CO1

Ethical Hacking
 CO1

Introduction: Understanding the

importance of security
 Ethical Hacking

 Provide an overview of:

 What information security is
 The challenges to InfoSec
 The latest trends
 Best practices to help protect your digital assets
 The need for Information Security professionals
 CyberWATCH
 Ethical Hacking
What Is Information Security?
Process by which digital information assets are
protected.
Topic areas: Policies and procedures,
authentication, attacks, remote access, E-mail, Web,
wireless, devices, media/medium, secure
architectures, IDSes/IPSes, operating systems,
secure code, Cryptography, physical security, digital
media analysis.
 Ethical Hacking
Understanding the Importance of Information Security
Prevents data theft
Avoids legal consequences of not securing
information
Maintains productivity
Foils/Stops cyber terrorism
Thwarts identity theft
 Ethical Hacking
Challenges

A number of trends illustrate why security is becoming

increasingly difficult:
Speed of attacks
Sophistication of attacks
Faster detection of weaknesses
Distributed attacks
Difficulties of patching
 Ethical Hacking

Latest Trends
 Identity theft
 Malware
 Patch Management failures
 Distributed Denial of Service
 Ethical Hacking
 Latest Trends - Identity Theft
 Crime of the 21st century
 Involves using someone’s personal information, such as social security
numbers, to establish bank or credit card accounts that are then left
unpaid, leaving the victim with the debts and ruining their credit rating
 National, state, and local legislation continues to be enacted to deal
with this growing problem:
 The Fair and Accurate Credit Transactions Act of 2003 is a federal
law that addresses identity theft
 Ethical Hacking
Latest Trends - Identity Theft - continued
Phishing is a method used by identity thieves to obtain financial
information from a computer user
The word “phishing” was made up by hackers as a cute word to
use for the concept of fishing for information
One of the most lucrative forms of spamming
Often used in conjunction with spoofed Web sites
 Ethical Hacking
Latest Trends - Malicious Software (Malware)
Designed to operate without the computer user’s permission
May change or destroy data
May operate hardware without authorization
Can hijack your Web browser
Might steal information or otherwise aggravate a computer user
or organization
 Ethical Hacking

Malware Trends
 Spyware
 Key loggers
 Rootkits
 Mobile malware
 Combined attack mechanisms
 Ethical Hacking
 Malware Trends - Spyware
 Advertisement-focused applications that, much like computer
worms, install themselves on systems with little or no user
interaction

 While such an application may be legal, it is usually installed without

the user’s knowledge or informed consent

 A user in an organization could download and install a useful (often

“free”) application from the Internet and in doing so, unwittingly
install a spyware component.
 Ethical Hacking
 Malware Trends – Spyware - continued
 Apart from privacy concerns, the greatest issue presented by
spyware is its use of your computer’s resources and bandwidth

 This translates into lost work as you wait for your computer to finish a
task, lost time as you slowly browse the Internet, and can even
necessitate a call for service by a technician

 The time and money lost while eradicating spyware often exceeds all
other forms of malware and spam combined
 Ethical Hacking

Malware Trends - Keyloggers

 Used to capture user’s keystrokes:
 AKA Keystoke Logging
 Hardware and software-based
 Useful purposes:
 Help determine sources of errors on system
 Measure employee productivity on certain clerical tasks
 Ethical Hacking
 Malware Trends - Rootkits
 Is a set of software tools intended to conceal running processes, files or
system data, thereby helping an intruder to maintain access to a system
while avoiding detection
 Often modify parts of the operating system or install themselves as drivers
or kernel modules
 Are known to exist for a variety of operating systems
 Are difficult to detect
 Eg: keyloggers, banking credential stealers, password stealers, antivirus
disablers, and bots for DDoS attacks.
 Ethical Hacking

