Beruflich Dokumente
Kultur Dokumente
A SEMINAR REPORT
Submitted by
SANOOP BS
in partial fulfilment for the award of the degree
of
BACHELOR OF SCIENCE
in
COMPUTER SCIENCE
(University Of Calicut)
BONAFIDE CERTIFICATE
Certified that this seminar report “ETHICAL HACKING” is the bonafide work of
SANOOP B.S, student of the Fifth Semester Computer Science under our
supervision and guidance submitted in partial fulfilment of the degree in
BACHELOR OF SCIENCE in Computer Science of the University Of
Calicut during the academic year 2010-2011
APPROVAL
At the outset, I thank the Lord Almighty for the grace, strength and hope to make
my endeavour a success.
Last but not the least, I thank all others, and especially my classmates and my
family members who in one way or another helped me in the successful completion of
this work.
SANOOP BS
ABSTRACT
Today more and more software's are developing and people are getting
more and more options in their present software's. But many are not aware that they
are being hacked without their knowledge. One reaction to this state of affairs is a
behaviour termed “Ethical Hacking" which attempts to pro-actively increase security
protection by identifying and patching known security vulnerabilities on systems owned
by other parties.
A good ethical hacker should know the methodology chosen by the hacker
like reconnaissance, host or target scanning, gaining access, maintaining access
and clearing tracks. For ethical hacking we should know about the various tools and
methods that can be used by a black hat hacker apart from the methodology used by him.
From the point of view of the user one should
know at least some of these because some hackers make use of those who are not aware
of the various hacking methods to hack into a system. Also when thinking from the point
of view of the developer, he also should be aware of these since he should be able to
close holes in his software even with the usage of the various tools. With the advent of
new tools the hackers may make new tactics. But at least the software will be resistant to
some of the tools.
TABLE OF CONTENTS
1. INTRODUCTION
1.1 Security 01
1.2 Need for Security 02
1.3 Hacking 02
1.4 Hackers 03
1.5 Ethical Hackers 03
1.6 Crackers 03
1.6.1 Types of Hackers 03
1.7 Ethical Hacking 04
1.8 Can Hacking be Done Ethically 05
1.9 What They Do 06
2. ETHICAL HACKING 07
2.1 Analog and Building Robbing 07
2.2 Methodology of Hacking 08
2.2.1 Reconnaissance 08
2.2.2 Scanning and Enumeration 09
2.2.3 System Hacking 09
2.2.4 Gaining Access 09
2.2.5 Maintaining Access 11
2.2.6 Clearing Tracks 11
2.3 Ethical Hacking Tools 11
2.4 Reporting 12
2.5 Requires Skills of an Ethical Hacker 12
2.6 History Highlights 13
2.7 Ethical Hacking Commandments 13
2.8 Advantages and Disadvantages 14
3. TYPES OF HACKING 15
3.1 Inside Jobs
3.2 Rogue Access Points
3.3 Back Doors
3.4 Viruses and Worms
3.5 Trojan Horses
3.6 Denial Service
3.7 Anarchists, Crackers and Kiddies
3.8 Sniffing and Spoofing
4. VIRUSES
5. WORMS
6. TROJAN HORSE
7. CONCLUSION
8. REFERENCE
1. INTRODUCTION
1.1 SECURITY
Security is the condition of being protected against danger or loss. In the general
sense, security is a concept similar to safety. In the case of networks the security is also
called the information security. Information security means protecting information and
information systems from unauthorized access, use, disclosure, disruption, modification,
or destruction. Usually the security is described in terms of CIA triads. The CIA are the
basic principles of security in which “C” denotes the Confidentiality, “I” represents
Integrity and the letter “A” represents the Availability.
