CHAPTER 1 ABOUT THE COMPANY

1.1 Profile of the company Centre for Development of Advanced Computing (C-DAC) is the premier R&D organization of the Department of Information Technology (DIT), Ministry of Communications & Information Technology (MCIT) for carrying out R&D in IT, Electronics and associated areas. Different areas of C-DAC, had originated at different times, many of which came out as a result of identification of opportunities Centre for Development of Advanced Computing (C-DAC), is a Scientific Society of the Department of Information Technology, Ministry of Communications and Information Technology, Government of India. C-DAC's areas of expertise range from R&D work in Foundation Technologies to Product Development, IP Generation and Technology Transfer, Deployment of Solutions in various sectors directly or through partnership model, High Performance Computing and Grid Computing; Language Computing & Speech Processing; Computer Science & Software Technologies including Free & Open Source software; and Professional Electronics including Embedded Systems, Platforms, Specialized Hardware, Broadband and Wireless Control Systems & Cyber-Security. On the applications and solutions side, the prominent sectors include Science & Engineering, e-Governance, Health, Education, Power, Railways, Industry among others. Education & Training Programmes focused on high and specialized technical courses and finishing school type modules of relevance to industry.

1.2 History

C-DAC (Erstwhile CEDTI) Mohali, established in 1989 in the ELTOP(Electronics Town of Punjab) Complex, caters to the training, consultancy, design and product development needs of electronics and information technology industry and allied sectors. It also promotes potential Entrepreneurs through various services, academic and training progarms. The institute has its own aesthetically designed building with covered area of 4300 sqmts. The building has an attached students hostel, which provides for residential facility to the 1

outstation students. Another modern hostel and housing complex has been developed in sector70, Mohali that is a kilometer away from the institute. C-DAC (Erstwhile CEDTI) Mohali, an institute under the Government of India, is the first society of Ministry of Communications and Information Technology to have an ISO 9002 certification, which reflects the quality in conceptualization, design, implementation and monitoring of the training programs. The certification is a testimony by international quality in system that governs its well structured and regularity updated training with global acceptance.

1.3 Research Thetechnologies dealt with within the house Time of C-DAC are Natural Software & language Industrial processing (NLP), Artificial Intelligence (AI), e-Learning, Multilingual computing, Multimedia computing,Geomatics, Cyber Security, Real Systems, automation, High Performance Computing, Data Warehousing/Data Mining, Digital/Broadband Wireless networks, Modeling and Visualization etc. The sectors addressed are Finance, Healthcare, Power, Steel, Defence, Telecom, Agriculture, Industrial Control, Broadcasting, Education and e-Governance. Some of the major research areas are: 

Graphics and Intelligence based scripting Technology: GIST is one of the Dynamic Groups working in Multilingual Technologies. System Area Network: HTDG is currently working on products based on the VI Architecture specification. These include high-performance SAN interface cards and high-speed, scalable switches for these SANs. Reconfigurable Computing System: Reconfigurable Computing System Cards at C-DAC Parallel Programming Environments High Performance Communication Subsystems High Performance Storage Systems Computational Atmospheric Sciences Computational Structural Mechanics Computational Fluid Dynamics Seismic Data Processing 2  

      

Total revenue of Rs. MONTECH Instruments. Mohali.4 Achievements    Established the first international Internet gateway into India Vartalaap..40 was generated through these facilities and services. Souvenir Graphics. Mohali. DURO Electronics. Spice Telecom.. BCC Fuba (I) Ltd. Mohali. Multioverseas Pvt. SAA Power EngPvt Ltd. DELTRON. SCL. Chd. Panchkula. Saksham Electronics Chd. CDIL.Mohali. Chd. TELEBOX. Ltd. Mohali. AriensElectrotech. Narmak System. Labotron Instruments. Multioverseas Pvt.. Mohali. Alpha Medical. INDOSAW. Chd. Rohini Micro Systems. Ambala. 1. Allenger Medical Systems. a Unicode IRC Server enabled rendering of Devanagari and other Indian scripts at the OS level in Microsoft Windows 2000/XP.5 Services Rendered to Industries/Other Users over the past year The Centre offered the following advanced technical services to various industries in the region: i) Development of Lith Film ii) EPROM Programming iii) CNC PCB Drilling iv) Development of Proto Type Single Sided PCB¶s Photoplotting The job work was done for the following companies: BEL..    Bioinformatics TETRA Basic Sciences Evolutionary Computing 1. 3 . PUNCOM.72235. Micromation (P) Ltd. Ltd.