 Malware Trends - Mobile Malware

 Increase in the number of mobile phone viruses being written
 Insignificant compared to the much larger number of viruses
being written which target Windows desktop computers.
 Ethical Hacking
 Malware Trends - Combined Attack Mechanisms
 Speed at which malware can spread combined w/a lethal payload
 SPAM with spoofed Web sites
 Trojans installing bot software
 Trojans installing backdoors
 Ethical Hacking
Latest Trends – Patch Management Failures
Shift towards patching versus testing
In the next few years, it is estimated that 90% of cyber attacks will
continue to exploit known security flaws for which a fix is available or
a preventive measure known.
 Ethical Hacking
Latest Trends - Patch Management Failures - continued
Why? Doesn’t scale well and isn’t cost-effective:
A survey by the Yankee Group found that the average annual cost of patching
ranges from $189-$254 per patch for each computer
The cost is primarily a result of lost productivity while the patch is applied and for
technician installation costs. Patching costs in large organizations can exceed $50
million per year
 Ethical Hacking
Latest Trends - SPAM
January 24, 2004 - Bill Gates predicted that spam would be “a thing of
the past” within two years – the threat remains alive
No end in sight:
According to Ferris Research, by 2007, the percentage of spam E-mails
will increase to 70% of the total E-mail messages sent
 Ethical Hacking
Latest Trends - Vulnerability Exploitation
Operating system attacks still in vogue:
Vista
Mac OS X
Increase in attacks taking advantage of security holes in other products:
Desktop tools
Alternative Web browsers
Media applications
Microsoft Office applications
 Ethical Hacking
Latest Trends - Ransomware
Type of malware that encrypts the victim’s data, demanding ransom
for its restoration
Cryptovirology predates ransomware
 Ethical Hacking
Latest Trends - Distributed Denial of Service (DDoS)
Use hundreds of infected hosts on the Internet to attack the victim by
flooding its link to the Internet or depriving it of resources
A PC becomes a zombie when a bot, or automated program, is installed
on it, giving the attacker access and control and making the PC part of a
zombie network, or botnet
 Ethical Hacking
Latest Trends - DDoS - continued
One of the most high profile botnets of 2005 was created by the
Zotob worm which achieved worldwide notoriety in August when
leading media organizations including ABC, The Financial Times,
and The New York Times fell prey to it.
 Ethical Hacking
Best Practices to Help Protect Your Digital Assets
Anti-virus software
Anti-spyware software
Windows and applications updates
Security bundles
Personal firewalls
Wireless
Other best practices
 Ethical Hacking
Anti-Virus Software
Install and maintain anti-virus software. Use the software regularly
Microsoft claims that fewer than 30% of all users have up-to-date anti-virus
software installed
Most AV manufacturers have information and alert pages where you can find
"primers" on malware, as well as alerts to the most current threats
 Ethical Hacking
Anti-Virus Software Vendors
McAfee: Virus Scan
Symantec: Norton Anti-Virus
Computer Associates: eTrust EZ AntiVirus
Trend Micro: PC-cillian
Grisoft: AVG Anti-Virus (freeware)
Alwil Software: Avast! AntiVirus (freeware)
eset: NOD32 (freeware)
 Ethical Hacking
Anti-Spyware Software
Install and maintain anti-spyware software
Use the software regularly
Sunbelt Software: CounterSpy
Webroot Software: Spy Sweeper
Trend Micro: Anti-Spyware
HijackThis (freeware)
Lavasoft: Ad-Aware SE Personal (freeware)
Spybot: Search & Destroy (freeware)
Microsoft: Windows Defender (freeware)
 Ethical Hacking
Updating Windows and Other Applications
Microsoft Update: Web site where users can download updates for various
Windows-related products
For the most part, it’s automated
Check to see it’s working properly
Install vendor-specific patches for applications (e.g., iTunes, Google Desktop)
 Ethical Hacking
Security Bundles
Can include: Anti-virus software, personal firewall software, anti-spyware
software, content filtering/parental control, pop-up blockers, anti-spam capabilities
Can be difficult for the average user to setup:
Leads to incorrect configurations providing a false sense of security
 Ethical Hacking
Security Bundles - continued
McAfee: Internet Security Suite
Symantec: Norton Internet Security
Computer Associates: eTrust EZ Armor
Trend Micro: PC-cillian Internet Security
ZoneAlarm: Internet Security Suite
F-Secure: Internet Security
MicroWorld: eScan Internet Security Suite
Panda Software: Panda Internet Security
Softwin BitDefender Professional Edition
eXtendia Security Suite
 Ethical Hacking
Personal Firewalls
Software installed on an end-user's PC which controls communications to and from
the user's PC
Permits or denies communications based on a security policy the user sets
Use for handheld devices as well (Airscanner, Bluefire)
 Ethical Hacking
Personal Firewall Programs
Zone Labs
Symantec’s Norton Personal Firewall
Sunbelt’s Kerio Personal Firewall
Tiny Software’s Tiny Personal Firewall
Mac OS X
Windows XP (with Service Pack 2)
 Ethical Hacking
Living in a Wireless World
By 2007, >98% of all notebooks will be wireless-enabled
Serious security vulnerabilities have been created by wireless data technology:
Unauthorized users can access the wireless signal from outside a building and connect to the
network
Attackers can capture and view transmitted data (including encrypted data)
Employees in the office can install personal wireless equipment and defeat perimeter security
measures
 Ethical Hacking
Wireless Security Best Practices
Implement MAC-address filtering
Turn off unnecessary services (telnet, HTTP)
Change default SSID/Disable SSID broadcasts
Change default channel
Disable DHCP on access point
Use encryption (usually not enabled by default on most access points
Change default admin username and password
Specify the number of clients that can connect to the access point
 Ethical Hacking
Other Best Practices
When not using your PC, turn it off
View your E-mail as text only; disable the function that automatically views E-mail as HTML
Do not automatically open attachments
Do not run software programs of unknown origin
Delete chain E-mails and junk mail. Do not forward or reply to any of them
 Ethical Hacking
Other Best Practices - continued
Never reply back to an E-mail to "unsubscribe" or to remove yourself from an unknown
list. This lets the spammers know that they have reached a live E-mail address and
your spam mail will increase
Back up your critical data and documents regularly – thumb drives and CDs are cheap
 Ethical Hacking
The Need for Information Security Professionals
No matter how hard we try to do the aforementioned, there will still be the need for
information security professionals
Information security personnel are in short supply; those in the field are being
rewarded well
 Ethical Hacking
The Need for Information Security Professionals – continued
Security budgets have been spared the drastic cost-cutting that has plagued IT since
2001
Companies recognize the high costs associated with weak security and have decided
that prevention outweighs cleanup
Regulatory compliance is also driving the need for more qualified professionals
 Ethical Hacking
Information security principles
No such thing as absolute security.
The three security goals are: Confidentiality, Integrity, and Availability.
Defence in Depth as Strategy.
When left on their own, people tend to make the worst security decisions.
Computer security depends on two types of requirements
Functional and Assurance.
 Ethical Hacking
Information security principles
Security through obscurity is not an answer
Security = Risk Management
Three type of security controls: Preventative, Detective, and Responsive.
Complexity is the enemy.
Fear, uncertainty, and doubt do not work.
Disclosure of vulnerabilities is good.
Ethical Hacking
Thank You All
 CO1

