Upload
gurugubelli-venkata-sukumar
View
216
Download
0
Embed Size (px)
Citation preview
8/7/2019 ETHICAL HACKING(original 2010)
1/34
ETHICAL
HACKINGG. Venkata Sukumar,
M.Saikiran Reddy,
Information Technology,
TKRCET , Hyderabad.
8/7/2019 ETHICAL HACKING(original 2010)
2/34
Who is a Hacker?
Hacker is a person who enjoys learningthe details of computer systems and how
to stretch their capabilitiesas opposedto most of the users of computers, whoprefer to learn only the minimumnecessary.
8/7/2019 ETHICAL HACKING(original 2010)
3/34
Types of hackers
o White hat hackers
o Black hat hackers
o Grey hat hackers
8/7/2019 ETHICAL HACKING(original 2010)
4/34
White Hat hacker A white hat hacker is also rendered as
ethical hacker
He is the person who is ethicallyopposed to the abuse of computersystems.
A white hat generally focuses onsecuring IT systems.
Professional white hat hackers aresneakers, group of sneakers Tigerteams.
8/7/2019 ETHICAL HACKING(original 2010)
5/34
8/7/2019 ETHICAL HACKING(original 2010)
6/34
Black hat hacker
Black hat is a person who compromises thesecurity of a computer system without
permission from an authorized party , Typicallywith malicious intent.
He is officially known as cracker.
The somewhat similar activity of defeating
copy prevention devices in software whichmay or may not be legal in a country's laws isactually software cracking .
8/7/2019 ETHICAL HACKING(original 2010)
7/34
Grey hat hacker A grey hat, in the computer security
community, refers to a skilled hacker who
sometimes acts legally, sometimes in goodwill, and sometimes not.
They are a hybrid between white and blackhat hackers.
They usually do not hack for personal gain or
have malicious intentions, but may or may notoccasionally commit crimes during the courseof their technological exploits.
8/7/2019 ETHICAL HACKING(original 2010)
8/34
What an Ethical Hack will do?
An ethical hacker is an expert hired by acompany to attempt to attack their
network and computer system the sameway a hacker would.
8/7/2019 ETHICAL HACKING(original 2010)
9/34
Ethical hacking- a dynamicprocess
Running through thepenetration test oncegives the current set of
security issues whichsubject to change.
Penetration testing must becontinuous to ensure thatsystem movements and
newly installed applicationsdo not introduce newvulnerabilities into the
system.
8/7/2019 ETHICAL HACKING(original 2010)
10/34
Basic structure for Ethical
Hacking
Information policy
Security policyComputer useUser management
System administration proceduresIncident response procedures
Configuration managementDesign methodologyDisaster methodology
Disaster recovery plans.
8/7/2019 ETHICAL HACKING(original 2010)
11/34
Attacks on Websites :Denial of service
attackSome hackers hack your websites just
because they can.
They try to do something spectacular to
exhibit their talents.
Their comes the denial of service attack.
During the attacks, customers were
unable to reach the websites, resulting inloss of revenue and mind share.
On January 17, 2000, a U.S. library ofcongress website was attacked.
8/7/2019 ETHICAL HACKING(original 2010)
12/34
8/7/2019 ETHICAL HACKING(original 2010)
13/34
8/7/2019 ETHICAL HACKING(original 2010)
14/34
Some of the tools used by
Ethical Hacker
SQL Injections
Packet sniffing
IP hijack
DNS re-morphing
E-mail bombing
Password sniffers
Backtrack
matriux
8/7/2019 ETHICAL HACKING(original 2010)
15/34
8/7/2019 ETHICAL HACKING(original 2010)
16/34
8/7/2019 ETHICAL HACKING(original 2010)
17/34
8/7/2019 ETHICAL HACKING(original 2010)
18/34
8/7/2019 ETHICAL HACKING(original 2010)
19/34
8/7/2019 ETHICAL HACKING(original 2010)
20/34
Email-Bombing
8/7/2019 ETHICAL HACKING(original 2010)
21/34
8/7/2019 ETHICAL HACKING(original 2010)
22/34
8/7/2019 ETHICAL HACKING(original 2010)
23/34
8/7/2019 ETHICAL HACKING(original 2010)
24/34
Mail which has been bombed
8/7/2019 ETHICAL HACKING(original 2010)
25/34
Packet sniffing
8/7/2019 ETHICAL HACKING(original 2010)
26/34
8/7/2019 ETHICAL HACKING(original 2010)
27/34
Password sniffing
8/7/2019 ETHICAL HACKING(original 2010)
28/34
8/7/2019 ETHICAL HACKING(original 2010)
29/34
Risk Management: Hackers inject viruses, worms, IP protocol hacking
due to the low secured software or system designs.
Who employee Ethical hackers??
Defense, corporate sectors for securing the serverswill hire hackers.
Average pay salary for CEH(certified EthicalHacker) is around 16 lakhs/year
Hackers uses antiviruses databases for uploading
viruses into the target computer
8/7/2019 ETHICAL HACKING(original 2010)
30/34
Conclusion : Never underestimate the attacker or overestimate
our existing posture.
A company may be target not just for itsinformation but potentially for its varioustransactions.
To protect against an attack, understandingwhere the systems are vulnerable is necessary.
Ethical hacking helps companies first comprehend
their risk and then, manage them. Plan for the unplanned attacks.
8/7/2019 ETHICAL HACKING(original 2010)
31/34
8/7/2019 ETHICAL HACKING(original 2010)
32/34
References:o www.javvin.com
o www.computerworld.com
o www.research.ibm.com/journalso www.howstuffworks.com
o http://www.backtrack-linux.org/
o IEEE journal on security and privacy
o www.ankitfadia.in
http://www.javvin.com/http://www.computerworld.com/http://www.research.ibm.com/journalshttp://www.howstuffworks.com/http://www.backtrack-linux.org/http://www.ankitfadia.in/http://www.ankitfadia.in/http://www.backtrack-linux.org/http://www.backtrack-linux.org/http://www.backtrack-linux.org/http://www.backtrack-linux.org/http://www.howstuffworks.com/http://www.research.ibm.com/journalshttp://www.computerworld.com/http://www.javvin.com/8/7/2019 ETHICAL HACKING(original 2010)
33/34
8/7/2019 ETHICAL HACKING(original 2010)
34/34