HackFest Workshop

Short listing Criteria

Due to limitations on the number of people we can offer place at Techfest workshops, we
follow a scrutinizing process. The participants will have to fill in the following questionnaire
based on which short listing shall be done.

Instructions

• The following questions have to be answered in the space provided.

• Name the file after the questions has been answered as “HFxxxx.doc” where HFxxxx is the
team registration number. Attach the file and mail it to workshops[at]techfest[dot]org before
20th November 2010.

•Being shortlisted in workshop do not assure your accommodation.

Note that the following instructions have to be strictly adhered to and failing to do so
will lead to disqualification of the concerned entry.

Q.1 What is Scanning?

,Viruses are the computer world's great boogerbears. Most computer problems
blamed on "some damn virus" are actually caused by something else. So scananning
is the process to detect viruses to avoid the dataloss and other damages.

Q.2 Describe the following terms in Scanning.

(i) Nmap

It is a security scanner. It is used to create a map of computer and discover hosts and
services on a computer network.

(ii) Nullscan

Null scan is just a little piece in os-fingerprinting. As the name "null" scan already
implies, no flags are set on packages. This is a method to trick firewall-filters.
Microsoft OS do not apply to standards in this point (as e.g. also for UDP), so this
method remains without effect on them.

(iii) Firewalk

Firewalk is a technique developed by Mike Schiffman and David Goldsmith that

employs traceroute-like techniques to analyze IP packet responses to determine
gateway ACL filters and map networks.
Q.3 What is Trojan and advantages of Trojan?

Trojan is malware that appears to perform a desirable function for the user prior to
run or install but instead facilitates unauthorized access of the user's computer
system. "It is a harmful piece of software that looks legitimate. Users are typically
tricked into loading and executing it on their systems", as Cisco describes.

Q.4 Explain Buffer Overflows.

In computer security and programming, a buffer overflow, or buffer overrun, is an

anomaly where a program, while writing data to a buffer, overruns the buffer's
boundary and overwrites adjacent memory. Buffer overflows can be triggered by
inputs that are designed to execute code, or alter the way the program operates. This
may result in erratic program behavior, including memory access errors, incorrect
results, a crash, or a breach of system security. They are thus the basis of many
software vulnerabilities and can be maliciously exploited. Programming languages
commonly associated with buffer overflows include C and C++.

Q.5 Write a few line on SMS forging and VOIP server.

SMS forging is a relatively new kind of high-tech felony, which uses the short
message service (SMS), which is available on most mobile phones and personal
digital assistants, to spoof or impersonate another user. The spoofing is often used to
send viruses that can be carried from phone to phone and which can cause
destructive behaviour.

VOIP is a voice over IP. It is any of a family of methodologies, communication

protocols, and transmission technologies for delivery of voice communications and
multimedia sessions over Internet Protocol (IP) networks, such as the Internet. Other
terms frequently encountered and often used synonymously with VoIP are IP
telephony, Internet telephony, voice over broadband (VoBB), broadband telephony,
and broadband phone.

Q.6 What is meant by SQL?

SQL stands for Structured Query Language. It lets you access and manipulate
databases. It is an ANSI (American National Standards Institute) standard. It is a
database computer language designed for managing data in relational database
management systems (RDBMS), and originally based upon relational algebra. Its
scope includes data insert, query, update and delete, schema creation and
modification, and data access control.

Q.7 Write a few lines about sniffing.

Sniffing is a technique used in websites and web applications in order to determine
the web browser a visitor is using, and to serve browser-appropriate content to the
visitor.

Q.8 Write a few lines about e-mail tracking.

It is a method for monitoring the e-mail delivery to intended recipient. It is useful

when the sender wants to know if the intended recipient actually received the e-mail,
or if they clicked the links.

Q.9 Why do you want to attend this workshop? (Statement of purpose, SOP)

because i have interest in security and hacking.

Q.10 Where and how do you intend to use the knowledge gained at this workshop?

In ethical hacking, security purpose.