EC-Council’s Certified Ethical Hacker (CEH) Richard Henson May 2012.

Slides:



Advertisements
Similar presentations
Instructor & Todd Lammle
Advertisements

System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Penetration Testing.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
IT 210 The Internet & World Wide Web introduction.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
Chapter 10 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Explain how the functions of the application layer,
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Chapter 9.
Chapter 6: Packet Filtering
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 19 PCs on the Internet.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
CIS 450 – Network Security Chapter 3 – Information Gathering.
COMP1321 Digital Infrastructure Richard Henson February 2014.
TCP/IP fundamentals Unit objectives Discuss the evolution of TCP/IP Discuss TCP/IP fundamentals.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.
Mr C Johnston ICT Teacher BTEC IT Unit 05 - Lesson 05 Network Protocols.
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
Linux Networking and Security
Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.
Data Communications and Networks
Integrating and Troubleshooting Citrix Access Gateway.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 3: TCP/IP Architecture.
Protocols COM211 Communications and Networks CDA College Olga Pelekanou
COMP3371 Cyber Security Richard Henson University of Worcester November 2015.
Retina Network Security Scanner
COMP3371 Cyber Security Richard Henson University of Worcester November 2015.
Footprinting and Scanning
Transmission Control Protocol (TCP) Internet Protocol (IP)
Protocols Monil Adhikari. Agenda Introduction Port Numbers Non Secure Protocols FTP HTTP Telnet POP3, SMTP Secure Protocols HTTPS.
Web Security Introduction to Ethical Hacking, Ethics, and Legality.
Enumeration. Definition Scanning identifies live hosts and running services Enumeration probes the identified services more fully for known weaknesses.
COMP1321 Digital Infrastructure Richard Henson March 2016.
COMP2322 Network Management Richard Henson Worcester Business School March 2016.
Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.
Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools.
COMP1321 Digital Infrastructures Richard Henson University of Worcester April 2016.
 Terms:  “Security”: is a system’s ability to provide services while maintaining the five IA pillars  “Attack”: an action that violates one of the.
COMP1321 Digital Infrastructure Richard Henson March 2016.
Modern information gathering Dave van Stein 9 april 2009.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
COMP3371 Cyber Security Week 10
Click to edit Master subtitle style
Instructor Materials Chapter 5 Providing Network Services
Footprinting and Scanning
Network Wiring and Reference
Footprinting and Scanning
2018 Latest Eccouncil Exam Questions Answers - Eccouncil Dumps PDF
Topic 5: Communication and the Internet
Learning objectives By the end of this unit you should: Explain
Firewalls Routers, Switches, Hubs VPNs
COMP1321 Digital Infrastructures
COMP3371 Cyber Security Week 8
Prepared by: Adeel Ahmad
Chapter 2.1: Introduction to TCP/IP
Presentation transcript:

EC-Council’s Certified Ethical Hacker (CEH) Richard Henson May 2012

Session 1 This will cover: Structure of the course Principles of hacking ethically CEH ethical hackers toolkit and dummy client site “Footprinting” and reconnaissance Scanning networks

Certificate of Attendance Certificate achieved through: attending the seminars doing the “lab” exercises

CEH qualification Achieved through: certificate of attendance passing the examination (take any time at recognised Pearson or Vue centres) can retake… cost: approx £120

Ethical Hacking Principles Hacking is a criminal offence in the UK covered through The Computer Misuse Act (1990) tightened by further legislation (2006) It can only be done ”legally” by a trained (or trainee) professional a computing student would be considered in this context under the law

Ethical Hacking principles Even if it legal, doesn’t mean it is ethical! Professionals only hack without permission if there is reason to believe a law is being broken if not… they must ask permission otherwise definitely unethical (and possibly illegal)

Ethical Hacking Principles What is “hacking”? breaching a computer system without permission How is it done? using software tools to get through the security of the system also called penetration testing (if done with permission…)

Course Toolkit This course provides access to penetration testing tools Also a body of knowledge that shows how to use them… theory: covered by these slides practical: exercises provided; up to you to work through them Together, provide the expertise to penetration test a client’s site Dummy site:

Preparing to use the Toolkit You’ll need to install the following on a computer to do the exercises: Windows 2008 Server (basic os) running Hyper-V Windows 7 (as VM – Virtual Machine) Windows XP (as VM) Windows 2003 Server (as VM) Backtrack and Linux (as VM) All the Windows versions and virtual machine platform are available to download using MSDN Guidance in CEHintro.pdf file

Virtualisation (Hyper-V on Windows 2008 Server, Citrix, VMware, etc.) The use of software to allow a piece of hardware to run multiple operating system images at the same time Possible to run Windows OS under Mac OS run multiple versions of Windows OS on the same PC Enables the creation of a “virtual” (rather than actual) version of any software environment on the desktop, e.g. Operating Systems, a server, a storage device or networks, an application

What and Why of Footprinting Definition: “Gathering information about a “target” system” Could be Passive (non-penetrative) or active Find out as much information about the digital and physical evidence of the target’s existence as possible need to use multiple sources… may (“black hat” hacking) need to be done secretly

What to Gather Domain Names User/Group names System Names IP addresses Employee Details/Company Directory Network protocols used & VPN start/finish Company documents Intrusion detection system used

Rationale for “passive” Footprinting Real hacker may be able to gather what they need from public sources organisation needs to know what is “out there” Methodology: start by finding the URL (search engine) e.g. from main website, find other external-facing names e.g. staffweb.worc.ac.uk

Website Connections & History History: use The Wayback Machine Connections: use robtex.com Business Intelligence: sites that reveal company details e.g.

More Company Information… “Whois” & CheckDNS.com: lookups of IP/DNS combinations details of who owns a domain name details of DNS Zones & subdomains Job hunters websites: e.g

People Information Company information will reveal names Use names in search engines Facebook LinkedIn Google Earth reveals: company location(s)

Physical Network Information (“active” footprinting or phishing) External “probing” should be detectable by a good defence system… (could be embarrassing!) e.g. Traceroute: Uses ICMP protocol “echo” no TCP or UDP port reveals names/IP addresses of intelligent hardware: e.g. Routers, Gateways, DMZs

Footprinting Using the system to find the organisation’s names structure “passive” monitor s sent IP source address structure of name “active” sending programs : test whether addresses actually exist test restrictions on attachments

Utilizing Google etc. (“passive”) Google: Advanced Search options: Uses [site:] [intitle:] [allintitle:] [inurl:] In each case a search string should follow e.g. “password” Maltego graphical representations of data

Network Layers and Hacking Schematic TCP/IP stack interacting at three of the 7 OSI levels (network, transport, application): TELNETFTP NFSDNS SNMP TCP UDP IP SMTP X XX X X X ports

TCP & UDP ports Hackers use these to get inside firewalls etc. Essential to know the important ones: 20, 21 ftp80 http389 Ldap 22 ssh88 Kerberos443 https 23 telnet 110 pop3636 Ldap/SSL 25 smtp135 smb 53 dns137-9 NetBIOS 60 tftp161 snmp

Reconnaissance/Scanning Three types of scan: Network (already mentioned) identifies active hosts Port send client requests until a suitable active port has been found… Vulnerability assessment of devices for weaknesses that can be exploited

Scanning Methodology Check for Live Systems Check for open ports “Banner Grabbing” Scan for vulnerabilities Draw Network diagram(s) Prepare proxies…

Now you try it! Download software through MSDN Set up your ethical hacking toolkit Go through lab 1 Gather evidence that you’ve done the lab Bring evidence to the June meeting…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.