1 / 37

Introduction to Ethical Hacking

Introduction to Ethical Hacking. BAI514 – Security I. Introduction to Ethical Hacking. The consequences of successful hacking attacks can have far-reaching implications Financial loss Loss of reputation Drop in stock value Many, many legal issues. Terminology.

blaze
Download Presentation

Introduction to Ethical Hacking

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Introduction to Ethical Hacking BAI514 – Security I

  2. Introduction to Ethical Hacking • The consequences of successful hacking attacks can have far-reaching implications • Financial loss • Loss of reputation • Drop in stock value • Many, many legal issues

  3. Terminology • CIA - basic tenets of information system security • Confidentiality • Integrity • Availability

  4. Terminology • Confidentiality – ensures that information is not disclosed to unauthorized persons or processes • Integrity – achieved by 3 goals • Prevent modification on information by unauthorized users • Prevent unintentional modification by authorized users • Preserve internal and external consistency • Internal Consistency – a logical connection among data in the system • External Consistency – a logical connection among objects in the real world and their representation in the system

  5. Terminology • Availability – ensures that a system’s authorized users have timely and uninterrupted access to the information in the system

  6. Terminology • Authenticity • The confirmation of the origin and identity of an information source • Identification • A user claiming an identity to an information system • Authentication • The confirmation and reconciliation of evidence of a user’s identity

  7. Terminology • Accountability • Assigning responsibility for a user’s actions • Privacy • Protection of individually identifiable information • Organization Security Policy • High level statement of management intent regarding the control of access to information and the personnel authorized to receive that information

  8. Terminology • Threat • Event or activity that has the potential to cause harm to the information systems or networks • Vulnerability • A weakness or lack of a safeguard that can be exploited by a threat, causing harm to the information systems or networks • Can exist in hardware, OS, firmware, applications, and config files

  9. Terminology • Risk • The potential for harm or loss to an information system or network • The probability that a threat will materialize • Attack • An action against an information system or network that attempts to violate the system security policy • Usually the result of a threat realized

  10. Terminology • Target of Evaluation • An IT product, element, or system designated to have a security evaluation • Exploit • A means of exploiting a weakness or vulnerability in an IT system to violate the system’s security

  11. Terminology -Hackers, Crackers, and Phreaks! • Hacker (historical) • A person who is intellectually curious and wants to learn as much as possible about a computer system. • Hacking was the development and improvement of software to increase the performance of the computing system(s) • Cracker • A person using the same techniques as a hacker, but for harmful or malicious purposes against computer systems

  12. Terminology -Hackers, Crackers, and Phreaks! • Ethical Hacker • A security professional who uses their computing capabilities for defensive purposes and to increase the security posture of information systems • Script Kiddie • An individual, usually young, without programming skills who uses attack software that is freely available on the Internet. Typically do not understand how the tools they use work.

  13. Terminology -Hackers, Crackers, and Phreaks! • Phreaker • A hacker who focuses on communication systems • Steal calling card numbers • Make free phone calls • Attack PBXs • Acquire access, illegally, to communication devices • Cyber-Terrorist • An individual who works for a government or terrorist group that is engaged in sabotage, espionage, financial theft, and attacks on a nation’s critical infrastructure

  14. Terminology -Hactivism • Hackers who conduct their activities for a cause are said to be practicing hactivism • Targets include any organization they perceive are behind social injustice

  15. Terminology –Threats • Information Warfare • Computer-related attacks for military of economic purposes • Cyber Terrorism • Attacks against a nation’s critical infrastructure • Criminal • Theft, fraud, physical damage • Violation of Data Integrity • Theft , modification, or loss of data • Late or Delayed Processing • Delays in processing that lead to reduced income, penalties, or additional expenses

  16. Terminology –Threats • Acquiring High Sensitivity Data • Using inference, data aggregation, or other methods to acquire data of higher sensitivity than allowed • Malware • Viruses, trojans, worms, and other software to cause harm to information systems • Denial of Service • Preventing normal access to a systems resources • Personnel-Related • Unauthorized access to personnel records or attacks by disgruntled employees • Environmental • Failures caused by environmental issues

  17. History of Hacking • Began in the 1960’s • MIT Students attempted to learn more about mainframe computing • Telephone systems were tempting to phreakers • John Draper (aka Captain Crunch) found a way to generate a tone to allow access to the AT&T long distance network • This led to the building of the infamous “blue box” that generated specific tones for use in making long distance calls • Others who were involved in blue boxes include Steve Jobs and Steve Wozniak

  18. History of Hacking • 1980’s • Hackers shared info and password files on bulletin boards (e.g. Sherwood Forest) • Hacker clubs started to form (e.g. Chaos Computer Club) • Magazine 2600 debuted in 1984 • 1986 – Attacks against US classified systems • Affiliates of the Chaos Computer Club working for KGB • 1988 – Morris worm, written by Robert Morris, caused a major DoS

  19. History of Hacking • 1990’s • 1990 - Kevin Poulson hacked a radio stations phone system to win prizes • 1993 – First Def Con hacker conference held in Las Vegas • 1995 – Kevin Mitnick arrested for many crimes including attacks against phone systems • See the movie “Takedown” • 1995 Vladimir Leven made transfers of $10 million to numerous international banks

  20. History of Hacking • 1990’s cont… • 1998 – Trojan “Back Orifice” released by “The Cult of the Dead Cow” • 2000’s • DoS attacks against Amazon.com and ZDNet • Microsoft hacked and source code for OS stolen • Your turn!

