Presented By:Monika

Roll no:16

Introduction

Hacking vs. Ethical Hacking

Type of hackers

Types of Attacks

Methodology of hacking Advantages and disadvantages

Conclusion

Today more and more software are developing and people are getting more and more options in their present software. But many are not aware that they are being hacked without their knowledge. One reaction to this state of affairs is a behavior termed Ethical Hacking.

The Art of exploring various security breaches is termed as Hacking.

Hackers Know about the security holes within system and reasons of their existence.

Hacker evaluates target system security Report back to the owners about the Vulnerabilities found Ethical hacking also known as penetration testing or white-hat

hacking. Involves the same tools, tricks, and techniques that hackers use, but

with one major difference that Ethical hacking is legal.Ethical hacking is performed with the target‘s permission.

White hat hackers

Black hat hackers

Grey hat hackers

Script Kiddies

Worm: Can replicate itself and spread automatically

Worm can hijack computers and can send emails hiding their identity.

Eg. Code red worm, Love bug, Mydoom.

Sending too many requests to the server so that it become inaccessible for use to to which it is intended for.

Syn flood attack:

A SYN flood attack sends a great number of SYN packets to a target server to exhaust the server’s half-open connection resources, resulting in denial of normal services.

Designed to spread from one computer to another.

Delete comp data.

Attach itself with code and executed each time when the code is executed.

Eg. Macro virus: spread through mails

The various stages in the hacking Reconnaissance : known as pre attack

phase which gather info about the target.

Scanning :use previous phase information for network scanning .

Tools : nmap or network mapper Synatx : nmap<target’s url> nmap _O<target’s url>

This is the phase where real hacking takesplace in which attacker enters the system.

Maintaining access:by using software like trozan horse.

Clearing tracks:Auditpol.exe is a command line tool which

disable auditing and evidence elevator remove all the evidences.

Certified Ethical Hacker

Professional certification is provided by the

International Council of E-Commerce Consul

tants (EC-Council.)

to the ethical hackers.

Provides security to banking and financial establishments

An evolving technique To catch a thief you have to think like a thief

All depends upon the trustworthiness of the ethical hacker

Hiring professionals is expensive.

No software is made with zero Vulnerabilities. So while studying we should study the various possibilities and should study how to prevent .

Business is directly related to Security. So while making new software there should be vulnerabilities as less as possible.