Confidentiality
Confidentiality is the property of preventing disclosure of information to
unauthorized individuals or systems. This implies that the particular data should be seen
only by the authorized personals. Those persons who are a passive person should not see
those data. For example in the case of a credit card transaction, the authorized person
should see the credit card numbers and he should see that data. Nobody others should see
that number because they may use it for some other activities. Thus the confidentiality is
very important. Confidentiality is necessary for maintaining the privacy of the people
whose personal information a system holds.
Integrity
Integrity means that data cannot be modified without authorization. This means
that the data seen by the authorized persons should be correct or the data should maintain
the property of integrity. Without that integrity the data is of no use. Integrity is violated
when a computer virus infects a computer, when an employee is able to modify his own
salary in a payroll database, when an unauthorized user vandalizes a web site, when
someone is able to cast a very large number of votes in an online poll, and so on. In such
cases the data is modified and then we can say that there is a breach in the security.
Availability
For any information system to serve its purpose, the information must be available
when it is needed. Consider the case in which the data should have integrity and
confidentiality. For achieving both these goals easily we can make those data off line. But
then the data is not available for the user or it is not available. Hence the data is of no use
even if it have all the other characteristics. This means that the computing systems used
to store and process the information, the security controls used to protect it, and the
communication channels used to access it must be functioning correctly.
All these factors are considered to be important since data lacking any of the above
characteristics is useless. Therefore security is described as the CIA trio. Lacking any one
of the CIA means there is a security breach.
There may be many more in the list due to security breaches. This means that
security is absolutely necessary.
1.3 HACKING
Eric Raymond, compiler of “The New Hacker's Dictionary”, defines a hacker
as a clever programmer. A "good hack” is a clever solution to a programming problem
and "hacking” is the act of doing it. Raymond lists five possible characteristics that
qualify one as a hacker, which we paraphrase here:
● A person who enjoys learning details of a programming language or system
● A person who enjoys actually doing the programming rather than just theorizing about
it
● A person capable of appreciating someone else's hacking
● A person who picks up programming quickly
● A person who is an expert at a particular programming language or system
1.4 HACKERS
A hacker is a person who is extremely interested in exploring the things and recondite
workings of any computer system or networking system. They are very gifted
programmers. One who programs enthusiastically or who programs rather than theorizing
about programming
information that varies from credit card numbers to social security numbers and home
addresses. In their search for a way to approach the problem, organizations came to
realize that one of the best ways to evaluate the intruder threat to their interests would be
to have independent computer security professionals attempt to break into their computer
systems. This scheme is called Ethical Hacking. This similar to having independent
auditors come into an organization to verify its bookkeeping records. This method of
evaluating the security of a system has been in use from the early days of computers. In
one early ethical hack, the United States Air Force conducted a “security evaluation” of
the Multicast operating systems for “potential use as a two-level (secret/top secret)
system”. With that they found out that the particular software is better than the
conventional systems. But it also brought out some of its vulnerabilities.
Successful ethical hackers possess a variety of skills. First and foremost, they must
be completely trustworthy. While testing the security of a client's systems, the ethical
hacker may discover information about the client that should remain secret. In many
cases, this information, if publicized, could lead to real intruders breaking into the
systems, possibly leading to financial losses. During an evaluation, the ethical hacker
often holds the “keys to the company,” and therefore must be trusted to exercise tight
control over any information about a target that could be misused. The sensitivity of the
information gathered during an evaluation requires that strong measures be taken to
ensure the security of the systems being employed by the ethical hackers themselves:
limited-access labs with physical security protection and full ceiling-to-floor walls,
multiple secure Internet connections, a safe to hold paper documentation from clients,
strong cryptography to protect electronic results, and isolated networks for testing.
Ethical hackers also should possess very strong programming and computer
networking skills and have been in the computer and networking business for several
years. Another quality needed for ethical hacker is to have more drive and patience than
most people since a typical evaluation may require several days of tedious work that is
difficult to automate. Some portions of the evaluations must be done outside of normal
working hours to avoid interfering with production at “live” targets or to simulate the
timing of a real attack. When they encounter a system with which they are unfamiliar,
ethical hackers will spend the time to learn about the system and try to find its
weaknesses. Finally, keeping up with the ever-changing world of computer and network
security requires continuous education and review.
