1. Introduction to Ethical Hacking, Ethics, and Legality

2.  Defining Ethical Hacking  Hacking for defensive purposes  White Hats, Black Hats, Gray Hats  Hacktivists: Hacking for a cause  Script Kiddies: Use other’s tools  Testing  White Box: Know everything  Black Box: Know only company name  Gray Box: between white box and black box, from inside  Security Elements  CIA: Confidentiality, Integrity, Authenticity/Availability

3.  Threat  Exploit  Vulnerability  Target of Evaluation  Attack  Remote vs Local

4.  1. Reconnaissance  2. Scanning  3. Gaining Access  4. Maintaining Access  5. Covering Tracks

5.  Two Basic Types  Passive: dumpster diving, shoulder surfing, eavesdropping, gathering data from a whois tool, DNS, and network scanning, find active machines, open ports & apps  Active: probing, social engineering,

6.  Dialers  Port Scanners  ICMP Scanners  PING Sweeps  Network Mappers  SNMP Sweepers  Vulnerability Scanners

7.  Buffer overflows  Denial of Service  Session Hijacking

8.  Planting  Backdoors  Rootkits  Trojans  Making a zombie

9.  Steganography  Snow.exe: ASCII files  Stealth: PGP files  ImageHide: Text files  Tunneling Protocols  ITunnel, Ptunnel  Altering Log Files  Elsave, WinZapper

10.  Operating Systems  Default setting, bugs  Applications  Default settings, bugs  Shrink-Wrap code  Enabled features that aren’t used but left open  Misconfigurations

11.  Remote Network  Remote Dial-Up Network  Local Network  Stolen Equipment  Social Engineering  Physical Entry  Operating System  Application Level  Shrink wrap and malicious code attacks  Misconfiguration attacks

12.  Gain Authorization  Maintain/follow nondisclosure agreement  Maintain confidentiality  Perform test – but do no evil

13.  EC-Council’s 3 Phrases  1. Preparation  2. Conduct  3. Conclusion

14.  No U.S. laws prior to 1984 outlawing crimes committed with or against a computer  Who investigates?  Financial computer crimes -> U.S. Secret Service  All other computer crimes -> Federal Bureau of Investigation  Computer Fraud and Abuse Act – 1986 / 1996  18 U.S.C. 1030: Fraud and Related activity in connection with computers  18 U.S.C. 1029: Fraud and Related activity in connection with Access Devices

15.  Computer Misuse Act of 1990 (United Kingdom)  Freedom of Information Act (FOIA)  USA Patriot Act - 2001

16.  Cyber Security Enhancement Act of 2002  SPY ACT 2007  18 U.S.C. 1028: deals with fraud related to possession of false identification documents  18 U.S.C. 1362: Destruction of Communication Lines, Stations, or Systems  18 U.S.C. 2510: Wire and Electronic Communications Interception and Interception of Oral Communication  18 U.S.C. 2701: Stored wire and electronic communications, and transactional records access

17.  Human Rights Act 1998 (U.K.)  judges are not allowed to override the Act. However, they can issue a declaration of incompatibility  makes available in UK courts a remedy for breach of a Convention right, without the need to go to the European Court of Human Rights.  totally abolished the death penalty in UK law.  FMFIA of 1982  2004 CAN SPAM Act

18.  Federal Information Security Mgt Act (FISMA)  Privacy Act of 1974  Gov’t Paperwork Elimination Act (GPEA)  Stalking Amendment Act 1999 (Australia)  Equal Credit Opportunity Act (ECOA)  Prohibits creditors from collecting data from applicants, such as national origin, caste, religion