ETHICAL HACKING
OVERVIEW OF HACKING :
HACK :
EXAMINE SOMETHING VERY MINUTELY.
THE RAPID CRAFTING OF NEW PROGRAM OR THE MAKING OF
CHANGES TO EXISTING , USUALLY COMPLICATED SOFTWARE .
HACKER :
THE PERSON WHO HACKS .
CRACKER :
SYSTEM INTRUDER OR DESTROYER .
WHAT IS ETHICAL HACKING ?
INDEPENDENT COMPUTER SECURITY PROFESSSIONALS
BREAKING INTO THE COMPUTER SYSTEM .
NEITHER DAMAGE THE TARGET SYSTEMS NOR STEAL
THE INFORMATION.
EVALUATE TARGET SYSTEM SECURITY AND REPORT
BACK TO OWNER ABOUT THE VULNERABALITIES FOUND .
BLACK
TYPES HATS
WHITE
OF HATS
HACKERS GREY
HATS
DESCRIPTION ABOUT THE TYPES OF HACKERS :
PROFESSIONAL HACKERS :
BLACK HATS _____ THE BAD GUYS
WHITE HATS _____PROFESSIONAL SECURITY EXPERTS
SCRIPT KIDDIES :
MOSTLY KIDS /STUDENTS :
• Use tools created by black hats ,
- To get free stuff
- Impress their peers
- Not to get caught
o UNEMPLOYED ADULT HACKERS :
• FORMER SCRIPT KIDDIES
- CAN’T GET EMPLOYMENT IN THE FIELD
- WANT RECOGNITION IN HACKER’S COMMUNITY
- BIG IN EASTERN EUROPEAN COUNTRIES
o IDEOLOGICAL HACKERS :
HACK AS A MECHANISM TO PROMOTE SOME POLITICAL AND
IDEOLOGICAL PURPOSE
USUALLY CONCIDE WITH POLITICAL EVENTS .
TYPES OF HACKING
LOCAL
HACKING
REMOTE
HACKING
SOCIAL
ENGINEERIN
G
DESCRIPTION :
LOCAL HACKING
• LOCAL HACKING IS DONE FROM LOCAL AREA WHERE WE HAVE
PHYSICAL ACCESS LIKE THROUGH PRINTER ETC .
• WE CAN DO THIS TYPE OF HACKING THROUGH TROJAN AND VIRUSES
WITH THE HELP OF HARD DISK AND PENDRIVE.
:
REMOTE HACKING
• REMOTE HACKING IS DONE REMOTELY BY TAKING ADVENTAGE OF THE
VULNERABALITY OF THE TARGET SYSTEM .
SOCIAL
ENGINEERING
:
• SOCIAL ENGINEERING IS THE ACT OF MANIPULATING PEOPLE INTO
PERFORMING ACTIONS OR DIVULGING CONFIDENTIAL INFORMATION .
• IN MOST CASES THE ATTACKER NEVER COMES FACE TO FACE .
ETHICAL
HACKERS
ARE NOT
CRIMINAL
HACKERS
BUT
HOW ?
???
COMPLETELY TRUSTWORTHY
STRONG PROGRAMMING AND COMPUTER
NETWORKING SKILLS
LEARN ABOUT THE SYSTEM AND TRYING
TO FIND ITS WEEKNESSES
TECHNIQUES OF CRIMINAL- HACKERS –
DETECTION – PREVENTION
NO EX- HACKERS
PUBLISH RESEARCH PAPERS AND
RELEASED SECURITY
DIFFERENCE B/W
HACKER ETHICAL
HACKER
• ACCESS COMPUTER • PERFORM MOST OF THE
SYSTEM OR NETWORK SAME ACTIVITIES BUT
WITHOUT WITH THE OWNER’S
AUTHORIZATION AND PERMISSION AND
BREAKS THE LAW EMPLOYED BY
COMPANIES TO PERFORM
MODES OF
ETHICAL
HACKING
INSIDER ATTACK
OUTSIDER
ATTACK
STOLEN
EQUIPMENT
ATTACK
PHYSICAL ENTRY
THE
ETHICAL
HACKING
PROCESS
ETHICAL HACKERS MUST FOLLOW A
STRICT SCIENTIFIC PROCESS IN ORDER
TO OBTAIN USEABLE AND LEGAL RESULTS
1. Planning
2. Reconnaissance
3. Enumeration
4. Vulnerability Analysis
5. Exploitation
6. Deliverables
1- PLANNING :
• Planning is essential for having a successful project. It provides an opportunity to give critical
thought to what needs to be done, allows for goals to be set, and allows for a risk assessment
to evaluate how a project should be carried out.
• There are a large number of external factors that need to be considered when planning to carry
out an ethical hack. These factors include existing security policies , culture, laws and
regulations, best practices, and industry requirements. Each of these factors play an integral
role in the decision making process when it comes to ethical hacking. The planning phase of an
ethical hack will have a profound influence on how the hack is performed and the information
shared and collected, and will directly influence the deliverable and integration of the results
into the security program.
• Theplanning phase will describe many of the details of a controlled attack. It will attempt to
answer questions regarding how the attack is going to be supported and controlled, what the
underlying actions that must be performed and who does what, when, where, and for how long.
2- RECONNAISSANCE
• Reconnaissance is the search for available information or resources to
assist in an attack. This can be as simple as a ping or browsing newsgroups
on the Internet in search of disgruntled employees divulging secret
information or as messy as digging through the trash to find receipts or
letters.