Concept of ethical hacking

Introduction to Ethical Hacking
Ethical hackers
Employed by companies to perform penetration tests
Penetration test
Legal attempt to break into a company’s network to
find its weakest link. Tester only reports findings, does
not solve problems
Security test
More than an attempt to break in; also includes
analyzing company’s security policy and procedures
Tester offers solutions to secure or protect the
network
Hacking
Computer Hackers have been around for so many
years. Since the Internet became widely used in
the World, We have started to hear more and more
about hacking.
In a world of Black and White, it’s easy to describe
the typical Hacker. A general outline of a typical
Hacker is an Antisocial, Pimple-faced Teenage
boy. But the Digital world has many types of
Hackers.
Hacking
Hackers are human like the rest of us and are,
therefore, unique individuals, so an exact profile is
hard to outline. The best broad description of
Hackers is that all Hackers aren’t equal. Each
Hacker has Motives, Methods and skills .

But some general characteristics can help you

understand them. Not all Hackers are Antisocial,
Pimple-faced Teenagers. Regardless, Hackers are
curious about Knowing new things, Brave to take
steps and they are often very Sharp Minded.
Hacking
Hacker is a word that has two meanings.
Traditionally, a Hacker is someone who likes to
play with Software or Electronic Systems. Hackers
enjoy Exploring and Learning how Computer
systems operate. They love discovering new ways
to work electronically.
Recently, Hacker has taken on a new meaning
someone who maliciously breaks into systems for
personal gain. Technically, these criminals are
Crackers as Criminal Hackers. Crackers break into
systems with malicious intentions.
Hacker
They do it for Personal gain, Fame, Profit and
even Revenge. They Modify, Delete and Steal
critical information, often making other people's life
miserable.
Hacker
Hacking has a lot of meanings depending upon
the person’s knowledge and his work intentions.
Hacking is an Art as well as a Skill. Hacking is the
knowledge by which one gets to achieve his Goals,
anyhow, using his Skills and Power
Hacker
Most people associate Hacking with breaking
law, therefore calling all those guys who engage in
hacking activities to be criminals.
We agree that there are people out there who
use hacking techniques to break the law, but
hacking is not really about that.
Hacker Vs. Cracker .
What Is the Difference Between a Hacker and a
Cracker?
Many articles have been written about the
difference between Hackers and crackers, which
attempt to correct public misconceptions about
hacking.
For many years, media has applied the word
Hacker when it really means Cracker. So the public
now believe that a Hacker is someone who breaks
into computer systems and steal confidential data.
This is very untrue and is an insult to some of our
most talented Hackers.
Hacker Vs. Cracker .
A cracker is one who breaks into or otherwise
violates the system integrity of remote machines
with malicious intent. Having gained unauthorized
access, crackers destroy vital data, deny
legitimate users service, or cause problems for
their targets. Crackers can easily be identified
because their actions are malicious.
Hacker Vs. Cracker .
Hackers
Access computer system or network without
authorization
Breaks the law; can go to prison
Crackers
Break into systems to steal or destroy data
U.S. Department of Justice calls both hackers
Ethical hacker
Performs most of the same activities but with
owner’s permission
Types of Hackers
Let’s see the categories of Ethical Hackers on the
basis on their knowledge
Coders The Real Hackers are the Coders, the
ones who revise the methods and create tools that
are available in the market. Coders can find security
holes and weaknesses in software to create their
own exploits.
These Hackers can use those exploits to develop
fully patched and secure systems. Coders are the
programmers who have the ability to find the unique
vulnerability in existing software and to create
working exploit codes. These are the individuals with
a deep understanding of the OSI Layer Model and
TCP/IP Stacks.
Types of Hackers
Admins
Admins are the computer guys who use the tools
and exploits prepared by the coders.
They do not develop their own techniques,
however they uses the tricks which are already
prepared by the coders.
They are generally System Administration, or
Computer Network Controller.
Most of the Hackers and security person in this
digital world come under this category. Admins have
experience with several operating systems, and
know how to exploit several existing vulnerabilities.
Types of Hackers
Script Kiddies or packet monkeys
Young inexperienced hackers. Next and the most
dangerous class of Hackers is Script kiddies, They
are the new generation of users of computer who take
advantage of the Hacker tools and documentation
available for free on the Internet but don’t have any
knowledge of what’s going on behind the scenes.
They know just enough to cause you headaches but
typically are very sloppy in their actions, leaving all
sorts of digital fingerprints behind.
Even though these guys are the teenage Hackers
that you hear about in the news media, they need
minimum skills to carry out their attacks.
.
Types of Hackers

