Professional Documents
Culture Documents
Aaron Varrone
December
2011
Quinnipiac University- MS IT
CIS 652- Advanced Topics in Information Security- Independent Study
Contents
ABSTRACT..................................................................................................................2
INTRODUCTION TO ETHICAL HACKING....................................................................3
What do Hackers do?.............................................................................................4
FOOTPRINTING AND RECONNAISSANCE.................................................................5
SYSTEM HACKING.....................................................................................................6
Types of Attacks.....................................................................................................6
Why Cover Tracks?.................................................................................................8
PENETRATION TESTING............................................................................................8
Why Penetration Testing?.....................................................................................8
COUNTERMEASURES................................................................................................9
How to defend against Footprinting? .................................................................10
How to defend against Password Cracking? .......................................................10
How to defend against Privilege Escalation? ......................................................10
How to defend against Malware? .......................................................................11
How to defend against Steganography? .............................................................11
REAL-WORLD EXAMPLES .......................................................................................12
Hacker Boot Camp Helps Good Guys Outsmart Intruders .................................12
Government Agencies Seeking Code Breakers ...................................................12
Ethical Hacking Proves to be an Excellent Test for Companies ..........................13
Ethical Hacking Demand Helping Firm Achieve Record Profits ..........................13
College Universities Teaching Students How to Hack ........................................13
CONCLUSION ..........................................................................................................14
REFERENCES ...........................................................................................................16
Varrone 1 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s
information system infrastructure in the 21st century
ABSTRACT
Varrone 2 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s
information system infrastructure in the 21st century
INTRODUCTION TO ETHICAL HACKING
With this said, all three elements have a direct impact to the way in which network
and system security is portrayed, which leads us to our discussion of Ethical
Hacking. If all three of these elements are properly addressed and implemented
during the architecture of the way in which an organization’s systems interact, then
one would not have to be so concerned with their technology and securing of this
technology. As companies continue to grow and expand their horizon for the need
of information systems by increasing their investment on a year-to-year basis , so
does the need to protect and defend their infrastructure against malicious activities,
attacks, and destructive encounters.
The risk of not protecting one’s information system is too extraordinary as the
effects of a successful hacking attempt include: damage and theft of proprietary
information, client/customer data, personal information, impeding of business
operations and activities. All in which can lead to a company’s downfall. As great as
the technology is that many of these companies have adapted in creating an
efficient
Varrone 3 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s
information system infrastructure in the 21st century
operation, their lack on focusing their attention on security can contradict
themselves and instead create an inefficient and ineffective use of the technology.
Who is a Hacker?
A hacker can be defined as an individual with superb computer skills who has the
ability to create and explore into another system, which can be software programs
or hardware based devices. A motive behind a hacker’s mindset is to gain
knowledge or poke around to do illegal and disruptive activities that could result
in monetary benefits. For some, it’s a hobby to see how many systems and
networks they can control. There are four unique hacker classes:
Black Hats- individuals who resort to malicious or destructive activity for malicious
intent.
White Hats- individuals using them for defensive purposes, also known as security
analysts.
Suicide Hackers- individuals who aim to bring down critical infrastructure for a
“cause” and would rather be known for their destruction they commit. These
individuals are not worried about facing any type of severe penalty regardless of
fines or jail time sentences.
Gray Hats- are individuals who work both offensively and defensively at various
times whose intent is mostly for the well-being, however this is not always the
case.
(EC-Council, 2011)
Phase 3 Gaining Access- Once access is achieved to the desired operating system,
application, or network; the attacker can escalate privileges to obtain complete
control of the system. Such examples include: password cracking, buffer
overflows, denial of service, and session hijacking.
Phase 4 Maintaining Access- After access has been attained, most hackers attempt
ways in which to retain their ownership of the system/application/device.
Attackers may prevent the system from being owned by other fellow hackers by
securing their access exclusively with backdoors, trojans, or rookits. Attackers then
use the compromised system to launch further attacks, which allows them to
upload, download, or manipulate data, configuration, and applications at any given
time period.
