Ethical Hacking

Session B- L1,L2
By: Ms. Ankita Nagmote
Asst. Professor
Dept of Computer Engineering
MPSTME
 Contents

• Scanning and Countermeasures – (Revise)

• Sniffers and countermeasures
• Password cracking
• Spoofing and session hijacking

14-10-2023 Prof. Ankita Nagmote 2

Scanning and Countermeasures
• Revise-
• Scanning refers to exploring information using complex and aggressive
reconnaissance techniques.
• locate potential entry points on a system.
• Procedures include:
• ping sweeps and port scans
• inverse mapping
• Types of Scanning
• Port Scanning
• Network Scanning
• Vulnerability Scanning

14-10-2023 Prof. Ankita Nagmote 3

Scanning Techniques

14-10-2023 Prof. Ankita Nagmote 4

Scanning : Countermeasures
1. A strong firewall: A firewall can prevent unauthorized access
to a business’s private network. It controls ports and their
visibility, as well as detects when a port scan is in progress
before shutting it down.
2. TCP wrappers: These enable administrators to have the
flexibility to permit or deny access to servers based on IP
addresses and domain names.
3. Uncover network holes: Businesses can use a port checker
or port scanner to determine whether more ports are open than
required. They need to regularly check their systems to report
potential weak points or vulnerabilities that could be exploited
by an attacker.
14-10-2023 Prof. Ankita Nagmote 5
Scanning : Countermeasures

4. Use custom rules to lock down the network and block

unwanted ports.
5. Security Experts should ensure the proper configuration of
anti-scanners and anti-spoofing rules.
6. Security experts of an organization must also ensure that
the IDS, routers, and firewall firmware are updated to their
latest releases.

14-10-2023 Prof. Ankita Nagmote 6

Sniffers

Sniffing is the act of intercepting

and monitoring traffic on a
network. This can be done using
software that captures all data
packets passing through a given
network interface or by using
hardware devices explicitly designed
for this purpose.
Sniffers - Sniffers work by capturing
internet traffic and analyzing the data
streams Figure1: sniffers capture and analyze the data packets that
flow through a network

14-10-2023 Prof. Ankita Nagmote 7

 Robust antivirus

Avoid public Wi-Fi

Sniffer
Use a VPN
Countermeasures
Avoid unsecured protocols

Watch out for social engineering

14-10-2023 Prof. Ankita Nagmote 8
Password cracking
Password cracking is a way to recuperate passwords from the
information stored or sent by a PC or mainframe.
Some of the methods include:
• Dictionary attack: Most of the users use common and weak
passwords. A hacker can quickly learn about a lot of passwords if we
add a few punctuations like substitute $ for S and take a list of words.
• Brute-force guessing attack: A given length has so many potential
passwords. If you use a brute-force attack, it will guarantee that a
hacker will eventually crack the password.
• Hybrid Attack: It is a combination of Dictionary attack and Brute force
attack techniques. This attack firstly tries to crack the password using
the dictionary attack. If it is unsuccessful in cracking the password, it
will use the brute-force attack.

14-10-2023 Prof. Ankita Nagmote 9

Best practices protecting against password cracking
• Perform data security reviews to screen and track password assaults.
• Try not to utilize a similar password during the password change.
• Try not to share passwords.
• Do whatever it takes not to use passwords that can be found in a word reference.
• Try not to use clear content shows and shows with weak encryption.
• Set the password change technique to 30 days.
• Try not to store passwords in an unstable area.
• Try not to utilize any mainframes or PC’s default passwords.
• Unpatched computers can reset passwords during Denial-of-Service assaults. Try to
refresh the framework.
• Empower account lockout with a specific number of endeavors, counter time, and
lockout span. One of the best approaches to oversee passwords in associations is
to set a computerized password reset.
14-10-2023 Prof. Ankita Nagmote 10
 Spoofing and session hijacking

The main objective of hackers in

hijacking is to take control over
The main objective of hacker in
the target computer system or
spoofing is to psychologically
network connections to steal
manipulate the target and win
information without getting
their trust by convincing him.
known to the target that they
are getting hacked or hijacked.

14-10-2023 Prof. Ankita Nagmote 11

 Types of Spoofing

IP SPOOFING EMAIL URL SPOOFING DNS SPOOFING

SPOOFING

14-10-2023 Prof. Ankita Nagmote 12

Session Hijacking
• Session hijacking is a technique used by hackers to gain
access to a target’s computer or online accounts. In a session
hijacking attack, a hacker takes control of a user’s browsing
session to gain access to their personal information and
passwords
• Active session hijacking, the attacker takes control of the
target’s session while it is still active. The attacker does this by
sending a spoofed request to the server that includes the
target’s session ID.
• Passive session hijacking occurs when the attacker eavesdrops
on network traffic to steal the target’s session ID. This type of
attack is easier to execute because all an attacker needs is
access to network traffic Prof. Ankita Nagmote
14-10-2023 13
Quiz
• How can you mitigate Session Hijacking??

14-10-2023 Prof. Ankita Nagmote 14

Assignment
Assignment (15 marks)
a. CR/SR will form a group of 2-3 students.
b. Each group will select one recent security hack.
c. Students will research on the selected hack.
d. Each group will create detailed report and presentation.
e. Report and presentation submission deadline is October 3, 2023.
f. Marks Distribution
i. Detailed report – 8 marks
ii. Presentation – 7 marks

14-10-2023 Prof. Ankita Nagmote 15

Thank You

14-10-2023 Prof. Ankita Nagmote 16