Script Kiddies are the bunnies who use script and

programs developed by others to attack computer
systems and Networks.
They get the least respect but are most annoying
and dangerous and can cause big problems without
actually knowing what they are doing.
Script
Set of instructions that runs in sequence
 Ethical Hacking Ethical Hacking is testing the
resources for a good cause and for the betterment
of technology. Technically Ethical Hacking means
penetration testing which is focused on Securing
and Protecting IT Systems.
It Takes Time to Become a Hacker
 This class alone won’t make you a hacker, or an
expert
 It might make you a script kiddie
 It usually takes years of study and experience to
earn respect in the hacker community
 It’s a hobby, a lifestyle, and an attitude
 A drive to figure out how things work
Type of Hacking
Website Hacking: Hacking a website means
taking unauthorized control over a web server and its
associated software such as databases and other
interfaces.
Network Hacking: Hacking a network means
gathering information about a network by using tools
like Telnet, NS lookup, Ping, Tracert, Netstat, etc.
with the intent to harm the network system and
hamper its operation.
 Email Hacking: It includes getting unauthorized
access on an Email account and using it without
taking the consent of its owner.
Type of Hacking
Password Hacking: This is the process of
recovering secret passwords from data that has
been stored in or transmitted by a computer system.
Computer Hacking: This is the process of stealing
computer ID and password by applying hacking
methods and getting.
Advantages of Hacking
To recover lost information, Example: lost your
password.
To perform penetration testing to strengthen
computer and network security.
To put adequate preventative measures in place to
prevent security breaches.
Disadvantages of Hacking
Massive security breach.
Unauthorized system access on private
information. Privacy violation.
Hampering system operation. Denial of service
attacks Malicious attack on the system.
Purpose/Motive of Hacking

Just for fun

Show-off
Steal important information Damaging the system
Hampering privacy
Money extortion System security testing
To break policy compliance Cyber-warfare.
Types of Hacker
Types of Hackers on the basis of activities
performed by them
White Hat Hacker / Ethical Hackers
A White Hat Hacker is computer guy who perform
Ethical Hacking. These are usually security
professionals with knowledge of hacking and the
hacker toolset and who use this knowledge to locate
security weaknesses and implement
countermeasures in the resources.
They never intent to harm a system, rather they try
to find out weaknesses in a computer or a network
system as a part of penetration testing and
vulnerability assessments.
Black Hat Hacker/Cracker
A Black Hat Hacker is computer guy who performs
Unethical Hacking.
These are the Criminal Hackers or Crackers who
use their skills and knowledge for illegal or malicious
purposes. They break into or otherwise violate the
system integrity of remote machines, with malicious
intent.
These are also known as an Unethical Hacker
or a Security Cracker. They focus on Security
Cracking and Data stealing.
Grey Hat Hacker
A Grey Hat Hacker is a Computer guy who
sometimes acts legally, sometimes in good will and
sometimes not. They usually do not hack for
personal gain or have malicious intentions, but may
or may not occasionally commit during the course of
technological exploits.
They are hybrid between White Hat and Black
Hat Hackers. They act without malicious intent but
for their fun, they exploit a security weakness in a
computer system or network without the owner’s
permission or knowledge.
Their intent is to bring the weakness to the
attention of the owners and getting appreciation or a
little bounty from the owners.
Hactivism

Another type of Hackers are Hactivists, who try to

broadcast political or social messages through their
work.
A Hacktivist wants to raise public awareness of an
issue.
Examples of hacktivism are the Web sites that
were defaced with the Jihad messages in the name
of Terrorism.
Cyber Terrorist
 These are Hackers who are Cyber Terrorists, who
attack government computers or public utility
infrastructure, such as power stations, air-traffic-
control towers. They crash critical systems or steal
classified government information.
 While in a conflict with enemy countries some
government start Cyber war via Internet.
Need for Ethical Hacking

The process of employing someone to hack ones

company is ethical hacking
It is also referred as penetrating testing, red
teaming, intrusion testing, vulnerability and even
security judgments.
It involves in foot-printing, scanning, tacking all the
secured information.
Need for Ethical Hacking
 Threat and vulnerability are the two dangers that
hackers has to face.
 Penetration testing is same as ethical hacking but
the hacker uses the penetrating tools and tests the
security danger.
 Ethical hacking is known as “White Hat”
 Game freaks
 Cyber terrorism
Need for Ethical Hacking
 Many Hackers say they do not hack to harm or
profit through their bad activities, which helps them
justify their work. They often do not look for money
full of pocket. Just providing a point is often a good
enough reward for them.
Types of ethical hackings
Ethical hackers use various methods for breaking
the security system in the organizations in the period
of cyber attack
Remote Network
Remote dial up network
Local Network
Stolen Equipment
Social engineering
Physical Entry
Network testing
Code review
War dialing
Techniques and tools required for ethical hacking