Founding Executive Director. Professor. Sadanandan. Bhatkar .C-DAC. founder NCST. Networking etc y y y y y 1.6 Notable ex-CDACians   Dr. Director. Mohali is increasing its thrust in R&D and Consultancy and Market Orientation to support the needs of the industry. users and entrepreneurs in many core competency areas of CDAC including :Health Informatics Entrepreneurship Development Hardware Technologies Deployment of solutions in Government and various sectors Formal Education & Non-Formal Education & Training Programs including VLSI. Dr. HP Labs India. Sudhir P. Concordia University P. co-founder NCST Vijayraman. Advisor to UN on Information and Communication Technologies Prof. co-founder NCST. SrinivasanRamani.. director Persistent Systems KSR Anjenayulu     4 . Computer Science Dept. Mudur. Vijay P.

This can be prevented by using the services of ethical hackers who counter the terrorists by misleading them.1 Reason for selecting Ethical Hacking as a project Ethical hacking will reveal the flaws of what is being hacked (software. Preventive action that is taken by the governments against the breaking of the networks saves money in billions of dollars as rectifying and building new systems will cost a lot and also is very time taking.CHAPTER 2 INTRODUCTION TO ETHICAL HACKING 2. To take preventive action against hackers: Preventive action against the terrorists can be taken by the ethical hackers. There are various benefits of ethical hacking. This article lists the benefits of this kind of hacking. etc. a network. 1. To fight against terrorism: There are many terrorists and terrorist organizations that are trying to create havoc in the world with the use of computer technology. These people are also used to build a foolproof system that prevents the breakdown of the existing system. This can be done because the ethical hackers use their expertise to create alternate information that is false. An ethical hacker will find the flaw and report it to the owner so that it can be fixed as soon as possible.) without actually causing any damage. of the hackers to get while the real information that is necessary and important is hidden from the terrorists. a website. 2. So the use of ethical hackers in doing this work of preventing the real hackers from getting to the important information helps save a lot of money and also time. Using 5 . 3. They break into various government defense systems and then use this for their terrorist activities. To build a system that helps prevent penetration by hackers: The ethical hackers are also used to try and test the existing defense systems.

It¶s part of an overall information risk management program that allows for ongoing security improvements.3 Introduction Ethical hacking also known as penetration testing or white-hat hacking. maintaining access and clearing tracks. One reaction to this state of affairs is a behavior termed ³Ethical Hacking" which attempts to pro-actively increase security protection by identifying and patching known security vulnerabilities on systems owned by other parties. For ethical hacking we should know about the various tools and methods that can be used by a black hat hacker apart from the methodology used by him. and techniques that hackers use. he also should be aware of these since he should be able to close holes in his software even with the usage of the various tools. involves the same tools. But many are not aware that they are being hacked without their knowledge. With the advent of new tools the hackers may make new tactics. Ethical hacking can also ensure that vendors¶ claims about the security of their products are legitimate. A good ethical hacker should know the methodology chosen by the hacker like reconnaissance. 6 . host or target scanning. But at least the software will be resistant to some of the tools. gaining access. but with one major difference that Ethical hacking is legal. Also when thinking from the point of view of the developer. From the point of view of the user one should know at least some of these because some hackers make use of those who are not aware of the various hacking methods to hack into a system. The intent of ethical hacking is to discover vulnerabilities from a hacker¶s viewpoint so systems can be better secured. 2. tricks. Ethical hacking is performed with the target¶s permission. 2.2 Abstract Today more and more softwares are developing and people are getting more and more options in their present softwares.the powers of the hackers to get a proper system built helps to prevent penetration by the hackers and saves the information in the various government networks.

