SARDAR VALLABHBHAI PATEL INSTITUTES AND TECHNOLOGY

VASAD

TOPIC NAME : Hacking and attack vector

PREPARED BY : Mehul parmar (140413109011)

Contents (1)

• Who is hacker?• History of hacking• Types of hacking• What is hacker?• Types of hacker• Crackers• Types of cracker

Contents (2)

• Attacks• Hacking accidents• Why do hackers hack?• How can be a real hacker?• Why can’t defend against hackers?• How can protect the system?• What should do after hacked?

Who is hacker?

• Hack– Cut with repeated irregular blows– Examine something very minutely

• Hacker– The person who hacks

• Cracker– System intruder/destroyer

History of hacking

• Telephone hacking– Use telephone freely– It’s called phreaking

• Computer virus– Destroy many computers

• Network hacking– Hack the important server remotely

and destroy/modify/disclose the information

TYPES OF HACKING

• Local hacking • Remote hacking• Social engineering

LOCAL HACKING

• Local hacking is done from local area where we have physical access like through printer etc.

• We can do this type of hacking through trojan and viruses with the help of hard disk and pendrive.

REMOTE HACKING

• Remote hacking is done remotely by taking advantage of the vulnerability of the target system some steps are there for remote hacking to enter on target system.

Social engineering

• Social engineering is the act of manipulating people into performing action or divulging confidential information.

• In the most cases the attacker never comes face to face.

What is hacker?

• Computer hacking is the most popular form of hacking nowadays.

• Especialy in the field of computer security,but hacking exists in many other forms,such as phone hacking,brain hacking, etc.and its not limited to either of them.

• Hacking is when someone exploits vulnerabilities on your computer and gain all your personal data without our permission.

What is hacker?

• Hacker means cracker nowadays– Meaning has been changed.• The term hacker is used in the popular

media to described someone who attempts to break into computer system.

• Typically this kind of hackers would be a proficient programmer or engineer with sufficient technical knowledge to understand the weak points in the secuirity system.

Types of hackers

• White hat hacker • Black hat hacker• Grey hat hacker

White hat hacker

• The “Good guys” .the ethycal hacker,goal is to strengthen the defences.

• A white hat hacker is a computer & network expert who attacks security system on behalm of its owners or as a hobby, seeking vulnerabilities that a

malicious hackers could exploit.

Black hat hacker

• The bad guys, the malicious hacker also known as a “Cracker”.

• Black hat is a person who compromises the security of a computer system without permission from an authorized typically with malicious intent.

Gray hat hacker

• Hackers that “go both ways”.• At times they are on the

“offensive” and at times they are on the

“defensive”.

Crackers

• A cracker is one who breaks into or otherwise violates the system integrity of remote machines with malicious intent.

• Having gained unauthorized access, crackers distroy vital data,deny legitimate users service,or cause problems for their targets.

• Crackers can easily be identifyed becuse their action are malicious

TWO TYPES OF CRACKERS

• Expert crackers: the expert cracker who discover new secuirty holes and often write programs that exploit them.

• Script kiddie :the script kiddie only knows how to get these programs and run them.

-script kiddie are more nunerous,but much easier to stop and detect.

Attacks

• A Security exploit is a prepared application that takes advantages of a known weakness.

• Common example of security exploits are SQL injection. Cross site scripting

and cross site request forgery which abuse security holes.

Continue...

• That may results from substandard programming practice.

• Other exploits would be able to be used through FTP,HTTP,PHP,SSH.

• Telnet and some web-pages.• These are very common in

website/domain hacking.

Hacking accidents (1)

• Internet Worm– Robert T. Morris made an internet

worm. It spread through the internet and crashed about 6000 systems.

• Cuckoo’s Egg– Clifford Stoll caught the hackers who

are the German hackers applied by KGB

Hacking accidents (2)

• IP Spoof– Kevin Mitnick was caught by Tsutomu

Shimomura who was security expert. Kevin Mitnick uses the IP Spoof attack in this accident

Why do hackers hack?

• Just for fun• Show off• Hack other systems secretly• Notify many people their thought• Steal important information• Destroy enemy’s computer

network during the war

How can be a real hacker?

• Study C/C++/assembly language• Study computer architecture• Study operating system• Study computer network• Examine the hacking tools for a

month• Think the problem of the computer

Why can’t defend against hackers?

• There are many unknown security hole

• Hackers need to know only one security hole to hack the system

• Admin need to know all security holes to defend the system

How can protect the system? (1)

• Patch security hole often• Encrypt important data

– Ex) pgp, ssh

• Do not run unused daemon• Remove unused setuid/setgid

program• Setup loghost

How can protect the system? (2)

• Use switch hub• Setup firewall

– Ex) ipchains

• Setup IDS– Ex) snort

• Check unintentional changes– Ex) tripwire

How can protect the system? (3)

• Backup the system often

What should do after hacked?

• Shutdown the system– Or turn off the system

• Separate the system from network• Restore the system with the backup

– Or reinstall all programs

• Connect the system to the network• It can be good to call the police

Thank you