Professional Documents
Culture Documents
Ethical Hacking
Ethical Hacking
ABSTRACT:
The explosive growth of the Internet has brought many good things: electronic commerce, easy access to vast stores of reference material, collaborative computing, e-mail, and new avenues for advertising and information distribution, to name a few. As with most technological advances, there is also a dark side: criminal hackers. Governments, companies, and private citizens around the world are anxious to be a part of this revolution, but they are afraid that some hacker will break into their Web server and replace their logo with pornography, read their email, steal their credit card number from an on-line shopping site, or implant software that will secretly transmit their organization's secrets to the open Internet. With these concerns and others, the ethical hacker can help. This paper describes ethical hackers: their skills, their attitudes, and how they go about helping their customers find and plug up security holes. Today more and more softwares are developing and people are getting more and more options in their present softwares. But many are not aware that they are being hac by a black hat hacker apart from the methodology used by him. From the point of view of the user one should know at least some of these because some hackers make use of those who are not aware of the various hacking method s to hack into a system. Also when thinking from the point of view of the developer, he also should be aware of these since he identifying and patching known security vulnerabilities on systems owned by other parties. ked without their knowledge. One reaction to this state of affairs is a behavior termed Ethical Hacking" which attempts to proactively increase security protection by, host or target scanning, gaining access, maintaining access and clearing tracks. For ethical hacking we should know about the various tools and methods that can be used A good ethical hacker should know the methodology chosen by the hacker like reconnaissance should be able to close holes in his software even with the usage of the various tools. With the advent of new tools the hackers may make new tactics. But at least the software will be resistant to some of the tools.
V.P.I.M.S.R.
Page 1
Ethical Hacking
INTRODUCTION:
Ethical hackers employ the same tools and techniques as the intruders. They neither damage the target systems nor steal information. The tool is not an automated hacker program rather it is an audit that both identifies the vulnerabilities of a system and provide advice on how to eliminate them. Ethical hacking also known as penetration testing or white-hat hacking, involves the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is legal. Ethical hacking is performed with the targets permission. The intent of ethical hacking is to discover vulnerabilities from a hackers viewpoint so systems can be better secured. Its part of an overall link formation risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors claims about the security of their products are legitimate.
V.P.I.M.S.R.
Page 2
Ethical Hacking
SECURITY:
Security is the condition of being protected against danger or loss. In the general sense, security is a concept similar to safety. In the case of networks the security is also called the information security. Information security means protecting information and information systems from unauthorized access, use,
HACKING
Hacking is unauthorized use of computer and network resources. The term "Hacker" originally meant a very gifted programmer. In recent years though, with easier access to multiple systems, it now has negative implications. This complimentary description was often extended to the verb form "hacking" which was used to describe the rapid crafting of a new program or the making of changes to existing, usually complicated software.
TYPES OF HACKER:
1. Script Kiddies 2. White Hat Hackers 3. Black Hat Hackers 4. Gray Hat Hackers 5. Hacktivists 6. Spy Hackers 7. Cyber Terrorists
V.P.I.M.S.R.
Page 3
Ethical Hacking
V.P.I.M.S.R.
Page 4
Ethical Hacking 4. Gray Hat Hackers: A gray hat, in the hacking community, refers to a skilled hacker who sometimes acts legally, sometimes in good will, and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits. Grey hats are hackers who may work offensively or defensively, depending on the situation. This is the dividing line between hacker and cracker. Both are powerful forces on the Internet, and both will remain permanently. And some individuals qualify for both categories. 5. Hacktivism: Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose. The individual who performs an act of hacktivism is said to be a hacktivist. A hacktivist uses the same tools and techniques as a hacker, but does so in order to disrupt services and bring attention to a political or social cause. For example, one might launch a denial-of-service attack to disrupt traffic to a particular site. 6. Spy Hackers: Corporations hire hackers to infiltrate the competition and steal trade secrets. They may hack in from the outside or gain employment in order to act as a mole. Spy hackers may use similar tactics as hacktivists, but their only agenda is to serve their clients goals and get paid. 7. Cyber Terrorists: These hackers, generally motivated by religious or political beliefs, attempt to create fear and chaos by disrupting critical infrastructures. Cyber terrorists are by far the most dangerous, with a wide range of skills and goals. Cyber Terrorists ultimate motivation is to spread fear, terror and commit murder. 8. Nation state: Governments around the globe realize that it serves their military objectives to be well positioned online. The saying used to be, He who controls the seas controls the world, and then it was, He who controls the air controls the world. Now its all about controlling cyberspace. State sponsored hackers have limitless time and funding to target civilians, corporations, and governments.
