Presentation is loading. Please wait.

Presentation is loading. Please wait.

COMP1321 Digital Infrastructures Richard Henson University of Worcester April 2016.

Published byJuliet Knight Modified over 8 years ago

Similar presentations

Presentation on theme: "COMP1321 Digital Infrastructures Richard Henson University of Worcester April 2016."— Presentation transcript:

1

2 COMP1321 Digital Infrastructures Richard Henson University of Worcester April 2016

3 Week 21: Web Communications - Securing Web Pages n Objectives:  Explain the principles of hacking ethically  Access and exploit a “test” client site  Explain “Footprinting” and reconnaissance from a penetration testers perspective  “Passively” scan networks from the outside

4 Ethical Hacking Principles n Hacking is a criminal offence in the UK  covered through The Computer Misuse Act (1990)  tightened by further legislation (2006) n It can only be done ”legally” by a trained (or trainee) professional  a computing student would be considered in this context under the law

5 Ethical Hacking principles n Even if it is legal…  doesn’t mean it is ethical! n Professionals only hack without owner’s permission if there is reason to believe a law is being broken  if not… they must ask permission  otherwise definitely unethical (and possibly illegal)

6 Ethical Hacking Principles n What is “hacking”?  breaching a computer system without permission n How is it done?  using software tools to get through the security of the system  also called penetration testing (again… if done with permission…)

7 Penetration Testers Toolkit n Many penetration testing tools available n Also a body of knowledge that shows how to use them… n Together, provide the expertise to penetration test a client’s site  but this should only be undertaken with the client’s permission…

8 Preparing to use a Toolkit n Ethical Hacking Professionals need to be familiar with both Windows Server, and Linux To fully engage with principles of penetration testing,install the following as virtual machines on your own computer: To fully engage with principles of penetration testing,install the following as virtual machines on your own computer:  Windows 2008 Server  Linux, with Backtrack (as VM) …  Remember: this should only be used ethically! n Instead, you may wish to just take an overview (plenty of excellent youtube videos)

9 Reminder of Virtualisation… n The use of software to allow hardware to run multiple operating system images at the same time  Possible to run Windows OS under Mac OS  run multiple versions of Windows OS on the same PC n Enables the creation of a “virtual” (rather than actual) version of any software environment on the desktop, e.g. Operating Systems, a server, a storage device or networks, an application

10 What and Why of “Footprinting” n Definition:  “Gathering information about a “target” system” n Could be passive (non-penetrative) or active  Find out as much information about the digital and physical evidence of the target’s existence as possible »need to use multiple sources… »may (e.g. “black hat” hacking) need to be done secretly

11 Useful Info to Gather about a network n Domain Names n User/Group names n System Names n IP addresses n Employee Details/Company Directory n Network protocols used & VPN start/finish n Company documents n Intrusion detection system used

12 Rationale for “passive” Footprinting n The ethical hacker can gather a lot of information from publicly available sources  organisation needs to know what is “out there” n Methodology:  start by finding the URL (search engine) »e.g. www.worc.ac.uk  from main website, find other external-facing names »e.g. staffweb.worc.ac.uk

13 Website Connections & History n History: use www.archive.org:  The Wayback Machine n Connections: use robtex.com n Business Intelligence:  sites that reveal company details  e.g. www.companieshouse.co.uk www.companieshouse.co.uk

14 More Company Information… n “Whois” & CheckDNS.com:  lookups of IP/DNS combinations  details of who owns a domain name  details of DNS Zones & subdomains n Job hunters websites:  e.g. www.reed.co.uk www.reed.co.uk  www.jobsite.co.uk www.jobsite.co.uk  www.totaljobs.com www.totaljobs.com n IT technicians “blog entries”

15 People Information n Company information will reveal names n Use names in  search engines  Facebook  LinkedIn n Google Earth reveals:  company location(s)

16 Physical Network Information (“active” footprinting or phishing) n External “probing”  should be detectable by a good defence system… (could be embarrassing!) n e.g. Traceroute:  Uses ICMP protocol “echo” »no TCP or UDP port  reveals names/IP addresses of intelligent hardware: »e.g. Routers, Gateways, DMZs

17 Email Footprinting n Using the email system to find the organisation’s email names structure  “passive” monitor emails sent »IP source address »structure of name  “active” email sending programs : »test whether email addresses actually exist »test restrictions on attachments

18 Utilizing Google etc. (“passive”) n Google: Advanced Search options: n Uses [site:] [intitle:] [allintitle:] [inurl:]  In each case a search string should follow  e.g. “password” n Maltego  graphical representations of data

19 Network Layers and Hacking n Schematic TCP/IP stack interacting at three of the 7 OSI levels (network, transport, application): TELNETFTP NFSDNS SNMP TCP UDP IP SMTP X XX X X X ports

20 TCP & UDP ports n Hackers use these to get inside firewalls etc. n Essential to know the important ones:  20, 21 ftp80 http389 Ldap  22 ssh88 Kerberos443 https  23 telnet 110 pop3636 Ldap/SSL  25 smtp135 smb  53 dns137-9 NetBIOS  60 tftp161 snmp

21 Reconnaissance/Scanning n Three types of scan:  Network (already mentioned) »identifies active hosts  Port »send client requests until a suitable active port has been found…  Vulnerability »assessment of devices for weaknesses that can be exploited

22 A “Scanning” Methodology for Ethical Hackers… n Check for Live Systems n Check for open ports n “Banner Grabbing”  e.g.  e.g. bad html request n Scan for vulnerabilities n Draw Network diagram(s) n Prepare proxies…

23 Proxy Hacking (or Hijacking) n Attacker creates a copy of the targeted web page on a proxy server n Now uses methods like:  keyword stuffing  linking to the copied page from external sites… n Artificially raises search engine ranking  authentic page will rank lower… »may even be seen as duplicated content, in which case a search engine may remove it from its index

24 Lots more “tricks” ethically available!

25 Now you try it! n Download software tools first… n Try out the tools on an informal basis without infringing “ethical hacking” rules n Gather evidence documenting your activities  after Campbell Murray’s presentation (27 th April) n Present evidence for assignment 2, guidance 4/11 th May…

26 Thanks for Listening Thanks for Listening

Download ppt "COMP1321 Digital Infrastructures Richard Henson University of Worcester April 2016."

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
IS 247 Introduction to Web Application Development Tim Wu.

IS 247 Introduction to Web Application Development Tim Wu.
The Internet Useful Definitions and Concepts About the Internet.

The Internet Useful Definitions and Concepts About the Internet.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.

SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
EC-Council’s Certified Ethical Hacker (CEH) Richard Henson May 2012.

EC-Council’s Certified Ethical Hacker (CEH) Richard Henson May 2012.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Forensic and Investigative Accounting

Forensic and Investigative Accounting
IT 210 The Internet & World Wide Web introduction.

IT 210 The Internet & World Wide Web introduction.
Copyright © Texas Education Agency, 2013. All rights reserved.1 Web Technologies Web Administration.

Copyright © Texas Education Agency, All rights reserved.1 Web Technologies Web Administration.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,

Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,

Similar presentations

Ads by Google