ethcal hacking
TRANSCRIPT
-
8/12/2019 Ethcal Hacking
1/17
PRESENTED BY-
P.RAVALI
PERCY PINSTER
-
8/12/2019 Ethcal Hacking
2/17
Hacking refers to an array of activities whichare done to intrude someone else personalinformation so as to use it for unwantedpurpose.
Hacking is a term used to refer to activitiesaimed at exploiting security flaws to obtaincritical information for gaining access to
secured network.
-
8/12/2019 Ethcal Hacking
3/17
PROTECTING HACKING
-
8/12/2019 Ethcal Hacking
4/17
1. Preparation
2. Footprinting
3. Enumeration & Fingerprinting
4. Identification of Vulnerabilities
5. Attack Exploit the Vulnerabilites
-
8/12/2019 Ethcal Hacking
5/17
Identification of Targets company websites, mailservers, extranets, etc.
Signing of Contract Agreement on protection against any legal issues Contracts to clearly specifies the limits and dangers of the
test Specifics on Denial of Service Tests, Social Engineering, etc. Time window for Attacks
Total time for the testing
Prior Knowledge of the systems
Key people who are made aware of the testing
-
8/12/2019 Ethcal Hacking
6/17
-
8/12/2019 Ethcal Hacking
7/17
Specific targets determined Identification of Services / open ports Operating System Enumeration
Methods
Banner grabbing Responses to various protocol (ICMP &TCP)
commands Port / Service Scans TCP Connect, TCP SYN, TCP
FIN, etc.
Tools Nmap, FScan, Hping, Firewalk, netcat, tcpdump,
ssh, telnet, SNMP Scanner
-
8/12/2019 Ethcal Hacking
8/17
Vulnerabilities
Insecure Configuration Weak passwords Unpatched vulnerabilities in services,
Operating systems, applications Possible Vulnerabilities in Services, Operating
Systems Insecure programming Weak Access Control
-
8/12/2019 Ethcal Hacking
9/17
Network Infrastructure ttacks Connecting to the network through modem Weaknesses in TCP / IP, NetBIOS Flooding the network to cause DOS
Operating System ttacks Attacking Authentication Systems Exploiting Protocol Implementations Exploiting Insecure configuration Breaking File-System Security
-
8/12/2019 Ethcal Hacking
10/17
There are mainly three types of hackers
White hat
Black hat Gray hat
-
8/12/2019 Ethcal Hacking
11/17
These are good hackers . Have genuine license to hack.
Have registered police records
Evolves themselves in good works Generally owned by companies for security
designing
Have high pay scales.
-
8/12/2019 Ethcal Hacking
12/17
very dangerous persons.Always have motive to earn huge profit.
Highly paid persons.
Evolves themselves mostly in criminalactivities.
-
8/12/2019 Ethcal Hacking
13/17
Also known as red hats. Perform both tasks fair as well as unfair.
Generally these are admins.
Have little high pay than white hats. Generally not so dangerous, but sometimes
could be.
-
8/12/2019 Ethcal Hacking
14/17
Every system connected to a network has a unique InternetProtocol (IP) Address which acts as its identity on thatnetwork.
An IP Address is a 32-bit address which is divided into four
fields of 8-bits each. For Example, 203.94.35.12
All data sent or received by a system will be addressed fromor to the system.
An attackers first step is to find out the IP Address of thetarget system.
-
8/12/2019 Ethcal Hacking
15/17
Linux
Windows XP, vista, Windows 7
Honeypot package
Virtual PC or VMware
-
8/12/2019 Ethcal Hacking
16/17
By using the above process we can do thehacking process.
But in real world if we use hackingprocess illegally, then it is a crime so weshould not encourage hacking of any systems.
-
8/12/2019 Ethcal Hacking
17/17