ETHICAL HACKING

B .Krishna Teja Reddy

Md . Haseeb furkhan
Contents - Hacking
 Hacking?
 Who is Hacker?
 History of Hacking
 Hacking incidents
 Types of Hacking
 How do Hackers Hack?
 Why do Hackers Hack?
 What Hackers do after Hacking?
 How to be a real Hacker?
 HACKING
 What Hack actually mean???
Hack definition:
1) an article or project without
constructive end
2) work undertaken on bad self-advice
3)Examine something very minutely
Who is hacker?

 Hacker

– The person who hacks

 Cracker

– System intruder/destroyer
History of hacking

 Telephone hacking
– Use telephone freely
– It’s called phreaking
 Computer virus
– Destroy many computers
 Network hacking
– Hack the important server remotely and
destroy/modify/disclose the information
Hacking incidents

 Internet Worm
– Robert T. Morris made an internet worm. It
spread through the internet and crashed
about 6000 systems.
 Indian Defense Server
– Recent hacking of Defense top secrets by
CHINEESE
 And many more…..
Types of hacking
Normal
data transfer
U S S-Server H-Hacker U-User

Interruption Interception
U S U S

Modification Fabrication
U S U S

H H
How Hackers Hack?

 E-mail Hacking
– Email forgery , Password Cracking, Phishing
 System Hacking
– Key loggers , Trojans, Backdoors , viruses
 Wireless Hacking
– WLAN hacking , network hacking
 Web Server Hacking
– Hacking websites , servers , databases etc
Why do hackers hack?

 Just for fun

 Show off
 To know others secrets
 Notify many people their thought
 Steal important information
 Destroy enemy’s computer network
during the war
What do hackers do after hacking?

 Patch security hole

– The other hackers can’t intrude
 Clear logs and hide themselves
 Install rootkit ( backdoor )
– The hacker who hacked the system can use the
system later
– It contains trojan or other viruses and so on
 Uses system silently without users notice
How can be a real hacker?

 Study C/C++/python/assembly language

 Study computer architecture
 Study operating system
 Study computer network
 Examine the hacking tools thoroughly
 Think the problem of the computer
 Lots of practice and patience
Contents – Ethical Hacking
 Ethical Hacking
 Who are Ethical Hackers?
 Why Ethical Hacking?
 Why cant prevent Hacking
 How Ethical Hacker defends?
 How to protect against Hacking?
 What to do after being Hacked
 Laws , fine and penalties
 Computer fraud & abuse act
 ETHICAL HACKING
 It is Legal
 Permission is obtained from the target user
 Part of an overall security program
 Learn about the system and trying to find its
weaknesses.
Who are Ethical Hackers???

 Completely trustworthy.
 Strong programming and computer
networking skills.
 Techniques of Criminal hackers-
Detection-Prevention.
 Ethical hackers possesses same skills,
mindset and tools of a hacker but the
attacks are done in a non-destructive
manner
Black-hat – Hackers White-hat – Ethical Hackers
Why Ethical Hacking???
Why Ethical Hacking??
Defacement Statistics for Indian Websites
June 01, 2006 to Dec.31, 2006

Domains No of Defacements
.com 922
.gov.in 24
.org 53
.net 39
.biz 12
.co.in 48
.ac.in 13
.info 3
.nic.in 2
.edu 2
other 13

Total 1131
Why can’t we be protect against
hacking?
 There are many unknown security hole
 Hackers need to know only one security
hole to hack the system
 Admin need to know all security holes to
defend the system
How Ethical Hackers defend???

 Harden the servers

 Scan, test and apply patches
 Monitor logs
 Train the technical staff on security
 Serious policy and procedures!
How to prevent Hacking???
 Encrypt important data
– Ex) confidential data
 Do not run unknown programs
 Setup firewall
– Ex) ipchains , antivirus
 Check unintentional changes
 Backup the system often
 Good physical security
What to do after being hacked?
 Shutdown the system
– Or turn off the system
 Separate the system from network
 Restore the system with the backup
– Or reinstall all programs
 Connect the system to the network
 It can be good to call the police
 Laws,Fines and Penalities
 Hackers, virus and worm writers could get 20 years
to life in federal prison.
 Anyone who uses computers to cause death or
bodily harm, such as bringing down power grids or
airport control centers, can get the maximum
sentence.
 The sentence is increased by 25% if they steal
personal information.
 The sentence is increased by 50% if they share the
stolen information.
 If posted on the Internet, sentence is doubled!
 Computer Fraud & Abuse Act
 Offense -Sentence
 Obtaining National Security Information -10 (20) years
 Compromising the Confidentiality of a Computer -1 or 5
 Trespassing in a Government Computer -1 (10)
 Accessing a Computer to Defraud & Obtain Value -5
(10)
 Knowing Transmission and Intentional Damage -10 (20
or life)
 Intentional Access and Reckless Damage -5 (20)
 Intentional Access and Damage -1 (10)
 Trafficking in Passwords -1 (10)
 Extortion Involving Threats to Damage Computer -5 (10)
 ANY
QUERIES??
THANK YOU