though. must know activities hackers carry out and how to stop their efforts. Attacking your own systems to discover vulnerabilities is a step to making them more secure.Understanding the Need to Hack Your Own Systems To catch a thief. You must think like them to protect your systems from them. That¶s the basis for ethical hacking. don¶t forget about insider threats from malicious employees! 7 . the time will come when all computer systems are hacked or compromised in some way. such as viruses and traffic through a firewall. encryption. Firewalls. so should you. When you know hacker tricks. It¶s impossible to buttress all possible vulnerabilities on all your systems. if you don¶t have a lot of foot trafficin your office and no internal Web server running. and virtual private networks (VPNs) can create a false feeling of safety. These security systems often focus on high-level vulnerabilities. you may not have as much to worry about as an Internet hosting provider would have. you can see how vulnerable your systems are. Hacking preys on weak security practices and undisclosed vulnerabilities. This is the only proven method of greatly hardening your systems from attack. You should know what to look for and how to use that information to thwart hackers¶ efforts. as the ethical hacker. That¶s not the best approach to information security. You can¶t plan for all possible attacks ² especially the ones that are currently unknown. Don¶t take ethical hacking too far. However. As hackers expand their knowledge. The law of averages works against security. You can¶t. the more combinations you try ² the more you test whole systems instead of individual units ² the better your chances of discovering vulnerabilities that affect everything as a whole. You. For instance. It makes little sense to harden your systems from unlikely attacks. think like a thief. without affecting how hackers work. What¶s important is to protect your systems from known vulnerabilities and common hacker attacks. However. With the increased numbers and expanding knowledge of hackers combined with the growing number of system vulnerabilities and other unknowns. The only protection against everything is to unplug your computer systems and lock them away so no one can touch them ² not even you. If you don¶t identify weaknesses. it¶s a matter of time before the vulnerabilities are exploited. You don¶t have to protect your systems from everything. Protecting your systems from the bad guys ² and not just the generic vulnerabilities that everyone knows about ² is absolutely critical.

the United States Air Force conducted a ³security evaluation´ of the Multics operating systems for ³potential use as a two-level (secret/top secret) system. use.5 Scope of Ethical Hacking Security: Security is the condition of being protected against danger or loss.4 History In one early ethical hack. prove to upper management that vulnerabilities exist. In the general sense. Enumerate vulnerabilities and. computer and network vulnerability studies began to appear outside of the military establishment. disclosure.´ With the growth of computer networking. if necessary. These include: lose of confidential data Damage or destruction of data Damage or destruction of computer system Loss of reputation of a company 8 . Information security means protecting information and information systems from unauthorized access. In the case of networks the security is also called the information security. 2. or destruction Need for Security: Computer security is required because most organizations can be damaged by hostile software or intruders. y Apply results to remove vulnerabilities and better secure your systems. There may be several forms of damage which are obviously interrelated which are produced by the intruders.Your overall goals as an ethical hacker should be as follows: y y Hack your systems in a nondestructive fashion. 2. which was originally posted to Usenet in December of 1993. modification. Most notable of these was the work by Farmer and Venema. and of the Internet in particular. disruption. security is a concept similar to safety.

White-Hat Hacker White hat hackers are those individuals professing hacker skills and using them for defensive purposes. That is black hat hackers use their knowledge and skill for their own personal gains probably by hurting others. 9 . defines a hacker as a clever programmer.CHAPTER 3 METHODOLOGY 3.1 Hacking Eric Raymond. compiler of ³The New Hacker's Dictionary´. A "good hack" is a clever solution to a programming problem and "hacking" is the act of doing it. Raymond lists five possible characteristics that qualify one as a hacker. resorting to malicious or destructive activities. This means that the white hat hackers use their knowledge and skill for the good of others and for the common good. which we paraphrase here: A person who enjoys learning details of a programming language or system A person who enjoys actually doing the programming rather than just theorizing about it A person capable of appreciating someone else's hacking A person who picks up programming quickly A person who is an expert at a particular programming language or system Types of Hackers: Hackers can be broadly classified on the basis of why they are hacking system or why the are indulging hacking. There are mainly three types of hacker on this basis Black-Hat Hacker A black hat hackers or crackers are individuals with extraordinary computing skills.

 In their search for a way to approach the problem. We cannot predict their behaviour. and Worms Denial of Service (DoS) Different kinds of system attacks 3.2 ETHICAL HACKING  Ethical hacking ± defined as ³a methodology adopted by ethical hackers to discover the vulnerabilities existing in information systems¶ operating environments. computer security has become a major concern for businesses and governments. Trojan Horses.Grey-Hat Hackers These are individuals who work both offensively and defensively at various times.´  With the growth of the Internet. Social Engineering Organizational Attacks Automated Attacks Restricte d Accidental Breaches in Security Viruses. Sometimes they use their skills for the common good while in some other times he uses them for their personal gains. 10 . organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to break into their computer systems.

