14
ETHICAL HACKING by K.Praneeth Reddy 160712733005

Ethical hacking

Embed Size (px)

Citation preview

Page 1: Ethical hacking

ETHICAL HACKING

byK.Praneeth Reddy160712733005

Page 2: Ethical hacking

CONTENTS

• Introduction• History• What is Ethical hacking?• Phases of Ethical hacking• Certified Ethical hacker• Advantages and Disadvantages

Page 3: Ethical hacking

Introduction•  Hacking is an activity in which, a person exploits the

weakness in a system for self profit or gratification.

Types of Hacking : 1. White hat hacking (Ethical hacking)2. Black hat hacking3. Grey hat hacking

Page 4: Ethical hacking

What is ethical hacking ?•  Ethical hacking is an identical activity which aims to find

and rectify the weakness in a system. Today ethical hacking is a job in Networking.

• It is also known as white hat hacking or penetration testing.

• Ethical hacking is legal.• Ethical hackers possesses same skills, mindset and tools

of a hacker but the attacks are done in a non-destructive manner.

Page 5: Ethical hacking

History of Ethical HackingIn 1939, the “bombe” becomes the world’s first ethical hacking machine.it was used by the British to help decipher encrypted German message during world war 2.

• In 1974, the US Air force conduct one of the first ethical hacks to test the security of multics operating system.

• The term “ethical hacking” was first used by IBM’s John Patrick in 1995.

Page 6: Ethical hacking

Ethical Hacking-Phases

• Reconnaissance• Scanning • Enumeration• Attack and Gaining access• Maintaining access• Clearing tracks

Page 7: Ethical hacking
Page 8: Ethical hacking

Reconnaissance Enumeration is the ability of a hacker to convince some servers to give them information that is vital to them to make an attack. By doing this the hacker aims to find what resources and shares can be found in the system, what valid user account and user groups are there in the network, what applications will be there etc.

Scanning

Port scanning is a common technique used by a penetration tester to find out the open doors, In technical terminology port scanning is used to find out the vulnerabilities in the services listing on a port. During this process you have to find out the alive host, operating systems involved, firewalls, intrusion detection systems, servers/services, perimeter devices, routing and general network topology (physical layout of network), that are part of the target Organisation.

Page 9: Ethical hacking

EnumerationEnumeration is the ability of a hacker to convince some servers to give them information that is vital to them to make an attack. By doing this the hacker aims to find what resources and shares can be found in the system, what valid user account and user groups are there in the network, what applications will be there etc.

Attack and Gaining AccessThis is the actual hacking phase in which the hacker gains access to the system. The hacker will make use of all the information he collected in the pre-attacking phases. Usually the main hindrance to gaining access to a system is the passwords. In the System hacking first the hacker will try to get in to the system.

Page 10: Ethical hacking

Maintaining AccessNow the hacker is inside the system . This means that he is now in a position to upload some files and download some of them. The next aim will be to make an easier path to get in when he comes the next time. This is analogous to making a small hidden door in the building so that he can directly enter in to the building through the door easily

Clearing tracksWhenever a hacker downloads some file or installs some software, its log will be stored in the server logs. So in order to erase the hacker uses man tools. One such tool is windows resource kit’s auditpol.exe. Another tool which eliminates any physical evidence is the evidence eliminator.. The Evidence Eliminator deletes all such evidences.

Page 11: Ethical hacking

Certified Ethical hacker• Certified Ethical Hacker (CEH) is a qualification obtained

in assessing the security of computer systems, using penetration testing techniques. The code for the CEH exam is 312-50, the certification is in Version 8 as of late 2013.

• The EC-Council offers another certification, known as Certified Network Defense Architect (CNDA). This certification is designed for United States Government agencies and is available only to members of selected agencies. Other than the name, the content of the course is exactly the same. The exam code for CNDA is 312-99.

Page 12: Ethical hacking

• Advantages of Ethical hackingMost of the benefits of ethical hacking are obvious, but many are overlooked. The benefits range from simply preventing malicious hacking to preventing national security breaches. The benefits include:• Fighting against terrorism and national security breaches• Having a computer system that prevents malicious hackers from

gaining access• Having adequate preventative measures in place to prevent

security breaches

Page 13: Ethical hacking

• Disadvantages of Ethical Hacking• All depend upon the trustworthiness of the ethical hacker• Allowing the company’s financial and banking details to be seen

• The possibility that the ethical hacker will send and/or place malicious code, viruses, malware and other destructive and harmful things on computer system

Page 14: Ethical hacking

Hacking & Ethical Hacking

Hacking & Ethical Hacking

Documents
# !@ Ethical Hacking. 2 # !@ Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting

# !@ Ethical Hacking. 2 # !@ Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting

Documents
hacking and ethical hacking

hacking and ethical hacking

Education
Ethical Hacking Module I Introduction to Ethical Hacking

Ethical Hacking Module I Introduction to Ethical Hacking

Documents
Ethical Hacking: Rationale for a hacking methodological ...infosecwriters.com/text_resources/pdf/Ethical_Hacking_Hartley.pdf · Ethical Hacking 3 Ethical Hacking: Rationale for a

Ethical Hacking: Rationale for a hacking methodological ...infosecwriters.com/text_resources/pdf/Ethical_Hacking_Hartley.pdf · Ethical Hacking 3 Ethical Hacking: Rationale for a

Documents
Ethical Hacking v10 Module 1 - Introduction to Ethical Hacking

Ethical Hacking v10 Module 1 - Introduction to Ethical Hacking

Documents
Learn | ETHICAL HACKING Online Training USA | ETHICAL HACKING Trainings

Learn | ETHICAL HACKING Online Training USA | ETHICAL HACKING Trainings

Education
Ethical Hacking dallo sviluppo Ethical Hacking, dallo ...panzieri.dia.uniroma3.it/Colloquia/Colloquia/Eustema_AIIC-sicurezza... · Ethical Hacking dallo sviluppo Ethical Hacking,

Ethical Hacking dallo sviluppo Ethical Hacking, dallo ...panzieri.dia.uniroma3.it/Colloquia/Colloquia/Eustema_AIIC-sicurezza... · Ethical Hacking dallo sviluppo Ethical Hacking,

Documents
Ethical Hacking Module 01 Introduction to Ethical Hacking

Ethical Hacking Module 01 Introduction to Ethical Hacking

Documents
Hacking – Ethical Hacking

Hacking – Ethical Hacking

Technology
Ethical Hacking Introduction. What is Ethical Hacking? Types of Ethical Hacking Responsibilities of a ethical hacker Customer Expectations Skills

Ethical Hacking Introduction. What is Ethical Hacking? Types of Ethical Hacking Responsibilities of a ethical hacker Customer Expectations Skills

Documents
Ethical hacking

Ethical hacking

Technology
Ethical Hacking: Hacking GMail. Teaching Hacking

Ethical Hacking: Hacking GMail. Teaching Hacking

Documents