• View

  • Download

Embed Size (px)


HACKING AND WAYS TO PREVENT HACKING. WHAT IS HACKING ?. Hacking is unauthorized use of computer and network resources. The term "hacker" originally meant a very gifted programmer. In recent years though, with easier access to multiple systems, it now has negative implications. - PowerPoint PPT Presentation


Slide 1

HACKING AND WAYS TO PREVENT HACKINGWHAT IS HACKING ?Hacking is unauthorized use of computer and network resources. The term "hacker" originally meant a very gifted programmer. In recent years though, with easier access to multiple systems, it now has negative implications.A successful hacker looks for poor configuration of Web servers, old or unpatched software, disabled security controls, and poorly chosen or default passwords.HISTORY OF HACKINGSince early 1960s the positive term HACKER started having its negative aftereffects.In one of the first arrests of hackers, the FBI had busted six teen-age hackers.Kevin David Mitnick who is currently behind bars was considered as the worlds famous hacker in late 20th century .TYPES OF HACKERSWhite hat :- A white hat hacker breaks security for non-malicious reasons.

Grey hat :- A grey hat hacker is a hacker of ambiguous ethics and/or borderline legality, often frankly admitted.

Black Hat :- A black hat hacker is someone who subverts computer security without authorization or who uses technology for terrorism, vandalism, credit card fraud, identity theft, intellectual property theft, or many other types of crime.

TYPES OF HACKERS CONTD.Cyberterrorist :- A Cyberterrorist uses technology to commit terrorism. Their intentions are to cause harm to social, ideological, religious, political, or governmental establishments.

Script kiddie :- A script kiddie a non-expert who breaks into computer systems by using pre-packaged automated tools written by others.

Hacktivist :- A hacktivist is a hacker who utilizes technology to announce a political message.

COMMON METHODS OF HACKINGSecurity exploit :- A security exploit is a prepared application that takes advantage of a known weakness.Vulnerability scanner :- A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. Packet Sniffer :- A packet sniffer is an application that captures data packets, which can be used to capture passwords and other data in transit over the network..COMMON METHODS OF HACKING CONTD. :-Spoofing attack :- A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another programRootkit :- A rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. COMMON METHODS OF HACKING CONTD. :-Social engineering :- Social Engineering is the art of getting persons to reveal sensitive information about a system. This is usually done by impersonating someone or by convincing people to believe you have permissions to obtain such information.Trojan horse :- Trojan horse is a program which seems to be doing one thing, but is actually doing another. A trojan horse can be used to set up a back door in a computer system such that the intruder can gain access later.

COMMON METHODS OF HACKING CONTD. :-Virus :- A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents.Worm :- Like a virus, a worm is also a self-replicating program. A worm differs from a virus in that it propagates through computer networks without user intervention. Key loggers :- A keylogger is a tool designed to record ('log') every keystroke on an affected machine for later retrieval.

WHAT MAKES HACKING SO INTRESTING? Hobby :-Amateurs and electronic enthusiast are the primary members of this group. These hackers begin by putting together usernames such as the Altair 8800, ABC80 and the ABC800.

Academic :-Students infact use hacking as a tool to download papers using the networking interface for their benefits.

Network:- Phone phreaks have developed ways to utilize the phone system to make calls. The old phone system used dozen of switches that were controlled by tone commands. Once these switches were discovered they could be used to control the phone system. Even wi-fi has come under serious threat.HOW FATAL CAN HACKING BE.The Chinese military hacked into a Pentagon computer network in June 2007 in the most successful cyber attack on the US defence department.A 15-year-old youth faces charges of hacking into a government computer system that tracks the positions of U.S. Air Force planes worldwide, according to government officials.WAYS TO PREVENT HACKINGImplement a firewall :- A firewall is a barrier that keeps hackers and viruses out of computer networks. Firewalls intercept network traffic and allow only authorized data to pass through. Develop a corporate security policy :- Establish a corporate security policy that details practices to secure the network. The policy should direct employees to choose unique passwords that are a combination of letters and numbers. Passwords should be changed every 90 days to limit hackers ability to gain possession of a functioning password. When someone leaves company, immediately delete the user name and password. The corporate policy should outline consequences for network tampering and unauthorized entry.WAYS TO PREVENT HACKING CONTD..Install anti-virus software :- All computers should run the most recent version of an anti-virus protection subscription. Ideally a server should be configured to push virus updates out periodically to all client systems. Employees should be educated about viruses and discouraged from opening e-mail attachments or e-mail from unknown senders.

Keep operating systems up to date :- Upgrade operating systems frequently and regularly install the latest patches or versions of software, which are often free over the Web. If you use Microsoft Windows, check www.windowsupdate.com periodically for the latest patches.

Dont run unnecessary network services :- When installing systems, any non-essential features should be disabled. If a feature is installed but not actively used, it is less likely to be updated regularly, presenting a larger security threat. Also, allow only the software employees need to do their job effectively. WAYS TO PREVENT HACKING CONTD..Conduct a vulnerability test :- Conducting a vulnerability test is a cost-effective way to evaluate the current security program. This test highlights flaws and limitations in the program, and experts can offer suggestions for improvement. The best method for conducting a vulnerability test is to contact a computer consulting company and provide access to your system for a day or two. This will provide ample time for network appraisal and follow-up discussion and planning.

Keep informed about network security :- Numerous books, magazines and online resources offer information about effective security tools and lessons learned. Also, the Web provides ample and very current information about security type in the key words network security.PREVENT HACKING OF WIRELESS NETWORKSUse Secure Portals and Payment Gateways :-Banking transactions made on unsecured websites can lead to leaking of credit card details. These details can then be used to generate a card bearing the same data as the original credit card which can then be used fraudulently. It is imperative to use secure portals and trusted payment gateways like Paypal, etc.Be Aware of Phishing :-Phishing is a fraudulent process of attempting to acquire sensitive information like user Ids and passwords by issuing fake emails on the pretext of security verification. The emails appear to originate from genuine banks and the user is misled into submitting the information. The golden rule to follow is to never share or submit passwords or user Ids.

PREVENT HACKING OF WIRELESS NETWORKS CONTDChange Wireless Network Passwords :-Most users of wireless networks do not change the default password provided by the router vendor. These default passwords are known to hackers and it makes a hackers job easy to intrude any home network from hundreds of meters away. One should change the default password immediately before using the wireless network.Change Service Set ID or SSID :-SSID or Service Set ID is the name of the wireless network. Wireless router vendors leave a default SSID on installation of the router software. Hackers can easily swap a home computers default SSID with theirs without the users knowledge. Like the network password the SSID also needs to be changed immediately before using the wireless network.

PREVENT HACKING OF WIRELESS NETWORKS CONTDHide the Service Set ID or SSID :-Sometimes changing the SSID is also not full proof as hackers have advanced methods to intrude into a wireless network if the SSID is known. To prevent such cases the SSID needs to be hidden. Router configuration softwares allow the SSID to be hidden and the steps are provided in the manuals.Convert to Static IP Instead of Dynamic :-Most home users use IP addresses on the internet that are dynamic and are provided by randomly picking one from on the fly from a pool of IP addresses. Hackers can obtain a valid IP address from this pool and use it to gain access to the home users computer. This feature of assigning dynamic IP addresses can be turned off and a fixed IP can be used instead. Additionally if firewall access rules on the router and computer are limited to this static IP address, then the home computer is secure.BENEFITS OF HACKINGIndustry related :-The computer industry was virtually foundedon the ideals of hacking. From the very first hackers that began assembl