 traceroute, Visual route and NeoTrace

 LC4, John the Ripper and pwdump
 SuperScanner
 Whisker or WebInspect
 Nmap (Network Mapper),
 Etherpeek, SuperScan,
 QualysGuard, WebInspect and LC4,
 LANguard Network Security Scanner, Network
Stumbler and ToneLoc.
Certification Programs for Network Security
Personnel
Certification programs available in almost every
area of network security
Basics:
CompTIA Security+ (CNIT 120)
Network+ (CNIT 106 or 201)
Certified Ethical Hacker (CEH)
Certified Information Systems Security
Professional (CISSP)
 Issued by the International Information
Systems Security Certifications
Consortium (ISC2)
 Usually more concerned with policies and
procedures than technical details
 Web site
 –www.isc2.org
 SANS Institute
 SysAdmin, Audit, Network, Security
(SANS)
 Offers certifications through Global
Information Assurance Certification (GIAC)
 Top 20 list
 One of the most popular SANS Institute
documents
 Details the most common network exploits
 Suggests ways of correcting vulnerabilities
 Web site www.sans.org
Thank You All
 CO1

Ethical Hacking Terminologies

Terminologies
Session Agenda

Vulnerability
Attack
Threat
Exploit/ Exploit kit
Backdoor
Brute force Attack
Phases/Steps of Hacking
Terminologies

Vulnerability : A vulnerability is a weakness which

allows a hacker to compromise the security of a
computer or network system.
https://www.cvedetails.com/
https://nvd.nist.gov/
Terminologies
Vulnerability definition
National Institute of Standards and Technology
(NIST): Weakness in an information system,
system security procedures, internal controls, or
implementation that could be exploited or triggered
by a threat source.
ISO 27005: A weakness of an asset or group of
assets that can be exploited by one or more cyber
threats where an asset is anything that has value
to the organization, its business operations and
their continuity, including information resources
that support the organization's mission.
Terminologies
IETF RFC 4949: A flaw or weakness in a
system's design, implementation, or operation and
management that could be exploited to violate the
system's security policy.
ENISA: The existence of a weakness, design, or
implementation error that can lead to an
unexpected, undesirable event compromising the
security of the computer system, network,
application, or protocol involved.
The Open Group: The probability that threat
capability exceeds the ability to resist the threat.
Terminologies

Factor Analysis of Information Risk: The

probability that an asset will be unable to resist the
actions of a threat agent.
ISACA:A weakness in design, implementation,
operation or internal control.
Should known vulnerabilities be publicly
disclosed?
Whether to publicly disclose known vulnerabilities
remains a contentious issue:
Immediate full disclosure: Supporters of
immediate disclosure believe it leads to secure
software and faster patching improving software
security, application security, computer security,
operating system security and information security.
•Limited to no disclosure: While others are
against vulnerability disclosure because they
believe the vulnerability will be exploited.
When does a vulnerability become an
exploitable?
A vulnerability with at least one known, working
attack vector is classified as an exploitable
vulnerability. The window of vulnerability is the time
from when the vulnerability was introduced to when
it is patched.
If you have strong security practices, then many
vulnerabilities are not exploitable for your
organization.
For example, if you have properly configuredS3
security then the probability of leaking data is
lowered.
What is a zero-day exploit?
A zero-day exploit (or zero-day) exploits a zero-
day vulnerability.
A zero-day (or 0-day) vulnerability is a
vulnerability that is unknown to, or unaddressed
by, those who want to patch the vulnerability.
Until the vulnerability is patched, attackers can
exploit it to adversely affect a computer program,
data warehouse, computer or network.
The key thing to understand is the fewer days
since Day Zero, the higher likelihood that no patch
or mitigation has been developed and the higher
the risk of a successful attack.
What causes vulnerabilities?
There are many causes of vulnerabilities including:
1.Complexity: Complex systems increase the
probability of a flaw, misconfiguration or unintended
access.
2.Familiarity: Common code, software, OS &
hardware increase the probability that an attacker can
find or has information about known vulnerabilities.
3.Connectivity: The more connected a device is the
higher the chance of a vulnerability.
4.Poor password management: Weak passwords
can be broken with brute force and force and reusing
passwords can result in one data breach becoming
many.
What causes vulnerabilities?
5.Operating system flaws: Like any software,
operating systems can have flaws. Operating systems
that are insecure by default and give all users full
access can allow viruses and malware to execute
commands.
6.Internet usage: The Internet is full of spyware and
adware that can be installed automatically on
computers.
7.Software bugs: Programmers can accidentally or
deliberately leave an exploitable bug in software.
8.Unchecked user input: If your website or software
assume all input is safe it may execute unintended
SQL commands.
What causes vulnerabilities?

9.People: Biggest vulnerability in a organization is the

human at the end of the system. Social engineering is
biggest threat to the majority of organizations.
 What is vulnerability management?
 Vulnerability management is a cyclical (redundant)
practice of identifying, classifying, remediating and
mitigating security vulnerabilities. The essential
elements of vulnerability management include
vulnerability detection, vulnerability assessment and
remediation.
 Methods of vulnerability detection include:
 Vulnerability scanning
 Penetration testing
 Google hacking
Prevent from Vulnerabilities
If you do not run antivirus and antimalware software,
your laptop or mobile device is vulnerable to
infections.