V.P.I.M.S.R.
Page 5
Ethical Hacking
TYPES OF ATTACKS:
1. Snooping: This is when someone looks through your files in the hopes of finding something interesting whether it is electronic or on paper. In the case of physical snooping people might inspect your dumpster, recycling bins, or even your file cabinets; they can look under your keyboard for post-It-notes, or look for scraps of paper tracked to your bulletin board. 2. Spoofing Attacks (IP Address Spoofing) Most networks and operating systems use the IP address of a computer to identify a valid entity. In certain cases, it is possible for an IP address to be falsely assumed identity spoofing. An attacker might also use special programs to construct IP packets that appear to originate from valid addresses inside the corporate intranet. After gaining access to the network with a valid IP address, the attacker can modify, reroute, or delete your data. 3. Password Based Attacks: A common denominator of most operating system and network security plans is password-based access control. This means your access rights to a computer and network resources are determined by who you are, that is, your user name and your password. Older applications do not always protect identity information as it is passed through the network for validation. This might allow an eavesdropper to gain access to the network by posing as a valid user. When an attacker finds a valid user account, the attacker has the same rights as the real user. Therefore, if the user has administrator-level rights, the attacker also can create accounts for subsequent access at a later time. After gaining access to your network with a valid account, an attacker can do any of the following: Obtain lists of valid user and computer names and network information. Modify server and network configurations, including access controls and routing tables. Modify, reroute, or delete your data.
V.P.I.M.S.R.
Page 6
Ethical Hacking 4. Denial-of-service (DoS) Attacks: Unlike a password-based attack, the denial-of-service attack prevents normal use of your computer or network by valid users. After gaining access to your network, the attacker can do any of the following:
Randomize the attention of your internal Information Systems staff so that they do not see the intrusion immediately, which allows the attacker to make more attacks during the diversion.
Send invalid data to applications or network services, which causes abnormal termination or behavior of the applications or services.
Flood a computer or the entire network with traffic until a shutdown occurs because of the overload.
Block traffic, which results in a loss of access to network resources by authorized users.
5. Distributed denial-of-service (DDoS) Attacks: This is similar to a DoS attack. This type of attack amplifies the concepts of DoS attacks by using multiple computer systems to conduct the attack against a single organization. These attacks exploit the inherent weaknesses of dedicated networks such as DSL and Cable. These permanently attached systems have little, if any, protection. The attacker can load an attack program onto dozens or even hundreds of computer systems that use DSL or Cable modems. 6. Back door Attacks: This can have two different meanings, the original term back door referred to troubleshooting and developer hooks into systems. During the development of a complicated operating system or application, programmers add back doors or maintenance hooks. These back doors allow them to examine operations inside the code while the program is running. The second type of back door refers to gaining access to a network and inserting a program or utility that creates an entrance for an attacker. The program may allow a certain user to log in without a password or gain administrative privileges.
V.P.I.M.S.R.
Page 7
deliberately causing a fault in a server's operating system or applications. This results in the attacker gaining the ability to bypass normal access controls. The attacker takes advantage of this situation, gaining control of your application, system, or network, and can do any of the following: Read, add, delete, or modify your data or operating system. Introduce a virus program that uses your computers and software applications to copy viruses throughout your network. Introduce a sniffer program to analyze your network and gain information that can eventually be used to crash or to corrupt your systems and network. Abnormally terminate your data applications or operating systems. Disable other security controls to enable future attacks.
