Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
Uploaded by nope noper

SIM CSCI369 L1-1 S3 2023

advertisement 
CSCI369 Ethical Hacking
Lecture 1-1: Introduction to Ethical Hacking
A/Prof Joonsang Baek
School of Computing and Information Technology
This slide is copyrighted. It must not be distributed without
permission from UOW
1
About This Subject
• Lecturer: A/Prof Joonsang Baek
• Lectures
ØLecture slides will be uploaded on the Moodle site.
ØRecorded lectures will be available from Moodle.
This slide is copyrighted. It must not be distributed without
permission from UOW
2
About This Subject
• Lab
ØTutors:
ØKali Linux (on VirtualBox) will be your main platform
ØLab quiz will be administered during the lab.
ØLab instructions will be uploaded in the Moodle site.
This slide is copyrighted. It must not be distributed without
permission from UOW
3
About This Subject
• Textbooks and learning material
ØNo textbook but you may want to have a look at various material
related to the topics.
ØYou can refer to any online resources but they need to be
referenced when you do homework
This slide is copyrighted. It must not be distributed without
permission from UOW
4
About This Subject
• Kali Linux VM
ØWe will be using Kali Linux 2023.2.
ØLink for the Kali iso files: https://www.kali.org/get-kali/#kalivirtual-machines
ØPlease download and install it on VirtualBox.
• Ubuntu & Windows VM
ØWe will be using the current versions.
ØYour tutors will inform you about these.
This slide is copyrighted. It must not be distributed without
permission from UOW
5
About This Subject
• Assessment
ØLab assessment (Three quizzes)
ü20%: Theory (lectures) + Practice (lab)
ØAssignment
ü30%: Problem Solving + Programming
ØFinal
ü50%: Theory + Problem Solving
This slide is copyrighted. It must not be distributed without
permission from UOW
6
Defining Penetration Testing
• The term “hacker”
ØHow my English dictionary defines a hacker:
üA person who uses computers to gain unauthorised access to data
üAn enthusiastic and skilful computer programmer or user
• Different kinds of hackers
ØEthical Hackers (=white hat Hackers): Hackers characterised by
having a code of ethics to work for the benefits of the public.
This slide is copyrighted. It must not be distributed without
permission from UOW
7
Defining Penetration Testing
• Different kinds of hackers (continued)
ØGrey Hat Hackers: Hackers straddling the line between good sides
and bad sides. Perhaps they have been “rehabilitated”.
ØBlack Hat Hackers: Hackers operating on the wrong side of the
law. They may have an agenda or no agenda at all.
ØCyberterrorists: A new form of hackers trying to destroy targets
and cause bodily harm. Sometimes their actions are not stealthy.
This slide is copyrighted. It must not be distributed without
permission from UOW
8
Defining Penetration Testing
• Penetration tester?
ØA penetration tester or a pentester is a white hat hacker employed
either as an internal employee or as an external entity to conduct
a penetration test.
• Penetration testing?
ØSurveying, assessing and testing the security of a given
organization by using the same techniques, tactics and tools that a
malicious hacker (black hat hacker and/or cyberterrorist) would
use.
ØIn this subject (CSCI369), I would equate “penetration testing”
with “ethical hacking”.
This slide is copyrighted. It must not be distributed without
permission from UOW
9
Defining Penetration Testing
• Summary
Øpenetration testing = pentesting = ethical hacking
ØPenetration tester = pentester = white hat hacker
This slide is copyrighted. It must not be distributed without
permission from UOW
10
Evolution of Hacking Activities
• Before 90s
ØHackers in early days are those who were curious and passionate
about new technologies and spent some time to discover inner
workings and limitations of the computer/communication
systems.
üExample: Steve Jobs and Steve Wozniak’s Blue Box phone phreaking
system: Simulating signalling tones of telephone exchanges to make free
long-distance calls!
üPCs were stand-alone: A hacker’s curiosity usually ends in one PC.
This slide is copyrighted. It must not be distributed without
permission from UOW
11
Evolution of Hacking Activities
• After 90s
ØComputers are connected through the Internet: The Internet
offers an irresistible lure for hackers, who can spread their
activities widely and seriously.
