520 likes | 638 Views
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP. Computational Thinking for Information Technology. HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP. STUDENT SCENARIO: Ethical Hacking.
E N D
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Computational Thinkingfor Information Technology
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP STUDENT SCENARIO:Ethical Hacking In this scenario, you have been hired to research the subject of social engineering and hacking techniques. You will write an ethical analysis of your findings. Aldo North will be your guide and virtual supervisor for the lesson.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Objectives This course will enable you to develop logical thinking skills, including: • Asking probing questions to uncover details of a problem • Clearly defining a problem • Evaluating the effects of design options • Seeing “the big picture” • Deconstructing the problem into its component parts • Correlating the relationships between components and prior knowledge
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Objectives (cont.) This course will enable you to develop logical thinking skills, including: • Identifying the steps required to solve a problem • Identifying the sequence of steps including possible decisions and alternatives • Identifying normal and exceptional behaviors of a solution • Measuring and evaluating solutions against the success criteria • Adjusting the design and implementation as needed
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Welcome Project Objectives | Project Summary
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Hello, I’m Aldo. Welcome aboard.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Project Objectives After finishing the project, you will be able to: Research and complete search engine reconnaissance Define social engineering and how to engage in it Research hactivists and their actions Demonstrate critical thinking with regard to hactivists’ actions
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Project Objectives Learn basic hacking techniques through hands-on missions Demonstrate critical thinking with regard to ethics and fate in hacking Define “ethical” in terms of hacking, and be able to explain and defend the ethics of a hacker’s actions
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Project Summary • In this project, you will learn a bit about hacking and ethics. Much of ethical hacking or penetration testing isn’t about computer skills or savvy. Rather, it is about persuasion, solid research skills, and critical examination of what it legal and ethical.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Project Summary (cont.) • First you will use basic reconnaissance techniques to learn about a target company of your choosing. You’ll pick a company to research and then use Google and other legal web searches to acquire information about the company or organization.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Project Summary (cont.) • Second, you will play a short game during the week or few weeks of this project. This game is designed to familiarize you with social engineering and allow you to practice it in a safe environment. This is another essential skill of a ethical hacker. • Third, you will get involved in hands on techniques by completing missions/ challenges on hackthissite.org.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Project Summary (cont.) • Fourth, you will research a hacktivist individual or organization. You will find an act of hacktivism of theirs that you support or agree with and one you do not agree with. You will examine whether what the hacktivist individual or organization did was ethical by using a moral philosopher’s perspective to inform your writing.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Project Summary (cont.) • Lastly, you will look at the Realistic missions on hackthissite.org and consider the ethics and fate. You will examine what Jeremy did by using a moral philosopher’s perspective to inform your writing.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Ready to get started? Your first task awaits.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP TASK 1: Reconnaissance Report For this task, you will select a target organization and create a reconnaissance report of your findings.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Deliverables • Much of becoming a good penetration tester or ethical hacker isn’t technical. • As such, your first assignment is a reconnaissance report. • Select a target organization and create a professional reconnaissance report that addresses all of the following questions. • If you are unsure what a professional reconnaissance report looks like, research this and present your best work.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • Find out the following information about your target company and include in your report: • When was the target organization founded? • What is its mission statement? • What services does it provide? • Is it a for-profit company? If not, how is it funded? • Who is President/CEO of the company? • Identify any other executives
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • Does it have a Board of Directors? If so, identify them by name. • What do others have to say about the company? • Who are its leading competitors? • Does it have any other business relationships? • Are there any intellectual property issues or lawsuits pending?
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • How many employees does it have? • Has the company experienced layoffs in the past year? • What is the physical address of the target organization? • Find as many phone numbers relating to the target organization as possible. • Find employee names and E-mails relating to the target organization.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • List any current events related to the target organization that could be used against it. • List any social networking sites the target organization has a presence on and/or uses.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Good job on the reconnaissance report. Let’s move on to your next task.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP TASK 2: Social Engineering “Capture the Points” In this task, you will play a social engineering game and perform social engineering hacks with your peers.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Overview • Social engineering is the most effective way to bypass any hardware or software systems in place. Organizations can spend millions on security, only to have it all bypassed with a simple phone call. • In this game you will social engineer each other, and others, to acquire information or to elicit predetermined behavior. The social engineering missions will be given to you by your instructor, and one new one will be available to be chosen at random per student at every class session.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Overview (cont.) • If you do not complete the mission by the next class, that mission will expire and you will no longer be allowed to complete it. If you do not complete a mission you neither gain nor lose points. • For each social engineering mission (hack) you successfully complete, you are required to share the details on the course blog. Your classmates will respond to your post and suggest the number of points you should be awarded for your work.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Overview (cont.) • The rating scale will be as follows: • 2 points for an easy hack • 5 for a medium difficulty hack • 10 points for a difficult hack • Your classmates may mock your easy hacks and recommend low point values. Or they may congratulate you and offer up high point values for your hack. Ultimately, your instructor and I will decide the point value you will earn.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Overview (cont.) • For some missions you may decide to take on a sidekick. If you choose to engage a sidekick, the sidekick must be rewarded for his/her role in your mission. The sidekick will be awarded 2 points for successfully helping you complete a mission. However, the sidekick can turn against you, as they can also be awarded 2 points for causing your mission to fail. As such, your sidekick might actually be working against you, so be careful.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Overview (cont.) • If you and a sidekick successfully complete a mission against another player in the class, the points awarded will be deducted from the targets point total. • If you attempt a hack mission and fail, you must report the mission and failure on the blog. You will not be penalized for a failure, unless the mission’s target was a fellow player. If the targeted fellow player blocks your hack, they will be awarded 2 points which will be deducted from your point total.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Social Engineering and this Task • Social engineering is as much about learning how to target and acquire information, as it is about preventing you from being the target of it. If you are the object of a hack, the student who hacked you steals the number of points they earn from your point total. As such you need to be on your guard.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Social Engineering and this Task • A running tally of scores will be kept and shared on the blog weekly to encourage you to continue social engineering your way to the top of the leader board. The game will run until the end of the semester, with final point tallies being calculated the last week of classes. The point totals will determine approximately 10% of your grade for the course.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Awareness is Key • Any time the phone rings, a new email comes in, someone knocks on your door or visits you, question those who present themselves in positions of authority. Don’t automatically trust or give the benefit of the doubt. • Keep in mind that when you lock a door, it’s locked, but it can be opened with a key, or with words that convince you to unlock it yourself. Always view every interaction, whether virtual or face to face, with a cynical eye for a potential agenda.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP You’re doing great on the social engineering games. Let’s get going on some real hacking.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP TASK 3: Hack this Site For this task, you will learn how to perform real hacks by doing exercises on a hacker website. LEGAL WARNING: It's OK to do the puzzles at HackThisSite.org, but DO NOT HACK INTO OTHER COMPUTERS! Accessing computers without permission from the owners is a crime! Don’t do it! If you do illegal things, you may be arrested and go to jail.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • A Word of Caution • Be warned: in this project, you will be learning real criminal techniques from real criminals. Do not reveal your real name or address, or trust these people.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • Open a browser and go to hackthissite.org • In the upper left, click on the green word register. • Fill out the form to create an account. Do NOT give these people your real name or any correct information, not even a real email address. • After creating your account, log in. Then, on the upper left of the main page, in the challenges section, click "Basic Web."
