8/3/2019 Ec Council

1/22

8/3/2019 Ec Council

2/22

Are Your Students Ready To Play

The (Ethical) Hacking Game?

8/3/2019 Ec Council

3/22

Problem Definition

Why Security?

Direct impact of security breach oncorporate asset base and goodwill

Increasing complexity of computer infrastructure administration andmanagement

Copyright by EC-Council

All rights reserved. Reproduction is strictly prohibited.

8/3/2019 Ec Council

4/22

Hacking - For Good

Who are they?

White Hat hackers.

Computer and network experts who possess a variety of

knowledge and skills concerning the web, network and

operating systems, programming, and physical security.Abide by ethical principles which prevent them from abusing

computer systems.

Trusted individuals with strict confidentiality policies.

8/3/2019 Ec Council

5/22

8/3/2019 Ec Council

6/22

What is Hacking?

Unauthorized use of computer and network resources.

Hacker originally meant a very gifted programmer.

Hacking is a felony in the US and most other countries.

When it is done by request and under a contract between anethical hacker and an organization, it is OK

The difference is that the ethical hacker has authorization to

probe the target.

8/3/2019 Ec Council

7/22

Hacking - For Good

Ethical Hacking

The Best Defense Is A Good Offense.

Performed for the sake of enhancing the performance of a deviceor exposing the vulnerabilities of a security system for the benefitof the system administrator.

Penetration Testing- analysis and probe of system for purpose oftargeting flaws and weaknesses that could be hacked and exploitedby a malicious hacker (Black Hat hackers).

- Old/unpatched software. - Poor configuration of

- Disabled or faulty security Web servers.

systems.

8/3/2019 Ec Council

8/22

Hackers - For good

Who uses them?

Increasingly, companies of all types and sizes arehiring security experts to act like the enemy.

Some companies have departments dedicated to ethicalhacking:

IBM

Microsoft

8/3/2019 Ec Council

9/22

Hacktivism

8/3/2019 Ec Council

10/22

Why Information Security is Important

> Information Security Job Roles/Responsibilities.> Front Line (Receptionist, secretaries, Information Workers, HR,

Accounting, Non-IT personnel)

> Responsibilities Protect Corporate information

> Vulnerable to Social Engineering attacks leaking sensitive

information, or portions of the big Picture allowing attackers to gain

access. Computer Virus/Worms/Trojans, Etc.

> 1st Level IT, Help Desk, Support Specialists, Network

Administrators.

> Responsibilities Adhere to Security/General IT Policy. Standard

Configurations and supporting roles to superiors, internal and

external clients.> Vulnerable to Social Engineering, Mis-configurations, Commonmistakes exposing serious vulnerability

8/3/2019 Ec Council

11/22

Now, Its time to play!

EC-Council

Here comes the part you all came for

8/3/2019 Ec Council

12/22

Copyright by EC-CouncilAll rights reserved. Reproduction is strictly prohibited.

8/3/2019 Ec Council

13/22

E

CC Fulfills the Need Ethical Hacking and Countermeasures

(C|EH)

CEH understand tools and techniques used

Attack tools by those outside the network

Compromise tools by those inside the network

Thinking like a hacker

Copyright by EC-CouncilAll rights reserved. Reproduction is strictly prohibited.

8/3/2019 Ec Council

14/22

Ec-Council

Certified Ethical Hacker

www.eccouncil.org

ISBN 0-9729362-1-1

8/3/2019 Ec Council

15/22

E

CC Fulfills the Need Ethical Hacking and Countermeasures

(C|EH)

CEH understand tools and techniques used

Attack tools by those outside the network

Compromise tools by those inside the network

Thinking like a hacker

Copyright by EC-CouncilAll rights reserved. Reproduction is strictly prohibited.

8/3/2019 Ec Council

16/22

PING

8/3/2019 Ec Council

17/22

Keylogger

8/3/2019 Ec Council

18/22

Hacking Tools: Web Based Password Cracking

8/3/2019 Ec Council

19/22

Scanning

Objective

Bulk target assessment and identification of listing

services focuses the attention on the most

promising avenues of entry

Techniques

Ping sweep

TCP/UDP port scan

OS Detection

8/3/2019 Ec Council

20/22

www.archive.org (contd)

Copyright by EC-CouncilAll rights reserved. Reproduction is strictly prohibited.

8/3/2019 Ec Council

21/22

8/3/2019 Ec Council

22/22

INTER-NETWORKZ 04812562777

CAREER ADVISOR - +91-9946587888

E- mail: internetworkzktm@gmail.com

www.inter-networkz.com