PowerPoint File of the Presentation - NC-NET

advertisement
Hands On Hacking
Professional Development for
North Carolina Computer
Instructors
Outline





Brief History of Hacking
Recent Trends: DDoS, Spam, Viruses, Identity Theft
What is a Hacker?
What is Ethical Hacking?
Anatomy of an Attack:
 Reconnaissance
 Scanning
 Gaining access
 Maintaining access
 Covering tracks
 Web Sites for Hacking Tools
Brief History of Hacking
PREHISTORY (before 1969) 
 1960s: The Dawn of
Hacking
Original meaning of the
word "hack" started at MIT;
meant elegant, witty or
inspired way of doing almost

anything; hacks were
programming shortcuts
ELDER DAYS (1970-1979)
 1970s: Phone Phreaks and
Cap'n Crunch: One

phreak, John Draper (aka
"Cap'n Crunch"), discovers a

toy whistle inside Cap'n
Crunch cereal gives 2600hertz signal, and can access
AT&T's long-distance
switching system.
Steve Wozniak and Steve
Jobs, future founders of Apple
Computer, make and sell blue
boxes.
THE GOLDEN AGE (19801991)
1983: Kids' Games
Movie "War Games"
introduces public to hacking.
THE GREAT HACKER WAR
Legion of Doom vs Masters
of Deception;
1984: Hacker 'Zines
CRACKDOWN (1986-1994)
1986: Computer Fraud and
Abuse Act
 1988: The Morris Worm
1989: THE GERMANS , THE KGB
AND KEVIN MITNICK
 German Hackers breaking into
U.S. computers; sold information
to Soviet KGB.
 Hacker "The Mentor“publishes
Hacker's Manifesto.
 Kevin Mitnick arrested.
 1993: Why Buy a Car When
You Can Hack One?
Call-in contest; Kevin Poulsen
crack phone; get two Porsches,
$20,000 cash, vacation trips;
Poulsen now covering computer
crime.
http://www.securityfocus.com
ZERO TOLERANCE (1994-1998)
 1995: The Mitnick Takedown:
Arrested again.
•1995: Russian Hackers
Siphon $10 million from
Citibank.
•Oct 1998 teenager hacks into
Bell Atlantic phone system;
disabled communication at
airport disables runway lights.
•1999 hackers attack Pentagon,
MIT, FBI web sites.
•1999: E-commerce company
attacked; blackmail threats
followed by 8 million credit card
numbers stolen.
(www.blackhat.info;
www.h2k2.net;
www.slais.ubc.ca/;
www.sptimes.com;
www.tlc.discovery.com)
Recent Trends: DDoS, Spam, Viruses,
Identity Theft, Phishing, Pharming
 Phishing: Attackers coined term “phishing” 1996 –
swindling AOL customers into giving up their
passwords. (www.zdnet.com) Email fraud epidemic;
1100 phishing campaigns in April; 178% increase
from previous month; 4000% increase since
November 2003. Gartner Group study: 40% of all
online users received phishing email; legit looking
email and asked for information; visit a site that
installs spyware or Trojan program allowing backdoor.
(www.technewsworld.com)
 “Warspammers” drive by spamming; compromises
wireless LANs to send spam; estimated 60-80% corp.
wireless networks unsecured; war driving and war
chalking also on the rise. (www.zdnet.com)
 Advanced Fee Fraud: Speculated that terrorists and
organized crime make money through use of advanced
fee fraud (Nigerian-style) and pirated software. Victims
“hired”; sent PC to ship to buyer; victim sent cashier's
check; told to deduct salary and mail back remainder;
checks are counterfeit; PCs purchased with stolen credit
cards.(www.securityfocus.com)
• Virus Gangs - trying to control their "turf“; gained access
with Trojans; launch a DDoS; sell to spammers who use
them anonymously to send spoofed spam; three gangs:
three groups: MyDoomers, Bagles, Netskys.
(www.zdnet.com) Recent arrest Netsky / Sasser author
Sven, 18 yr old in Germany; responsible for 70% viruses
in 2004; virus deletes “MyDoom” from PCs; after Microsoft
offered ¼ million reward, his friend turned him in.
(www.zdnet.com)
 Six men charged with DDoS attack against
business rival; hired hackers; victims suffer
$2 million loss. (www.zdnet.com)
 Gathering DDoS Storm: Estimated 90% of all home