Finding these an ethical hacker will try to get into the system with that information in whatever method he can. The actual hacking will be a circular one.3. He may also sometimes make patches for that particular vulnerability or he may suggest some methods to prevent the vulnerability. gaining access.The various stages in the hacking methodology are Reconnaissance Scanning & Enumeration Gaining access 11 . Firewalls: configurations. Linux: knowledge of Linux/Unix.4 Required Skills of an Ethical Hacker: ‡ ‡ ‡ ‡ ‡ ‡ ‡ Microsoft: skills in operation. and access control lists Mainframes Network Protocols: TCP/IP. security setting. scanning. maintaining access and clearing tracks. and operation of intrusion detection systems. But it is not the end of the process.5 Steps involved in Hacking: As described above there are mainly five steps in hacking like reconnaissance. He will first find out what an intruder can see or what others can see. how they function and can be manipulated. organizing. Once the hacker completed the five steps then the hacker will start reconnaissance in that stage and the preceding stages to get in to the next level. 3. If he succeeds in penetrating into the system then he will report to the company with a detailed report about the particular vulnerability exploiting which he got in to the system. Routers: knowledge of routers. configuration and management. 3. planning. routing protocols. and controlling a penetration testing team. configuration. and services. An ethical hacker will first think with a mindset of a hacker who tries to get in to the system. An ethical hacker will always have the permission to enter into the target network.3 What do an Ethical Hacker do? An ethical hacker is a person doing ethical hacking that is he is a security personal who tries to penetrate in to a network to find if there is some vulnerability in the system. Project Management: leading.

Modern port scanning uses TCP protocol to do scanning and they could even detect the operating systems running on the particular hosts. This is one of the pre-attacking phases. what valid user account and user groups are there in the network. This is the first stage in the methodology of hacking. Enumeration: Enumeration is the ability of a hacker to convince some servers to give them information that is vital to them to make an attack.Maintaining access Clearing tracks Reconnaissance: The literal meaning of the word reconnaissance means a preliminary survey to gain information. By doing this the hacker aims to find what resources and shares can be found in the system. Usually the services run on predetermined ports. Reconnaissance refers to the preparatory phase where an attacker learns about all of the possible attack vectors that can be used in their plan. Scanning & Enumeration: Scanning is the second phase in the hacking methodology in which the hacker tries to make a blue print of the target network. the services which are running on those system and so on. This is also known as foot-printing. what applications will be there etc. The blue print includes the ip addresses of the target network which are live. It is similar to a thief going through your neighborhood and checking every door and window on each house to see which ones are open and which ones are locked. this is the stage in which the hacker collects information about the company which the personal is going to hack.There are different tools used for scanning war dialing and pingers were used earlier but now a days both could be detected easily and hence are not in much use. Hackers may use this also to find other hosts in the entire network. 12 . As given in the analogy.

First the hacker will try to get in to the system. Once he get in to the system the next thing he want will be to increase his privileges so that he can have more control over the system. System hacking can be considered as many steps. And now he tries to increase his privileges to that of an administrator who can do many things. is Legion actually has an inbuilt dictionary in it and the software will automatically. The There are many methods for cracking the password and then get this work easier there aremany automated tools for simplest method is to guess the password. There are some tools like getadmin attaches the user to some kernel routine so that the services run by the user look like a system routine rather than user initiated program. y Password Cracking: in to the system. Another way to crack in to a system is by the attacks like man in the middle attack. The privilege escalation process usually uses the vulnerabilities present in the host 13 .Gaining access: This is the actual hacking phase in which the hacker gains access to the system. As a normal user the hacker may not be able to see the confidential details or cannot upload or run the different hack tools for his own personal interest. There are many types of tools available for this. But this is a tedious work. Techniques used in password cracking are: y y y y y Dictionary cracking Brute force cracking Hybrid cracking Social engineering the password using the dictionary and will check the Privilege escalation: Privilege escalation is the process of raising the privileges once the hacker gets in to the system. But in order to make password guessing like legion. That the software itself generates responses. Usually the main hindrance to gaining access to a system is the passwords. The hacker will make use of all the information he collected in the pre-attacking phases. That is the hacker may get in as an ordinary user.

