Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Hacker - Talent Tuner

advertisement 
• Career Development Courses
• Online Hybrid Courses Thru
TalentTuner.com
• Workshop & Seminar
• Project Training
• Competition Preparation Coaching
http://proktc.com
Professional Knowledge & Training Center,
Etawah
1
Welcome to Workshop
Step up to EXCELLENCE
• Professional Knowledge & Training Center
(PKTC)
Facilitator for the day
Purpose of gathering
• Learning
• Learning for!
• Learning through!
Please remember to…
•
•
•
•
Enjoy !
Discuss enthusiastically
Appreciate others point of view
Mobiles silent /off
Overview of Workshop
Focus on ethical hacking
Attack strategies and techniques, and their
countermeasures
Delivery
1 Seminar/ Workshop
Assessment
Coursework and Workshop Certification
6
Physical & Digital Assets
Physical
Digital
7
Who is Hacker ? Who is Cracker?
Hacker
The person who hacks with
Cut with repeated irregular blows (drives)
Examine something very minutely
Seeks weaknesses in a computer system/Network.
Cracker
The person who
Break in/ Destroy the System/ Network
Hacker means cracker nowadays, Meaning has been changed
Motivated by a multitude of reasons, such as profit, protest, or challenge.
8
Why do hackers hack?
Just for fun
Show off
Hack other system/network secretly
Notify many people their thought
Steal important information
Destroy enemy’s computer network during the war
9
Classification of Hackers
Based on old-style western films
White hat
The ‘good guys’ – ethical hackers
Perform penetration tests and vulnerability assessments within a contractual
agreement.
Black hat
The ‘bad guys’
Break into secure networks to destroy data or make the network unusable for
those who are authorized to use the network.
Grey hat
Possibly good guys
Combination of a black hat and a white hat hacker
 Hack into a computer system/network for the sole purpose of notifying the
administrator that their system/network has a security defect
10
Classification of Hackers
Blue hat
A blue hat hacker is someone outside computer security consulting firms who is
used to bug test a system prior to its launch, looking for exploits so they can be
closed. Microsoft also uses the term BlueHat to represent a series of security
briefing events.
11
Type of Hacking
Normal
data transfer
Interception
Interruption
Modification
Fabrication
12
Technical Level of Hackers
Neophyte
A neophyte, "n00b", or "newbie" is someone who is new to hacking or
phreaking and has almost no knowledge or experience of the workings of
technology, and hacking.
Script kiddie
A script kiddie (also known as a skid or skiddie) is a non-expert who breaks into
computer systems by using pre-packaged automated tools written by others,
usually with little understanding of the underlying concept—hence the term
script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child—an
individual lacking knowledge and experience, immature).
Elite hacker
A social status among hackers, elite is used to describe the most skilled. Newly
discovered exploits will circulate among these hackers. Elite groups such as
Masters of Deception conferred a kind of credibility on their members.
13
Hacking Layer Model
Hacking can operate at many levels:
Hardware
Network
Systems software
Application layer
Social layer
14
Hacking is a science or art or both
Theory
Modify theory
 Theory
– anything that includes
code can be
compromised
 Hypothesis creation
Hypothesis
Data Gathering
and Analysis
– Identifying and
exploring the potential
approach
 Experiment
– Creating doctored files
that compromise the
system
Experiment
The V Model of Scientific Method
 Data Gathering &
Analysis
 Modify Theory
15
What do hackers do after hacking?
Patch security hole
The other hackers can’t intrude
Clear logs and hide themselves
Install rootkit ( backdoor )
The hacker who hacked the system can use the system later
It contains trojan ls, ps, and so on
Install irc related program
identd, irc, bitchx, eggdrop, bnc
Install scanner progra
mscan, sscan, nmap
Install exploit program
Install denial of service program
Use all of installed programs silently
16
How can be a real hacker?
Study Programming language
 C/C++/assembly
 Python/ Perl/Lisp
 .Net/ Java/ JS
Study computer architecture
Study operating system
Study computer network
Examine the hacking tools for a month
Think the problem of the computer
17
Why can’t defend against hackers?
There are many unknown security hole in
System/ Network
Hackers need to know only one security hole
to hack the system
Admin need to know all security holes to
defend the system
18
How can protect the system?
Prevention is always better than cure so always follow these steps:
1. Don't use cracked softwares and don't download them from
unauthorized websites.
2. Always keep your antivirus and anti-spyware up to date.
3. Always scan the files before transferring them to your USB.
4. Do not allow other users to use your PC i.e password protect it.
5. Patch security hole often
6. Encrypt important data, e.g. pgp, ssh
7. Do not run unused programs/application/script
8. Remove unused setuid/setgid program
9. Setup loghost
10.Use switch hub
11.Setup firewall, e.g. ipchains
12.Check unintentional changes, e.g. tripwire
13.Backup the system often
19
What should do after hacked?
Shutdown the system Or turn off the system
Separate the system from network
Restore the system with the backup Or
reinstall all programs
It can be good to inform the police/
concerned person
20
Why should follow ethics ?
Beyond the ethical and moral reasons, there are very practical reasons why
you should follow ethics:
• It’s very easy to be caught. Even the most sophisticated hackers get
caught. See for example Kevin Mitnick, Jeanson James Ancheta, and
Albert Gonzalez (http://en.wikipedia.org/wiki/Albert_Gonzalez)
– The penalties for unethical hacking are steep. The above listed hackers all spent at
least 5 years in prison (Albert Gonzalez is currently serving 20). Also, once you are
convicted of a computer crime, it is very difficult to get a job having anything to do
with computers. Employers will be scared of you. Furthermore many ethicalhacking jobs (mostly in the government) will require that you take a lie detector
test, and they will ask if you have committed computer crimes.
