Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ethical Hacking and Network Defense NCTT Winter Workshop January 11, 2006.

Published byBrent Collins Modified over 8 years ago

Similar presentations

Presentation on theme: "Ethical Hacking and Network Defense NCTT Winter Workshop January 11, 2006."— Presentation transcript:

1 Ethical Hacking and Network Defense NCTT Winter Workshop January 11, 2006

2 Contact Information Sam Bowne Email: sbowne@ccsf.edu Website: samsclass.info All materials from this talk are already on that website Download them and use them freely Hands-On Ethical Hacking and Network Defense2

3 3 Isn’t Hacking a Crime?

4 4 Introduction to Ethical Hacking Ethical hackers –Employed by companies to perform penetration tests Penetration test –Legal attempt to break into a company’s network to find its weakest link –Tester only reports findings, does not harm the company

5 5 The Role of Security and Penetration Testers Hackers –Access computer system or network without authorization –Breaks the law; can go to prison Crackers –Break into systems to steal or destroy data –U.S. Department of Justice calls both hackers Ethical hacker –Performs most of the same activities but with owner’s permission

6 6 The Role of Security and Penetration Testers (continued) Script kiddies or packet monkeys –Young inexperienced hackers –Copy codes and techniques from knowledgeable hackers Experienced penetration testers use Perl, C, Assembler, or other languages to code exploits

7 Security Credentials CompTIA offers Security+ certification, a basic familiarity with security concepts and terms 7

8 8 OSSTMM Professional Security Tester (OPST) Designated by the Institute for Security and Open Methodologies (ISECOM) Based on the Open Source Security Testing Methodology Manual (OSSTMM) –Written by Peter Herzog

9 9 Certified Information Systems Security Professional (CISSP) Issued by the International Information Systems Security Certifications Consortium (ISC 2 ) Usually more concerned with policies and procedures than technical details Web site –www.isc2.org

10 10 Certified Ethical Hacker (CEH) But see Run Away From The CEH Certification –Link at samsclass.info

11 11 What You Cannot Do Legally Accessing a computer without permission is illegal Other illegal actions –Installing worms or viruses –Denial of Service attacks –Denying users access to network resources Possession of others’ passwords can be a crime –See Password theft Link at samsclass.info

12 12 Get Out of Jail Free Card When doing a penetration test, have a written contract giving you permission to attack the network Using a contract is just good business Contracts may be useful in court Have an attorney read over your contract before sending or signing it

13 Projects Project 1: Using a Keylogger to record keystrokes (including passwords) Project 2: Using The Metasploit Framework to take over a vulnerable computer remotely Demonstration: Using Ophcrack to crack Windows passwords with Rainbow tables 13

Download ppt "Ethical Hacking and Network Defense NCTT Winter Workshop January 11, 2006."

Similar presentations

Shelby County Technology Scope and Sequence 6-8 #8: AUP Computer Fraud Copyright Violations Penalties Nancy Law Columbiana Middle School.

Shelby County Technology Scope and Sequence 6-8 #8: AUP Computer Fraud Copyright Violations Penalties Nancy Law Columbiana Middle School.
1.8 Malpractice and Crime In this section you must be able to: Explain the consequences of malpractice and crime on information systems. Describe the possible.

1.8 Malpractice and Crime In this section you must be able to: Explain the consequences of malpractice and crime on information systems. Describe the possible.
Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?

Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?
Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.

Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.
Chapter 1 Ethical Hacking Overview. Who Am I?  Kevin Riley  Systems / Network Analyst Orange Coast College   Phone 714.432.5949.

Chapter 1 Ethical Hacking Overview. Who Am I?  Kevin Riley  Systems / Network Analyst Orange Coast College   Phone
Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.

Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
 Ethical Hacking is testing the resources for a good cause and for the betterment of technology.  Technically Ethical Hacking means penetration.

 Ethical Hacking is testing the resources for a good cause and for the betterment of technology.  Technically Ethical Hacking means penetration.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.

Ethical Hacking Introduction.  What is Ethical Hacking?  Types of Ethical Hacking  Responsibilities of a ethical hacker  Customer Expectations  Skills.
 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.

 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Ethical Hacking by Shivam.

Ethical Hacking by Shivam.
Hands-On Ethical Hacking and Network Defense

Hands-On Ethical Hacking and Network Defense
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.

Similar presentations

Ads by Google