If you fail to routinely update your operating systems

or application software, these will remain vulnerable to
software problems.
 Top 10 security Web vulnerabilities as per OWASP
 SQL Injection
 Cross Site Scripting(XSS) - malicious scripts are
injected into otherwise benign and trusted websites
 Broken Authentication and Session Management
Insecure Direct Object References - application
provides direct access to objects
 Cross Site Request Forgery - forces an end user to
execute unwanted actions
 Security Misconfiguration
 Insecure Cryptographic Storage
 Failure to restrict URL Access
 Insufficient Transport Layer Protection Un validated
Redirects and Forwards
Attack

Attack : An attack is an action that is done on a

system to get its access and extract sensitive data.
It is an assault on system security and any action
that violates security.
When a threat turns into an actual event, it may
cause an unwanted incident.
Threat
Threat : A threat is a possible danger that
can exploit an existing bug or vulnerability to
compromise the security of a computer or
network system.
harm an asset or cause it to become
unavailable
human error or negligence
Web service or email interruptions, loss or
unintentional disclosure of sensitive
information, and in the emerging Internet of
Things
Threat Actor
a threat actor, also called a malicious actor,
is an entity that is partially or wholly
responsible for a security incident that
impacts –or has the potential to impact –an
organization's security.
Someone or something must express or
pose a threat is called Threat Actor.
Threat actors are individual attackers or
state actors
Disgruntled, under-skilled, or overworked
employees can also pose threats
Target of Evaluation
Target of Evaluation: The system which is
under pen test or attack.
Ethical hackers are usually concerned with
high-value TOEs, systems that contain sensitive
information such as account numbers,
passwords, Social Security numbers, or other
confidential data.
It is the goal of the ethical hacker to test
hacking tools against the high-value TOEs to
determine the vulnerabilities and patch them to
protect against exploits and exposure of
sensitive data.
Exploit
Exploit : Exploit is a piece of software, a
chunk of data, or a sequence of commands
that takes advantage of a bug or vulnerability to
compromise the security of a computer or
network system.
Malicious hackers are looking for exploits in
computer systems to open the door to an initial
attack.
Most exploits are small strings of computer
code that, when executed on a system, expose
vulnerability.
Exploit

Experienced hackers create their own exploits,

but it is not necessary to have any programming
skills to be an ethical hacker as many hacking
software programs have ready-made exploits
that can be launched against a computer
system or network.
Exploit Kit
Exploit Kit : An exploit kit is software system
designed to run on web servers, with the
purpose of identifying software vulnerabilities in
client machines communicating with it and
exploiting discovered vulnerabilities to upload
and execute malicious code on the client.
Backdoor

Back door : A back door, or trap door, is a

hidden entry to a computing device or software
that bypasses security measures, such as
logins and password protections.
Brute Force Attack

Brute force attack : A brute force attack is an

automated and the simplest kind of method to
gain access to a system or website. It tries
different combination of usernames and
passwords, over and over again, until it gets in.
 Remote: The exploit is sent over a network
and exploits security vulnerabilities without
any prior access to the vulnerable system.
 Hacking attacks against corporate computer
systems or networks initiated from the outside
world are considered remote.
 Local: The exploit is delivered directly to the
computer system or network, which requires
prior access to the vulnerable system to
increase privileges.
Phases/Steps of Hacking
Reconnaissance / Information gathering
Scanning and Enumeration
Gaining Access
Maintaining Access and Placing Backdoors
Covering Tracks.
Reconnaissance/Information gathering
Reconnaissance is the phase where the
attacker gathers information about a target.
Example Tools: NMAP, Hping, Maltego, and
Google Dorks.
It is also called as Foot printing and
information gathering Phase. Theft of
information may be:
Network
Host
People involved
Hacking Phase: Reconnaissance
The reconnaissance target range may
include the target organization’s clients,
employees, operations, network, and systems.
This phase allows attackers to plan the
attack.
It may take some time as the attacker
gathers as much information as possible.
Part of this reconnaissance may involve
social engineering.
There are two types of Foot printing
Active: Directly interacting with the target to
gather information about the target. Eg Using
Nmap tool to scan the target.