Phase 5 Covering Tracks- After a hacker’s activities have been carried out,
smarter attackers usually look for ways in which they can hide their malicious act
by covering their tracks and hiding their own identity. This can be achieved by
overwriting system, application, audit, and event logs or deleting any evidence that
may lead to prosecution.
(EC-Council, 2011)
Varrone 5 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s
information system infrastructure in the 21st century
Anonymous Footprinting- Gathering information from sources where the author
of the information cannot be traced nor identified.
SYSTEM HACKING
There are several ways an attacker can gain access to a particular system, however
each way requires the ability for an attacker to exploit a weakness, vulnerability,
or even human-error.
Types of Attacks
Rootkits- Refers to code hidden within a kernel of the operating system that has
the ability to hide itself and cover up traces of the malicious intent. More
specifically, it replaces certain operating system calls and utilities with its own
modified version. From there, the attacker acquires root access (above a level of
administrator) to the system by installing a virus, trojan, worm, or other malware
in order to exploit it. This allows the attacker to maintain undetected access to the
system. Such types of rookits include: hypervisor level, kernel level, application
level, hardware/firmware, and boot loader.
Varrone 7 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s
information system infrastructure in the 21st century
Why Cover Tracks?
Most hackers, with the exception of a suicidal one, will cover their traces to avoid
detection and possible jail sentence. However, this is not the only reason. By
covering their track, this allows the attacker to install backdoors to gain access in
the future. When this is executed, a clever hacker will usually escalate the
compromised account’s privileges without documenting the system change. As
previously mentioned, they can do this by manipulating the log files of an
operating system or altering the event logs. Once intruders have successfully
gained administrator type access on a system, they will attempt to cover their
tracks in every possible way that they can, including deleting recently modified
files and disabling audit logs. Disabling these logs is usually performed
immediately after obtaining administrator privileges.
PENETRATION TESTING
Penetration testing allows the company to identify threats that may occur during
the testing stage discovered in its information system or network. Companies that
hire such testers have actually discovered that overall IT security costs are
reduced and provides a better return on security investment (ROSI) by identifying
and resolving vulnerabilities, weaknesses, and possible exploits that may have
been taken advantage of if the proper security measures weren’t enforce.
Additionally, companies are also seeing what type of IT security investments they
really need to focus on, as oppose to investing in a large enterprise-wide security
solution that covers everything, which may not always be necessary for every
organization out there.
Varrone 8 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s
information system infrastructure in the 21st century
Additionally, these professionals provide an organization with assurance of a
thorough and comprehensive assessment of an organization’s security policy,
procedure, controls, and how they may decide to be implemented. Many industry-
wide regulations may be applied such as HIPAA (Health Insurance Portability and
Accountability Act), FDA (Food Drug Administration), PCI (Personal Confidential
Information); requiring specific certification and best practice security standards
in order to continue business. For instance, PCI regulation requires all hard drives
to be encrypted within the organization.
COUNTERMEASURES
Varrone 10 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s
information system infrastructure in the 21st century
How to defend against Footprinting?
Defending against footprinting includes: configuring routers and access control list
(ACL) to restrict the responses to footprinting request, implement/configure IDS
(Intrusion Detection System) to refuse suspicious traffic picked up in patterns,
locking down ports with a suitable firewall configuration, configuring web servers
to avoid information leakage, and lastly disable unwanted protocols. Ethical
hackers will additionally document and evaluate the content of information made
available publicly and work to remove any sensitive information discovered such
as their network architecture, applications, employees, and/or email addresses.
(EC-Council, 2011)
As described above, once hackers obtain access to a system or account, they will
seek ways to escalate their privileges to that similar of an administrator.
Therefore, countermeasures to defend against the ability for them to escalate
privileges is examined:
Use encryption as much as possible and wherever it can be done. Not all
systems, applications, devices have the ability to encrypt their data; but
one level of encryption (for instance, on a user’s workstations) will make it
that much more difficult for an intruder to gain access to.
Varrone 10 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s information
system infrastructure in the 21st century
Run services within a system’s environment as an “unprivileged” account,
this way if this account does become compromised, the intruder can’t do
much since access is restricted.