There is a saying that ³everybody knows a good hacker but nobody knows a great hacker´. its log will be stored in the server logs. 14 .exe. Clearing Tracks : Now we come to the final step in the hacking.operating system or the software. sniffers . The Evidence Eliminator deletes all such evidences.exe. The nature of these tools differ widely. The next aim will be to make an easier path to get in when he comes the next time. So in order to erase those the hacker uses man tools. This means that he is now in a position to upload some files and download some of them. Maintaining Access: Now the hacker is inside the system by some means by password guessing or exploiting some of it¶s vulnerabilities. Ethical hacking tools: Ethical hackers utilize and have developed variety of tools to intrude into different kinds of systems and to evaluate the security levels. Whenever a hacker downloads some file or installs some software. Sometimes apart from the server logs some other in formations may be stored temporarily. One such tool is windows resource kit¶s auditpol. One such community of hackers is the metasploit. This means that a good hacker can always clear tracks or any record that they may be present in the network to prove that he was here. This is analogous to making a small hidden door in the building so that he can directly enter in to the building through the door easily. In the network scenario the hacker will do it by uploading some softwares like Trojan horses. Another tool which eliminates any physical evidence is the evidence eliminator. This is a command line tool with which the intruder can easily disable auditing. key stroke loggers etc. metasploit etc. There are many tools like hk. Here we describe some of the widely used tools in ethical hacking.

Thus. software andcommunications protocol development. BSD. and the other programs distributed with it such as TShark. arefree software.y Wireshark Wireshark is a free and open-source packet analysis. released under the terms of the GNU General Public License. using the GTK+ widget toolkit to implement its user interface. Mac OS X. and on Microsoft Windows. Originally named Ethereal. and using pcap to capture packets. and Solaris. and education. Wireshark is cross-platform. it is able to display the encapsulation and the fields along with their meanings of different packets 15 . analyzer. Wireshark. it runs on various Unix-like operating systems including Linux. Features of wireshark Wireshark is software that "understands" the structure of different networking protocols. in May 2006 the project was renamed Wireshark due to trademark issues. It is used for network troubleshooting. There is also a terminal-based (non-GUI) version called TShark.

phone numbers etc 16 . Plug-ins can be created for dissecting new protocols. such assnoop. including Ethernet.        Wireshark's native network trace file format is the libpcap format supported by libpcap and WinPcap.This feature is currently available only under Linux. If encoded in a compatible encoding. Captured files can be programmatically edited or converted via command-line switches to the "editcap" program. tshark. and its captures can be read by applications that use libpcap or WinPcap to read capture files. Data display can be refined using a display filter. and loopback. IEEE 802.specified by different networking protocols.11. PPP. Captured network data can be browsed via a GUI. It can also read captures from other network analyzers. the media flow can even be played. and Microsoft Network Monitor. or via the terminal (command line) version of the utility. Live data can be read from a number of types of network. Network General's Sniffer. Raw USB traffic can be captured with Wireshark. Wireshark uses pcap to capture packets.  Data can be captured "from the wire" from a live network connection or read from a file that recorded already-captured packets. y Samspade: Samspade is a simple tool which provides us information about a particular host. so it can only capture the packets on the types of networks that pcap supports. so it can read capture files from applications such as tcpdump and CA NetMasterthat use that format. VoIP calls in the captured traffic can be detected. This tool is very much helpful in finding the addresses.

addresses etc. If the red x still appears. Thus we can get much information in just one click. email ids. Restart your computer. or the image may have been corrupted. In the text field in the top left corner of the window we just need to put the address of the particular host. and then open the file again. We don¶t know where it comes from. Then we can find out various information available. The information given may be phone numbers. IP addresses. But one of the best ways to get information about a company is to just pick up the phone and ask the details.1 represents the GUI of the samspade tool. The email tracker uses this header information for find the location. We may think that what is the benefit of getting the phone numbers. you may have to delete the image and then insert it again. Every message we receive will have a header associated with it. Your computer may not have enough memory to open the image. 17 . y Email Tracker and Visual Route: We often used to receive many spam messages in our mail box.The image cannot be displayed. Email tracker is a software which helps us to find from which server does the mail actually came from. contact names. email ids. address range etc. The above fig 2.

We can use this for finding the location of servers of targets also visually in a map 18 .2 shows the GUI of the email tracker software. The above fig 2. Restart your computer. In this software we just need to import the mails header to it. The option of connecting to visual route is available in the email tracker. That is we will get information like from which region does the message come from like Asia pacific. or the image may have been corrupted. If the red x still appears.The image cannot be displayed. Then the software finds from which area that mail comes from. When we connect this with the email tracker we can find the server which actually sends the mail. and then open the file again. Europe etc. To be more specific we can use another tool visual route to pinpoint the actual location of the server. Your computer may not have enough memory to open the image. Visual route is a tool which displays the location a particular server with the help of IP addresses. One of the options in the email tracker is to import the mail header. you may have to delete the image and then insert it again.