PCs infected by spyware and Trojans; suggests potential
for largest DDoS attack "on a scale never before
experienced;" attackers who own zombies sell them to
spammers. (www.networkmagazine.com)
Google being used by hackers to see what people
photocopy; search engines cache or index everything on
the Internet. (www.ZDNet.com)
Pharmers “poison” DNS server redirecting Web requests
somewhere else; browser appears to be connected to the
right site and user is unaware. (www.ZDNet.com)
Cell Phone Virus: codenamed "Cabir ," attacks Nokia
phone enabled with Bluetooth technology.
(www.eweek.com)
2005: Paris Hilton smartphone
hacked; celebrity phone numbers
listed on Internet. (www.cnet.com)
What is a Hacker?
 Old School Hackers: 1960s style Stanford or MIT
hackers. Do not have malicious intent, but do have lack
of concern for privacy and proprietary information. They
believe the Internet was designed to be an open system.
 Script Kiddies or Cyber-Punks: Between 12-30;
predominantly white and male; bored in school; get
caught due to bragging online; intent is to vandalize or
disrupt systems.
 Professional Criminals or Crackers: Make a living by
breaking into systems and selling the information.
 Coders and Virus Writers: See themselves as an elite;
programming background and write code but won’t use it
themselves; have their own networks called “zoos”;
leave it to others to release their code into “The Wild” or
Internet. (www.tlc.discovery.com)
 Hacker classes
 Black hats – highly skilled,
malicious, destructive “crackers”
 White hats – skills used for
defensive security analysts
 Gray hats – offensively and
defensively; will hack for different
reasons, depends on situation.
 HaXor – want to be hackers for wrong reasons, and
lack the skill (www.cnet.com)
 Hactivism – hacking for social and political cause.
 Ethical hackers – determine what attackers can gain
access to, what they will do with the information, and can
they be detected.
 Any computer connected to Internet scanned several
times a day as a general rule.
What is Ethical Hacking?
 Ethical hacking – defined “methodology adopted by ethical
hackers to discover the vulnerabilities existing in information
systems’ operating environments.”
 Anatomy of an attack:
 Reconnaissance – attacker gathers information; can
include social engineering.
 Scanning – searches for open ports (port scan) probes
target for vulnerabilities.
 Gaining access – attacker exploits vulnerabilities to get
inside system; used for spoofing IP.
 Maintaining access – creates backdoor through use of
Trojans; once attacker gains access makes sure he/she
can get back in.
 Covering tracks – deletes files, hides files, and erases
log files. So that attacker cannot be detected or
penalized. (www.eccouncil.org)
Reconnaissance
 Reconnaissance: attacker seeks to gather





information
Footprinting: blueprinting of the security profile of
organization or target system undertaken in a
methodological manner.
 Locate network range, active machines, open
ports/access points, determine operating systems
Hacking Tool: NS Lookup - get host name, IP
address (online www.zoneedit.com/lookup.html)
Hacking Tool: Tracert (command prompt)
Hacking Tool: Trout
Hacking Tool: VisualWare
Scanning
 Attacker builds attack plan; finds limits of network;







assesses perimeter defenses; uses war dialers and
ping.
War dialers exploit unsecured modem to gain access;
ping detects current state
Hacking Tool: Ping (command prompt)
Hacking Tool: Genius
(www.indiesoft.com/genius322.exe)
Hacking Tool: LanNetScan
Hacking Tool: NMap
Hacking Tool: THC-Scan,
Hacking Tool: IPEye/IPSECSCAN
Gaining Access
 Includes password guessing and cracking, password










sniffing, vulnerability scanning, keystroke logging.
Password attacks: dictionary attack – taking list of
words; brute force attack – all possible passwords.
Places backdoor with a Trojan; removes evidence from
event system logs; disables antivirus.
Hacking Tool: Legion
Hacking Tool: Brutus
Hacking Tool: Sam Spade
Hacking Tool: Spector Pro
Hacking Tool: eBlaster
Hacking Tool: John the Ripper
Hacking Tool: Attacker
Hacking Tool: SuperScan
Using Sniffers and Keyloggers
 Sniffer is software that captures network traffic;






listens in; does not intercept or interfere; used for
retrieving passwords and user names.
Hacking Tool: Ethereal
Hacking Tool: Snort
Hacking Tool: Cain & Abel
Hacking Tool: Iris
Hacking Tool: HomeKeylogger
Hacking Tool: PerfectKeylogger
Crashing Servers
 Denial of Service (DoS): renders system unusable or







significantly ties up resources and slows network.
Distributed Denial of Service (DDoS) attack: breaking
into many machines to launch coordinated DOS attack
by installing DDoS software on them.
Ping of death: DoS whereby attacker sends IP packet
larger than 65,536 bytes normally allowed; causes buffer
overflow, freezes, reboots.
Hacking Tool: Ping of Death
Hacking Tool: Trinoo
Hacking Tool: Smurf
Viruses Hacking Tool: Senna Spy
Wireless Hacking Tool: AirSnort
Maintaining Access
 Trojan typically unauthorized program within







legitimate program; can be altered legitimate program;
or any program that appears to perform desirable but
also performs functions unknown to user.
Different types of Trojans: remote access, password
sending, keyloggers, destructive, denial of service, ftp,
software detection killers.
Trojans gain and retain access; can alter registry;
allow administrator access.
Hacking Tool: Tini
Hacking Tool: SubSeven
Hacking Tool: BackOrifice
Hacking Tool: Loki
Hacking Tool: Whack A Mole
Covering Tracks
 Steganography: art and science of hiding information




by embedding message within other objects; cannot be
detected; objects include: audio or video files, graphics,
“white spaces” within documents.
Hacking Tool: Image Hide www.dancemammal.com
Hacking Tool: Snow
Hacking Tool: Camera/Shy
Hacking Tool: StegDetect
Web Sites for Hacking Tools




http://www.foundstone.com
http://www.thenetworkadministrator.com/top2004hackertools.htm
http://www.hackingexposed.com/tools/tools.html
http://www.insecure.org/tools.html
Download