ethical hacking seminar
TRANSCRIPT
By VIPUL TALARI
Abstract▪ Computers around the world are systematically being
victimized by rampant hacking. This is being executed so flawlessly that the attackers compromise a system, steal everything of value and completely erase their tracks within 20 minutes.
▪ The Ethical Hacker is an individual who is usually employed within the organization and who can be trusted to undertake an attempt to penetrate networks and/or computer systems using the same methods as a Hacker to find out the loop holes and fix them.
Hacking▪ We’ve all heard of hackers. Many of us have even
suffered the consequences of hacker actions. So who are these hackers? Why is it important to know about them?
Ethical Hacking:
▪ It can be defined as penetration testing by a person who knows everything about hacking to find out if there are any loop holes or exploits on the network of an organization and try to apply patches to them and provide the security.
Ethical Hackers are the people who protect systems from being hacked.
Anatomy of a Hack:
Reconnaissance:● Refers to a preparatory phase where an attacker seeks to
gather as much information as possible about the target of evaluation prior to launching an attack.
▪ Passive reconnaissance involves monitoring network data for patterns and clues.
Active reconnaissance involves probing the network for : ▪ Accessible hosts ▪ Open ports ▪ Location of routers ▪ Operating system details (if possible services)
Scanning: ▪ This stage of a hack can be considered to be a logical
extension of active reconnaissance.
▪ Get a single point of entry to launch an attack and could be point of exploit when vulnerability of the system is detected.
Objectives of scanning: ▪ DNS servers ▪ Vulnerabilities ▪ Software or service versions ▪ Vulnerable software versions
Stealth Scan:Hacker Target
192.168.1.2:2342 ------------syn----------->192.168.1.3:80 192.168.1.2:2342 <---------syn/ack------->192.168.1.3:80 192.168.1.2:2342-------------RST---------->192.168.1.3:80
▪ Client sends a single SYN packet to the server on the appropriate port.
▪ If the port is open then the server responds with a SYN/ACK packet. ▪ If the server responds with an RST packet, then the remote port is in
state "closed”
▪ The client sends RST packet to close the initiation before a connection can ever be established.
▪ This scan also known as “half-open” scan.
Gaining Access:
▪ Gaining access is the most important phase of an attack in terms of potential damage. The exploit can occur locally, offline, over a LAN or the internet as a deception or theft.
▪ Different types of techniques used to gain access to the systems.
Maintaining Access:
▪ Maintaining access refers to the phase when the attacker tries to retain his 'ownership' of the system.
Install tools such as: ▪ Rootkits. ▪ Trojans. ▪ Backdoors.
Clearing Tracks:▪ An attacker would like to destroy evidence of his
presence and activities for various reasons such as maintaining access and evading punitive action.
▪ Covering tracks refers to remove the evidence of his presence and activities.
Techniques include: ▪ Tunnelling. ▪ Altering/Clearing log files. ▪ Disabling auditing
Social Engineering:
System Hacking:▪ Password guessing ▪ Man-in-the-middle and replay attacks ▪ Unsecured access to systems ▪ Wire sniffing ▪ Brute force ▪ Dictionary
Trojans:
A Trojan also known as a Remote Administration Tool or RAT for short is a piece of software made for monitoring a system.
Trojans normally comprise of three things, a Client, Build/Edit Server and Server.
Viruses and Worms:
▪ A computer virus is one of thousands of programs that can invade computer systems and perform a variety of functions ranging from annoying to dangerous.
▪ A worm is a malicious program that can infect both local and remote machines. Worms spread automatically by infecting system after system in a network, and even spreading further to other networks.
▪ Ex: Melissa virus is an hybrid of a Trojan, a virus and a worm.
▪ Onel de Guzman – accused of releasing the I LOVE YOU (Love Bug) virus.
Who is this Guy?
▪ Infected 45 million computers in May 2000 ▪ Clogged e-mail world-wide ▪ Destroyed music/graphics files ▪ Damage estimated as high as $10 billion ▪ Replicates itself through: ▫ E-mail ▫ Internet Chat ▫ Shared drives
I Love You Virus:
Sniffers: Sniffers refer to monitoring data like. ▪ Network data. ▪ Operating system data. ▪ Spoofing. ▪ Man in the Middle.
Passive Sniffers: ▪ Through compromising physical security. ▪ Using a Trojan Horse.
Active Sniffing ▪ ARP spoofing. ▪ DNS spoofing.
Phishing▪ Phishing is a combination of "social engineering" and “technical subterfuge”
to steal consumers’ personal identity data and financial account credentials.
Spoofed Websites:
Denial of service:▪ An attack with which an attacker renders a system unusable or
significantly slows down the system. Methods include: ▪ Flood a network. ▪ Protocol attacks. ▪ Software Vulnerability attacks. ▪ Disrupt connections between two machines. ▪ Prevent a particular individual from accessing a service.
Session Hijacking:
▪ The term session hijacking refers to the exploitation of a valid computer session - sometimes also called a session key or Id - to attain unauthorized access to information or services in a computer system.
▪ Many web sites allow users to create and manage their own accounts, logging in using a username and password (which may or may not be encrypted during transit) or other authentication method.
Buffer Overflow:
▪ A buffer overflow occurs when the amount of data is larger than the allocated buffer. When that happens, the data will overwrite memory area that followed the buffer.
▪ If we can submit data more than previously allocated space, we can overflow the dedicated space and if we can overwrite the stack, we call this Stack Based Overflow.
Protecting Your System:
▪ Install Good Antivirus Software. ▪ Keep Operating System Updated. ▪ Get a Firewall system. ▪ Conduct a Vulnerability test - eg: Snort ▪ Security Policy for your Company. ▪ Avoid unnecessary network services and open
ports.
Conclusion:▪ There is an adverse importance of the need for
protecting your computers and computer networks from hackers and other malicious content available on the internet as it can steal sensitive information which can cause varying damages.
▪ Ethical hackers are being given much importance and consideration by the organizations today and every company is having a strict security policy so that no vulnerabilities will be exploited by the hackers.
▪ NEVER use the knowledge for offensive purposes.
References
▪ An Unofficial guide to Ethical Hacking. ▪ Hacking for dummies. ▪ EC Council material CEH 6.0 ▪ www.ankitfadiacertified.com ▪ www.research.ibm.com ▪ www.wikipedia.com ▪ www.eccouncil.org
Protect your computers