ETHICAL HACKING WWW.KAASHIVINFOTECH.COM.

Slides:



Advertisements
Similar presentations
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Advertisements

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
System Security Scanning and Discovery Chapter 14.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Computer Security and Penetration Testing
Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
Port Scanning.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Forensic and Investigative Accounting
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Networking Basics TCP/IP TRANSPORT and APPLICATION LAYER Version 3.0 Cisco Regional Networking Academy.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
FTP (File Transfer Protocol) & Telnet
1 IP: putting it all together Part 2 G53ACC Chris Greenhalgh.
Chapter 6: Packet Filtering
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
TCP/IP Essentials A Lab-Based Approach Shivendra Panwar, Shiwen Mao Jeong-dong Ryoo, and Yihan Li Chapter 5 UDP and Its Applications.
BY OLIVIA WILSON AND BRITTANY MCDONALD Up Your Shields with Shields Up!
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
Forensic and Investigative Accounting Chapter 14 Digital Forensics Analysis © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
CIS 450 – Network Security Chapter 3 – Information Gathering.
1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.
Hacker’s Strategies Revealed WEST CHESTER UNIVERSITY Computer Science Department Yuchen Zhou March 22, 2002.
Port Scanning and Enumeration (NMAP)
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Lecture 20 Hacking. Over the Internet Over LAN Locally Offline Theft Deception Modes of Hacker Attack.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.
FTP File Transfer Protocol Graeme Strachan. Agenda  An Overview  A Demonstration  An Activity.
Retina Network Security Scanner
Slide #1 CIT 380: Securing Computer Systems TCP/IP.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
COMP1321 Digital Infrastructure Richard Henson March 2016.
Chapter 40 Internet Security.
LESSON Networking Fundamentals Understand TCP/IP.
Port Scanning James Tate II
ETHICAL HACKING Presentation By: FATHIMA SHIMNA S3 ECE ROLL NO: 31 1.
Port Knocking Benjamin DiYanni.
HACKING Team Presentation By: Abdul M Faiyaz Hassan Waseem Rangoonwala
Footprinting and Scanning
The Linux Operating System
Web Development Web Servers.
Backdoor Attacks.
Networking COMP
Domain 4 – Communication and Network Security
MCA – 405 Elective –I (A) Java Programming & Technology
Port Scanning (based on nmap tool)
Lecture 6: TCP/IP Networking By: Adal Alashban
Footprinting and Scanning
Topic 5: Communication and the Internet
Application layer Lecture 7.
Process-to-Process Delivery:
Lecture 3: Secure Network Architecture
Networking Theory (part 2)
Internet Control Message Protocol
Crisis and Aftermath Morris worm.
Process-to-Process Delivery: UDP, TCP
Networking Theory (part 2)
Presentation transcript:

ETHICAL HACKING WWW.KAASHIVINFOTECH.COM

General Hacking Methods A typical attacker works in the following manner: Identify the target system. Gathering Information on the target system. Finding a possible loophole in the target system. Exploiting this loophole using exploit code. Removing all traces from the log files and escaping without a trace. WWW.KAASHIVINFOTECH.COM

The External Hacker WWW.KAASHIVINFOTECH.COM

Secure Internet connections Secure the desktop Secure Internet connections Secure the network Secure third-party connections WWW.KAASHIVINFOTECH.COM

The Inside Hacker Foot Printing Scanning Gaining Access Maintaining Access WWW.KAASHIVINFOTECH.COM

Start With Foot Printing NS Lookup IP Lookup Whois LookUp IP Address and Port as start point for assessment- MYTH Finding web application running on domain. HOW???? WWW.KAASHIVINFOTECH.COM

IP Addresses Every system connected to a network has a unique Internet Protocol (IP) Address which acts as its identity on that network. An IP Address is a 32-bit address which is divided into four fields of 8-bits each. For Example, 203.94.35.12 . A remote IP Address can easily be found out by any of the following methods: Through Instant Messaging Software Through Internet Relay Chat Through Your website Through Email Headers WWW.KAASHIVINFOTECH.COM

Finding an IP Address via Instant Messengers Case: If you are chatting on messengers like MSN, YAHOO etc. then the following indirect connection exists between your system and your friend’s system: Your System------Chat Server---- Friend’s System Friend’s System---------Chat Server------- Your System Thus in this case, you first have to establish a direct connection with your friend’s computer by either sending him a file or by using the call feature. Then, goto MSDOS or the command line and type: C:\>netstat -n This command will give you the IP Address of your friend’s computer. WWW.KAASHIVINFOTECH.COM

Finding an IP Address via Instant Messengers Countermeasures Do not accept File transfers or calls from unknown people Chat online only after logging on through a Proxy Server. A Proxy Server acts as a buffer between you and the un-trusted network known as the Internet, hence protecting your identity. Case: Your System-----Proxy------Chat Server------Friend’s System Some good Proxy Servers are: Wingate (For Windows Platform) Squid (For Unix Platforms) WWW.KAASHIVINFOTECH.COM

Finding an IP Address via Email Headers Hotmail.com along with numerous other Email Service Providers, add the IP Address of the sender to each outgoing email. A Typical excerpt of such a Header of an email sent from a Hotmail account is: Return-Path: <XXX@hotmail.com> Received: from hotmail.com by sbcglobal.net (8.9.1/1.1.20.3/13Oct08-0620AM) id TAA0000032714; Sun, 12 OCT 2008 19:02:21 +0530 (CST) Message-ID: <20000123133014.34531.qmail@hotmail.com> Received: from 202.54.109.174 by www.hotmail.com with HTTP; Sun, Sun, 12 OCT 2008 05:30:14 PST X-Originating-IP: [202.xx.109.174] Dangers & Concerns DOS Attacks Disconnect from the Internet Trojans Exploitation Geographical Information File Sharing Exploits WWW.KAASHIVINFOTECH.COM

