A PROJECT ON

Project Guide:Sariga Raj, Senior Lecturer, Division of Information Technology

By:Harish kumar Kumar Anurag Akash Kalp

What is HACKING ?
Hacking can be defined as unauthorized use or attempts to circumvent or bypass the security mechanism of an information system, device or network.

computers and computer networks in particular. who delights in having an intimate understanding of the internal workings of a system . It is used to refer to someone skilled in use of computer systems.Who is a HACKER ? A person . . especially if that skill was obtained in a exploratory way.

TYPES OF HACKER • • • • • • WHITE HAT GREY HAT BLACK HAT PHREAKER SCRIPT KIDDIES HACTIVISTS .

White Hat hackers are also known as ethical hackers. where it refers to an ethical hacker or penetration tester who focuses on securing and protecting IT systems.WHITE HAT :A WHITE HAT is the hero or good guy. . especially in computing slang.

refers to a skilled hacker who sometimes legally. and sometimes not. sometimes in good will. . They are hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions.GREY HAT :A GREY HAT. hacking community .

fun or even in a part of social cause. They may attack systems for profit. It refers to a hacker that breaks into networks or computers.BLACK HAT:A BLACK HAT is the bad guy or the villain. . or creates computer viruses. They are also called crackers who are specialized in unauthorized penetration of information systems .

like systems connected to public telephone networks. or explore telecommunication systems.PHREAKER:PHREAKING is a slang term coined to describe the activity of a subculture of people who study . . experiment with.

They are hackers who are also activists . HACKTIVISTS:These are people who hack systems and websites for political motives.SCRIPT KIDDIES:They are the people who use script and programs developed by others to attack systems and networks.

MALICIOUS HACKER STRATEGY:• Reconnaissance • Scanning • Gaining Access • Maintaining Access • Clearing tracks .

.INFORMATION GATHERING • The initial process in hacking. • Used by attacker as well as investigator to get more information about target.server or any individual using methodological procedure. system . • Process of profiling any organization .

• The main type of SCANNING is PORT SCANNING. . in remote system . server & network. vulnerabilities.SCANNING:• Process of finding out open/close port .

.• • • • PORT SCANNING:Most popular technique used by attacker All machines connected to LAN or connected to internet run at ports 1 to 65535 ports are available By port scanning the attacker finds which ports are available.

Port scanning within a computer • External Port scanning.TYPES OF PORT SCANNING:• Internal port scanning.Port scanning in a network or outside our own system .

It is a program that views the infection points on the network and exploits them. TROJANS:• VIRUS is an application that self replicates by injecting its code into data files. . • TROJAN is a program that once executed performs a task other than expected. WORMS . • WORMS copies itself over a network.VIRUS .

SQL INJECTION:• An attack in which malicious code is inserted into strings that are later passed to an instance of SQL server for parsing and execution. . • The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. SQL injection attacks are also known as SQL insertion attacks. • It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another.

and the nature of any security mitigations implemented by the site's owner. • Their impact may range from a petty nuisance to a significant security risk. • An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. • Cross-site scripting carried out on websites were roughly 80% of all security vulnerabilities documented by Symantec as of 2007. .CROSS SITE SCRIPTING (XSS):• A type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. depending on the sensitivity of the data handled by the vulnerable site.

. • It has grown into a popular technique in online market. • These mails are generally spam and have motives such as marketing or just fun.EMAIL FLOODING:• Technique used by hackers to bomb an e-mail account with a large number of mails.

. For example.com may be lured to click the link [сitibank.. hence the term for the attack).com/) where the Latin C is replaced with the Cyrillic С.com] (punycode: xn-itibank-xjg. • They exploit the fact that many different characters look alike. (i. a person frequenting citibank. they are homographs.IDN HOMOGRAPH ATTACK:• Also called internationalized domain name (IDN) homograph attack • It is a way a malicious party may deceive computer users about what remote system they are communicating with.e.

.GOOGLE HACKS:• These are the techniques to implement google tools in their best way • These are used by novices all over the world as an introduction to small hacking tools.

• Communications purporting to be from popular social web sites. online payment processors or IT administrators are commonly used to lure the unsuspecting public .PHISHING:• Phishing is a way of attempting to acquire sensitive information by masquerading as a trustworthy entity in electronic communication. auction sites.

ranging from hardware and software-based approaches to electromagnetic and acoustic analysis. . typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. • There are numerous keylogging methods.KEYLOGGER:• It is the action of tracking (or logging) the keys struck on a keyboard.

some rules and guidelines that defined certain business activities going on through internet legal and certain illegal and hence punishable .CYBER LAWS:• Cyber laws are meant to set the definite pattern.