8. Man-in-the-Middle Attacks: As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. For example, the attacker can re-route a data exchange. When computers are communicating at low levels of the network layer, the computers might not be able to determine with whom they are exchanging data. 9. Eavesdropping In general, the majority of network communications occur in an unsecured or "cleartext" format, which allows an attacker who has gained access to data paths in your network to "listen in" or interpret (read) the traffic. When an attacker is eavesdropping on your communications, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an enterprise. Without strong encryption services that are based on cryptography, your data can be read by others as it traverses the network.
V.P.I.M.S.R.
Page 8
Ethical Hacking 10. Virus A virus is maliciously written code that replicates itself. It may damage hardware, software, or information files. By definition, human interaction is necessary for a virus to spread to another user's files. New viruses are discovered daily. Most famous computer attacks are viruses, which have been around for the longest time. They install themselves onto the computers and spread to the other files on the system. They often spread through external hard drives, or through certain internet sites or through email attachments. Once the viruses are launched, they become independent of the creator and aim to infect a number of files and other systems. 11. Worm Worms can be called the cousins of viruses. The difference between viruses and worms is that worms infect the system without any kind of assistance from the user. The first step that worms take is to scan the computers and exploit vulnerabilities. Then it copies itself onto the system infecting the system, and the process is repeated. 12. Trojan In the list of computer attacks, Trojan horses rank right after the viruses. They often disguise themselves in a piece of software, in screen saver, or in a game, which appears to work normally. However, once they are copied onto the system, they will infect the system with a virus or root kit. In other words, they act as carriers of viruses or root kits, to infect the system. 13. Root Kit Hackers gain access into the system with the use of root kit drivers and take full charge of the computer. These are among the most dangerous computer attacks, as the hacker can gain more control over the system, than the owner of the system. In some cases, hackers have been able to also turn on the victim's webcam and watch the activities of the victim, without the victim knowing about it at all.
V.P.I.M.S.R.
Page 9
Ethical Hacking
V.P.I.M.S.R.
Ethical Hacking FTP password attacking is also another very common way through which websites get modified without their owners permission. This type of hacking take advantage of the fact that many of the poorly protected PCs in the world happen to belong to webmasters whose website login information is stored on their personal computers. The theif search the victims PC for FTP login passwords and relay them to a remote computer. The remote computer logs into the website and modifies the pages to install new copies.
V.P.I.M.S.R.
Page 11
Ethical Hacking
ETHICAL HACKING
Ethical hacking defined methodology adopted by ethical hackers to discover the vulnerabilities existing in information systems operating environments. With the growth of the Internet, computer security has become a major concern for businesses and governments. In their search for a way to approach the problem, organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to break into their computer systems. Definition: Ethical hacking is a process in which an authenticated person, who is a computer and network expert, attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. In order to test the system an ethical hacker will use the same principles as the usual hacker uses, but reports those vulnerabilities instead of using them for their own advantage.
V.P.I.M.S.R.
Page 12
Ethical Hacking
V.P.I.M.S.R.
Page 13
Ethical Hacking
testing/ethical hacking, IT security researcher has been developed and currently developing different tools to make the test fast, reliable and easy.
V.P.I.M.S.R.
Page 14
Ethical Hacking Just consider the world without automatic tools, you can easily say that the hacking process is slow and time consuming. We have discussed different tools before but in this article we summaries the best tools that are widely used in the world of hacking. Some favorite commercial, freeware, and open-source security tools are: a) NmapNo words for the Nmap, Nmap is a best tool ever that are used in the second phase of ethicalhacking means port scanning, Nmap was originally command line tool that has been developed for only Unix/Linux based operating system but now its windows version is also available and ease to use. It is use for Operating system fingerprinting too for more information click here to learn. b) NessusNessus is the world most famous vulnerability scanner, Nessus has been developed by Tenable network security, it is available for free of cost for non-enterprise environment means for home user. It is a network vulnerability scanner and use for finding the critical bugs on a system. Click here to learn more about Nessus. c) NiktoNikto is a free and open source tool, It checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers, It find out the default files and programs. It is a best tool for web server penetration testing. Click here to learn more about Nikto. d) KismetNow a days Wardriving or Wireless LAN(WLAN) hacking is in market and different companies hire penetration tester for doing test on wireless network, this test requires some tools, so Kismet is a best choice for do this. Kismet identifies networks by passively collecting packets and detecting networks, which allows it to detect (and given time, expose the names of) hidden networks and the presence of non-beaconing networks via data traffic.
