Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hacking? Huh?  It's silly to argue about the ``true'' meaning of a word. A word means whatever people use it to mean. One can't force Newsweek to use.

Published byRoy Haymaker Modified over 9 years ago

Similar presentations

Presentation on theme: "Hacking? Huh?  It's silly to argue about the ``true'' meaning of a word. A word means whatever people use it to mean. One can't force Newsweek to use."— Presentation transcript:

1 Hacking? Huh?  It's silly to argue about the ``true'' meaning of a word. A word means whatever people use it to mean. One can't force Newsweek to use the word ``hacker” according to an official definition. Copyright 2003 © Amir Elhadidy  A ``computer hacker,'' then, is someone who lives and breathes computers, who knows all about computers, who can get a computer to do anything. Equally important, though, is the hacker's attitude. Computer programming must be a hobby, something done for fun, not out of a sense of duty or for the money.

2 Clearer Definition: 1. An expert or enthusiast of any kind. One might be an astronomy hacker, for example.

3 Clearer Definition continued…: 2. One who enjoys programming rather than just theorizing about programming.

4 Clearer Definition continued…: 3. A person who is able to adapt and learn quickly - Dynamic.

5 Clearer Definition continued…: 4. An expert at a particular program, or one who frequently does work using it or on it; as in `a Unix hacker'.

6 Clearer Definition continued…: 5. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary.

7 Clearer Definition continued…: 6. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations.

8 Ethical Hacker vs. Cracker Definition for: cracker A person who breaks into computer systems, using them without authorization, maliciously. In other words, a cracker IS a hacker, but does things for purposes other than good. The news/media commonly use the term "hacker" to describe someone who fits the above description.

9 Script Kiddies 1.The lowest form of a cracker; script kiddies do mischief with scripts and programs written by others, often without understanding the exploit. 2. People who cannot program. More generally, a script kiddie writes (or more likely cuts and pastes) code without either having or desiring to have a mental model of what the code does; someone who thinks of code as magical incantations and asks only "what do I need to type to make this happen?"

10 “So what?…” Before getting into the technicalities: A typical argument: "You'd better install a firewall“ "Why?" "To keep people out of your computer!“ "Why should I care? I've got nothing special on my computer."

11 That’s what… 1. You get hacked. The hacker installs a key logger and now he has all your passwords, your credit card numbers, emails of your friends, etc. He will cause you many problems. That’s what. 2. You get hacked. The bad guy installs a trojan on your computer. It is now a zombie, controlled remotely by the hacker. You get a visit from the FBI. That’s what.

12 Who might hack your system? Enemies specifically targeting your computer: unlikely unless you have enemies Script kiddies randomly scanning for insecure computers: Most likely, especially if you have high- speed connection. A cause for Internet traffic.

13 Attack Methodology: Pre-attack Intelligence Gathering IP addresses assigned Web Server IP Address Firewall IP Target Identification Operating System (Type, Patch version) Services Info Hardware Location (Physical, Logical) Data Content Log Locations

14 Attack Methodology (continued): Attack Planning Identify known vulnerabilities System entrance plan (hack) System exit plan (stealth) DoS plan against IDSs (Intrusion Detection System) Configure attack systems Evaluate ability for system hopping

15 Attack Methodology (continued): Attacking Look for detection indications, continue? If (continue = yes) { while ( repeatedly checking for intrusion detection) { - Get Root access - Verify log locations - Add user - Trojanize - Move to another system – repeat then continue to do what you want } If (You are detected) { - Alter system logs - Exit immediately or - Move to another system and repeat }

16 Post Attack  Evaluate Detection Was your location detected? If yes, RUN! If not, lay low for a while  Evaluate Data Acquired Attack Methodology (continued):

17 Other methods: Social Engineering –manipulation Dumpster-Diving

18 Misconceptions about hacking: Some systems are invulnerable to hacking - (False) -If you can make it, you can unmake it Anyone can be hacked easily – (False) - Some systems require great skill to penetrate. Hackers only attack corporate systems, not home users. – (False) - Home users are a great source for easy and fast sensitive info - Broadband users are used as zombies for remote attacks.

19 How to prevent an attack: Install powerful firewall(s) Periodically check for viruses in the entire network. Always install new patches Always be up to date with known vulnerabilities Create a security structure in your network Disable all the services that are not required (FTP, SSH, sendmail, Apache, Telnet, etc…) Implement a strong logging system Educate the users that will have access to any computer. Never assume

20 Tools to protect yourself http://www.sygate.com (Firewall)http://www.sygate.com http://www.zonelabs.com (Firewall)http://www.zonelabs.com http://www.mcafee.com (Anti-Virus)http://www.mcafee.com http://www.symantec.com (Anti-Virus)http://www.symantec.com http://www.interhack.net/pubs/fwfaq/ (Knowledge)http://www.interhack.net/pubs/fwfaq/ http://computer.howstuffworks.com/firewall.htm (Knowledge)http://computer.howstuffworks.com/firewall.htm

21 Resources http://www.hackinglinuxexposed.com www.cs.berkeley.edu/~bh/hackers.html http://linux.ucla.edu/guides/security.php3 http://hack-gear.com http://www.mycgiserver.com/~ethicalhackers/hhh.html Prevention: http://messageq.ebizq.net/security/meinel_2.html http://messageq.ebizq.net/security/meinel_2.html

Download ppt "Hacking? Huh?  It's silly to argue about the ``true'' meaning of a word. A word means whatever people use it to mean. One can't force Newsweek to use."

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Computer Threats I can understand computer threats and how to protect myself from these threats.

Computer Threats I can understand computer threats and how to protect myself from these threats.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.

Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.

McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
HACKER NOT CRACKER. HACKER IS  A person who enjoys exploring the details of programmable systems and how to stretch their capabilities  Most often programmers.

HACKER NOT CRACKER. HACKER IS  A person who enjoys exploring the details of programmable systems and how to stretch their capabilities  Most often programmers.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures.

James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures.
Introducing Computer and Network Security

Introducing Computer and Network Security
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Department Of Computer Engineering

Department Of Computer Engineering
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Yvan Cartwright, Web Security Introduction Correct encryption use Guide to passwords Dictionary hacking Brute-force hacking.

Yvan Cartwright, Web Security Introduction Correct encryption use Guide to passwords Dictionary hacking Brute-force hacking.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

Similar presentations

Ads by Google