Ø(Not so) Benign attacks at early stages: defacing web pages.
This slide is copyrighted. It must not be distributed without
permission from UOW
12
Role of the Internet in Hacking
• Much more malicious attacks came later as the Internet
provides a lot of services:
ØMassive data breach against Apple’s iCloud in August 2014:
Resulted in lawsuit by many people whose personal photos were
stolen
ØTarget’s data breach in September 2014: Resulted in disclosure of
nearly 56 million credit card accounts
ØCybersecurity incidents in various levels of seriousness against
Obamacare website from March 2015 to the end of 2016
This slide is copyrighted. It must not be distributed without
permission from UOW
13
Role of the Internet in Hacking
ØMalware called “Spit Cash” was used to steal nearly $3 million from the
ATM machines of First Commercial Bank in Taiwan in July 2016
üThose ATMs were not physically tampered with but a server of the bank in
London was hacked.
• Not only PCs and mainframes but all the small devices that are
pervasive in our daily lives are connected through the Internet
ØSmartphones, smartwatches, smarttoasters, smartfridges etc. can be
targets
ØRecently security for the Internet of Things (IoT) is becoming more and
more important.
This slide is copyrighted. It must not be distributed without
permission from UOW
14
Infamous Hackers and Hacking Cases
• 1988: Internet worm
ØCreated by Robert T. Morris
ØIt replicated extremely quickly and indiscriminately, resulting in
widespread slowdowns of the whole Internet
• 1990: Taking over telephone lines for LA-based radio station KIISFM
ØDone by Kevin Lee Poulsen
(https://www.youtube.com/watch?v=cO1LRhcImSc ), nick named “Dark
Dante” to ensure that he would be 102nd to win a Porche
ØResulted in being him banned from using the Internet
ØHe is an editor at Wired magazine now
This slide is copyrighted. It must not be distributed without
permission from UOW
15
Infamous Hackers and Hacking Cases
• 1999: Melissa virus
ØCreated by David L. Smith
ØDistributed as an email attachment; if clicked, the virus will delete files
in the infected system and the same email will be sent to 50 addresses
on the Outlook address book;
• 2002: Breaking into US military networks
ØDone by Gary McKinnon
ØDeleted critical files on information on weapons and other military
systems
• 2005: Breaking into Paris Hilton’s phone
ØDone by Cameron Lacroix
ØExposed thousands of personal records.
This slide is copyrighted. It must not be distributed without
permission from UOW
16
Infamous Hackers and Hacking Cases
• 2009: Defrauding the Bank of America
ØDone by Kristina Svechinskaya
ØUsed a Trojan horse to open thousands bank accounts, through
which she skimmed around $3.4 billion in total
• 2010 to now: Multiple hacking incidents
ØDone by “Anonymous” the hacking group
ØTargeted famous individuals and groups including Donald Trump
and his presidential campaign
• A must watch (for fun):
https://www.sbs.com.au/ondemand/program/cyberwar
This slide is copyrighted. It must not be distributed without
permission from UOW
17
Cyberlaw
• Its introduction due to
Øthe difficulty of existing legal framework to keep on technological
advances in cyberspace;
Øthe fact that more crimes take place within cyberspace.
• Scope
ØCyberlaw can touch on many elements including contracts,
interactions between suppliers and consumers, policies for
handling of data and accessing corporate systems, complying with
government regulations and programs etc.
ØThere may be some controversies in some part of cyberlaw
though…
This slide is copyrighted. It must not be distributed without
permission from UOW
18
Controversies
• FISA (Foreign Intelligence Surveillance Act of 1978
Amendment Act of 2008)
ØThis US Federal law allows the US government to conduct
electronic surveillance on “agents of foreign powers” suspected of
espionage or terrorism à if one of the parties involved in the
communication is US citizen, the law can be applied.