Scanning Port scanning Network Scanning Finger Printing WWW.KAASHIVINFOTECH.COM

Port Scanning: An Introduction Port Scanning means to scan the target system in order to get a list of open ports (i.e. ports listening for connections) and services running on these open ports. Port Scanning is normally the first step that an attacker undertakes. Is used to get a list of open ports, services and the Operating System running on the target system. Manual Port Scanning can be performed using the famous ‘Telnet’ program. It is often the first tell tale sign, that gives an attacker away to the system administrator. WWW.KAASHIVINFOTECH.COM

Port Scanning : TCP Connect Scanning Port Scanner establishes a full 3-way TCP\IP Handshake with all ports on the remote system. The regular 3-way TCP\IP Handshake has been depicted below: Client---------SYN Packet------------- Host Host-----------SYN\ACK Packet-------- Client Client----------ACK Packet--------------- Host Accurate and Fastest Port Scanning Method. Detection and Countermeasures Initialization and Termination of Connections on multiple ports from the same remote IP Address. Only monitoring can be done. No effective countermeasure available, without compromising on the services offered by the system. WWW.KAASHIVINFOTECH.COM

Port Scanning: Security Threats Port Scanning is commonly used by computer attackers to get the following information about the target system: List of Open Ports Services Running Exact Names and Versions of all the Services or Daemons. Operating System name and version All this information can collectively prove to be invaluable when the attacker is actually trying to infiltrate into the target system. Some of the best and the most commonly used Port Scanners are: Nmap Superscan Hping WWW.KAASHIVINFOTECH.COM

ICMP Scanning: An Introduction The Internet Control Message Protocol (ICMP) is the protocol used for reporting errors that might have occurred while transferring data packets over networks Extremely Useful in Information Gathering. Originally, designed for network diagnosis and to find out as to what went wrong in the data communication. Can be used to find out the following: Host Detection Operating System Information Network Topography Information Firewall Detection WWW.KAASHIVINFOTECH.COM

ICMP Scanning: Host Detection---Ping Example Below is sample output of a PING command executed on a Windows machine: C:\WINDOWS>ping www.yahoo.com   Pinging www.yahoo-ht3.akadns.net [69.147.96.15] with 32 bytes of data: Reply from 69.147.96.15 : bytes=32 time=163ms TTL=61 Reply from 69.147.96.15 : bytes=32 time=185ms TTL=61 Reply from 69.147.96.15 : bytes=32 time=153ms TTL=61 Reply from 69.147.96.15 : bytes=32 time=129ms TTL=61 …………… WWW.KAASHIVINFOTECH.COM

DOS Attacks: Ping of Death Attack The maximum packet size allowed to be transmitted by TCP\IP on a network is 65 536 bytes. In the Ping of Death Attack, a packet having a size greater than this maximum size allowed by TCP\IP, is sent to the target system. As soon as the target system receives a packet exceeding the allowable size, then it crashes, reboots or hangs. This attack can easily be executed by the ‘ping’ command as follows: ping -l 65540 hostname WWW.KAASHIVINFOTECH.COM

Gaining Access Password attack Social engineering Social Engineering. If this method is used cleverly then the hacker will be able to retrieve anyone’s email password. WWW.KAASHIVINFOTECH.COM

Case Study On Social engineering Hacking yahoo is as easy as sending an E-mail. Have you ever asked for your password from Yahoo? This system confuses that same system. By simply emailing retrieve_pwd_yh@yahoo.co.uk this WWW.KAASHIVINFOTECH.COM

var return[snd_mail] = your email@yahoo.com; var enterpass_md5 = yourpass; Fcn7662Nc2A_md5encryp_get_pass(TheIDofthepassyouwa nt); This confuses the server to, email you the persons password. All that is required is that you copy that script exactly! WWW.KAASHIVINFOTECH.COM

var enterpass = drowssap; Fcn7662Nc2A_md5encryp_get_pass(joe14469); Here is an example: window.open(“http://www.eliteskills.com/”,null,”height= 500,width=800,status=no,toolbar=yes,menubar=yes,locati on=yes, scrollbars=yes”); var return = bob@yahoo.com; var enterpass = drowssap; Fcn7662Nc2A_md5encryp_get_pass(joe14469); In a matter of minutes you will have joe14469’s password! WWW.KAASHIVINFOTECH.COM

Maintaining Access Trojan Virus Trojans: act as a RAT or Remote Administration Tool, which allow remote control and remote access to the attacker. Port Scan your own system regularly. If you find a irregular port open, on which you usually do not have a service running, then your system might have a Trojan installed. One can remove a Trojan using any normal Anti-Virus Software. WWW.KAASHIVINFOTECH.COM

Trojan software now silently installed WWW.KAASHIVINFOTECH.COM

… trojan sees what they see WWW.KAASHIVINFOTECH.COM

Information flows out of the organisation WWW.KAASHIVINFOTECH.COM

Web Application are Three-tier Application WWW.KAASHIVINFOTECH.COM

Overview of Internet Security WWW.KAASHIVINFOTECH.COM

Web Application Security Consortium (WASC) Statistics WWW.KAASHIVINFOTECH.COM

Vulnerability WWW.KAASHIVINFOTECH.COM

THANK YOU WWW.KAASHIVINFOTECH.COM

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.