Professional Documents
Culture Documents
Ethical Hacking: A Licence To Hack
Ethical Hacking: A Licence To Hack
A LICENCE TO HACK
Aswini.S
III MCA
INTRODUCTION
Ethical hacking- also known as penetration
testing or intrusion testing or red teaming has
become a major concern for businesses and
governments.
Network security
Wireless security
Red Team-Multilayered Assessment
Various areas of security
are evaluated using a
multilayered approach.
• Each area of security
defines how the target
will be assessed.
• An identified vulnerability
at one layer may be
protected at another
layer minimizing the
associated risk of the
vulnerability.
Information security (INFOSEC)- A
revolving process
Attacks on Websites:-
Denial of service attack
Some hackers hack your websites just
because they can.
They try to do something spectacular to
exhibit their talents.
Their comes the denial of service attack.
During the attacks, customers were unable
to reach the websites, resulting in loss of
revenue and “mind share”.
On January 17, 2000, a U.S. library of
congress website was attacked.
The ethical hack itself
Testing itself poses some risk to the client.
Criminal hacker monitoring the
transmissions of ethical hacker could trap
the information.
Best approach is to maintain several
addresses around the internet from which
ethical hackers originate.
Additional intrusion monitoring software
can be deployed at the target.
IBM’S Immune system for Cyber
space
Any of the following combination may
be used
Remote network.
Remote dial-up network.
Local network.
Stolen laptop computer.
Social engineering.
Physical entry.
Competitive Intelligence
A systematic and ethical program for
maintaining external information that can
affect your company’s plans.
It is legal collection and analysis of
information regarding the vulnerabilities of
the business partners.
The same information used to aid a
company can be used to compete with the
company.
The way to protect the information is to be
aware of how it may be used.
Information Security Goals
Improve IS awareness.
Assess risk.
Mitigate risk immediately.
Assist in the decision making process.
Conduct drills on emergency response
procedures.
Conclusions
Never underestimate the attacker or
overestimate our existing posture.
A company may be target not just for its
information but potentially for its various
transactions.
To protect against an attack, understanding
where the systems are vulnerable is
necessary.
Ethical hacking helps companies first
comprehend their risk and then, manage
them.
Conclusions
Always security professionals are one
step behind the hackers and crackers.
Plan for the unplanned attacks.
The role of ethical hacking in security
is to provide customers with
awareness of how they could be
attacked and why they are targeted.
“Security though a pain”, is necessary.
References
1.www.javvin.com
2.www.computerworld.com
3.www.research.ibm.com/journals
4.www.howstuffworks.com
5.”Information Technology”
journal,september,august
2005,published by EFY.
6.IEEE journal on" security and
privacy”
Thank You