Upload
mukul-agarwal
View
20
Download
0
Tags:
Embed Size (px)
Citation preview
Powerpoint TemplatesPage 1
Powerpoint Templates
ETHICAL HACKINGPresented By:
MUKUL AGARWALMCA [LE]
TCA1305077MAY 2014
Powerpoint TemplatesPage 2
CoNTENT
2
• Overview of Hacking
• Types of Hacker
• Why do Hackers hack ?
• Hacker’s Language
• Hackers’ language
• What is Ethical Hacking
• Why do we need Ethical Hacking
• Methodology of Ethical Hacking
• History of cryptography
• Ethical Hacking Tools
• Some Cases of Hacking
• Skills of an Ethical Hacker
• References
Powerpoint TemplatesPage 3
oVERVIEW oF HACKING
3
• Hack– the rapid crafting of a new program or the
making of changes to existing, usually complicated software
• Hacker
– The person who hacks
• Cracker– System destroyer
Powerpoint TemplatesPage 4
TYPES oF HACKER
3
White Hat Hackers:A White Hat who specializes in penetration testing and in
other testing methodologies to ensure the security of an organization's information systems.
Black Hat Hackers:A Black Hat is the villain or bad guy, especially in a western
movie in which such a character would wear a black hat in contrast to the hero's white hat.
Gray Hat Hackers:A Grey Hat, in the hacking community, refers to a skilled
hacker whose activities fall somewhere between white and black hat hackers on a variety of spectra.
Powerpoint TemplatesPage 5
WHY Do PEoPLE HACKTo make security stronger ( Ethical
Hacking )Just for funShow offHack other systems secretlyNotify many people their thoughtSteal important informationDestroy enemy’s computer network
during the war.
Powerpoint TemplatesPage 6
HACKER’S LANGuAGE1 -> i or l
3 -> e
4 -> a
7 -> t
9 -> g
0 -> o
$ -> s
| -> i or l
|\| -> n
|\/| -> m
s -> z
z -> s
f -> ph
ph -> f
x -> ck
ck -> x
Powerpoint TemplatesPage 7
HACKER’S LANGuAGE TRANSLATIoN
• Ex:
– 1 d1d n0t h4ck th1s p4g3, 1t w4s l1k3 th1s wh3n 1 h4ck3d 1n
– I did not hack this page, it was like this when I hacked in
Powerpoint TemplatesPage 8
What is Ethical hacking
• It is Legal
• Permission is obtained from the target
• Part of an overall security program
• Identify vulnerabilities visible from Internet at particular point of time
• Ethical hackers possesses same skills, mindset and tools of a hacker but the attacks are done in a non-destructive manner
• Also Called – Attack & Penetration Testing
Powerpoint TemplatesPage 9
Why Do WE nEED Ethical hacking
Viruses, Trojan Horses,
and Worms
SocialEngineering
AutomatedAttacks
Accidental Breaches in
Security Denial ofService (DoS)
OrganizationalAttacks
RestrictedData
Protection from possible External Attacks
Powerpoint TemplatesPage 11
1. REconnaissancE
This is also known as foot-printing. This is the first
stage in the methodology of hacking. As given in
the analogy, this is the stage in which the hacker
collects information about the company which the
personal is going to hack.
Powerpoint TemplatesPage 12
2. scanning
Scanning is the second phase in the hacking
methodology in which the hacker tries to make a
blue print of the target network. It is similar to a
thief going through your neighborhood and
checking every door and window on each house to
see which ones are open and which ones are
locked.
Powerpoint TemplatesPage 13
EnuMERation
Enumeration is the ability of a hacker to convince
some servers to give them information that is
vital to them to make an attack. By doing this
hacker aims to find what resources and shares
can be found in the system
Powerpoint TemplatesPage 14
3. gaining accEss
This is the actual hacking phase in which the
hacker gains access to the system. The hacker
will make use of all the information he collected in
the pre-attacking phases.
Powerpoint TemplatesPage 15
4. Maintaining access
Now the hacker is inside the system by some
means by password guessing or exploiting some
of its vulnerabilities. This means that he is now in
a position to upload some files and download
some of them.
Powerpoint TemplatesPage 16
5. covering tracks
Now we come to the final step in the hacking. There
is a saying that “everybody knows a good hacker
but nobody knows a great hacker”. This means that
a good hacker can always clear tracks or any record
that they may be present in the network to prove that
he was here.
Powerpoint TemplatesPage 17
17
History of cryptograpHy
• Cryptanalysis studies the process of breaking encryption algorithms
• When a new encryption algorithm is developed, cryptanalysts study it and try to break it– Or prove that it is impractical to break it
(taking much time and many resources)
Powerpoint TemplatesPage 18
18
enigMa• Used by the
Germans during World War II– Replaced letters
as they were typed
– Substitutions were computed using a key and a set of switches.
Powerpoint TemplatesPage 19
19
steganograpHy• The process of hiding data in plain view in
pictures, graphics, or text– Example: changing colors slightly to
encode individual bits in an image• The image on the left contains the image on
the right hidden in it.
Powerpoint TemplatesPage 20
20
syMMetric cryptograpHy algoritHMs
• Symmetric algorithms have one key that encrypts and decrypts data
• Advantages– Symmetric algorithms are fast– They are difficult to break if a large key size
is used– Only one key needed
Powerpoint TemplatesPage 21
21
syMMetric cryptograpHy• One key encrypts and decrypts data
• Cleartext with Key makes Ciphertext
• Ciphertext with Key makes Cleartext
Winning Lotto #s:
aWDHOP#@-w9
aWDHOP#@-w9 Winning Lotto #s:
Powerpoint TemplatesPage 22
ETHICAL HACKING TOOLS
• Samspade
Samspade is a simple tool which provides us information
about a particular host. This tool is very much helpful in finding
the addresses, phone numbers etc
• Email Tracker and Visual Route
We often used to receive many spam messages in our mailbox. We
don’t know where it comes from. Email tracker is software which
helps us to find from which server the mail does actually came from.
Every message we receive will have a header associated with it. The
email tracker uses this header information for find the location.
Powerpoint TemplatesPage 23
SOmE CASES Of HACKING• Sony - Around 77 million users of Sony’s Play station network
could have had their information stolen by hackers in April 2011.
• RSA Security - In March 2011, RSA Security was hacked when a spoof email containing an infected Excel spread sheet tricked employees into allowing hackers to access the system.
• InfraGard Atlanta - As an FBI partner, you would imagine InfraGard Atlanta to have the most up-to-date Internet security available. However, in June 2011 the company was hacked and 180 usernames and passwords were stolen.
• Gmail - The Gmail accounts of Chinese human activists were hacked, suggesting that the Chinese government masterminded this attack, especially because of the widespread restrictions within the country.
Powerpoint TemplatesPage 24
SKILLS Of AN ETHICAL HACKEr
• Routers - knowledge of routers, routing protocols and access control lists.
• Microsoft - skills in operation , configuration and management.
• Linux - knowledge of Linux/Unix; security setting, configuration, and services.
• Firewalls - configuration, & operation of intrusion detection systems.
Powerpoint TemplatesPage 25
rEfErENCES
en.wikipedia.org/ howstuffworks.com/ slideshare.net/ authorstream.com/ 123seminarsonly.com/
23