INTRODUCTION TO INFORMATION SECURITY AND ETHICAL HACKING

OVERVIEW
Understand what information security is and how it came to mean what it does today. Comprehend the history of computer security and how it evolved into information security. Understand the key terms and critical concepts of information security What are the future scopes in information security.

WHAT IS INFORMATION SECURITY?

Information : Information is an asset which, like other important business assets and personal attributes, has value to an organization and an individual in absolute sense. Security: Security is the protection of information assets through the use of technology, processes, and training.

INFORMATION SECURITY
the concepts ,techniques, technical measures, and administrative measures used to protect information assets from deliberate or inadvertent unauthorized acquisition, damage, disclosure, manipulation, modification, loss, or use IS
INFORMATION SECURITY.

HISTORY OF INFORMATION SECURITY?

Computer security began immediately after the first mainframes were developed Groups developing code-breaking computations during World War II created the first modern computers Physical controls were needed to limit access to authorized personnel to sensitive military locations Only rudimentary controls were available to defend against physical theft, espionage, and sabotage

THE 1960S
department of defenses advanced Research Project Agency (ARPA) began examining the feasibility of a redundant networked communications

Larry Roberts developed the project from its inception

THE 1970S AND 80S

ARPANET grew in popularity as did its potential for misuse Fundamental problems with ARPANET security were identified
1.) No safety procedures for dial-up connections to the ARPANET 2.) User identification and authorization to the system were non-existent

In the late 1970s the microprocessor expanded computing capabilities and security threats

R-609 THE START OF THE STUDY OF COMPUTER SECURITY

Information Security began with Rand Report R-609

The scope of computer security grew from physical security to include:

Safety of the data Limiting unauthorized access to that data Involvement of personnel from multiple levels of the organization

THE 1990S
Networks of computers became more common, so too did the need to interconnect the networks Resulted in the Internet, the first manifestation of a global network of networks In early Internet deployments, security was treated as a low priority

THE PRESENT
The Internet has brought millions of computer networks into communication with each other . Almost everyone has a job somehow connected to information stored in digital form on a network. Information is a key asset of almost every organization and individual!!

 Today, spies sit on fiber-optic cables and our Wi-Fi networks. they steal data and information without breaking any glass. Keeping data confidential is one core mission of information security. to catch a thief, to prevent from theft, think like a thief. thats the basis for ethical hacking . With the increased numbers and expanding knowledge of hackers combined with the growing numbers of system vulnerabilities and other unknowns, the time will come when all computer systems are hacked or compromised in some way.

WHAT IS HACKING?
Hacking is a process to bypass the security mechanisms of an information system or network. or Hacking is an unauthorized use of computer and network resources. the term hacker originally meant a very gifted programmer. (In recent years though, with easier access to multiple systems, it now has negative implications.)

TYPES OF HACKERS
Black hat hackers

White hat hackers

Grey hat hackers

Black hat hackers are bad guys they try to compromise computers.

White hat hackers (Ethical hackers) are good guys as they protect computers against illicit entry. Grey hat hackers are combination of above two.

GOALS OF AN ETHICAL HACKERS

Hack your systems in a non destructive fashion. Enumerate vulnerabilities and , if necessary, prove to management that vulnerabilities exist and can be exploited. Apply results to remove the vulnerabilities and better secure your systems.

WHAT IS AN EXPLOIT?
An exploit is a piece of malware code that takes advantage of a newly-announced or otherwise unpatched vulnerability in a software applications, usually the operating system, a web browser or a program that routinely activates through a web browser.

A zero day exploit is an exploit that takes advantage of vulnerability on the same day that the vulnerability is announced.

WHAT IS VULNERABILITY?
Vulnerability is a weakness of any programming code like buffer overflow, sql, xss that helps to hack any system or network.

Vulnerability+ exploit=hacking on remote machine

WHAT IS COMPUTER SECURITY?

Security is process not product. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible, Use to minimize the security threads

IS 100 PERCENT SECURITY POSSIBLE?

You can attain 100 percent computer security Only if u follow richards law of computer security dont buy a computer .if u do buy a computer dont open it out of box .and if u do so then do not connect it to any power cord.

WHAT IS A NETWORK?
A network is a collection of nodes.

LAN
WAN MAN

Networking: The art of creating or having or

managing the network is called networking.

WHAT HACKERS CAN DO?

Hackers can enter any remote system to get all the information without trace. Hack any email passwords, websites, and take down network with the help of DDOS attack. Hackers can break any password(admin passwordall o.s.) Hackers can call to anyone without tracing.

WHAT IS A PASSWORD?
A password is secret word or string of characters that is used for authentication, to prove identity or gain access to a resource. The password must be kept secret from those not allowed access. Power on password Bios password Super bios password Syskey password Logon password

CHALLENGES FOR A HACKER?