  21. Ethical Hacking Objectives and Motivations • Try to duplicate intent and actions of malicious hacker, without cause harm. • Perform penetration testing (pen testing) • Operate with permission and knowledge of target organization • Sometimes only senior management may be informed to allow a “double blind” environment • Pen tester needs to know • Assets to be protected • Potential threat sources • Extent to which the organization will support the ethical hackers’s efforts. • How far down the rabbit hole should you go…

  22. Steps in Malicious Hacking

  23. Steps in Malicious Hacking • Reconnaissance • Active • Passive • Scanning • Enumeration • Nmap, Nessus, war dialers, SuperScan

  24. Steps in Malicious Hacking • Gaining Access • Operating System level • Application level • Network level • Elevated privileges • Denial of Service • Maintaining Access • Uploading programs/data • Downloading programs/data • Altering programs/data • Fix vulnerability

  25. Steps in Malicious Hacking • Covering, clearing tracks, and installing back doors • Modify log files • Install rootkits to hide hacker processes • Hide hacker files • Hidden directories • Hidden attributes • Tunneling • Steganography • Alternate Data Streams (ADS)

  26. Hacker & Ethical Hacker Characteristics and Operations • Three classes of Hackers • Black Hat • Has the necessary computing expertise to carry out harmful attacks on information systems. • Gray Hat • At times, will not break the law and might help defend a network. • At other times, will revert to a Black Hat hacker. • White Hat • Usually has exceptional computer skills • Uses skills to increase security posture

  27. Hacker & Ethical Hacker Characteristics and Operations • Classes of Entities that perform ethical hacking • White Hat • Has the appropriate computer skills and understanding of the black hat hacker mentality and methods. • Might be an independent consultant. • Former Black Hat • Brings actual black hat experience • May be a concern in terms of trust • Consulting Companies

  28. Hacker & Ethical Hacker Characteristics and Operations • Skills needed by an Ethical Hacker • Computer expert adept at technical domains. • In-depth knowledge about target platforms (such as windows, Unix, Linux). • Exemplary knowledge in networking and related hardware/software. • Knowledgeable about security areas and related issues – though not necessarily a security professional

  29. Hacker & Ethical Hacker Characteristics and Operations • Types of Information System Security Testing • Methods to attempt access • Dial-up network connection • Insider local network connection • Remote outsider network connection • Stolen equipment connection • Wireless network connection • Social Engineering – enabled connection • Physical entry attack

  30. Hacker & Ethical Hacker Characteristics and Operations • Types of Information System Security Testing • Categories of security testing • Whitebox (full knowledge) • As much knowledge as possible is known about target • Graybox (partial knowledge) • Knowledge available that might be relevant to a specific type of attack by a person internal to the target organization • Blackbox (zero knowledge) • No previous knowledge of target • Must begin from scratch • Simulates attacks perpetrated by outsiders

  31. Hacker & Ethical Hacker Characteristics and Operations • Types of Information System Security Testing • Institute for Security and Open Methodologies • www.isecom.org • Open Source Security Testing Methodology Manual (OSSTMM) • Information and data controls • Personnel security awareness levels • Fraud and social engineering control levels • Computer and telecommunications networks • Physical security access controls

  32. Hacker & Ethical Hacker Characteristics and Operations • Ethical Hacking Outputs • Formal report • Background of project • Detailed description of work accomplished • Result of ethical hacking • Remediation recommendations

  33. Hacker & Ethical Hacker Characteristics and Operations • Protections and Obligations for the Ethical Hacker • Ethical Hacker can be open to dismissal and/or prosecution unless contract terms are included to protect the penetration testers • Protect information uncovered during the penetration test • Conduct business in an ethical manner • Limitation of liability • Remain with the scope of the assignment • Develop a testing plan • Comply with relevant laws and regulations • Health Insurance Portability and Accountability Act (HIPAA) • Gramm-Leach-Bliley Act (GLBA)

  34. Related Types of Computer Crime • Theft of passwords • Social engineering • Denial of Service (DoS) • Distributed Denial of Service (DDoS) • Network intrusions • Fraud • Software piracy • Dumpster diving • Malicious code

  35. Related Types of Computer Crime • Spoofing of IP addresses • Embezzlement • Data-didding • Information warfare • Masquerading • Use of readily available attack scripts on the Internet

  36. Related Types of Computer Crime • Existing laws can be used to prosecute computer crimes • Wiretap laws • Fraud • Embezzlement • Theft • Etc…

  37. FIN

More Related