V.P.I.M.S.R.
Page 15
Ethical Hacking e) MetaSploitThe best tool ever, Metasploit contain a database that has a list of available exploit and it is easy to use and best tool for doing penetration testing, Metasploit framework is a sub project and is use to execute exploit code against a machine and get the desire task done. Click here to learn more. f) NetStumblerOnce again for wardriving, well netstumbler are available
for windows based operating system, it works on windows based operating system.It can detect WiFi that is IEEE 802.11b, 802.11g and 802.11a networks. MiniStumbler is also available and works on Windows CE based system. g) WireShark: WireShark is a free and best Network Packet Analyzer tool for UNIX and Windows. It is used for networking troubleshooting, Malware analysis and education. 3. Executing the plan: Ethical hacking can take persistence. Time and patience are important. Be careful when we were performing our ethical hacking tests. A hacker in our network or a seemingly benign employee looking over our shoulder may watch whats going on. This person could use this information against us. Its not practical to make sure that no hackers are on our systems before we start. Just make sure we keep everything as quiet and private as possible. This is especially critical when transmitting and storing our test results. If possible, encrypt these e-mails and files using Pretty Good Privacy (PGP) or something similar. At a minimum, password-protect them. 4. Evaluating results: Assess your results to see what you uncovered, assuming that the vulnerabilities havent been made obvious before now. This is where knowledge counts. Evaluating the results and correlating the specific vulnerabilities discovered is a skill that gets better with experience. Youll end up knowing your systems as well as anyone else. This makes the evaluation process much simpler moving
V.P.I.M.S.R.
Page 16
Ethical Hacking forward. Submit a formal report to upper management or to your customer, outlining your results. Keep these other parties in the loop to show that your efforts and their money are well spent. Chapter 17 describes this process. 5. Moving on: When youve finished your ethical hacking tests, you still need to implement your analysis and recommendations to make sure your systems are secure. New security vulnerabilities continually appear. Information systems constantly change and become more complex. New hacker exploits and security vulnerabilities are regularly uncovered. You may discover new ones! Security tests are a snapshot of the security posture of your systems. At any time, everything can change, especially after software upgrades, adding computer systems, or applying patches. Plan to test regularly (for example, once a week or once a month). Chapter 19 covers managing security changes.
V.P.I.M.S.R.
Page 17
Ethical Hacking
V.P.I.M.S.R.
Page 18
Ethical Hacking
CONCLUSION
One of the main aims of the seminar is to make others understand that there are so many tools through which a hacker can get in to a system. Lets check its various needs from various perspectives. 1. Student A student should understand that no software is made with zero Vulnerabilities. So while they are studying they should study the various possibilities and should study how to prevent that because they are the professionals of tomorrow. 2. Professionals Professionals should understand that business is directly related to Security. So they should make new software with vulnerabilities as less as possible. If they are not aware of these then they wont be cautious enough in security matters. In the preceding sections we saw the methodology of hacking, why should we aware of hacking and some tools which a hacker may use. Now we can see what we can do against hacking or to protect ourselves from hacking. 3. The first thing we should do is to keep ourselves updated about those softwares we and using for official and reliable sources. 4. Educate the employees and the users against black hat hacking. 5. Use every possible security measures like Honey pots, Intrusion Detection Systems, Firewalls etc. 6. every time make our password strong by making it harder and longer to be cracked.
V.P.I.M.S.R.
Page 19
Ethical Hacking
REFERENCES
1. Unofficial guide to ethical hacking by ANKIT FADIA 2. http://en.wikipedia.org/wiki/Hacker 3. www.hackers.com 4. www.hackerethics.com
V.P.I.M.S.R.
Page 20
Ethical Hacking
BIBLIOGRAPHY
V.P.I.M.S.R.
Page 21