ethical hacking

Views:
 
     
 

Presentation Description

No description available.

Comments

Presentation Transcript

Hands-On Ethical Hacking:

Hands-On Ethical Hacking By- AMAN KUMAR SRIVASTAVA EC-3 rd year Roll no.-0832831004

HIGHLIGHTS :

HIGHLIGHTS What is hacking? E-mail Hacking Desktop phishing Trojans & viruses System Hacking Case study Security Flashback

Slide 3:

What is Ethical Hacking?? Ethical Hacking is testing the resources for a good cause and for the betterment of technology. Technically Ethical Hacking means penetration testing which is focused on Securing and Protecting IT Systems.

Is hacking a crime?? :

Is hacking a crime?? NO NO NO .. NOT AT ALL……. Hacking is NOT a CRIME

Slide 5:

Hacker is a word that has two meanings: Traditionally, a Hacker is someone who likes to play with Software or Electronic Systems. Hackers enjoy Exploring and Learning how Computer systems operate. They love discovering new ways. Recently, Hacker has taken on a new meaning — someone who maliciously breaks into systems for personal gain. Technically, these criminals & are known as Crackers. H4ck3r

H4CKING VS CR4CKING:

H4CKING VS CR4CKING HACKING WITH MALICIOUS INTENTION IS CRACKING The basic difference is hackers do not do anything disastrous. Cracking yield more devastating results. Cracking is crime. Cyber crime are the results of cracking ,not hacking

H4ck3r$ :

H4ck3r$ Famous hackers all over D world Nahshon Even-Chaim (born May 1971), was the first major computer hacker Stewert Nelson from America followed Nehshon in 1972 Ankit Phadia from India is also a well known name in hackers history Abdur zahir from Pakistan has also a good name in this world

Why Ethical H4cking!?:

Why Ethical H4cking!? It is Legal Permission is obtained from the target Part of an overall security program Identify vulnerabilities visible from Internet at particular point of time Ethical hackers possesses same skills, mindset and tools of a hacker but the attacks are done in a non-destructive manner

Types of H4cker$:

Types of H4cker$ Distinction on the basis of knowladge CODERS ADMINS SCRIPT KIDDIES Distinction on the basis of LEGALITY WHITE HATS GREY HATS BLACK HATS

COD3RS=:

COD3RS= Have full knowladge. They know what exactly they are doing Well aware about the different codes Have complete idea what is going beyond coding. H4ck3r at work

ADMINS:

ADMINS Knows what they are doing. They don’t have idea that what exactly going beyond codes. Result oriented persons They are not so harmful.

SCRIPT KIDDIES:

SCRIPT KIDDIES Script kiddies or packet monkeys Young in-experienced hackers Copy codes and techniques from knowledgeable hackers . Don’t know what’s going beyond the coding. Use techniques for fun purpose. Sometimes could be very dangerous for the system,

WHITE HATS:

WHITE HATS These are good hackers . Have genuine license to hack. Have registered police records Evolves themselves in good works Generally owned by companies for security designing Have high pay scales. Generally these are coders

GREY HATS:

GREY HATS Also known as red hats. Perform both tasks fair as well as unfair. Generally these are admins . Have little high pay than white hats. Generally not so dangerous, but sometimes could be.

BLACK HATS:

BLACK HATS very dangerous persons. Always have motive to earn huge profit. Highly paid persons. Evolves themselves mostly in criminal activities. These could be coders , admins as well as script kiddies

E-mail H4cking:

E-mail H4cking CAN BE DONE BY TWO WAYS: Open Relay Server Web Scripts

Open Relay Server:

Open Relay Server An Open Mail Relay is an SMTP (Simple Mail Transfer Protocol) server configured in such a way that it allows anyone on the Internet to send Email through it, not just mail destined ‘To’ or ‘Originating’ from known users. An Attacker can connect the Open Relay Server via Telnet and instruct the server to send the Email. Open Relay Email Server requires no password to send the Email.

Open Relay Server (CONTD..):

Open Relay Server (CONTD..) Some of Free Anonymous Email Websites are: Mail.Anonymizer.name (Send attachments as well) FakEmailer.net FakEmailer.info Deadfake.com

Web Scripts:

Web Scripts Some codes are used by the user to program a page that has same features. Commonly . php is used to code the page. Self needed items could be imparted

Desktop Phishing:

Desktop Phishing Fake page is created by the user. The page looks like same as original page. When user log-ins on that page , automatically as per coding the password of victim comes on attackers mail-id. After that the original page is opened as fake page is linked with the original one. Very useful for password cracking Can be send via mail to the victim.

VIRUSES:

VIRUSES These are programs that are used to infect the other programs. A virus can easily penetrate in any program & could destroy it. A virus can be send to the victim by fake mail. Some common known viruses are Trojan The brain. CIH virus

TROJANS:

TROJANS These area special type of program. Generally could be termed as virus but actually they are not. These are used to get external command over victims computer. Once installed on a system, the program then has system-level access on the target system, where it can be destructive and insidious. They provide remote access of victims computer. After installation of Trojan horse into computer any information can be obtained also any file could be deleted. One of the commonly known Trojan horse is BEAST

Worms:

Worms These are special type of viruses. They don’t infect files. They immediately delete those file which they do not understand. If coding of particular file is into list then it will delete it.

System &windows H4cking:

System &windows H4cking Windows User Account Architecture User account passwords are contained in the SAM in the Hexadecimal Format called Hashes. Cracking admin password: Passwords may be cracked Manually or with Automated tools such as a Brute-force method or the Rainbow Table attack. For the 2 nd time remove the password by using following command net user username * Then type your own password.

Case Study:

Case Study 44% of UK businesses suffered at least one malicious security breach in 2008. The average cost was £30,000 Several cost more than £500,000. Loss per year

Case Study(contd..):

Case Study(contd..) H4cking prone areas

Case Study(contd..):

Case Study(contd..) It is clear from the graph it is increasing day by day . H4cking growth rate

Security & Counter Measures:

Security & Counter Measures Use of anti-viruses. Proper logout after use of mail id. Manual opening browser don't open spam. Password protected admin account.

Slide 29:

Anti viruses

Flashback:

Flashback HACKING IS USING AN AUTHORISE THING IN A UN AUTHORISED MANNER HACKIING IS ILLEGAL BUT NOT A CRIME. TYPES OF HACKERS. VIRUSES ,WORMS & TROJANS. ADMIN PASSWORD HACKING

Slide 31:

Dat’s all folks

Slide 32:

REFERENCES KYRION DIGITAL SECURITIES FACEBOOK WIKIPEDIA GOOGLE BING.COM BLOGSPOT.COM FRIENDS

Slide 33:

THANK U..

authorStream Live Help