3 depicts the GUI of the visual route tool.The image cannot be displayed.. Restart your computer. and then open the file again. 19 . The above fig 2. software will actually provide us with information about the routers through which the message or HoneyBOT HoneyBOT is a Windows based medium interaction honeypot solution. The captured information is highly valuable as it contains only malicious traffic with little to no false positives. This the path traced by the mail from the source to the Destination. If the red x still appears. The visual route GUI have a world map drawn to it. The software will locate the position of the server in that world map. What is a Honeypot? A honeypot is a device placed on a computer network specifically designed to capture malicious network traffic. It will also depict the path though which the message came to our system. you may have to delete the image and then insert it again. The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the keystrokes and mistakes made by hackers. or the image may have been corrupted. Your computer may not have enough memory to open the image.

When an attacker connects to these services they are fooled into thinking they are attacking a real server. How it Works HoneyBOT works by opening over 1000 udp and tcp listening sockets on your computer and these sockets are designed to mimic vulnerable services. Our test server has captured several thousand trojans and rootkits from these simulated services including: o o o o o o o o o o Dabber Devil Kuang MyDoom Netbus Sasser LSASS DCOM (msblast. The honeypot safely captures all communications with the attacker and logs these results for future analysis. etc) Lithium Sub7 20 . Should an attacker attempt an exploit or upload a rootkit or trojan to the server the honeypot environment will safely store these files on your computer for analysis and submission toantivirus vendors.Honeypots are becoming one of the leading security tools used to monitor the latest tricks and exploits of hackers by recording their every move so that the security community can more quickly respond to new exploits.

you want your honeypot to be as free as possible from any legitimate traffic so in broad terms we can consider any traffic to the honeypot to be malicious in nature. HoneyBOT requires minimum operating system of Windows 2000 and at least 128MB RAM is recommended. In fact.HoneyBOT Installation We suggest that you install HoneyBOT on a dedicated computer with no valuable information or resources required of it. Some other important tools used are: y y y y War Dialing Pingers Super Scan Nmap etc« 21 .

it canbe used in acceptable and unacceptable ways. These are individual values.CHAPTER 4 ANALYSIS AND FINDINGS 4. Butfilters can also track network access. Not every unethical action is illegal. however. and cultures. then laws can be created to provide interpretation. If there is no consensusfor social values.As an example. Laws canalso be used to specify consequences for unacceptable behavior. and not every legal action issocially acceptable. Scanning a network or capturing packets maybe considered ethical in one situation but undesirable in another. there is no consensusamong the wider group of Internet users. The term ethics refers to a sense of honesty and dishonesty.1 Ethics Moral values combine three decision attributes: ethical. Peer groups and organizationsmay have social values that determine appropriate behavior. laws can be used to impose a minority opinion orcompetitive edge. By understanding the ethical. Even though it is the same technology. Although they are closely related. there is no limitation on what a user can place on his home computer. regions. Acceptablesocial values may vary between groups.social. and legal. For example. decisions can be made that mitigate conflict orundesirable consequences.Just because the software exists. colleges may teach students how to write computer viruses and analyze malware. 22 . and legal implications. Finally. actions that are ethical to one person may be unethical to another. Parentsmay use them to prevent a child from accessing adult-content Web sites. Legal restrictions are developed for one of three purposes. social. Althoughwriting viruses is an acceptable behavior within this forum. In most countries. there is a distinction between ethical. and some security experts consider it tobe an unacceptable practice [Hulme2003]. Web filters are commonly used to restrict network access. digitaltrespassing is a felony in the United States with a punishment ranging from afine to incarceration. social.and legal values. Using a filter to spy on a spouse¶s network activitiescan be an invasion of privacy. Each is dependent on the situation. Each ofthese attributes is distinct but interdependent. For example.Groups of people with similar ethics develop a moral code. does not mean that it should be used. Ethicalactions are situation dependent.

