Embed Size (px)
DESCRIPTION
Citation preview
ETHICAL HACKINGA LICENCE TO HACK
B. TECH- III YR L. D. COLLEGE OF ENGINEERING
INTRODUCTION Ethical hacking- also known as penetration
testing or intrusion testing or red teaming has become a major concern for businesses and governments.
Companies are worried about the possibility of being “hacked” and potential customers are worried about maintaining control of personal information.
Necessity of computer security professionals to break into the systems of the organization.
Ethical hackers employ the same tools and techniques as the intruders.
They neither damage the target systems nor steal information.
The tool is not an automated hacker program rather it is an audit that both identifies the vulnerabilities of a system and provide advice on how to eliminate them.
INTRODUCTION
Who are ethical hackersThe skills ethical hackers should posses
They must be completely trustworthy.
Should have very strong programming and computer networking skills and have been in networking field for several years.
Should have more patience.
Continuous updating of the knowledge on computer and network security is required.
They should know the techniques of the criminals, how their activities might be detected and how to stop them.
Who are ethical hackers
Types Of Hacker
Black Hat Hacker A black hat hackers or crackers
are individuals with extraordinary computing skills, resorting to malicious or destructive activities. That is black hat hackers use their knowledge and skill for their own personal gains probably by hurting others.
Cont…..
White Hat Hacker White hat hackers are those
individuals professing hacker skills and using them for defensive purposes. This means that the white hat hackers use their knowledge and skill for the good of others and for the common good.
Cont…..
Grey Hat Hacker These are individuals who work both
offensively and defensively at various times. We cannot predict their behaviour. Sometimes they use their skills for the common good while in some other times he uses them for their personal gains.
Need for the ethical hacking
Your overall goals as an ethical hacker should be as follows:
Hack your systems in a nondestructive fashion.
Enumerate vulnerabilities and, if necessary, prove to upper management that vulnerabilities exist.
Cont…..
Apply results to remove vulnerabilities and better secure your systems.
Some Attacks
Nontechnical attacks
Network-infrastructure attacks
Operating-system attacks
Application attacks
AREAS TO BE TESTED
Application servers
Firewalls and security devices
Network security
Wireless security
Anatomy of an attack
Gathering Data – attacker gathers information; can include social engineering.
Scanning – searches for open ports (port scan) probes target for vulnerabilities.
Gaining access – attacker exploits vulnerabilities to get inside system; used for spoofing IP.
Cont.....
Maintaining access – creates backdoor through use of Trojans; once attacker gains access makes sure he/she can get back in.
Covering tracks – deletes files, hides files, and erases log files. So that attacker cannot be detected or penalized.
Ethical Hacking Tools
Ethical hackers utilize and have developed variety of tools to intrude into different kinds of systems and to evaluate the security levels. The nature of these tools differ widely. Here we describe some of the widely used tools in ethical hacking.
Ethical Hacking Tools
Samspade
Ethical Hacking Tools
Email Tracker
Ethical Hacking Tools
Visual route
Some other important tools
War Dialing
Pingers
Super Scan
Nmap etc…
Information Security Goals
Improve IS awareness. Assess risk. Mitigate risk immediately. Assist in the decision making process. Conduct drills on emergency response
procedures.
Conclusions Never underestimate the attacker or
overestimate our existing posture. A company may be target not just for its
information but potentially for its various transactions.
To protect against an attack, understanding where the systems are vulnerable is necessary.
Ethical hacking helps companies first comprehend their risk and then, manage them.
Always security professionals are one step behind the hackers and crackers.
Plan for the unplanned attacks. The role of ethical hacking in security
is to provide customers with awareness of how they could be attacked and why they are targeted.
“Security though a pain”, is necessary.
Conclusions
At present, security on the Internet is very poor and ethical hacking can be one of the most effective ways to fix serious security problems like cyber crime.
The information entrusted to the companies is required to be protected against all kinds of attacks by crackers, which makes their future promising.
FUTURE OF ETHICAL HACKING
References
1.www.javvin.com2.www.computerworld.com3.www.research.ibm.com/journals4.www.howstuffworks.com5.www.google.com6.www.seminartopics.com
Queries?