Due to some reasons hacking is always meant in the bad sense and hacking means black
hat hacking. But the question is can hacking be done ethically? The answer is yes because
to catch a thief, think like a thief. That’s the basis for ethical hacking Suppose a person or
hacker try to hack in to a system and if he finds a vulnerability. Also suppose that he
reports to the company that there is vulnerability. Then the company could make patches
for that vulnerability and hence they could protect themselves from some future attacks
from some black hat hacker who tries to use the same vulnerability. So unless somebody
try to find vulnerability, it remains hidden and on someday somebody might find these
vulnerability and exploit them for their own personal interests. So this can be done using
ethical hacking.
General hacking
\
2. ETHICAL HACKING
Ethical hacking is a process in which an authenticated person, who is a computer and
network expert, attacks a security system on behalf of its owners a security system on
behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. In
order to test the system an ethical hacker will use the same principles as the usual hacker
uses, but reports those vulnerabilities instead of using
them for their own advantage.
2.2.1 Reconnaissance
The literal meaning of the word reconnaissance means a preliminary survey to gain
information. This is also known as foot-printing. This is the first stage in the
methodology of hacking. As given in the analogy, this is the stage in which the hacker
collects information about the company which the personal is going to hack. This is one
of the pre-attacking phases. Reconnaissance refers to the preparatory phase where an
attacker learns about all of the possible attack vectors that can be used in their plan.
In this pre-attack phase we will gather as much as information as possible which are
publicly available. The information includes the domain names, locations contact
information’s etc. The basic objective of this phase is to make a methodological mapping
of the targets security schema which results in a unique organization profile with respect
to network and system involved. As we are dealing with the Internet we can find many
information here which we may not intend to put it publicly. We have many tools for
such purposes. These include tools like samspade, email tracker, visual route etc. The
interesting thing to note is that we can even use the simple googling as a foot printing
tool
Most security breaches originate inside the network that is under attack. Inside
jobs include stealing passwords (which hackers then use or sell), performing industrial
espionage, causing harm (as disgruntled employees), or committing simple misuse.
Sound policy enforcement and observant employees who guard their passwords and PCs
can thwart many of these security breaches.
Rogue access points (APs) are unsecured wireless access points that outsiders can
easily breech. (Local hackers often advertise rogue APs to each other.) Rogue APs are
most often connected by well-meaning but ignorant employees.
Viruses and worms are self-replicating programs or code fragments that attach
themselves to other programs (viruses) or machines (worms). Both viruses and worms
attempt to shut down networks by flooding them with massive amounts of bogus traffic,
usually through e-mail.
3.5 TROJAN HORSES
Trojan horses, which are attached to other programs, are the leading cause of all
break-ins. When a user downloads and activates a Trojan horse, the hacked software
(SW) kicks off a virus, password gobbler, or remote-control SW that gives the hacker
control of the PC.
DoS attacks give hackers a way to bring down a network without gaining internal
access. DoS attacks work by flooding the access routers with bogus traffic (which can be
e-mail or Transmission Control Protocol, TCP, packets).
Distributed DoSs (DDoS5) are coordinated DoS attacks from multiple sources. A DDoS
is more difficult to block because it uses multiple, changing, source IP addresses.
Who are these people, and why they attacking your network ? Anarchists are
people who just like to break stuff. They usually exploit any target of opportunity.
Crackers are hobbyists or professionals who break passwords and develop Trojan horses
or other SW ( called warez ). They either use the SW themselves (for bragging rights) or
sell it for profit.
Script kiddies are hacker wannabes. They have no real hacker skills, so they buy
or download warez, which they launch. Other attackers include disgruntled employees,
terrorists, or anyone else who feels slighted, exploited, ripped off, or unloved