAIN ACCESS ??!
Applying patches and hotfixes are not easy in today’s complex
networks.
Attackers look for OS vulnerabilities and exploit them to gain
access to a network system.
OS ATTACKS… APPLICAION LEVEL ATTACKS
SHRINK WRAP CODE… MISCONFG. ATTACKS
HOW TO GAIN ACCESS ??!
Security is often an afterthought and usually delivered as an “add-on”
component. Poor or non-existent error checking in applications leads to buffer
overflow attacks.
OS ATTACKS… APPLICAION LEVEL ATTACKS
SHRINK WRAP CODE… MISCONFG. ATTACKS
HOW TO GAIN ACCESS ??!
When you install an OS or application, it comes with tons of sample scripts to
make the life of an administrator easy. The problem is “not customizing these
scripts”. This will lead to default code or shrink wrap code attack
OS ATTACKS… APPLICAION LEVEL ATTACKS
SHRINK WRAP CODE… MISCONFG. ATTACKS
HOW TO GAIN ACCESS ??!
In order to maximize your chances of configuring a machine correctly, remove
any unneeded services or software.
OS ATTACKS… APPLICAION LEVEL ATTACKS
SHRINK WRAP CODE… MISCONFG. ATTACKS
4. MAINTAINING ACCESS…
The phase where the hacker tries to retain ownership of the
system.
Compromising of target
Hackers can upload, download, or manipulate data, applications,
and configurations on the owned system.
5. COVERING TRACKS…
Covering tracks refers to the activities that the hacker does to hide
their actions.
Examples include steganography, tunneling, and altering log files.
Conclusion…
Hacking is an art, not a science.
Hackers need only a single point of entry.
You’re only as strong as your weakest link.
Where there’s a will, there’s a way.
Never underestimate a Hacker’s determination.
Security should never be an afterthought.
IF THERE IS ANY QUESTION, PLEASE ASK