it is considered socially acceptable toinform the appropriate vendors before any public disclosure. Many countries outsideof China have called this censorship an unacceptable practice. served him with an injunction.Although this is the same type of technology used to block a child¶s access topornographic Web sites. 23 . it is applied to a much larger scale.To elaborate on this example. Some vendors may view a risk as a low priority. Cisco and Lynn¶s employer. and (2)threatening Lynn with legal action.Socially. goingpublic too soon may pressure the vendor into releasing an incomplete solution. And theBlack Hat conference was forbidden from disseminating the presentation materialsand associated video. His topic. Legally. Lynn walked into a minefield. Michael Lynn¶s actions were met with a favorable reaction from the securitycommunity. and took steps to prevent the presentation including(1) removing the talk from the printed conference proceedings. One debate topic concerns how long towait before the public disclosure. Michael Lynn was selected as a speaker at the Black Hat Briefings securityconference. China has a long history of filtering network access. This gives the vendora chance to respond to risks and develop mitigation options before informing badguys who would exploit new weaknesses. The talk discussed vulnerabilities inCisco routers that had been reported to the company months earlier. As a result. Moral Example: Michael Lynn versus Cisco When security vulnerabilities are discovered. An action considered socially unacceptable to some members of theinternational community appears acceptable to the Chinese government. Although some people disagreed with Lynn¶s choice of disclosure. Michael Lynn appears to have felt that making theexploit public was the right thing to do. preventing further disclosure[Cisco2005]. ³The Holy Grail: Cisco ISO Shellcode and ExploitationTechniques. From an ethical perspective. Lynn had to quit his job at ISS. andnot going public soon enough may give the bad guys an edge. Cisco had been nonresponsive toward correctingthe problem and was not disclosing the risks to its customers.have limited resources. Cisco did notwant the information made public. this is a difference insocial values.Cisco was widely criticized for initiating legal action and failing to respond tosecurity vulnerabilities.´ became a heated controversy. To give the presentation. or may choose not to address the issue. Internet SecuritySystems (ISS). In 2005.

Without this skill. unethical behavioris likely to be repeated. Steps can be taken to develop a moral framework [Markkula2006]: Recognize ethical issues: Problems cannot be addressed until they are firstidentified.The line between right and wrong.is a critical skill that takes effort and practice.would the same decisions be made or would the situation be handleddifferently? Reflection on past decisions is an ongoing process. And doing what seems like the right thing may still have undesirable results. and legal implications. Gather information: What facts are necessary to create an informed decision?A single decision may impact many different people. how would the public react? Implement and reflect: Act on the decision and evaluate the reaction. social. Did itturn out as expected. social. By understandingthe ethical. Moral Framework A moral framework forms the basis of ethical decision making. and legal implications. Knowing how to react to a moral decision. acceptable and unacceptable is not alwaysclear. Someactions may take years for all of the repercussions to be identified. Consider reviewing the decisionwith peers or trusted colleagues²other people usually offer differentopinions and valuable insights. Who is likely to be impactedby a decision and how will they be affected? Are there known ramificationsor responses to particular actions? Not all information may be present. 24 . Also consider a wider impact: if the decisionwere made public. What information is known to be unavailable? Test hypothetical decisions: Determine a good solution for the problem andevaluate it for ethical. andlegal implications is critical to making moral decisions. social. Being able to identify situations with potential ethical. or did unidentified issues develop? Given the same circumstances. before needing to make a decision. decisions can be made that reflect positivemoral values.

Tools used. He would have to improve. Future enhancements: As it an evolving branch the scope of enhancement in technology is immense.2 Advantages and disadvantages: Ethical hacking nowadays is the backbone of network security. develop and explore new avenues repeatedly.4. need to be updated regularly and more efficient ones need to be developed 25 . No ethical hacker can ensure the system security by using the same technique repeatedly. More enhanced softwares should be used for optimum protection.the major pros & cons of ethical hacking are given below: Advantages y ³To catch a thief you have to think like a thief´ y Helps in closing the open holes in the system network y Provides security to banking and financial establishments y Prevents website defacements y An evolving technique Disadvantages y All depends upon the trustworthiness of the ethical hacker y Hiring professionals is expensive. Each day its relevance is increasing.

Everything you do as an ethical hacker must be aboveboard and must support the company¶s goals. Professionals Professionals should understand that business is directly related to 26 . The commandments are as follows: y Working ethically: The word ethical in this context can be defined as working with high profes-sional morals and principles. So while they are studying they should study the various possibilities and should study how to prevent that because they are the professionals of tomorrow. bad things can happen. No hidden agendas are allowed! Trustworthiness is the ultimate tenet. y Not crashing your systems: One of the biggest mistakes hackers try to hack their own systems is inadvertently crashing their systems. Let¶s check its various needs from various perspectives. These testers have not read the documentation or misunderstand the usage and power of the security tools and techniques. The misuse of information is absolutely forbidden. The main reason for this is poor planning. Student A student should understand that no software is made with zero Vulnerabilities. If not.2 Conclusion One of the main aims of the seminar is to make others understand that there are so many tools through which a hacker can get in to a system. 5. If you sense that someone should know there¶s a problem. All information you obtain during your testing ² from Web-application log files to clear-text passwords ² must be kept private. consider sharing that information with the appropriate manager. y Respecting privacy: Treat the information gathered with the utmost respect.CHAPTER 5 SUGGESTIONS AND RECOMMENDATIONS 5.1 Ethical Hacking commandments Every ethical hacker must abide by a few basic commandments.