• There are great rewards for being ethical. For example, if you figure out
how to hack Google (using ethical techniques) you can tell Google how
you did it and they will give you a reward as much as $20,000. There
are also lots of high-paying jobs for ethical hackers.
21
List of attacks
1. Passive
•Network
•wiretapping
•Port scanner
•Idle scan
2. Active
•Denial-of-service attack
•Spoofing/ Phishing
•Network
•Man in the middle
•ARP poisoning
•Ping flood
•Ping of death
•Smurf attack
•Host
•Buffer overflow
•Heap overflow
•Format string attack
22
How do computers work ?
23
How do computers work ? - DoS
• Computers talk to each other kind of like the way people talk to each
other. For example, I could ask you “What’s 2+2?” (the request), you
could calculate that and give me the answer (the response).
• Going farther with this analogy, let’s imagine there is a group of people
gathered in a room. Every person in the room represents a computer. One
person represents a “server,” which is simply a person (or computer) that
receives requests, calculates results, and sends them back as responses.
All the other people are “clients,” which are simply people (or computers)
that give requests to servers.
• The one person designated as the server will do math problems for you if
you request it. The server can only work on one math problem at a time.
The clients take turns asking the server to do math problems.
24
How do computers work ? - DoS
• Let’s think about hacking the server. Is there a way you could crash the
server? Could you send a math problem to the server, that clogs it?
• If you ask the server “What’s 98323277899899 divided by 84672511″ I
bet it would take a very long time for the person to calculate the result.
And since the server can only work on one problem at a time, all the
other client’s would be ignored while the server is working on that one
really hard problem.
• You can crash computers like this!
• This type of attack is called a “denial of service” (DoS) because it
denies other clients access to the service. It won’t always work
because a good program will realize it is being overloaded and quit
before it gets clogged. But sometimes it works.
25
Networking
Man in the middle
ARP poisoning
26
Spoofing
1.
2.
3.
4.
5.
6.
Spoofing and TCP/IP
Referrer spoofing
Poisoning of file-sharing networks
Caller ID spoofing
E-mail address spoofing
GPS Spoofing
27
Different ways to attack comp. security
28
Example
29
To create Keylogger using C# .Net
1. Advantage of Spyware-keylogger
Very simple and easy method.
Victim can't detect that you are hacking.
2. How to create Keylogger using C# .Net
Development environment of C# .Net
Knowledge about C# .net(need, if you are going to develop
the code).
3. Execute the program
4. Run keylogger in your system. whatever
you type using keyboard. It will be stored in
Log.txt file. you can see the log.txt file where
you save the file.
30
Example of hackers’ language
Character
Hacker’s Language
i or l
1
e
3
a
4
t
7
g
9
o
0
s
$
i or l
|
n
|\|
m
|\/|
z
s
ph
f
ck
x
Example
Before Hacking
– I did not hack this
page, it was like this
when I hacked in
After Hacking
– 1 d1d |\|07 h4x
7h1s p493, 17
w4$ l1k3 7h1s
wh3|\| 1 h4x3d
1|\|
31
Referred Website
http://en.wikipedia.org
32
Offered Course
Ethical Hacking Training Bootcamp Certified Information Security
Expert
Background: CISE (Certified Information Security Expert)
certification is one of the most recognized certification in
Information Security and Ethical Hacking Domain. The Program
covers all aspects of Information Security and Ethical Hacking,
enabling one to become an Information Security Expert.
Training Duration: 80 Hours
33
About Us
34
What is Career ?
35
Role of Global Professional Knowledge Center
36
Our Expertise
•Highly Qualified & Trained Faculty
•24x7 Online Test Facility (OTF)
•Performance Analysis & Regular Feedback
37
International Teaching Methodology
Analyze your Coaching
Need by Counselor
Regular Online Test
Online Test to Measure
your preparation
Start Class Coaching
Suggest the coaching
duration
Registration
Regular Feedback on
Performance
38
Contact us
ProKTC@outlook.com
ProKTC@hotmail.co.in
ProKTC@hotmail.com
ProKTC@live.in
ProKTC@outlook.in
05688 – 250208, 9219442500
39
Our Partners
http://talenttuner.com
http://ambersys.in
40
proktc@outlook.com
Thank You
41
Related documents
What is Ethical Hacking??
What is Ethical Hacking??
Chps 5, 7, & 12 Topics for paper
Chps 5, 7, & 12 Topics for paper
Unit 20 – The Ex Hacker – Model Answers
Unit 20 – The Ex Hacker – Model Answers
20-minute Intro to Hacking
20-minute Intro to Hacking
File
File
Problem Solving Essay.doc
Problem Solving Essay.doc
Hackers (Presentation)
Hackers (Presentation)
Computer Crimes - Bucknell University
Computer Crimes - Bucknell University
wk7
wk7
full paper on Ethical Hacking
full paper on Ethical Hacking
Hackers, Hacking, and CEHv8
Hackers, Hacking, and CEHv8
Computer Hacking: The Essential Hacking Guide for Beginners
Computer Hacking: The Essential Hacking Guide for Beginners
Download
advertisement