MUHAMMAD DANIYAL (CS-13-32)

THREAT: an action or event that might compromise

security. A threat is a potential violation of security.

VULNERABILITY –existence of a weakness, design, or

implementation error that can lead to an unexpected and

undesirable event compromising the security of the system.

EXPLOIT–a defined way to breach the security of an IT system

through a vulnerability.

ATTACK– an assault on the system security that is derived from

an intelligent threat. An attack is any action that violates security.

WHAT YOU SHOULD KNOW FIRST ...

HACKER CATEGORIES…

BLACK HAT…

individuals with extraordinary computing skills, resorting to

malicious or destructive activities. Also known as crackers.

WHITE HAT…

individuals professing hacker skills and using them for

defensive purposes. Also known as security analysts.

GRAY HAT…

individuals who work both offensively and

defensively at various times.

SUICIDERS…

individuals who aim to bring down critical infrastructure for a

“cause” (Hacktivism) and do not worry about punishment.

HACKER QUALITIES…

A HACKER SHOULD…

HAVE deep knowledge of target platforms, such as Windows,

Unix and Linux

Have basic knowledge of networking and related hardware and

software

be familiar with vulnerability study.

be “highly technical” to launch sophisticated attacks

be prepared to follow a strict code of conduct (white hats)

Professionals need to know what it is they are trying to protect,

against whom, and what resources it is willing to expend in order to

gain protection.

PHASES OF HACKING…

Reconnaissance

Scanning

Gaining Access

Maintaining Access

Cleaning

1. RECONAISSANCE…

Reconnaissance refers to the preparatory phase where an attacker

seeks to gather as much information as possible about a target prior

to launching an attack.

TYPES OF RECONAISSANCE…

Passive reconnaissance involves acquiring information without directly interacting

with the target.

Ex: Searching public records or news releases.

Active reconnaissance involves interacting with the target directly by any means.

Ex: Telephone calls to help desk or technical departments

2. SCANNING…

iT refers to the pre-attack phase when the hacker scans the network

for specific information on the basis of information gathered during

reconnaissance. Hackers have to get a single point of entry to launch

an attack.

TYPES OF SCANNING…

Port scanning–a series of messages sent to a computer to learn about services.

Network Scanning–a procedure for identifying active hosts on a network.

Vulnerability Scanning–automated process of proactively identifying vulnerabilities of

computing systems.

PHASES OF SCANNING…

Check for live systems

Identify servicesBanner grabbing

OS fingerprinting

Scan for vulnerabilities

Draw network diagrams of

vulnerable hostsPrepare proxiesAttack

3. GAINING ACCESS…

Gaining access refers to the penetration phase. The hacker exploits the

vulnerability in the system.

The hacker can gain access at the operating system level, application level,

or network level.

HOW TO GAIN ACCESS ??!

There are several ways an attacker can gain access to a system.

The attacker must be able to exploit a weakness or vulnerability in

a system.

HOW TO GAIN ACCESS ??!

Applying patches and hotfixes are not easy in today’s complex

networks.

Attackers look for OS vulnerabilities and exploit them to gain

access to a network system.

OS ATTACKS… APPLICAION LEVEL ATTACKS

SHRINK WRAP CODE… MISCONFG. ATTACKS

HOW TO GAIN ACCESS ??!

Security is often an afterthought and usually delivered as an “add-on”

component. Poor or non-existent error checking in applications leads to buffer

overflow attacks.

OS ATTACKS… APPLICAION LEVEL ATTACKS

SHRINK WRAP CODE… MISCONFG. ATTACKS

HOW TO GAIN ACCESS ??!

When you install an OS or application, it comes with tons of sample scripts to

make the life of an administrator easy. The problem is “not customizing these

scripts”. This will lead to default code or shrink wrap code attack

OS ATTACKS… APPLICAION LEVEL ATTACKS

SHRINK WRAP CODE… MISCONFG. ATTACKS

HOW TO GAIN ACCESS ??!

In order to maximize your chances of configuring a machine correctly, remove

any unneeded services or software.

OS ATTACKS… APPLICAION LEVEL ATTACKS

SHRINK WRAP CODE… MISCONFG. ATTACKS

4. MAINTAINING ACCESS…

The phase where the hacker tries to retain ownership of the

system.

Compromising of target

Hackers can upload, download, or manipulate data, applications,

and configurations on the owned system.

5. COVERING TRACKS…

Covering tracks refers to the activities that the hacker does to hide

their actions.

Examples include steganography, tunneling, and altering log files.

Conclusion…

Hacking is an art, not a science.

Hackers need only a single point of entry.

You’re only as strong as your weakest link.

Where there’s a will, there’s a way.

Never underestimate a Hacker’s determination.

Security should never be an afterthought.

IF THERE IS ANY QUESTION, PLEASE ASK