20-minute Intro to Hacking Mike Gagnon, Ethical Hacker http://mikegagnon.com
First things first…
Guideline: Never hack someone’s system without their permission Ethical Hacking Be responsible Don’t use hacking for evil It’s easy to be caught, and the penalties are very steep Guideline: Never hack someone’s system without their permission
Why do ethical hackers hack? It’s fun “War games.” Companies hire ethical hackers to hack into their systems so that the companies can learn how to improve their defenses Ethical hackers develop defensive technology Every coder should know how to hack, so that they know how to write “secure code” (which is code that can defend itself from hackers)
How to hack? Hacking = manipulating a system to do something it wasn’t designed to do Like hot wiring a car http://commons.wikimedia.org/wiki/File:Dash_Wires.jpg Hacking computers is often simple (once you know how computers work)
Just like requesting a person to compute something for you How do computers work? For example: What happens when you type google.com in your browser? There is a computer on the Internet whose address is google.com Your computer sends a “request” to that computer The google.com computer computes a “response” and sends it back to your computer Your computer shows the response on your screen google.com computes the response this response is a web page: request Just like requesting a person to compute something for you
Example DoS attack DoS = denial of service Send a request for a very difficult computation It might crash the computer The Air Force once challenged me to hack their radar. That’s how I did it. http://www.ll.mit.edu/mission/cybersec/publications/publication-files/full_papers/2010_06_25_Gagnon_ISARCS_FP.pdf http://commons.wikimedia.org/wiki/File:C-band_Radar-dish_Antenna.jpg
Hack my server! You have my permission to try to crash: http://hackerpuzzle.herokuapp.com But I won’t tell you how It’s a puzzle
Guideline: Never hack someone’s system without their permission I repeat: Be responsible Don’t use hacking for evil It’s easy to be caught, and the penalties are very steep Guideline: Never hack someone’s system without their permission
Teach yourself to hack It can be a career Learn everything you can about how computers work Learn to code Learn math (algebra, calculus, statistics, and beyond) Experiment a lot Find hacking challenges on the Web Be tenacious Be patient Be ethical