1 / 17

How Hackers Gather Information and Exploit Vulnerabilities

Learn about the methods hackers use to gather information on target hosts and exploit vulnerabilities. Find out how to protect your system and educate your users.

mkeele
Download Presentation

How Hackers Gather Information and Exploit Vulnerabilities

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. how do hackers do it?

  2. 1. gather info on the target host

  3. whois Organization: Fiji ABCDEFG Inc. Admin-Name: Josese Bula Admin-Mailbox: jbula@abcdef.com.fj Tech-Name: Maciu Vinaka Tech-Mailbox: mvinaka@abcdef.com.fj NS1-Hostname: dns1.somenetwork.com.fj NS1-Netaddress: 202.151.23.2

  4. Google Find vulnerabilities, revealing error messages, usernames and sometimes even passwords on your target host, all without ever connecting to it see http://johnny.ihackstuff.com/

  5. 2. scan/sniff to find a way in

  6. nmap superscan

  7. tcpdump wireshark (formerly ethereal) dsniff

  8. nessus

  9. 3. exploit vulnerabilities

  10. metasploit framework

  11. john the ripper cain and abel thc-hydra

  12. 4. cover your tracks

  13. nc -L -d -t -p 23 -e cmd.exe rootkits

  14. edit logs

  15. help! what can i do?

  16. . remove all unnecessary services . firewall services that do not need remote access . actively patch vulnerabilities . use strong passwords most importantly: . educate your users again and again and again

  17. chris hammond-thrasher, cissp hammondthrasher_c@usp.ac.fj

More Related