Anda di halaman 1dari 26

Ethical Hacking

SUBMITTED TO: Dr S.L.GUPTA Prof USM(KUK) Mrs. REETA

SUBMITTED BY: RICHA CHADHA ROLL NO 4 MBA GEN(PREV)

HISTORY OF HACKING

Since the 1980's, the Internet has vastly grown in popularity and computer security has become a major concern for businesses and governments

In a search for ways to reduce the fear and worry of being hacked, organizations have come to the realization that an effective way to evaluate security threats is to have independent security exerts attempt to hack into their computer systems. With the growth of computing and networking in the early 1990's, computer and network vulnerability studies began to appear outside of the military organization.

WHAT IS ETHICAL HACKING? Definition

Ethical hacking refers to the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious hackers. Ethical hacking is also known as penetration testing, intrusion testing, or red teaming. An ethical hacker is a security professional who applies their hacking skills for defensive purposes on behalf of the owners of information systems .

WHO ARE ETHICAL HACKERS?


Traditionally, a hacker is someone who likes to tinker with software or electronic systems. Hackers enjoy exploring and learning how computer systems operate. They love discovering new ways to work electronically.

An Ethical Hacker, also known as a whitehat hacker, or simply a whitehat, is a security professional who applies their hacking skills for defensive purposes on behalf of the owners of information systems.

ETHICAL HACKING PROCESS

FLOW CHART OF ETHICAL HACKING PROCESS


PLANNING RECONNAISSANCE ENUMERATION VULNERABILITY ANALYSIS EXPLOITATION FINAL ANALYSIS DELIVERABLES INTEGRATION

10 COMMANDMENTS OF ETHICAL HACKING

1. Thou shalt set thy goals 2. Thou shalt plan thy work, lest thou go off course 3. Thou shalt obtain permission

4. Thou shalt work ethically


5. Thou shalt keep records 6. Thou shalt respect the privacy of others 7. Thou shalt do no harm 8. Thou shalt use a scientific process 9 Thou shalt not covet thy neighbour's tools 10.Thou shalt report all thy findings

REQUIRED SKILLS

CERTIFICATION

Due to the controversy surrounding the profession of ethical hacking, the International Council of ECommerce Consultants (ECCouncil) provides a professional certification for Certified Ethical Hackers (CEH) In order to obtain certification, an ethical hacker must complete a coursework consisting of 22 modules, which range from 30 minutes to 5 hours or more, depending on the depth of the information provided.

PROBLEMS ASSOCIATED WITH ETHICAL HACKING

Controversy
Ethical Issues

Legal Liability
Forcing Services and Information on Organizations and Society

TYPES OF HACKING AND THEIR COUNTER MEASURES

PASSWORD HACKING
NETWORK HACKING E-MAIL HACKING WIRELESS HACKING DoS ATTACKS INPUT VALIDATION PRIVACY ATTACKS IP SPOOFING

CRYPTOGRAPHY
VIRUSES

PASSWORD HACKING
Password cracking is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. Most passwords can be cracked by using following techniques :

HASHING GUESSING DEFAULT PASSWORDS BRUTE FORCE PHISHING

NETWORK HACKING

Network Hacking is generally means gathering information about domain by using tools like Telnet, NslookUp, Ping, Tracert, Netstat, etc. It also includes OS Fingerprinting, Port Scaning and Port Surfing using various tools.

E-MAIL HACKING
All email communications on the internet are possible by two protocols: 1) Simple Mail Transfer Protocol (SMTP port-25) 2) Post Office Protocol (POP port-110)
E-Mail hacking consists of various techniques as discussed below. 1) EMail Tracing :- Generally, the path taken by an email while travelling from sender to receiver can be explained by following diagram.

DoS ATTACKS
A denial of service (DoS) attack is an attack that clogs up so much memory on the target system that it can not serve it's users, or it causes the target system to crash, reboot, or otherwise deny services to legitimate users.There are several different kinds of dos attacks as discussed below:

PING OF DEATH
TEARDROP ATTACK LAND ATTACK SMURF ATTACK

VIRUSES
What is a Computer Virus ?
A potentially damaging computer programme capable of reproducing itself causing great harm to files or other programs without permission or knowledge of the user. Types of viruses :The different types of viruses are as followsBOOT SECTOR VIRUS FILE OR PROGRAM STEALTH VIRUSES POLYMORPHIC VIRUSES MACRO VIRUSES

HACKING TOOLS

PORT SCANNERS
Nmap :- This tool developed by Fyodor is one of the best unix and windows based port scanners. This advanced port scanner has a number of useful arguments that gives user a lot of control over the process.

Superscan :- A Windows-only port scanner, pinger, and resolver SuperScan is a free Windows-only closed-source TCP/UDP port scanner by Foundstone. It includes a variety of additional networking tools such as ping, traceroute, http head, and whois.

OS FINGERPRINTING TOOLS
Nmap :- This tool developed by Fyodor is one of the best unix and windows based active os fingerprinting tool.

P0f :- A passive OS fingerprinting tool. P0f is able to identify the operating system of a target host simply by examining captured packets even when the device in question is behind an overzealous packet firewall.P0f can detect firewall presence, NAT use, existence of load balancers, and more!

PASSWORD CRACKERS
Cain and Abel :- The top password recovery tool for Windows. This Windows-only password recovery tool handles an enormous variety of tasks. It can recover passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols. John the Ripper :- A powerful, flexible, and fast multiplatform password hash cracker. John the Ripper is a fast password cracker, currently available for many flavors of Unix, DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types which are most commonly found on various Unix flavors, as well as Kerberos AFS and Windows NT/2000/XP LM hashes. Several other hash types are added with contributed patches.

ENCRYPTION TOOLS
OpenSSL :- The premier SSL/TLS encryption library. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a fullstrength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. Tor :- An anonymous Internet communication system Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, irc, ssh, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.

E-BOOKS FOR ETHICAL HACKING