1 / 23

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents?

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents?. Tim McLaren Thursday, September 28, 2000 McMaster University. Agenda. Hackers and their vocabulary Threats and risks Types of hackers Gaining access Intrusion detection and prevention Legal and ethical issues.

cachet
Download Presentation

Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hackers, Crackers, andNetwork Intruders:Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University

  2. Agenda • Hackers and their vocabulary • Threats and risks • Types of hackers • Gaining access • Intrusion detection and prevention • Legal and ethical issues

  3. Hackerz Lingo • Hacking - showing computer expertise • Cracking - breaching security on software or systems • Phreaking - cracking telecom networks • Spoofing - faking the originating IP address in a datagram • Denial of Service (DoS) - flooding a host with datagrams (e.g. by “smurfing”) • Port Scanning - searching for vulnerabilities

  4. Hacking through the ages • 1969 - Unix ‘hacked’ together • 1971 - Cap ‘n Crunch phone exploit discovered • 1988 - Morris Internet worm crashes 6,000 servers • 1994 - $10 million transferred from CitiBank accounts • 1995 - Kevin Mitnick sentenced to 5 years in jail • 2000 - Major websites succumb to DDoS

  5. Recent news • 15,700 credit and debit card numbers stolen from Western Union (Sep. 8, 2000) (hacked while web database was undergoing maintenance)

  6. The threats • Denial of Service (Yahoo, eBay, CNN) • Graffiti, Slander, Reputation • Loss of data • Divulging private information (AirMiles, corporate espionage) • Loss of financial assets (CitiBank)

  7. CIA.gov defacement example

  8. Web site defacement example

  9. Types of hackers • Professional hackers • Black Hats • White Hats • Script kiddies

  10. Top intrusion justifications 1. I’m doing you a favour pointing out vulnerabilities 2. I’m making a political statement 3. Because I can 4. Because I’m paid to do it

  11. Gaining access • Back doors • Trojans • Software vulnerability exploitation • Password guessing • Password/key stealing

  12. Back doors & Trojans • e.g. Whack-a-mole / NetBus • Cable modems / DSL very vulnerable • Protect with Virus Scanners, Port Scanners, Personal Firewalls

  13. Port scanner example

  14. Software vulnerability exploitation • Buffer overruns • HTML / CGI scripts • Other holes / bugs in software and services • Tools and scripts used to scan ports for vulnerabilities

  15. Password guessing • Default or null passwords • Password same as user name (use finger) • Password files, trusted servers • Brute force -- make sure login attempts audited!

  16. Password/key stealing • Dumpster diving • Social engineering • Inside jobs (about 50% of intrusions resulting in significant loss)

  17. Once inside, the hacker can... • Modify logs • Steal files • Modify files • Install back doors • Attack other systems

  18. Intrusion detection systems (IDS) • Vulnerability scanners • pro-actively identifies risks • Network-based IDS • examine packets for suspicious activity • can integrate with firewall • require 1 dedicated IDS server per segment

  19. Intrusion detection systems (IDS) • Host-based IDS • monitors logs, events, files, and packets sent to the host • installed on each host on network • Honeypot • decoy server • collects evidence and alerts admin

  20. Intrusion prevention • Patches and upgrades • Disabling unnecessary software • Firewalls and intrusion detection • ‘Honeypots’ • Reacting to port scanning

  21. Risk management Prevent (e.g. firewalls, IDS, patches) Contain & Control (e.g. port scan) Probability Ignore (e.g. delude yourself) Backup Plan (e.g. redundancies) Impact

  22. Legal and ethical questions • ‘Ethical’ hacking? • How to react to mischief or nuisances? • Is scanning for vulnerabilities legal? • Can private property laws be applied on the Internet?

More Related