Professional Documents
Culture Documents
Hacking and Information Security
Hacking and Information Security
Hacking and Information Security
HACKING
Hacking is act of getting unauthorized access,
breaking security measures, data theft , getting super user privileges, manipulating machines materials humans, revealing untold truths. Hacking is considered as anti-social activity. Hacking is not crime ( except to some cases ).
sometimes may be for peoples or governments welfare i.e., for Defensive Activities and some time in Destructive Act i.e., Offensive manner. Hacking for a cause approach:
Hacking activities done for human welfare or in
well-organized group of people decides some strategies for achieving some legitimate or illegitimate goals. Hackers are highly skilled fellows with good knowledge on computer systems & real life specialists on tackling any undesired situations.
Slides made by : KARAN PATEL
Hacktivism
Refers to the idea of Hacking with or for a cause Comprises of Hackers with a social or political agenda Aims at sending a message through their hacking activity
and gaining visibility for their cause and themselves. Common targets includes government agencies, MNCs, or any other entity perceived as bad or wrong by these groups or individuals. Slides made by : KARAN PATEL
Levels of Hackers:
Script kiddies : These are the wannabe hackers, who dont know anything
about hacking and background procedures they just apply codes made by hackers without prior knowledge of the results. Intermediate Hackers: These are the Hackers who knows everything about hacking but cant make codes & tools. Elite Hackers : These are the highly know ledged entities who plays with computer machines, human minds & laws. Slides made by : KARAN PATEL
Types of Hackers:
Black Hats : Individuals with extraordinary computing skills , resorting to malicious or
destructive activities. Also known as crackers White Hats : Individuals professing hacker skills and using them for defensive purposes. Also known as security analysts. Gray hats : Individuals who work both offensively and defensively at various times. Suicide hackers : Individuals who aim to bring down critical infrastructure for a cause and do not worry about facing 30yrs in jail for their actions. Slides made by : KARAN PATEL
BLACK HAT :
KEVIN MITNICK
Terminologies:
Threat : An action or event that might compromise security. A threat
is a potential violation of security. Vulnerability : Existence of a weakness, design, or implementation error that can lead to an unexpected and undesirable event compromising the security of the system. Target of Evaluation (TOE): An IT system, program, or component that is the identified/ subject of a security analysis for evaluation or attack.
Slides made by : KARAN PATEL
Terminologies:
Attack : An assault on the system
security that is derived from an intelligent threat. An attack is any action that violates security. Exploit : A defined way to breach the security of an IT system through vulnerability.
Terminologies:
Security : A state of well-being
of information and infrastructure in which the possibility of successful yet undetected theft, tampering, and disruption of information and services is kept low or tolerable.
Slides made by : KARAN PATEL
Terminologies:
Malware : A computer program
designed to have undesirable or harmful effects. Phishing : The process of tricking user to disclose user name and password by sending fake emails or setting up fake website which mimics sign-in pages is called phishing.
Slides made by : KARAN PATEL
Terminologies:
Rootkits : Rootkits are kernel
programs that have the ability to hide themselves and cover up traces of activities. Spam : Unwanted or junk email. Spyware : Spyware is a program that records computer activities on a machine.
Slides made by : KARAN PATEL
Terminologies:
Trojans : Trojan is a small
program that runs hidden on an infected computer. With the help of a Trojan, an attacker gets access to stored passwords in the Trojaned computer and would be able to read personal documents, delete files and display pictures, and/or show messages on the screen.
Slides made by : KARAN PATEL
Terminologies:
Viruses and Worms: Viruses and worms can be used to infect a
system and modify a system to allow a hacker to gain access. Many viruses and worms carry Trojans and backdoors. In this way, a virus or worm is a carrier and allows malicious code such as Trojans and backdoors to be transferred from system to system much in the way that contact between people allows germs to spread.
Slides made by : KARAN PATEL
ventures. To sustain in era of competition. To live happy & ever growing life.
Security Bases:
Security rests on confidentiality, authenticity, Integrity, and availability Confidentiality is the concealment of information
or resources.
Deployment of security:
Risk Assessment : One must know the level of risk that an attack possesses towards company for deploying suitable security measures. Risk categories include: Confidential information Business credibility Business availability Resources Money
Slides made by : KARAN PATEL
Maintaining
Maintaining access
Uploading / altering / downloading programs or data
Covering tracks
Slides made by : KARAN PATEL
Reconnaissance
Reconnaissance refers to the preparatory
phase where an attacker seeks to gather as much information as possible about a target of evaluation prior to launching an attack.
Scanning
Scanning refers to pre-attack phase when the
hacker scans the network with specific Information gathered during reconnaissance.
Gaining Access:
Gaining Access refers to the true attack
Maintaining Access:
Maintaining Access refers to the phase when
Covering tracks:
Covering Tracks refers to the activities
undertaken by the hacker to extend his misuse of the system without being detected.