TWINCLING Society

Ethical Hacking

19th ofAugust, 2006

Hyderabad, India
TWINCLING Society

We appreciate
 Outline
●
Know your enemy
●
History and Trends
Anatomy of a hack
TWINCLING Society

●
System Hacking
●
Sniffers
●
Denial of Service
●
Buffer Overflows
●
Social Engineering
 Know your enemy

Sun Tzu says in the 'Art of War',

TWINCLING Society

“If you know yourself but not the enemy, for every victory
gained, you will suffer defeat.”

“If you know the enemy and know yourself, you need not fear
the result of a hundred battles.”
 Know your enemy
● Hacker (n) – refers to a person who enjoys learning the details
of computer systems and stretch their capabilities.

● Hacking (v) – describes the rapid development of new

programs or reverse engineering of already existing software to
TWINCLING Society

make the code better and efficient.

● Cracker – refers to a person who uses his hacking skills for

offensive purposes.

● Phreak – a hacker variant with an interest in telephones and

telephone systems.

● Hactivism – refers to an act of hacking in order to

communicate a politically or socially motivated message. An
Internet enabled way to practice civil disobedience and protest.
 Know you enemy
● Ethical Hacker – refers to security professional who apply
their hacking skills for defensive purposes on behalf of its
owners.

Ethical Hacking – is also known as penetration testing,

TWINCLING Society

intrusion testing, red teaming

● Ethical hacker looks for the following four basic questions:

● What information/locations/systems can an intruder gain

access?
● What can an intruder see on the target?

● What can an intruder do with available information?

● Does anyone at the target system notice the attempts?

 Know your enemy
● Hacker Classes ● Ethical hacker classes
– Script Kiddie – Former Black hats
– Black hats – White hats
TWINCLING Society

– White hats – Consulting firms

– Grey hats
 Know your enemy
TWINCLING Society

Information Security = C I A
( Confidentiality, Integrity, Authentication )

It remains a fact however, that gaining unauthorized access is

a crime, no matter what the intent.
 History / Trends in Hacking Culture
TWINCLING Society
 Anatomy of a hack
TWINCLING Society
 Anatomy of a hack (Reconnaissance)
● Refers to a preparatory phase where an attacker seeks to gather
as much information as possible about the target of evaluation
prior to launching an attack.

Passive reconnaissance involves monitoring network data for

TWINCLING Society

patterns and clues.

● Active reconnaissance involves probing the network for

● Accessible hosts

● Open ports

● Location of routers

● Operating system details (if possible services)

 Anatomy of a hack (Reconnaissance)
● Footprinting – is a blueprinting of the security profile of an
organization, undertaken in a methodological manner.

● Scanning – refers to a pre-attack phase when the hacker scans

the network with a specific information gathered during
TWINCLING Society

footprinting.

● Enumeration – involves active connections to systems and

directed queries
 Anatomy of a hack (Scanning)
● This stage of a hack can be considered to be a logical extension
of active reconnaissance

● Get a single point of entry to launch an attack and could be

point of exploit when vulnerability of the system is detected.
TWINCLING Society

● Objectives of port scanning.

● Open ports

● Host operating system

● Software or service versions

● Vulnerable software versions

 Anatomy of a hack (Gaining Access)
● Gaining access refers to the true attack phase.

● The exploit can occur over a LAN, locally, Internet, offline, as a

deception or theft.
TWINCLING Society

● Hacking Web servers

● System Hacking
● Web application vulnerabilities
● Sniffers
● Web based password cracking
● Social Engineering
● SQL injection
● Denial of Service
● Hacking Wireless networks
● Session Hijacking
● Virus and Worms
● Buffer Overflows
● Evading IDS, firewalls, Honeypots
● Rootkits
● Cryptography
 Maintaining Access
● Maintaining access refers to the phase when the attacker tries to
retain his 'ownership' of the system.
● Install tools such as
TWINCLING Society

● Rootkits.
● Trojans and its backdoors.
● Backdoors.
 Covering Tracks
● Covering tracks refers to remove the evidence of his presence
and activities.
● Techniques include:
TWINCLING Society

● Tunnelling.
● Altering/Clearing log files.
● Disabling auditing
 System Hacking
● Remote password guessing
● Privilege escalation.
● Password cracking
TWINCLING Society

● Dictionary and Brute force attack

● Social engineering and Shoulder sniffing
● Dumpster Diving
● Key loggers
● Hiding files
● Steganography
 Sniffers
● Sniffers refer to monitoring data like.
● Network data.
● Operating system data.
TWINCLING Society

● Spoofing.
● Man in the Middle.
● Passive Sniffers
● Through compromising physical security
● Using a Trojan Horse.
● Active Sniffing
● ARP spoofing.
● DNS spoofing
 Denial of Service
● An attack with which an attacker renders a system unusable or
significantly slowdown the system.
● Methods include:
TWINCLING Society

● Flood a network.
● Bandwidth/Throughput attacks.
● Protocol attacks.
● Software Vulnerability attacks.
● Disrupt connections between two machines.
● Prevent a particular individual from accessing a service.
TWINCLING Society

Buffer Overflows
 Social Engineering
● It is an art of using influence and persuasion to deceive people
for the purpose of obtaining information or to perform some
action.

● Even with all firewalls, authentication processes, VPN,

TWINCLING Society

companies are still wide open to attacks.

● Humans are the weakest link in the security chain.

● It is the hardest form of attack to defend against.

 Summary / Take home
● There is no single set of methodology that can be adopted for
ethical hacking. The terms of reference used for various phases
in the anatomy of a hack may differ, but the essence is the same.

● Hacking is not for everyone (there is not half-way)

TWINCLING Society

● It takes an objective mind, a lot of free time, and dedication to

keep up with things.

● NEVER use the knowledge for offensive purposes.

 Resources
●
BlackHat http://www.blackhat.com/
●
Astalavista http://www.astalavista.com/
CERT Coordination Center http://www.cert.org/
TWINCLING Society

●
Neohapsis http://www.neohapsis.com/
●
PacketStorm http://packetstormsecurity.org/
●
SecurityFocus http://www.securityfocus.com/
●
SecurityDocs http://www.securitydocs.com/
●
FoundStone http://www.foundstone.com/
 Books
TWINCLING Society

Book cover pasted here – size is 5cm x 7cm

 Books
TWINCLING Society

Book cover pasted here – size is 5cm x 7cm

 Special thanks
TWINCLING Society

AppLabs Technologies Pvt. Ltd.

http://www.applabs.com/

AppLabs is a global IT services company specializing

in software testing and development services.
It is the preferred partner for third-party validation.
 Special thanks
TWINCLING Society

CommVault Systems (India) Pvt. Ltd.

http://www.commvault.com/

CommVault is a Storage Management, Backup

and Disaster Recovery company incorporated in USA
with its Global Development Centre in Hyderabad, AP.
 About us
TWINCLING Society

Charter
Promote, Develop and Showcase Open Source software.

Legal
Registered “not for profit” Society under A.P. Societies Reg Act, 2001.

Management
Governed by Society By-Laws. Led by 7-member board of directors.
 About us ...
TWINCLING Society

website
www.twincling.org

mailing list
groups.yahoo.com/group/twincling

forum (software --> twincling)

http://www.nabble.com/twincling-f15741.html
 About us ...
TWINCLING Society

irc
#twincling

helpline
+91-99496 50605
+91-99499 91585
more info
Mr. Kumar S. N. - Public Relations & Strategic Alliances