This slide is copyrighted. It must not be distributed without
permission from UOW
19
Controversies
ØThe electronic surveillance can be performed with or without a
court order:
üThe US president can authorize without a court order only to acquire
foreign intelligence
üThe secretive FISA court was created to issues surveillance warrants. The
approval rate was very high according to 2006 statistics: Only 5 rejections
out of 22,990 applications
üThe FISA court was responsible for NSA (National Security Agency)’s
PRISM program, a mass surveillance program revealed by Edward
Snowden
This slide is copyrighted. It must not be distributed without
permission from UOW
20
Cybercrime Law
• Scope
ØThe part of cyberlaw relevant to our Ethical Hacking subject is
“cybercrime law”
• Cybercrime laws
ØUS: 18 U.S.C. $1028 (read as “Title 18, United States Code Section
1028”), $1029, $1030, $1037,…
üFor example, $1037 is “Fraud and related activity in connection with electronic
mail”
ØAustralia: Cybercrime Act 2001
üFor example, Cybercrime Act 2001 Part 10.7 Division 477 Subsection 477.1
specifies “Unauthorised access, modification or impairment with intent to
commit a serious offence”
This slide is copyrighted. It must not be distributed without
permission from UOW
21
Categories of Cybercrime According to Law
• Identity theft
ØStealing of the information that allow a person to impersonate
other person(s) for illegal purposes, mainly financial gains such as
opening credit card/bank account, obtaining rental properties and
etc.
• Theft of service
ØUse of phone, Internet, streaming movies or similar items without
permission; it usually involves password cracking
ØExample: Sharing a Netflix account with even friends can be
considered as theft and can be prosecuted in certain states of US.
This slide is copyrighted. It must not be distributed without
permission from UOW
22
Categories of Cybercrime According to Law
• Network intrusion or unauthorised access
ØMost common type of attack; it leads to other cybercrimes
ØExample: Breaking into your neighbour’s WiFi network will open a lot of
opportunities of attack.
• Posting and/or transmitting illegal material
ØDistribution of pirated software/movies, child pornography
ØGetting hard to stop it due to file sharing services, encryption and etc.
• Fraud
ØDeceiving another party or parties to illicit information or access
typically for financial gain or to cause damage
This slide is copyrighted. It must not be distributed without
permission from UOW
23
Categories of Cybercrime According to Law
• Embezzlement
ØA form of financial fraud involving theft and/or redirection of
funds
• Dumpster Diving
ØGathering information from discarded/unattended material (ATM
receipt, credit card statement and etc.)
ØGoing through rubbish itself is not illegal but going through
rubbish in private property is
This slide is copyrighted. It must not be distributed without
permission from UOW
24
Categories of Cybercrime According to Law
• Writing malicious codes
ØMalicious codes refer to items like viruses, worms, spyware, adware,
rootkits, ransomware and other types of malware
ØThis crimes is to cause havoc and/or disruption
• Unauthorised destruction or alteration of information
ØThis covers modifying, destroying and tampering with information
without appropriate permission
• DoS (Denial of Service) /DDoS (Distributed Denial of Service)
ØOverloading a system’s resources so that it cannot provide the required
services to legitimate users
ØDDoS is performed in a larger scale – It is not possible to prevent DoS
by blocking one source
This slide is copyrighted. It must not be distributed without
permission from UOW
25
Categories of Cybercrime According to Law
• Cyberstalking/Cyberbullying
ØA relatively new crime on the list. The attacker uses online
resources and other means to gather information about an
individual and uses this to track, in some cases, to meet the
person (cyberstalking); to harass the person (cyberbullying)
• Cyberterrorism
ØAttackers make use of the internet to cause significant bodily
harm to achieve political gains
ØThe scope of cyberterrorism is controversial
ØRelated to information warfare
This slide is copyrighted. It must not be distributed without
permission from UOW
26
Penetration Testing Methodology (Overview)
1.
2.
3.
4.