Passive: Trying to collect the information

about the target without directly accessing the
target. This involves collecting information
from social media, public websites etc.
Scanning and Enumeration
The attacker begins to actively probe a target
machine or network for vulnerabilities that can
be exploited.
Example Tools: Nessus, Nexpose, and NMAP.
Methods:
War Dialing (to find out modem access)
Port Scanning ,
Network Mapping
Largely obsolete due to better firewall rules
Vulnerability Scanning
Scanning: War Dialing
Purpose: Find a modem connection.
Many users in a company install remote PC
software such as PC Anywhere without setting
the software up correctly.
War Dialer finds these numbers by going
through a range of phone numbers listening for
a modem.
Demon Dialer tries a brute force password
attack on a found connection.
Typically: war dialing will find an unsecured
connection.
 Scanning: Network Mapping
 Ping:
 ping is implemented using the Internet
Control Message Protocol(ICMP) Echo
Request.
 A receiving station answers back to the
sender.
 Used by system administrators to check
status of machines and connections.
 Scanning: Network Mapping
 Trace route:
 •Pings a system with ICMP echo requests
with varying life spans (= # of hops allowed).
 •A system that receives a package with
expired numbers of hops sends an error
message back to sender.
 •Trace route uses this to find the route to a
given system.
 •Useful for System Administration
 Port Scanning
 Applications on a system use ports to listen
for network traffic or send it out.
 216 ports available, some for known services
such as http (80), ftp.
 Port scans send various type of IP packages
to target on different ports.
 Reaction tells them whether the port is open
(an application listens).
 Port Scanning: Nmap
 Uses different types of packets to check for
open ports.
 Can tell from the reaction what OS is running,
including patch levels.
 Can run in stealth mode, in which it is not
detected by many firewalls.
The six port states recognized by Nmap
Open
Closed
Filtered
Unfiltered
Open | filtered
Closed | filtered
NMAP scan type
TCP Scan
UDP Scan
SYN Scan
ACK Scan
FIN Scan
NULL Scan
XMAS Scan
IPC Scan
Ideal Scan
 Gaining Access
 The vulnerability is located and you attempt
to exploit it in order to enter into the system.
 Example tool: Metasploit.
 Fault in Policy
 Weak or no authentication, unwarranted trust
relationships.
 Fault in Implementation
 Typical triggered by intentionally malformed
input Extension of a security breach
 Sniffing malware.
Hacking Phase: Gaining Access
This is the phase in which real hacking occurs.
The attacker can gain access to OS,
application, or network level.
Ending processes can stop a service, using a
logic bomb or time bomb, or even reconfigure
and crash the system.
Examples include password cracking, stack-
based buffer overflows, denial-of-service, and
session hijacking.
 Packet flooding also breaks the availability of
essential services.
Maintaining Access and Placing Backdoors
After gaining access, the hacker installs some
back doors in order to enter into the system
when he needs access in this owned system in
future.
Example tool: Metasploit.
Hacker may just hack the system to show it
was vulnerable Software Defects.
•background without the knowledge of the
user.
•Trojans, Rootkits or other malicious files.
•maintain the access to the target.
Maintaining Access and Placing Backdoors
Covering / Clearing Tracks
This process is actually an unethical
activity.
It has to do with the deletion of logs of all
the activities that take place during the
hacking process.

No thief wants to get caught.

clears all evidence
modifying/corrupting/deleting
Reporting
Reporting is the last step of finishing the
ethical hacking process. Here the Ethical
Hacker compiles a report with his findings
and the job that was done such as the tools
used, the success rate, vulnerabilities
found, and the exploit processes.
Thank You All
 CO1

Introduction to Ethical Disclosure

 Introduction to Ethical Disclosure
Session Agenda:

1.what is ethical hacking disclosure?

2.Ethics of Ethical Hacking
3.Ethical Hacking and the legal system
4.How does Ethical hacking work?
5.Laws To Remember as an Ethical Hacker
 Introduction to Ethical Disclosure

what is ethical hacking disclosure?

Ethical hacking is done for the security of the
client's system or network. Disclosure of the
client's confidential information renders ethical
hacking ineffective. Private information must be
kept private, and confidential information must be
kept confidential.
 Introduction to Ethical Disclosure
Ethics of Ethical Hacking
Ethical hacking is always performed with
consent. While the object of engagements is to
accurately reproduce the tactics, techniques and
procedures used by cybercriminals, it is never
designed to be malicious and aims to avoid
damage and disruption to businesses.
Ethical hacking uses the principles and techniques
of hackers to help businesses protect their
infrastructure and information (You could also say it
is used as an offensive part of a modern army’s
arsenal, but that is not what we do). Many people
wonder about our trademark tagline: “Professionally
Evil,” and we would like to discuss the benefits and
ethics of our ethical hacking.
 Introduction to Ethical Disclosure
Ethics of Ethical Hacking
Protecting the Defenseless
Finding and Fixing Vulnerabilities
Ensuring a More Secure World
Keep private and confidential information gained
in your professional work, (in particular as it
pertains to client lists and client personal
information). Not collect, give, sell, or transfer any
personal information (such as name, e-mail
address, Social Security number, or other unique
identifier) to a third party without client prior
consent.
 Introduction to Ethical Disclosure
Ethics of Ethical Hacking
Protect the intellectual property of others by
relying on your own innovation and efforts, thus
ensuring that all benefits vest with its originator.

