170 likes | 412 Views
Ethical Hacking. AGENDA. What is Ethical Hacking? Who are ethical hackers? Every Website-A Target Get out of jail free card Kinds of Testing Final Report. Ethical Hacking. Independent computer security Professionals breaking into the computer systems.
E N D
Ethical Hacking WWW.KAASHIVINFOTECH.COM
AGENDA • What is Ethical Hacking? • Who are ethical hackers? • Every Website-A Target • Get out of jail free card • Kinds of Testing • Final Report WWW.KAASHIVINFOTECH.COM
Ethical Hacking • Independent computer security Professionals breaking into the computer systems. • Neither damage the target systems nor steal information. • Evaluate target systems security and report back to owners about the vulnerabilities found. WWW.KAASHIVINFOTECH.COM
Ethical Hackers but not Criminal Hackers • Completely trustworthy. • Strong programming and computer networking skills. • Learn about the system and trying to find its weaknesses. • Techniques of Criminal hackers-Detection-Prevention. • Published research papers or released security software. • No Ex-hackers. WWW.KAASHIVINFOTECH.COM
Being Prepared • What can an intruder see on the target systems? • What can an intruder do with that information? • Does anyone at the target notice the intruder's attempts or successes? • What are you trying to protect? • Who are you trying to protect against? • How much time, effort, and money are you willing to expend to obtain adequate protection? WWW.KAASHIVINFOTECH.COM
Get out of Jail free card • Security evaluation plan • Identify system to be tested • How to test? • Limitations on that testing • Evaluation done under a “no-holds-barred” approach. • Clients should be aware of risks. • Limit prior knowledge of test. WWW.KAASHIVINFOTECH.COM
Kinds of Testing • Remote Network • Remote dial-up network • Local network • Stolen laptop computer • Social engineering • Physical entry 1.Total outsider 2.Semi-outsider 3.Valid user WWW.KAASHIVINFOTECH.COM
Final Report • Collection of all discoveries made during evaluation. • Specific advice on how to close the vulnerabilities. • Testers techniques never revealed. • Delivered directly to an officer of the client organization in hard-copy form. • Steps to be followed by clients in future. WWW.KAASHIVINFOTECH.COM
Thank You WWW.KAASHIVINFOTECH.COM