Downloaded 562 times
More Related Content
Ethical hacking
- 1.
- 2. Ethical Hacking -? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting
- 3. What is EthicalHacking Ethical Hacking Conforming to accepted professional standards of conduct Process of breaking into systems for: Personal or Commercial Gains Malicious Intent – Causing sever damage to Information & Assets Also Called – Attack & Penetration Testing, White-hat hacking, Red teaming White-hat - Good Guys Black-hat – Bad guys
- 4. What is EthicalHacking It is Legal Permission is obtained from the target Part of an overall security program Identify vulnerabilities visible from Internet at particular point of time Ethical hackers possesses same skills, mindset and tools of a hacker but the attacks are done in a non-destructive manner
- 5. Why – EthicalHacking Source: CERT-India January - 2005 Defacement Statistics for Indian Websites 1131 Total 13 other 2 .edu 2 .nic.in 3 .info 13 .ac.in 48 .co.in 12 .biz 39 .net 53 .org 24 .gov.in 922 .com No of Defacements Domains June 01, 2004 to Dec.31, 2004
- 6. Why – EthicalHacking Source: CERT/CC Total Number of Incidents Incidents
- 7. Why – EthicalHacking Source: US - CERT
- 8. Why – EthicalHacking Protection from possible External Attacks Viruses, Trojan Horses, and Worms Social Engineering Automated Attacks Accidental Breaches in Security Denial of Service (DoS) Organizational Attacks Restricted Data
- 9. Ethical Hacking -Process Preparation Footprinting Enumeration & Fingerprinting Identification of Vulnerabilities Attack – Exploit the Vulnerabilities
- 10. Preparation Identification ofTargets – company websites, mail servers, extranets, etc. Signing of Contract Agreement on protection against any legal issues Contracts to clearly specifies the limits and dangers of the test Specifics on Denial of Service Tests, Social Engineering, etc. Time window for Attacks Total time for the testing Prior Knowledge of the systems Key people who are made aware of the testing
- 11. Footprinting Collecting asmuch information about the target DNS Servers IP Ranges Administrative Contacts Problems revealed by administrators Information Sources Search engines Forums Databases – whois, ripe, arin, apnic Tools – PING, whois, Traceroute, DIG, nslookup, sam spade
- 12. Enumeration & FingerprintingSpecific targets determined Identification of Services / open ports Operating System Enumeration Methods Banner grabbing Responses to various protocol (ICMP &TCP) commands Port / Service Scans – TCP Connect, TCP SYN, TCP FIN, etc. Tools Nmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh, telnet, SNMP Scanner
- 13. Identification of VulnerabilitiesVulnerabilities Insecure Configuration Weak passwords Unpatched vulnerabilities in services, Operating systems, applications Possible Vulnerabilities in Services, Operating Systems Insecure programming Weak Access Control
- 14. Identification of VulnerabilitiesMethods Unpatched / Possible Vulnerabilities – Tools, Vulnerability information Websites Weak Passwords – Default Passwords, Brute force, Social Engineering, Listening to Traffic Insecure Programming – SQL Injection, Listening to Traffic Weak Access Control – Using the Application Logic, SQL Injection
- 15. Identification of VulnerabilitiesTools Vulnerability Scanners - Nessus, ISS, SARA, SAINT Listening to Traffic – Ethercap, tcpdump Password Crackers – John the ripper, LC4, Pwdump Intercepting Web Traffic – Achilles, Whisker, Legion Websites Common Vulnerabilities & Exposures – http://cve.mitre.org Bugtraq – www.securityfocus.com Other Vendor Websites
- 16. Attack – Exploitthe vulnerabilities Obtain as much information (trophies) from the Target Asset Gaining Normal Access Escalation of privileges Obtaining access to other connected systems Last Ditch Effort – Denial of Service
- 17. Attack – Exploitthe vulnerabilities Network Infrastructure Attacks Connecting to the network through modem Weaknesses in TCP / IP, NetBIOS Flooding the network to cause DOS Operating System Attacks Attacking Authentication Systems Exploiting Protocol Implementations Exploiting Insecure configuration Breaking File-System Security
- 18. Attack – Exploitthe vulnerabilities Application Specific Attacks Exploiting implementations of HTTP, SMTP protocols Gaining access to application Databases SQL Injection Spamming
- 19. Attack – Exploitthe vulnerabilities Exploits Free exploits from Hacker Websites Customised free exploits Internally Developed Tools – Nessus, Metasploit Framework,
- 20. Reporting Methodology ExploitedConditions & Vulnerabilities that could not be exploited Proof for Exploits - Trophies Practical Security solutions
- 21. Ethical Hacking -Commandments Working Ethically Trustworthiness Misuse for personal gain Respecting Privacy Not Crashing the Systems