CYBER LAWS IN INDIA:• The IT Act 2000 . . validity or enforceability. gives the legal framework so that information is not denied legal effect. • One cannot regard government as complete failure in shielding numerous e-commerce activities on the firm basis of which this industry has got to its skies. but then the law cannot be regarded as free from ambiguities.the cyber law of India . solely on the ground that it is in the form of electronic records.

Malaysia and Japan . which denotes all aspects. the World Wide Web and cyber space. India is the 12th nation in the world that has cyber legislation apart from countries like the US. France. issues and the legal consequences on the Internet.CYBER LAWS & THE WORLD:• Cyber law is a generic term. Singapore.

.INDIA IN CYBER LAWS:• India has failed to keep in pace with the world in this respect. and the consequence is not far enough from our sight. most of the big customers of India ’s outsourcing company have started to re-think of carrying out their business in India .

NO. OF CASES UNDER IPC ACT 2004 2005 2006 2007 2008 2009 . OF CASES UNDER IPC ACT 450 400 350 300 250 200 150 100 50 0 NO.

THE CONCLUSION:ONE WHITE HACKER FOR ONE BLACK HACKER .

¾¾ ¾ ¾n½°–nf ° ¾ ¾  – €f ¾ n° f  ¾ n¯ °  ¯f° nf¾€ W @ ¯½fn¯ff°– €¯f½ °¾f°n f¾–°€nf°¾ n¾  ½ ° °–° ¾ °¾€  fff°    ° f  ¾  f°  °f €f°¾ n¯–f°¾¯½ ¯ °   ¾ ¾ °  .

- W @ n° ¾  fn ¾ ¯ f° ¯f fnn°ff– °¯ €¯f¾ W @ ¾ ¯f¾f – ° f¾½f¯f° f  ¯ ¾¾nf¾¯f °–©¾€° W f¾–°°f½½f n° ° °° ¯f  ..

-.9@@.

 W ¾nf ° °f°f  ¯f°°f¯ %-% ¯–f½ffn W ¾fff¯fn¾½f¯f n  n¯½ ¾ ¾ f f ¯ ¾¾ ¯ f n¯¯°nf°– W @  ½ €fnf¯f° €€  ° nffn ¾  f %  f ¯–f½¾  °n   ¯€  ffn%  f¯½ f½ ¾°€  °°– n f° n¯ ¯f  nn °  f° n¯ %½°n °  f° ©– n¯$%   f° .

¾ ½fn   .

n  .

.

 W @ ¾ f   n° ¾¯½ ¯ °–– ¾°  ¾f W @ ¾ f ¾  °n ¾f    f¾f°° n°¾¯ffn°–¾ .

9- W 9¾°–¾ff€f ¯½°–fn  ¾ °¾ °€¯f° ¯f¾ f °–f¾f ¾ °°  n°nn¯¯°nf° W .

¯¯°nf°¾½½°– €¯½½f ¾nf ¾ ¾ fn°¾ ¾ °° ½f¯ ° ½n ¾¾¾@f ¯°¾f¾f n¯¯° ¾   °¾¾½ n°–½ n .

 W ¾ fn°€fn°–%––°–%  ¾ ¾n°f   f ½nf°fn ¯f°°  ¾f ½ ¾°¾°–   f ¾°ff  f fn°¾f  °–¯° W @  f °¯ ¾ ––°– ¯  ¾ f°–°– €¯f f f° ¾€f f¾ f½½fn ¾   n¯f–° n f° fn¾n f°f¾¾ .

.

 J W .

 f¾f ¯ f°¾   €°  ½f ° ¾¯  ¾f° – ° ¾f €° n f° ¾° ¾¾fn ¾–°–° –° °  –ff° n f° –ff°   °n ½°¾f  .

.

 J-- W @ @n  n f€° f – ¾   –f€f¯ ¾f°€¯f°¾° °   –f €€ n f  °€n f  ¾ °  –° f¾° €¯€  n°n  n ¾ W ° nf°° –f – °¯ °f¾n¯½   €f °¾  °–°¯ ¾ n¯¯ n  fn ¾° €¯ f¾¾€n¾° ¾ f¾–¾¾ ¾   ° fnf°°   –f f¾€ €¯f¯ – ¾ .

.

 J @J W .

 f¾f– ° n ¯ n ° ¾f f¾½ n¾ ¾¾ ¾f°   –fn°¾  °n ¾°  ° °   J J J f° n  ¾½fn ° f¾ °f°°   ff¾n  –¾f°f½f€¯n° ¾   D °–f½ f°n .ff¾ff°  f½f° .

--.

 J W ° ff¾€f  ½°½fn    °¾ ¾½ n f°  n°¾  °n ¾°€f °–€¯¾– ¯¾€  – n¾¯ ¾€° f#¾¾n°–n¯½f° f ¾f  °€nf°–  ¾° ¾¾°° f .

- .

D-9.

.

@                 - .

D-9.

 .

@ .

% &$  %#  # # .

Sign up to vote on this title
UsefulNot useful