Disclose to appropriate persons or authorities

potential dangers to any ecommerce clients, the
Internet community, or the public, that you
reasonably believe to be associated with a
particular set or type of electronic transactions or
related software or hardware.
Ethics of Ethical Hacking
Provide service in your areas of competence,
being honest and forthright about any limitations of
your experience and education. Ensure that you
are qualified for any project on which you work or
propose to work by an appropriate combination of
education, training, and experience.
Never knowingly use software or process that is
obtained or retained either illegally or unethically.
Not to engage in deceptive financial practices
such as bribery, double billing, or other improper
financial practices.
Ethics of Ethical Hacking
Use the property of a client or employer only in ways
properly authorized, and with the owner’s knowledge
and consent.
Disclose to all concerned parties those conflicts of
interest that cannot reasonably be avoided or
escaped.
Ensure good management for any project you lead,
including effective procedures for promotion of quality
and full disclosure of risk.
Add to the knowledge of the e-commerce profession
by constant study, share the lessons of your
experience with fellow EC-Council members, and
promote public awareness of benefits of electronic
commerce.
Ethics of Ethical Hacking
Conduct oneself in the most ethical and competent
manner when soliciting professional service or seeking
employment, thus meriting confidence in your
knowledge and integrity.
Ensure ethical conduct and professional care at all
times on all professional assignments without
prejudice.
Not to neither associate with malicious hackers nor
engage in any malicious activities.
Not to purposefully compromise or allow the client
organization’s systems to be compromised in the
course of your professional dealings.
Ethics of Ethical Hacking
Ensure all penetration testing activities are
authorized and within legal limits.
Not to take part in any black hat activity or be
associated with any black hat community that serves
to endanger networks.
Not to be part of any underground hacking
community for purposes of preaching and expanding
black hat activities.
Not to make inappropriate reference to the
certification or misleading use of certificates, marks or
logos in publications, catalogues, documents or
speeches. Not convicted in any felony, or violated any
law of the land.
Ethical Hacking and the legal system:
How does Ethical hacking work?
As ethical hacking is likely to be done with the
permission of the victim or the targeted system, the
only way to tackle black hat hacking is tackling it
through ethical hacking, the techniques used in
penetration are created in a way to emulate the real
attacks without causing any damage and safeguard
the organization or an individual against the cyber
attacks.
After it is discovered how the attackers work the
Network administrators, engineers and security
professional emulate the environment of security level
to conduct a penetration test.
The Steps that are involved in Penetration tests are as
follows:
• Ground rules should be established: to set the
expectation, to identify the parties involved, written
permissions or an agreement of access mainly known
as Statement of work in the United state

• Passive Scanning: Gathering information about the

target without his knowledge also known as Open
Source Intelligence, information such as Social
Networking Site, Online databases etc.

• Active Scanning and Enumeration: Using

investigating tools to scan the target’s public exposure.
The Steps that are involved in Penetration tests are as
follows:
Fingerprinting: Performing investigation of the target
systems to identify, operating system, applications,
and patch level open ports, user accounts etc.
Selecting a target system.
Exploiting the uncovered vulnerabilities: executing
the appropriate tools targeted at the suspected
exposures.
Escalating privilege: escalate the security context so
the ethical hacker has more control like gaining root or
administrative rights, using cracked passwords for
unauthorized access
Documenting and reporting: A file shall be
maintained about every technique used or every tool
that was used, vulnerabilities that were exploited and
much more.
Laws To Remember as an Ethical Hacker

With the growth in usage of internet in India, cyber

attacks have impacted the security of the computer
networks as well; India adopted the model law on
electronic commerce which was adopted by the United
Nations Commission on International Trade Law
consequently Information Technology Act of
2000 came into force, the purpose of the act was an
Act to provide legal recognition for transactions by
means of electronic data interchange and, commonly
referred to as “electronic commerce”, which involve the
use of alternatives to paper-based methods of
communication and storage of information.
Laws To Remember as an Ethical Hacker

Section 43 of the Act states that if any person without

permission of the owner or any other person who is an
in charge of a computer, computer system or computer
network, if modifies, damages, disrupts computer
network, downloads, copies or extract any data or
information from such computer network or accesses
to such computer system he may be penalized for
damages. 
The term used in this provision is without permission of
the owner that gives an impression if a person is
working under the authority or in a good faith he may
not be liable for the damages.
Laws To Remember as an Ethical Hacker

Section 43- A of the Act states that if any person fails
to protect the data he is liable for compensation, so if
an ethical hacker is a body corporate and he fails to
protect the data he his handling he will be liable under
section 43-A of IT Act.
Laws To Remember as an Ethical Hacker

Section 66 of the IT Act deals with the computer-

related offences which state that any person who
dishonestly and fraudulently does any act mentioned
in section 43 of the Act he shall be penalized with 3
years.
Laws To Remember as an Ethical Hacker

The government agencies like CBI, Army and law

enforcement bodies, Intelligence Bureau, Ministry of
Communication and Information Technology under the
Information Technology Act can form government
agency under section 70-A and Section 70-B for the
Critical Information Infrastructure Protection can recruit
the cyber security experts to protect itself from cyber
terrorism as laid down in section 66-F of the
Information Technology Act where it has been
mentioned without authorization or exceeds authorized
access.
Laws To Remember as an Ethical Hacker

The IT law of India does penalize a hacker who does

not have proper authorization to get access to the
computer hacker but it does not protect ethical hackers
unless he is employed by the government
under section 84. Ethical hackers cannot be ignored,
as their presence is much required to protect the
computer networks against cyber terrorism and cyber
attacks.
Thank You All