Embed Size (px)
Citation preview
ETHICAL HACKING
B .Krishna Teja Reddy
Md . Haseeb furkhan
Contents - Hacking
Hacking? Who is Hacker? History of Hacking Hacking incidents Types of Hacking How do Hackers Hack? Why do Hackers Hack? What Hackers do after Hacking? How to be a real Hacker?
HACKING
What Hack actually mean???Hack definition:
1) an article or project without constructive end
2) work undertaken on bad self-advice
3)Examine something very minutely
Who is hacker?
Hacker
– The person who hacks
Cracker
– System intruder/destroyer
History of hacking
Telephone hacking– Use telephone freely– It’s called phreaking
Computer virus– Destroy many computers
Network hacking– Hack the important server remotely and
destroy/modify/disclose the information
Hacking incidents
Internet Worm– Robert T. Morris made an internet worm. It
spread through the internet and crashed about 6000 systems.
Indian Defense Server– Recent hacking of Defense top secrets by
CHINEESE
And many more…..
Types of hacking
U S
Normal
data transfer
U S
U S
U S
U S
Interruption Interception
H
H
Modification
H
Fabrication
S-Server H-Hacker U-User
How Hackers Hack?
E-mail Hacking– Email forgery , Password Cracking, Phishing
System Hacking– Key loggers , Trojans, Backdoors , viruses
Wireless Hacking– WLAN hacking , network hacking
Web Server Hacking– Hacking websites , servers , databases etc
Why do hackers hack?
Just for fun Show off To know others secrets Notify many people their thought Steal important information Destroy enemy’s computer network
during the war
What do hackers do after hacking?
Patch security hole– The other hackers can’t intrude
Clear logs and hide themselves Install rootkit ( backdoor )
– The hacker who hacked the system can use the system later
– It contains trojan or other viruses and so on
Uses system silently without users notice
How can be a real hacker?
Study C/C++/python/assembly language Study computer architecture Study operating system Study computer network Examine the hacking tools thoroughly Think the problem of the computer Lots of practice and patience
Contents – Ethical Hacking
Ethical Hacking Who are Ethical Hackers? Why Ethical Hacking? Why cant prevent Hacking How Ethical Hacker defends? How to protect against Hacking? What to do after being Hacked Laws , fine and penalties Computer fraud & abuse act
ETHICAL HACKING
It is Legal Permission is obtained from the target user Part of an overall security program Learn about the system and trying to find its
weaknesses.
Who are Ethical Hackers???
Completely trustworthy. Strong programming and computer
networking skills. Techniques of Criminal hackers-
Detection-Prevention. Ethical hackers possesses same skills,
mindset and tools of a hacker but the attacks are done in a non-destructive manner
White-hat – Ethical HackersBlack-hat – Hackers
Why Ethical Hacking???
Why Ethical Hacking??
June 01, 2006 to Dec.31, 2006
Domains No of Defacements
.com 922
.gov.in 24
.org 53
.net 39
.biz 12
.co.in 48
.ac.in 13
.info 3
.nic.in 2
.edu 2
other 13
Total 1131
Defacement Statistics for Indian Websites
Why can’t we be protect against hacking?
There are many unknown security hole Hackers need to know only one security
hole to hack the system Admin need to know all security holes to
defend the system
How Ethical Hackers defend???
Harden the servers Scan, test and apply patches Monitor logs Train the technical staff on security Serious policy and procedures!
How to prevent Hacking???
Encrypt important data– Ex) confidential data
Do not run unknown programs Setup firewall
– Ex) ipchains , antivirus Check unintentional changes Backup the system often Good physical security
What to do after being hacked?
Shutdown the system– Or turn off the system
Separate the system from network Restore the system with the backup
– Or reinstall all programs
Connect the system to the network It can be good to call the police
Laws,Fines and Penalities
Hackers, virus and worm writers could get 20 years to life in federal prison.
Anyone who uses computers to cause death or bodily harm, such as bringing down power grids or airport control centers, can get the maximum sentence.
The sentence is increased by 25% if they steal personal information.
The sentence is increased by 50% if they share the stolen information.
If posted on the Internet, sentence is doubled!
Computer Fraud & Abuse Act
Offense -Sentence Obtaining National Security Information -10 (20) years Compromising the Confidentiality of a Computer -1 or 5 Trespassing in a Government Computer -1 (10) Accessing a Computer to Defraud & Obtain Value -5
(10) Knowing Transmission and Intentional Damage -10 (20
or life) Intentional Access and Reckless Damage -5 (20) Intentional Access and Damage -1 (10) Trafficking in Passwords -1 (10) Extortion Involving Threats to Damage Computer -5 (10)
ANY QUERIES??
ANY QUERIES??
THANK YOU