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • You should see a page labeled Level 1 (the idiot test). There is a form asking for a password. Your job is to figure out the password. There is a Help! Link at the bottom which can help you. • Solve as many puzzles as you can. There is a forum on the site which contains hints, tutorials, and even outright explicit instructions at solving the puzzles. The puzzles are very instructive, although not perfect.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • When you have completed as many levels as you can take a screen image showing how far you got. • Submit the JPEG image.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Good job with the exercises. Let’s talk about Hacktivism.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP TASK 4: Hacktivism For this task, you will be researching hacktivism and writing an essay connecting a political philosopher’s arguments with the concept of hacktivism.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Overview • Hacktivism (a portmanteau of hack and activism) is the use of computers and computer networks as a means of protest to promote political ends. The term was first coined in 1998 by a member of the Cult of the Dead Cow hacker collective named Omega.1If hacking as "illegally breaking into computers" is assumed, then hacktivism could be defined as "the nonviolent use of legal and/or illegal digital tools in pursuit of political ends." 1 http://en.wikipedia.org/wiki/Hacktivism
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Overview • These tools include web site defacements, redirects, denial-of-service attacks, information theft, web site parodies, virtual sit-ins, typosquatting2and virtualsabotage3. If hacking as "clever computer usage/ programming" is assumed, then hacktivism could be understood as the writing of code to promote political ideology: promoting expressive politics,free speech, human rights, and information ethics through software development.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Overview • Acts of hacktivism are carried out in the belief that proper use of code will be able to produce similar results to those produced by regular activism or civil disobedience.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • Write 700-800 words. Make it engaging, analytically sophisticated, and concise. • Research a hacktivist or hacktivist organization. All hacking without consent is considered illegal, so it is likely all these hacktivist participated in illegal activities. But did their actions seem ethical to you?
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • In your writing, you will apply the skills of ethical analysis you've learned to create a piece of writing that contributes to the internet discourse on the ethics of hacking. You are writing for a real audience, and you are contributing to a 21st century debate that is dearly in need of attention from smart peoples who are skilled in thinking about both hacking and philosophy.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • Choose one of the episodes by Michael Sandel on http://www.justiceharvard.org/watch/ I don't recommend the first or last ones; any of the others could work well. Watch the lecture. Think about the lecture. Generally, Sandelwill introduce a political or moral philosopher, like Aristotle, Kant, Rawls, or Locke, and apply the philosopher's ideas to situations. Those situations will generally not have anything to do with computers. This is a shortcoming in our 21st century world.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • Apply the ideas in the lecture of your choice – ideas like utilitarianism, rights, moral desert, loyalty, etc. – to a problem or case of your choice in computer hacking. What would John Stuart Mill say about wardriving? What would John Rawls say about jailbreaking? What would John Locke say about replacing the characters in a URL and seeing what you get? What would Immanuel Kant say about doing that thing where you use web forms to SQLeeze your way into databases?
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • For Best Results • Don't forget to briefly introduce your philosopher and your hacking idea before you connect them. • Make sure your ideas are analytically sophisticated – that goes without saying, but ideas are only part of the battle. • Don't forget to express your ideas in an attractive and engaging and concise way.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP Now you’re almost done! Let’s move on to the next task.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP TASK 5: Ethics and Fate In this task, you will learn about the ethics surrounding hacking and write an essay about one hacker’s fate.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Action Plan • At the main hackthissite.org page, in the upper left, click Realistic Missions. Look through the missions, as shown below, and think about them from an ethical point of view, not a technical point of view. • Open a browser and go to en.wikipedia.org/wiki/Jeremy_Hammond • Read what Jeremy did, and what happened to him.
HOME | OBJECTIVES | WELCOME | TASK 1 | TASK 2 | TASK 3 | HELP • Deliverables • Write a couple of paragraphs about Jeremy Hammond and his case. Make sure to address these points: • Was Jeremy Hammond an Ethical Hacker? Why or why not? • Was his sentencing fair? Should it have been more or less severe? Why? • Use the information from the previous assignment to support your argument, then submit this assignment.