Ethical Hacking and Network Defense. Contact Information Sam Bowne Sam Bowne Website: samsclass.info Website:

Slides:

Advertisements

Similar presentations

1.8 Malpractice and Crime In this section you must be able to: Explain the consequences of malpractice and crime on information systems. Describe the possible.

Advertisements

Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?

Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.

Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.

Chapter 1 Ethical Hacking Overview. Who Am I?  Kevin Riley  Systems / Network Analyst Orange Coast College   Phone

Acceptable Use Policy –The Acceptable Use Policy defines the rules of the machine and internet connection you are on. –Specific policies differ by machine.

Computer Threats I can understand computer threats and how to protect myself from these threats.

Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Computer Security and Penetration Testing

BUSINESS PLUG-IN B6 Information Security.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

 Ethical Hacking is testing the resources for a good cause and for the betterment of technology.  Technically Ethical Hacking means penetration.

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

 ICT Security › If the firm is a victim of a computer crime, should they pursue prosecution of the criminals at all costs, should they maintain a low.

Security, Privacy, and Ethics Online Computer Crimes.

Ethical Hacking by Shivam.

Hands-On Ethical Hacking and Network Defense

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

ETHICAL HACKING ETHICAL HACKING A LICENCE TO HACK Submitted By: Usha Kalkal M.Tech(1 st Sem) Information technology.

Issues Raised by ICT.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Chapter 1 Ethical Hacking Overview. Hands-On Ethical Hacking and Network Defense2  Describe the role of an ethical hacker  Describe what you can do.

 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.

Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.

IT security By Tilly Gerlack.

Ethical Hacking Defeating Wireless Security. 2 Contact Sam Bowne Sam Bowne Computer Networking and Information Technology Computer Networking and Information.

Nata Raju Gurrapu Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.

 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.

Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.

Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.

Chapter 19.1 Cyberlaw and Cybercrime BUSINESS LAW II.

Chapter 1 Ethical Hacking Overview. Objectives After reading this chapter and completing the exercises, you will be able to: Describe the role of an ethical.

Ethical Hacking and Network Defense NCTT Winter Workshop January 11, 2006.

First Look at Security and Privacy Jeremiah Burleson.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

Ethical Hacking Han Li  Ethical Hacking is testing the resources for a good cause and for the betterment of technology.  Technically Ethical Hacking.

Topic 5: Basic Security.

Ethical Hacking: Hacking GMail. Teaching Hacking.

Presents Ethical Hacking For Inplant Training / Internship, please download the "Inplant training registration form" from our website.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

Ethical Hacking: Defeating Logon Passwords. 2 Contact Sam Bowne Sam Bowne Computer Networking and Information Technology Computer Networking and Information.

Presents Ethical Hacking 1 For Inplant Training / Internship, please download the "Inplant training registration form" from our.

Web Security Introduction to Ethical Hacking, Ethics, and Legality.

Chapter 1 Ethical Hacking Overview. Hands-On Ethical Hacking and Network Defense2  Describe the role of an ethical hacker  Describe what you can do.

Last revised A.A. Degree CNIT 120: Network Security Fundamentals of Network Security Preparation for Security+ Certification Essential for.

1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.

Security, Ethics and the Law. Vocabulary Terms Copyright laws -software cannot be copied or sold without the software company’s permission. Copyright.

1 Figure 1-3: Attack Trends Growing Incident Frequency  Incidents reported to the Computer Emergency Response Team/Coordination Center  1997: 2,134.

By Collin Donaldson Man in the Middle Attack: Password Sniffing and Cracking.

Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.

CITA 352 Chapter 1 Ethical Hacking Overview. Introduction to Ethical Hacking Ethical hackers –Hired by companies to perform penetration tests Penetration.

Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.

Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.

HACKING Submitted By: Ch. Leela Sasi, I M.C.A, Y11MC29011, CJJC P.G College.

Seminar On Ethical Hacking Submitted To: Submitted By:

Presented by: Kevin Regaldo Phillip Dai

Ethical Hacking By: Erin Noonan.

Ethical Hacking: Hacking GMail

The Impact Of ICT “Hacking”

ECCouncil Exam Real Dumps - ECCouncil Exam 100% Passing Guarantee

Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek

The Art of Deception.