Security. Intrusion Detection Systems. So they should make new software with vulnerabilities as less as possible. 27 . Educate the employees and the users against black hat hacking. The first thing we should do is to keep ourselves updated about those softwares we and using for official and reliable sources. why should we aware of hacking and some tools which a hacker may use. Use every possible security measures like Honey pots. every time make our password strong by making it harder and longer to be cracked. Now we can see what we can do against hacking or to protect ourselves from hacking. Firewalls etc. In the preceding sections we saw the methodology of hacking. If they are not aware of these then they won¶t be cautious enough in security matters.

T. See http://www. II. S. it has since been updated and is now available at ftp://ftp. Garfinkel. 1973). M. Fiske. WP-4467.nl/cert-uu/satan. Vol. Venema. P. The MITRE Corporation. Who can really determine who said something first on theInternet? 11. MA (1996). DC (April 1976). The first use of the term ³ethical hackers´ appears to have been in an interview with John Patrick of IBM by Gary Anthens that appeared in a June 1995 issue of ComputerWorld. M. 13. The New Hacker¶s Dictionary. 10. Tokubo. R. Joint Technical Support Activity Operating System Technical Bulletin 730S-12.cs. Schell. Abbott. Garfinkel and E.Z. L.html#documents. Bedford. E. ESD-TR74-193. Farmer andW. Headquarters Electronic Systems Division. Security Problems in the WWMCCS GCOS System. See http://www.org/pub/security/index.´ originally posted to Usenet (December 1993). Karger and R. MA (October 16. Security Analysis and Enhancements of Computer Operating Systems. Spafford. S.org/usenet/. Hanscom Air Force Base. S. 28 . Raymond. Cambridge. Inglis. A. 6. 8. S. no one will have any excuse not to take action to improve security. Cambridge. 9. Thus. O¶Reilly & Associates. 4. NBSIR 76-1041. O¶Reilly & Associates. ³Improving the Security of Your Site by Breaking into It. Goheen and R. MA (2000). MA (June 1974). Multics Security Evaluation: ulnerability Analysis. First Edition.faqs. S. Chen. MIT Press. P. D. Practical Unix Security. MA (1991). OS/360 Computer Security Penetration Exercise. Defense Communications Agency (August 2. E. 5. S. 2. W. and S. 3.Bibliography 1. J. Donnelly. This strategy is based on the ideal of raising the security of the whole Internet by giving security software away. Cambridge.html. Konigsford.porcupine. J. R. 12. 7. National Bureau of Standards. 1972).ruu. W. Database Nation. Washington.

See http://www. No. however. Hanscom Air Force Base. MCI-73-1. R. Preliminary Notes on the Design of Secure Military Computer Systems. R. and this is the current definition of Moore¶s Law. R. J. J. Kephart.research.com/hacked_pages/ or http://defaced. In subsequent years. O.com/antivirus/SciPapers.htm for additional antivirus research papers. 5. B. G. In 1965. Bedford. he realized there was a striking trend.de.2600. 1. For a collection of previously hacked Web sites. ³Catapults and Grappling Hooks: The Tools and Techniques of Information Warfare. A. 18. Popek. MA (January 1973). see http:// www. 16. White. 29 . ³Fighting Computer Viruses. 88±93 (November 1997). 106±114 (1998). but data density has doubled approximately every 18 months. and G. 15.alldes. Downey. Chess. Sorkin. the pace slowed down a bit. M.´ IBM Systems Journal 37. Boulanger. and each chip was released within 18±24 months of the previous chip. 17. and S. When he started to graph data about the growth in memory chip performance. Schell. ESD/AFSC. D. No. P. Intel cofounder Gordon Moore was preparing a speech and made a memorable observation. that some of the hacked pages may contain pornographic images.´ Scientific American 277. Be forewarned.14. 19.ibm. Each new chip contained roughly twice as much capacity as its predecessor. J.