Ethical Hacking

Transcription

1 Ethical Hacking

2 About ethical hacking Ethical hacking and ethical hacker are terms used to describe hacking performed by a company or individual to help identify potential threats on a computer or network. Hacking is not limited to computers. The real meaning of hacking is to expand the capabilities of any electronic device; to use them beyond the original intentions of the manufacturer. As a matter of fact, the first hackers appeared in the 1960's at the Massachusetts Institute of Technology (MIT), and their first victims were electric trains.

3 Since the 1980's, the Internet has vastly grown in popularity and computer security has become a major concern for businesses and governments. Organizations would like to use the Internet to their advantage by utilizing the Internet as a medium for e-commerce, advertising, information distribution and access, as well as other endeavors. From the early days of computers, ethical hacking has been used as an evaluation of system security. Many early ethical hacks were conducted by the United States Military to cary out security evaluations on their operating systems to determine whether they should employ a two-level (secret/top secret) classification system. However, with the growth of computing and networking in the early 1990's,

4 The Ethical Hacking Process :- Planning :- Planning is essential for having a successful project. It provides an opportunity to give critical thought to what needs to be done, allows for goals to be set, and allows for a risk assessment to evaluate how a project should be carried out. Reconnaissance :- Is the search for freely available information to assist in an attack. This can be as simple as a ping or browsing newsgroups on the Internet in search of disgruntled employees divulging secret information or as messy as digging through the trash to find receipts or letters

5 Enumeration :- Enumeration is also known as network or vulnerability discovery. It is the act of obtaining information that is readily available from the target's system, applications and networks. Vulnerability Analysis :- In order to effectively analyze data, an ethical hacker must employ a logical and pragmatic approach. In the vulnerability analysis phase, the collected information is compared with known vulnerabilities in a practical process. Exploitation :- The exploitation of a system can be as easy as running a small tool or as intricate as a series of complex steps that must be executed in a particular way in order to gain access.

6 Different types of ethical hacking 1.Coders :- Coders are real hackers. They are programmers having immense knowledge about many programming languages, networking and working of programs. 2. Admins :- These guys have Hacking certifications and can hack any system or network with the help of tools and exploit created by codes. 3. Script kiddies :- They just use the tools and partial knowledge they gain from internet to attack systems. They do it just for fun purpose and to be famous. They use the tools and exploits coded by other hackers and use them. They have minimum skills.

7 4. White Hat Hackers :- They break into systems just for legal purposes. Their main motive is to find loopholes in the networks and rectifying them. 5.Black Hat Hacker :- They use their skills for destructive purposes. They break into systems and networks either for fun or to gain some money from illegal means. 6.Gray Hat Hacker :- A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked.

8 Life cycle of ethical hacking

9 Characteristics of ethical handling 1.Leadership:- For a business to be ethical, its leaders must demonstrate ethical practices in any situation. 2. Values:- An ethical business has a core value statement that describes its mission. Any business can create a value statement, but an ethical business lives by it. 3.Integrity:- Integrity is an all-encompassing characteristic of an ethical business. The ethical business adheres to laws and regulations at the local, state and federal levels.

10 4. Respect:- Ethics and respect go hand in hand. An ethical business demonstrates respect for its employees by valuing opinions and treating each employee as an equal. 5. Loyalty:- Employees who work for a loyal employer want to maintain the relationship and will work harder toward that end. 6. Concern:- An ethical business has concern for anyone and anything impacted by the business. This includes customers, employees, vendors and the public.

11 Contents 1 Introduction by everyone 2 The Word "Hacker" by Carmelo Kintana 2.1 Survey of Common Definitions 2.2 Etymology 2.3 Evolution 2.4 Perceptions Public Perceptions Insider Perceptions 2.5 Timeline of the word Hack 3 Expert Programmer by Vikas Rajvanshy

12 3.1 Hacker as an expert programmer 3.2 Impact on society 3.3 Famous hackers 3.4 Where did all the hardware hackers go? 3.5 Why are the top hackers today affiliated with Open Source? 3.6 What is the role of hackers in corporations? 4 Black Hat by Sandra Lemon & Hansen Liou 4.1 History 4.2 Early Examples 4.3 Modern Examples & Motivations 4.4 Impact of Hacking on Businesses and Governments 5 White Hat by Michael Frederick

13 5.1 Motivations Kevin Mitnick H.D. Moore 5.2 History Rising out of the black hat community Reformation of former black hats Hacker literature 5.3 Popular culture 5.4 Impact Society Security 6 Conclusion by everyone 7 References

14 Salient features of Ethical Hacking : 80% hands on/ practical classes. Real time scenarios/project exposure. Limited number of students per batch. Corporate training atmosphere. Weekend batches to suit professional. Placement assistance. Career support activities includes. 1.resume preparation & individual counseling. 2.assistance for get through in interviews by experts. Backup classes. Provision to come for more batch.

15 Platinum features of shell script Will get complete product development cycle, which includes Demand from customer. Design-decision. Conceptualization. Analysis. Design finalize. DFMEA. Finalization. Drawing release. Tool design. Product to the market.

16