Hands-On Ethical Hacking and Network Defense

Chapter 13 Security and Ethical Challenges.

Ethical Hacking.

Presentation transcript:

Ethical Hacking and Network Defense

Contact Information Sam Bowne Sam Bowne Website: samsclass.info Website: samsclass.info All materials from this talk are already on that website All materials from this talk are already on that website Download them and use them freely Download them and use them freely Hands-On Ethical Hacking and Network Defense2

3 Isn’t Hacking a Crime?

Ethical Hacking Ethical hackers Ethical hackers Employed by companies to perform penetration tests Employed by companies to perform penetration tests Penetration test Penetration test Legal attempt to break into a company’s network to find its weakest link Legal attempt to break into a company’s network to find its weakest link Tester only reports findings, does not harm the company Tester only reports findings, does not harm the company

5 Penetration Testers Hackers Hackers Access computer system or network without authorization Access computer system or network without authorization Breaks the law; can go to prison Breaks the law; can go to prison Crackers Crackers Break into systems to steal or destroy data Break into systems to steal or destroy data U.S. Department of Justice calls both hackers U.S. Department of Justice calls both hackers Ethical hacker Ethical hacker Performs most of the same activities but with owner’s permission Performs most of the same activities but with owner’s permission

6 Penetration Testers Script kiddies or packet monkeys Script kiddies or packet monkeys Young inexperienced hackers Young inexperienced hackers Copy codes and techniques from knowledgeable hackers Copy codes and techniques from knowledgeable hackers Experienced penetration testers use Perl, C, Assembler, or other languages to code exploits Experienced penetration testers use Perl, C, Assembler, or other languages to code exploits

Security Credentials CompTIA offers Security+ certification, a basic familiarity with security concepts and terms CompTIA offers Security+ certification, a basic familiarity with security concepts and terms 7

8 OSSTMM Professional Security Tester (OPST) Designated by the Institute for Security and Open Methodologies (ISECOM) Designated by the Institute for Security and Open Methodologies (ISECOM) Based on the Open Source Security Testing Methodology Manual (OSSTMM) Based on the Open Source Security Testing Methodology Manual (OSSTMM)

9 Certified Information Systems Security Professional (CISSP) Issued by the International Information Systems Security Certifications Consortium (ISC 2 ) Issued by the International Information Systems Security Certifications Consortium (ISC 2 ) Usually more concerned with policies and procedures than technical details Usually more concerned with policies and procedures than technical details Web site Web site

10 Certified Ethical Hacker (CEH) But see Run Away From The CEH Certification But see Run Away From The CEH Certification Link at samsclass.info Link at samsclass.info

11 What You Cannot Do Legally Accessing a computer without permission is illegal Accessing a computer without permission is illegal Other illegal actions Other illegal actions Installing worms or viruses Installing worms or viruses Denial of Service attacks Denial of Service attacks Denying users access to network resources Denying users access to network resources Possession of others’ passwords can be a crime Possession of others’ passwords can be a crime See Password theft See Password theft Link at samsclass.info Link at samsclass.info

12 Get Out of Jail Free Card When doing a penetration test, have a written contract giving you permission to attack the network When doing a penetration test, have a written contract giving you permission to attack the network Using a contract is just good business Using a contract is just good business Contracts may be useful in court Contracts may be useful in court Have an attorney read over your contract before sending or signing it Have an attorney read over your contract before sending or signing it

Projects To get credit for this session, do any one of these: To get credit for this session, do any one of these: Project 1: Using The Metasploit Framework to take over a vulnerable computer remotely Project 1: Using The Metasploit Framework to take over a vulnerable computer remotely Project 2: : Using Ophcrack to crack Windows passwords with Rainbow tables Project 2: : Using Ophcrack to crack Windows passwords with Rainbow tables Project 3: Using a Keylogger to record keystrokes (including passwords) Project 3: Using a Keylogger to record keystrokes (including passwords) 13

CNIT 123: Ethical Hacking and Network Defense 3-unit course 3-unit course Offered face-to-face next semester Offered face-to-face next semester Face-to-face and online sections in Spring 2008 Face-to-face and online sections in Spring