Ethical hacking

Posted by : Unknown Tuesday, May 7, 2013

ABSTRACT:-
Ethical Hacking is legal. Ethical hacker is a computer and network expert who attacks a security system on behalf of its owners. Black hat-bad guy, white hat-good guy. It occurs due to Trojans and viruses. Foot printing, enumeration and fingerprinting are the some of the processes of ethical hacking. In this paper we are going to deal the topics
1.     What is Ethical Hacking?
2.     What do Ethical Hackers do?
3.     Why Ethical Hacking?
4.     What is Ethical Hacking process?
5.     Case Studies
6.     Ethical Hacking – Commandments
7.     Reporting              
INTRODUCTION
·        What is Ethical Hacking 
Process of breaking into systems for:
  1. Personal or Commercial Gains
  2. Malicious Intent – Causing sever damage to Information & Assets
 also Called – Attack & Penetration Testing, White-hat hacking, Red teaming
 Black-hat – Bad guy
White Hat Hackers, also known as Ethical Hackers, are Computer Security ... Such a cert covers orderly ethical hacking approaches and team
Red teaming and alternative analysis help analysts and decision makers avoid surprise and overcome cognitive biases by considering problems from alternative.
I.What is Ethical Hacking 
·         It is Legal
·         Permission is obtained from the target
·         Part of an overall security program
·         Identify vulnerabilities visible from Internet at particular point of time
·         Ethical hackers possesses same skills, mindset and tools of a hacker but the attacks are done in a non-destructive manner

 An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known as penetration testing, intrusion testing, and red teaming. An ethical hacker is sometimes called a white hat , a term that comes from old Western movies, where the "good guy" wore a white hat and the "bad guy" wore a black hat
 The term "cracker" is not to be confused with "hacker".
Hacker is a term used by some to mean "a clever programmer" and by others, especially those in popular media, to mean "someone who tries to break into computer systems."
 A cracker is someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security. 

II.WHAT DO ETHICAL HACKERS DO?

An ethical hacker's evaluation of a system's security seeks answers to three basic questions:
  • What can an intruder see on the target systems?
  • What can an intruder do with that information?
  • Does anyone at the target notice the intruder's attempts or successes?
While the first and second of these are clearly important, the third is even more important: If the owners or operators of the target systems do not notice when someone is trying to break in, the intruders can, and will, pend weeks or months trying and will usually eventually succeed.
When the client requests an evaluation, there is quite a bit of discussion and paperwork that must be done up front. The discussion begins with the client's answers to questions similar to those posed by Garfinkel and Spafford:

Ethical hackers come from three sources: malicious hackers, bright
computer science graduates, and individuals from a systems or
administration background. 
III.WHY ETHICAL HACKING
1.     Viruses, Trojan Horses, and Worms 
2.     Social Engineering 
3.     Automated Attacks 
4.     Accidental Breaches in Security 
5.     Denial of Service (DoS) 
6.     Organizational Attacks 
7.     Restricted Data 
8.     Protection from possible External Attacks 
IV. Ethical Hacking - Process 
·     Preparation
·     Foot printing
·     Enumeration & Fingerprinting
·     Identification of Vulnerabilities
·     Attack – Exploit the Vulnerabilities
1. Preparation:
v Identification of Targets – company websites, mail servers, extranets, etc.
v Signing of Contract
o   Agreement on protection against any legal issues
o   Contracts to clearly specifies the limits and dangers of the test
o   Specifics on Denial of Service Tests, Social Engineering, etc.
o    Time window for Attacks
o    Total time for the testing
o    Prior Knowledge of the systems
o    Key people who are made aware of the testing
 
2. Foot printing:
ü Collecting as much information about the target
·     DNS Servers
·     IP Ranges
·     Administrative Contacts
·     Problems revealed by administrators
ü Information Sources
·     Search engines
·     Forums
·     Databases – whois, ripe, arin, apnic
·     Tools – PING, whois, Traceroute, DIG, nslookup, sam spade

3. Enumeration & Fingerprinting :
·     Specific targets determined
·     Identification of Services / open ports
·     Operating System Enumeration
Methods
·     Banner grabbing
·     Responses to various protocol (ICMP &TCP) commands
·     Port / Service Scans – TCP Connect, TCP SYN, TCP FIN, etc.
Tools
·        Nmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh, telnet, SNMP Scanner

Identification of Vulnerabilities:
Vulnerabilities 
·     Insecure Configuration
·     Weak passwords
·     Unpatched vulnerabilities in services, Operating systems, applications
·     Possible Vulnerabilities in Services, Operating Systems
·     Insecure programming
·     Weak Access Control
Tools
1.       Vulnerability Scanners - Nessus, ISS, SARA, SAINT
2.       Listening to Traffic – Ethercap, tcpdump
3.       Password Crackers – John the ripper, LC4, Pwdump
4.       Intercepting Web Traffic – Achilles, Whisker, Legion 
Methods
·     Unpatched / Possible Vulnerabilities – Tools, Vulnerability information Websites
·     Weak Passwords – Default Passwords, Brute force, Social Engineering, Listening to Traffic
·     Insecure Programming – SQL Injection, Listening to Traffic
·     Weak Access Control – Using the Application Logic, SQL Injection
 5. Attack – Exploit the vulnerabilities:
·     Obtain as much information (trophies) from the Target Asset
·     Gaining Normal Access
·     Escalation of privileges
·     Obtaining access to other connected systems
Network Infrastructure Attacks
·     Connecting to the network through modem
·     Weaknesses in TCP / IP, NetBIOS
·     Flooding the network to cause DOS
 Operating System Attacks
·     Attacking Authentication Systems
·     Exploiting Protocol Implementations
·     Exploiting Insecure configuration
·     Breaking File-System Security

Application Specific Attacks
·         Exploiting implementations of HTTP, SMTP protocols
·         Gaining access to application Databases
·         SQL Injection
·         Spamming
Exploits
·     Free exploits from Hacker Websites
·     Customized free exploits
·     Internally Developed
 Tools
       Nessus, Metasploit Framework

V.CASE STUDIES:
On February 18 this year, MasterCard and Visa announced that an unknown hacker had breached their security system to gain access to 5.6 million credit card and debit card accounts, which amounted to 1 percent of 574 million cards in the US. Immediately after being notified of the incident, banks such as Citizens Bank shut down all transactions on the affected accounts. The same week, Omaha-based Data Processors International (DPI), one of the leading credit card processors in the world, reported that eight million credit card numbers were stolen from its system.
These incidents highlight the challenges being faced by governments and corporate in protecting privacy, confidentiality and security of information assets accessible over the Internet. Getting ethical hacking conducted against one's own network is one of the prime proactive defence mechanisms against such threats. The term 'ethical hacking' is closely related to 'information ethics.'

VI.Ethical Hacking - Commandments 
·     Working Ethically
o    Trustworthiness
o    Misuse for personal gain
·     Respecting Privacy
·     Not Crashing the Systems
VII.Reporting 
·     Methodology
·     Exploited Conditions & Vulnerabilities that could not be exploited
·     Proof for Exploits - Trophies
Practical Security solutions

CONCLUSION:
Ethical hackers come from three sources: malicious hackers, bright
computer science graduates, and individuals from a systems or
administration background
All three types have their advantages and  disadvantages .A reformed
hacker is best for simulating a very malicious attack. The ex-Unix or
NT guys do not always have the mindset of an ex-hacker. They tend to
use less devious methods

Leave a Reply

Subscribe to Posts | Subscribe to Comments

- Copyright © Seminar Sparkz Inc -- Powered by Semianr Sparkz Inc - Designed by Shaik Chand -