Determining the objectives and scope of the job
Choosing the type of test to perform
Gaining permission via a contract
Performing penetration testing
ØProcess of penetration testing specifies steps 4.1 to 4. 6
5. Creating a risk mitigation plan (RMP)
6. Cleaning up any changes made during the test
This slide is copyrighted. It must not be distributed without
permission from UOW
27
Penetration Testing Methodology
1. Determining the objectives and scope of the job
ØA pentester and a client should meet to discuss the objectives of
the test
ØExamples of objectives
üTo determine security weakness
üTo test an organisation’s security policy compliance, its employees’
security awareness
üTo test an organisation’s ability to identify and respond to security
incidents
This slide is copyrighted. It must not be distributed without
permission from UOW
28
Penetration Testing Methodology
ØScope of the test
üUsual network penetration testing
üSocial engineering testing: Human aspect in vulnerability
üApplication security testing: Finding flaws in software applications
üPhysical penetration testing: Testing the security of premises where digital
assets and network resources are stored
This slide is copyrighted. It must not be distributed without
permission from UOW
29
Penetration Testing Methodology
2. Choosing the type of test to perform
ØThree typical types of testing
1) Black-Box Testing
§ Most closely resembles the situation of an outside attack à This test is called
“external test”
§ Execute the test from a remote location much like a real attacker
§ The pentester will be extremely limited on information of the target
This slide is copyrighted. It must not be distributed without
permission from UOW
30
Penetration Testing Methodology
2) Grey-Box Testing
§ The pentenster will have some limited knowledge on the target, for example, (at
least) what operating system the target is mainly using
3) White-Box Testing
§ This gives the pentester full knowledge on the target
§ Basically this test simulates “insider attack” à This test is called “internal test”
This slide is copyrighted. It must not be distributed without
permission from UOW
31
Penetration Testing Methodology
3. Gaining permission via a contract
ØIt is vitally important to get clear and unambiguous permission to
perform a pentest: A written form of authorisation rather than a
verbal authorisation is important. It should include
üSystems to be evaluated
üPerceived risks
üTimeframe
üActions to be performed when a serious problem is found
üDeliverables
This slide is copyrighted. It must not be distributed without
permission from UOW
32
Penetration Testing Methodology
4. Performing penetration testing (More to come regarding
this)
5. Creating a Risk Mitigation Plan (RMP)
ØPurpose: RMP is to develop options and actions to enhance
opportunities and reduce threats in an organisation
ØContents: RMP should clearly document all the actions took place
including the results, interpretations and recommendations
6. Cleaning up any changes made during the test
ØThis is obvious step needed to prevent possible mishaps
This slide is copyrighted. It must not be distributed without
permission from UOW
33
Process of Penetration Testing
4.1 Information (Intelligence) Gathering
ØGather information about a target before performing active attacks
4.2 Scanning
ØBased on the information gathered, target the attack much more
precisely
4.3 Enumeration
ØDetermine the usefulness of what was uncovered in the scanning phase
4.4 Exploitation
ØFollowing enumeration, execute the attack
This slide is copyrighted. It must not be distributed without
permission from UOW
34
Process of Penetration Testing
4.5 Covering tracks
ØMake all attempts to remove evidence of being in a system
4.6 Maintaining Access
ØPlant backdoors or other means to leave something behind
• We will learn techniques for achieving these in CSCI369!
This slide is copyrighted. It must not be distributed without
permission from UOW
35
What We Want to Achieve
• CIA triad
ØConfidentiality
üKeep information
secret/private from those who
are not authorised
Co
y
nfi
ilit
de
ab
üKeep information in a format
that retains its original purpose
and meaning
nt i
a li
a il
Av
ty
ØIntegrity
ØAvailability
üKeep information and resources
available to those legitimate
This slide is copyrighted. It must not be distributed without
permission from UOW
Integrity
36
What We Want to Prevent
• Anti CIA triad
ØImproper disclosure
ure
üAccidental or malicious
revealing of information
isc
rd
pe
tio
Im
n
pro
ru p
ØDisruption
D is
üAccidental or malicious
modification of information
lo s
ØUnauthorised alteration
üAccidental or malicious
disturbance of information or
resources
This slide is copyrighted. It must not be distributed without
permission from UOW
Unauthorised altercation
37
Related documents
Week1 tutorial 2022-noans
Week1 tutorial 2022-noans
§ 107. Limitations on exclusive rights: Fair use
§ 107. Limitations on exclusive rights: Fair use
Appendix C: Guidelines for posting materials in a course management system
Appendix C: Guidelines for posting materials in a course management system
Petria McGoldrick
Petria McGoldrick
Fair Use in Music
Fair Use in Music
Csit314 1.Subject Introduction
Csit314 1.Subject Introduction
Download
advertisement