cyber security ppt
Post on 23-Feb-2017
Embed Size (px)
Department of bca
Seminar on:- Ethical Hacking
PRESENTED BY:- ASHISH KUMAR
WHAT IS ETHICAL HACKING??Difference between Hacking and Ethical Hacking??NEED FOR SECURITY??What do an Ethical Hacker do??Types of ethical hackings??Applications and resourcesdifferent ways of doing An ethical hack of your system:Advantage:ETHICAL HACKING CONCEPTBenefits of ethical hacking:Conclusion with future work:
WHAT IS ETHICAL HACKING
It is legalPermission is obtained from the targetPart of an overall security programIdentify vulnerabilities visible from internet at particular point of timeEthical hacker process same skill ,mindset and tools of a hacker but the attacks are done in a non-destructive mannerThe growth of the Internet, computer security has become a major concern for businesses and governments
Difference between Hacking and Ethical Hacking
hackingHacking is getting "unauthorized" access to a computer system or a resourceEthical hacking involves getting authorized access to resources in order to test if that resource is vulnerable against attacks. The main difference between both the terms lies in the intent of the hacker. A hacker(cracker) breaks into a system or network to use the gathered information in a illegal way whereas an ethical hacker finds the loopholes in the security system only to strengthen it. Ethical HackerAn ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicioushackercould exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known as penetration testing,intrusion testingandred teaming. An ethical hacker is sometimes called awhite hat, a term that comes from old Western movies, where the "good guy" wore a white hat and the "bad guy" wore a black hat.
Ethical hackers attempt to assess the vulnerability of computer systems or networks at the request of the system or network owners. By using the same methodology and resources available to criminal hackers, ethical hackers help identify the weak spots which can be exploited and then programmers are roped in to build up defences to protect the hardware or software. The information security industry is growing at a rate of 21% globally. Frost and Sullivan has estimated that there are 2.28 million information security skilled personnel around the world, which is expected to grow up to 4.2 million by 2015. Ethical hacking is also known as penetration testing, intrusion testing and red teamingAn ethical hackers work is interesting in a way that s/he develops, tests and implements ways in which a network and its data can be protected. An ethical hacker is sometimes called a white hat, a term that comes from old Western movies, where the good guy wears a white hat and the bad guy wears a black hat
NEED FOR SECURITY
Computer security is required because most organizations canbe damaged by hostile software or intruders.There may be several forms of damage which are obviously interrelated which are produced by the intruders. These include: lose of confidential data Damage or destruction of data Damage or destruction of computer system Loss of reputation of a company
What do an Ethical Hacker do
An ethical hacker is a person doing ethical hacking that is he is a security personal who tries to penetrate in to a network to find if there is some vulnerability in the system. An ethical hacker will always have thepermission to enter into the target network. An ethical hacker will first thinkwith a mindset of a hacker who tries to get in to the system . He will first find out what an intruder can see or what others can see. Finding these an ethical hacker will try to get into the system with that information in whatever method he can. If he succeeds in penetrating into the system then he will report to the company with a detailed report about the particular vulnerability exploiting which he got in to the system. He may also sometimes make patches for thatparticular vulnerability or he may suggest some methods toprevent the vulnerability.
Types of ethical hackingsEthical hackers use various methods for breaking the security system in the organizations in the period of cyber attack. Various types of ethical hacks are:Remote Network: This process in especially utilized to recognize the attacks that are causing among the internet. Usually the ethical hacker always tries to identify the default and proxy information in the networks some of then are firewalls, proxy etc.Remote dial up network: Remote dial up network hack identify and try to protest from the attack that is causing among the client modern pool. For finding the open system the organizations will make use of the method called war dialing for the representative dialing. Open system is one of the examples for this type of attacks.Local Network: local network hack is the process which is used to access the illegal information by making use of someone with physical access gaining through the local network. To start on this procedure the ethical hacker should ready to access the local network directly.Stolen Equipment: By making use of the stolen equipment hack it is easy to identify the information of the thefts such as the laptops etc. the information secured by the owner of the laptop can be identified (Kimberly graves, 2007). Information like username, password and the security settings that are in the equipment are encoded by stealing the laptop.
Social engineering: A social engineering attack is the process which is used to check the reliability of the organization; this can be done by making use of the telecommunication or face to face communication by collecting the data which can be used in the attacks (Bryan Foss and Merlin Stone, 2002). This method is especially utilized to know the security information that is used in the organizations.Physical Entry: This Physical entry organization is used in the organizations to control the attacks that are obtained through the physical premises (Ronald l. Krutz and russel dean Vines, 2007). By using the physical entire the ethical hacker can increase and can produce virus and other Trojans directly onto the network.Application network: the logic flaws present in the applications may result to the illegal access of the network and even in the application and the information that is provided in the applications.Network testing: In this process it mainly observes the unsafe data that is present in the internal and the external network, not only in the particular network also in the devices and including the virtual private network technologiesWireless network testing: In this process the wireless network reduces the network liability to the attacker by using the radio access to the given wireless network space.Code review: This process will observe the source code which is in the part of the verification system and will recognize the strengths and the weakness of the modules that are in the software.War dialing: it simply identifies the default information that is observed in the modem which is very dangerous to the corporate organizations
Applications and resources
Ethical hacking can be used in many applications in case of web applications which are often beaten down. This generally includes Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) applications are most frequently attacked because most of the firewalls and other security are things has complete access to these programs from the Internet. Malicious software includes viruses and Trojan horses which take down the system. Spam is a junk e-mail which causes violent and needless disturbance on system and storage space and carry the virus, so ethical hacking helps to reveal such attacks against in computer systems and provides the security of the system. The main application of this is to provide the security on wireless infrastructure which is the main purpose of present business organization (BT, 2008). Ethical hacking has become main stream in organizations which are wishing to test their intellectual and technical courage against the underworld. Ethical hacking plays important role in providing security. Resources are the computer related services that performs the tasks on behalf of user.
The ethical hacking has advantages of gaining access to an organizations network and information systems. This provides the security in the area of Information technology called as Infosec. This provides security to the high level attacks such as viruses and traffic trough a firewall. This has been providing the security for various applications which are even bypassing the firewalls, Intrusion-detection systems and antivirus software. This includes hacking specific applications including coverage of e-mails systems, instant messaging The resources i.e. devices, systems, and applications that are generally used while performing the hacking process are Routers, Firewalls, Network infrastructure as a whole, wireless access points and bridges, web application and database servers, E-mail and file servers, workstations, laptops and tablet PCs, Mobile devices, client and server operating systems, client and server applications . Ethical hacking tests both the safety and the security issues of the programs . the ethical hacking is important in the present scenario as providing security is very important now a day. This is very important in web applications as the hacking can be easily done in this case.
There are basically 4 different ways of doing an ethical