Beruflich Dokumente
Kultur Dokumente
Introduction
Hackers (or bad guys) try to compromise computers
Ethical Hacking
Ethical hackers(or good guys ) protect computers against illicit entry
1
1/20/2017
History of Hacking
Hacking has been a part of computing for 40 years.
The first computer hacker emerged at MIT.
Hacking is began in the 1960s at MIT , origin of the term
hacker.
The truth hacker amongst our societies have thirst for the
knowledge .
Boredom is never an object of challenge for the hacker
What is Hacking ?
The Process of attempting to gain or successfully
gaining, unauthorized access to computer resources
is called Hacking.
2
1/20/2017
Website Hacking
Hacking a website means taking control from the
website owner to a person who hacks the
website.
Network Hacking
Network Hacking is generally means gathering information
about domain by using tools like Telnet, Ns look UP, Ping,
Tracert, Netstat, etc over the network.
3
1/20/2017
Ethical Hacking
Ethical hacking is where a person hacks to find weaknesses in a
system and then usually patches them.
Email Hacking
Email hacking is illicit access to an email account or
email correspondence.
Password Hacking
Password Hacking Password cracking is the process of
recovering secret passwords from data that has been stored in
or transmitted by a computer system.
4
1/20/2017
Computer Hacking
Computer Hacking is when files on your computer are viewed,
created, or edited without your authorization.
5
1/20/2017
6
1/20/2017
Victim System
7
1/20/2017
Issues?
Server needs to keep waiting for ACK y+1
Server recognizes Client based on IP address/port and y+1
8
1/20/2017
DNS insecurity
Attack when no one is around
DNS poisoning Finger @S
What other systems it trusts?
DNS zone transfer showmount e
Send 20 SYN packets to S Determine ISN behavior
Mitnick
An Example An Example
SYN|ACK
Syn flood
X ACK
X
Shimomura (S) Trusted(T) Shimomura (S) trusted (T)
SYN
Finger @S Attack when no one is around Finger @S Attack when no one is around
showmount e What other systems it trusts? showmount e What other systems it trusts?
Send 20 SYN packets to S Determine ISN behavior Send 20 SYN packets to S Determine ISN behavior
Mitnick Mitnick (M)
SYN flood T T wont respond to packets SYN flood T T wont respond to packets
An Example Outline
Security Vulnerabilities
X
You are here
DoS and D-DoS
Shimomura (S)
++ > rhosts Trusted (T) Firewalls
Attack when no one is around
Intrusion Detection Systems
Finger @S
showmount e What other systems it trusts?
9
1/20/2017
Consume bandwidth
UDP floods
ICMP floods
The first attacker attacks a different victim to cover up the real attack
The Attacker usually spoofed source address to hide origin
Harder to deal with
10
1/20/2017
Rabbit : This malicious software replicates itself Hoaxes : False alerts of spreading viruses.
without limits. Depletes some or all the systems
resources.
e.g., sending chain letters.
Re-attacks the infected systems difficult recovery.
message seems to be important to recipient, forwards
it to other users becomes a chain.
Exhausts all the systems resources such as CPU
time, memory, disk space.
Exchanging large number of messages (in chain) floods
the network resources bandwidth wastage.
Depletion of resources thus denying user access to
those resources.
Blocks the systems on network access denied due to
heavy network traffic.
11
1/20/2017
Transmitting medium :
Trojan Horse : This is a malicious program with 1. spam or e-mail
unexpected additional functionality. It includes
harmful features of which the user is not aware. 2. a downloaded file
3. a disk from a trusted source
4. a legitimate program with the Trojan inside.
Perform a different function than what these are
advertised to do (some malicious action e.g., steal the
passwords). Trojan looks for your personal information and
Neither self-replicating nor self-propagating. sends it to the Trojan writer (hacker). It can also
allow the hacker to take full control of your system.
User assistance required for infection.
Infects when user installs and executes infected Different types of Trojan Horses :
programs. 1. Remote access Trojan takes full control of your
Some types of trojan horses include Remote Access system and passes it to the hacker.
Trojans (RAT), KeyLoggers, Password-Stealers (PSW),
and logic bombs. 2. The data-sending Trojan sends data back to the
hacker by means of e-mail.
e.g., Key-loggers log and transmit each keystroke.
3. The destructive Trojan has only one purpose: to 7. The security software disabler Trojan is designed to
destroy and delete files. Unlikely to be detected by stop or kill security programs such as anti-virus
anti-virus software. software, firewalls, etc., without you knowing it.
4. The denial-of-service (DOS) attack Trojans combines
computing power of all computers/systems it infects
to launch an attack on another computer system. Spyware :
Floods the system with traffic, hence it crashes.
5. The proxy Trojans allows a hacker to turn users
computer into HIS (Host Integration Server) server Spyware programs explore the files in an
to make purchases with stolen credit cards and information system.
run other organized criminal enterprises in Information forwarded to an address specified in
particular users name. Spyware.
6. The FTP Trojan opens port 21 (the port for FTP Spyware can also be used for investigation of
transfer) and lets the attacker connect to your software users or preparation of an attack.
computer using File Transfer Protocol (FTP).
12
1/20/2017
13
1/20/2017
81 82
83 84
14
1/20/2017
85 86
87 88
89 90
15
1/20/2017
Keyloggers
Used to capture keystrokes on a computer
Hardware
Software
Software
Behaves like Trojan programs
Hardware
Easy to install
Goes between the keyboard and the CPU
KeyKatcher and KeyGhost
91 92
Keyloggers (continued)
Protection
Software-based
Antivirus
Hardware-based
Random visual tests
Look for added hardware
Superglue keyboard connectors in
93 94
95 96
16
1/20/2017
97
17