As hacking is illegal it is essential to hack without any trace. Whenever you visit any server leaves following traces. IP address Browser you are using

Time of access
Pages visited etc.

ATTACKS
An attack is the deliberate act that exploits vulnerability

It is accomplished by a threat-agent to damage or steal an organizations information or physical asset

An exploit is a technique to compromise a system

A vulnerability is an identified weakness of a controlled system whose controls are not present or are no longer effective
An attack is then the use of an exploit to achieve the compromise of a controlled system

Slide 26

MALICIOUS CODE
This kind of attack includes the execution of viruses, worms, Trojan horses, and active web scripts with the intent to destroy or steal information The state of the art in attacking systems in 2002 is the multi-vector worm using up to six attack vectors to exploit a variety of vulnerabilities in commonly found information system devices

Slide 27

Slide 28

 IP Scan and Attack Compromised system scans random or local range of IP addresses and targets any of several vulnerabilities known to hackers or left over from previous exploits Web Browsing - If the infected system has write access to any Web pages, it makes all Web content files infectious, so that users who browse to those pages become infected Virus - Each infected machine infects certain common executable or script files on all computers to which it can write with virus code that can cause infection

ATTACK DESCRIPTIONS

Slide 29

ATTACK DESCRIPTIONS
Unprotected Shares - using file shares to copy viral component to all reachable locations Mass Mail - sending e-mail infections to addresses found in address book Simple Network Management Protocol - SNMP vulnerabilities used to compromise and infect

Hoaxes - A more devious approach to attacking computer systems is the transmission of a virus hoax, with a real virus attached
Slide 30

ATTACK DESCRIPTIONS
Back Doors - Using a known or previously unknown and newly discovered access mechanism, an attacker can gain access to a system or network resource Password Crack - Attempting to reverse calculate a password Brute Force - The application of computing and network resources to try every possible combination of options of a password Dictionary - The dictionary password attack narrows the field by selecting specific accounts to attack and uses a list of commonly used passwords (the dictionary) to guide guesses

Slide 31

ATTACK DESCRIPTIONS
Denial-of-service (DoS)
attacker sends a large number of connection or information requests to a target so many requests are made that the target system cannot handle them successfully along with other, legitimate requests for service may result in a system crash, or merely an inability to perform ordinary functions

Distributed Denial-of-service (DDoS) - an attack in which a coordinated stream of requests is launched against a target from many locations at the same time

Slide 32

Slide 33

 Spoofing - technique used to gain unauthorized access whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host Man-in-the-Middle - an attacker sniffs packets from the network, modifies them, and inserts them back into the network Spam - unsolicited commercial e-mail - while many consider spam a nuisance rather than an attack, it is emerging as a vector for some attacks
Slide 34

ATTACK DESCRIPTIONS

Slide 35

Slide 36

ATTACK DESCRIPTIONS
Mail-bombing - another form of e-mail attack that is also a DoS, in which an attacker routes large quantities of e-mail to the target Sniffers - a program and/or device that can monitor data traveling over a network. Sniffers can be used both for legitimate network management functions and for stealing information from a network Social Engineering - within the context of information security, the process of using social skills to convince people to reveal access credentials or other valuable information to the attacker
Slide 37

ATTACK DESCRIPTIONS
People are the weakest link. You can have the best technology; firewalls, intrusion -detection systems, biometric devices ... and somebody can call an unsuspecting employee. That's all she wrote, baby. They got everything. brick attack the best configured firewall in the world cant stand up to a well placed brick

Slide 38

 Buffer Overflow

ATTACK DESCRIPTIONS

application error occurs when more data is sent to a buffer than it can handle when the buffer overflows, the attacker can make the target system execute instructions, or the attacker can take advantage of some other unintended consequence of the failure Usually the attacker fill the overflow buffer with executable program code to elevate the attackers permission to that of an administrator.

Slide 39

ATTACK DESCRIPTIONS

Ping of Death Attacks - A type of DoS attack

Attacker creates an ICMP packet that is larger than the maximum allowed 65,535 bytes. The large packet is fragmented into smaller packets and reassembled at its destination. Destination user cannot handle the reassembled oversized papcket, thereby causing the system to crash or freeze.
Slide 40

 Timing Attack

ATTACK DESCRIPTIONS

relatively new works by exploring the contents of a web browsers cache can allow collection of information on access to password-protected sites another attack by the same name involves attempting to intercept cryptographic elements to determine keys and encryption algorithms

Slide 41

FUTURE SCOPE
Ceh(certified ethical hacker)

Salary($75000USD)
CHFI(computer hacking forensic investigator) Salary($85000usd) ECSA(ec-council certified security analyst) Salary($75000usd) Cisa(certified information system auditor) Salary($85000usd)

Cissp(certified information system security professional)