Professional Documents
Culture Documents
Introduction To Hacking - Cyber Ethics
Introduction To Hacking - Cyber Ethics
Why Security ?
Why Attacks ?
Hacking – Introduction
Communities of Hackers
Types of Hackers
Malicious Hacker Strategies
Ethical Hacker Strategies
Steps for conducting Ethical Hacking.
Importance of Vulnerability Research.
Vulnerability Research References.
Conclusion
All Copyrights © Reserved By Techdefence
Pvt. Ltd.
Why Security? (Continue)
But, It says that there are always exists more than one way to solve the
problem.
Crackers
Phreaks
Script Kiddies
Hacktivists
Cyber Terrorists
All Copyrights © Reserved By Techdefence
Pvt. Ltd.
Hackers – Who are they?
Motive/Intent –
– To gain in-depth knowledge of a system, what’s happening at the
backend, behind the screen.
Motive/Intent –
– To seek unauthorized access into a system and cause damage or
destroy or reveal confidential information.
Effects-
– Can cause financial losses & image/reputation damages, defamation in
the society for individuals or organizations.
Phreaks – These are persons who use computer devices and software to
break into phone networks.
Motive/Intent-
– To find loopholes in security in phone network and to make phone
calls at free of cost!!!
Effects-
– You may have to big amount of phone bills, for doing nothing!!!
Script Kiddies – These are persons not having technical skills to hack
computers.
Motive/Intent-
– They use the available information about known vulnerabilities to
break into remote systems.
Motive/Intent-
– They may wish to expose wrongdoing, or exact revenge, or simply
harass their target for their own entertainment.
Motive/Intent-
– To test the computer infrastructure of government.
Effects-
– These sort of hackers may poke around some secret files, pretending it
as a purpose of testing and may share or leak such files to the outside
world.
All Copyrights © Reserved By Techdefence
Pvt. Ltd.
Cyber Terrorists
Motive/Intent-
– Cyber Terrorists ultimate motivation is to spread fear, terror and
commit murder.
Effects-
– Cyber terrorists are by far the most dangerous, with a wide range of
skills and goals.
Grey Hat Hackers – They fall in between White Hat and Black Hat. They
sometimes do legal activities and sometimes illegal activities.
Black Hat – They use their knowledge and skill set for illegal activities,
destructive intents.
– E.g.- to gain money (online robbery), to take revenge. Disgruntled
– Employees is the best example of Black Hats. Attackers (Black Hat
– Hackers) are not at all concerned with security professionals (White
– Hat hackers). Actually these hackers are Bad Guys!!!
Information Gathering
— This is the primary phase where the hacker tries to collect as much
information as possible about the target.
— It includes identifying the targets, finding out the target’s IP address
range, network, domain name registration records of the target ,mail
server records, DNS records , etc.
Gaining Access
— After Scanning & Enumeration, the hackers designs the blueprint of
the network of the target with the help of stuffs collected during
phases 1 and 2.
— Now the attacker executes the attack based on the vulnerabilities
which were identified during scanning.
— After the successful attack, he gets access to the target network.
Maintaining Access
— After Gaining an Access, the attacker escalates the privileges to
root/admin and uploads a piece of code(usually called as backdoor) on
the target network so that he always maintain the gained access and
can connect to target anytime.
Clearing Tracks
— To avoid getting traced and caught, hacker clears all the tracks by
clearing all kinds of logs and anything related stuff which may later
reflect his presence.
“The one who can hack it, can only secure it”
“If you want to catch criminal then you’ll have to think like criminal”
What to protect?
How to protect?
Against whom?
How much resources needed?
Community of Hackers.