(EC-Council, 2011)
Malware and other unsolicited software can be tricky at times if the malicious files
are not detected by an anti-virus product, which in this case would be known as a
zero-day threat. In any circumstance to help alleviate the issue and reduce risk;
install, maintain, administer, and update the anti-virus product within the
environment. This includes updates to signature files, scan engine versions,
program versions, patches and hot fixes releases. Additionally by installing and
administering a personal and enterprise firewall with application and device
control policies and restrict and limit web-access, can all diminish the company’s
risk from exposure.
Varrone 11 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s information
system infrastructure in the 21st century
REAL-WORLD EXAMPLES
With this said, below are some real-life examples of how organizations
(including: government agencies and non-for-profit such as universities) have
utilized ethical hacking tactics to protect their technology from being hacked
into, breached, and ultimately compromised.
Even government agencies are searching for hacking talent. According to the
Toronto Star, a widely recognized newspaper in Canada, reports that a British spy
agency is using an anonymous code-breaking web page to recruit self-taught
hackers that they might not have found otherwise. The page was launched in
November of 2011. A spokesman for the U.K.’s Government Communications
Headquarters even admitted that recruiting Oxford and Cambridge graduates is
not always in the best interest for the agency. They also claim that most cyber-
specialists enter their organization as graduates, however with the quickly
evolving world of cybercrime, they feel it’s essential to look for candidates who
may be self- taught but have a keen interest in code-breaking and ethical hacking.
(Taylor, 2011)
Varrone 12 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s information
system infrastructure in the 21st century
Ethical Hacking Proves to be an Excellent Test for Companies
Varrone 14 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s information
system infrastructure in the 21st century
approximately 20 computers isolated from the rest of the university system where
the students then practice hacking into or even bringing down the network. By
hacking into these systems and network, students are able to learn about
weaknesses of an intuition’s system. Alexander Graham, an experienced
information technology professional who even enrolled in the course had stated
that he is shocked by how much damage a malicious hacker can do. He claims the
course is extremely helpful and believes in the philosophy of “Know thy enemy,
then you can defeat them” at their own game.
(Vance, 2007)
CONCLUSION
Securing of these information systems does comes with its challenges. For
instance, compliance to government laws and regulations must be followed and
maintained. Companies (depending on the industry) must be willing to spend vast
amounts of dollars on education, training, and awareness in order to stay in
compliance. Such industries for example have strict laws that prevent data from
being outsourced outside the country (or if it is outsourced, requires the use of
encryption), similar to sensitive personal information. Other industries may
require certain security measures in placed in order to continue business
operations. These regulations add another challenge to security, ensuring that the
proper measures are being enforced. Additionally, it is difficult to centralize
security in a distributed computing environment as the evolution of technology
evolves, so does the complexity in administering, managing, and monitoring
sophisticated and complex attacks. As we turn everything we do into the palm of
Varrone 15 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s information
system infrastructure in the 21st century
our hands; mobile security, adaptive
Varrone 16 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s information
system infrastructure in the 21st century
authentication, and social media strategies from an offensive and defensive
perspective are only the stepping stones on what’s next to expect in the digital
age that we live in today.
Varrone 17 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s information
system infrastructure in the 21st century
REFERENCES
EC-Council. (2011). Ethical Hacking and Countermeasures v7.1 Course.
Hanvey, M. (2005, June 22). Ethical Hacking An Excellent Test of Mettle for
Security Systems. The Financial Times, p. 16.
Information Week. (2005, June 23). Hacker Boot Camp Helps Good Guys Outsmart
Internet Troublemakers; The number of IT security professionals is
expected to grow to nearly 800,000 by 2008, and more of them need to
think like hackers to be effective. Information Week.
Stafford, P. (2006, July 19). NCC Ethically Hacks its Way to Record. The Financial
Times, p. 24.
Taylor, L. C. (2011, December 2). British spies recruit 'ethical hackers'. Toronto Star.
Vance, E. (2007, April 13). Students at the University of Abertay Dundee Learn
Computer Hacking to Defend Networks. The Chronicle of Higher Education.
Varrone 18 | P a g e
Ethical Hacking- A high-level information security study on protecting a company’s information
system infrastructure in the 21st century