• Reconnaissance can include social engineering, tapping phones and
networks, or even theft. The search for information is limited only by the
extremes at which the organization and ethical hacker are willing to go in
order to recover the information they are searching for.
• The reconnaissance phase introduces the relationship between the tasks that
must be completed and the methods that will need to be used in order to
protect the organization's assets and information.
3- ENUMERATION
• Enumeration is also known as network or vulnerability discovery. It is the act of
obtaining information that is readily available from the target's system, applications
and networks. It is important to note that the enumeration phase is often the point
where the line between an ethical hack and a malicious attack can become blurred as it
is often easy to go outside of the boundaries outlined in the original attack plan.
• In order to construct a picture of an organization's environment, several tools and
techniques are available. These tools and techniques include port scanning and NMap
. Although it is rather simple to collect information, it is rather difficult to determine
the value of the information in the hands of a hacker.
• At first glance, enumeration is simple: take the collected data and evaluate it
collectively to establish a plan for more reconnaissance or building a matrix for the
vulnerability analysis phase. However, the enumeration phase is where the ethical
hacker's ability to make logical deductions plays an enormous role.
4- VULNERABILITY ANALYSIS
• In order to effectively analyze data, an ethical hacker must employ a logical
and pragmatic approach. In the vulnerability analysis phase, the collected
information is compared with known vulnerabilities in a practical process.
• Information is useful no matter what the source. Any little bit can help in
discovering options for exploitation and may possibly lead to discoveries that
may not have been found otherwise. Known vulnerabilities, incidents,
service packs, updates, and even available hacker tools help in identifying a
point of attack. The Internet provides a vast amount of information that can
easily be associated with the architecture and strong and weak points of a
system
5-EXPLOITATION
• A significant amount of time is spent planning and evaluated an ethical hack. Of
course, all this planning must eventually lead to some form of attack. The exploitation of a
system can be as easy as running a small tool or as intricate as a series of complex steps
that must be executed in a particular way in order to gain access.
• The exploitation process is broken down into a set of subtasks which can be many steps
or a single step in performing the attack. As each step is performed, an evaluation takes
place to ensure that the expected outcome is being met. Any divergence from the attack
plan is classified into two determinations:
Expectations: Are the expectations of the exploitation being met or are the results
conflicting with the organization's assumptions?
Technical: Is the system reacting in an unexpected manner, which is having an impact on
the exploitation and the engagement as a whole?
6- DELIVERABLES
• Deliverables communicate the results of tests in numerous ways. Some
deliverables are short and concise, only providing a list of vulnerabilities
and how to fix them, while others are long and detailed, providing a list of
vulnerabilities with detailed descriptions regarding how they were found,
how to exploit them, the implications of having such a vulnerability and
how to remedy the situation.
• The deliverable phase is a way for an ethical hacker to convey the results
of their tests. Recently, ethical hacking has become so commoditized that
if a deliverable does not instill fear into the hearts of executives, it could
be considered a failure
ETHICAL
HACKING
SKILLS AND
KNOWLEDG
E
REQUIRED SKILLS
• An ethical hacker is required to possess a vast arrangement of computer
skills. It is not feasible for each ethical hacker to be an expert is every
field and thus ethical hacking tiger teams whose members have
complementing skills are created to provide an organization with a team
possessing the complete skill set required of an ethical hacker.
• Organizations may have a wide variety of computer systems and it is
essential for any ethical hacker to have expertise in operating systems ,
as well as network hardware platforms. It is also fundamental that an
ethical hacker posses a solid foundation of the principles of information
security .
SALARIE
S AND
TRENDS
A SURVEY DONE BY THE
INTERNATIONAL DATA CORP (IDC)
SAYS THAT THE WORLDWIDE
DEMAND FOR INFORMATION
SECURITY PROFESSIONALS STANDS
AT 60,000 AND COMPANIES SUCH
AS WIPRO, INFOSYS, IBM, AIRTEL AND
RELIANCE ARE ALWAYS LOOKING
FOR GOOD ETHICAL HACKERS
IN THE UNITED KINGDOM, THE FOLLOWING
TRENDS HAVE BEEN SEEN FOR DEMAND
AND SALARIES OF ETHICAL HACKERS.
BENEFITS TO TEACHING AND
EMPLOYING ETHICAL HACKING
TECHNIQUES, THERE ARE
PROBLEMS THAT LEAD SOME
TO QUESTION THE PRACTICE. IT
IS FEARED THAT SCHOOLS MAY
BE TEACHING DANGEROUS
SKILLS TO STUDENTS THAT ARE
UNABLE TO MAKE CORRECT
DECISIONS ON HOW TO USE
MARCUS J. RANUM, A COMPUTER SECURITY PROFESSIONAL
HAS OPENLY OBJECTED TO THE TERM ETHICAL HACKER,
SAYING
"THERE'S NO SUCH THING AS AN 'ETHICAL HACKER' -
THAT'S LIKE SAYING 'ETHICAL RAPIST' - IT'S A
CONTRADICTION IN TERMS" [9].
A SIGNIFICANT PART OF THE CONTROVERSY SURROUNDING
ETHICAL HACKING ARISES FROM THE OLDER DEFINITION OF
HACKER AND ITS ASSOCIATION WITH THE IDEA OF A
COMPUTER CRIMINAL.
HOWEVER, SOME ORGANIZATIONS DO NOT SEEM TO MIND THE
ASSOCIATION AND HAVE HAD A SIGNIFICANT INCREASE IN
CAREERS WHERE CEH AND OTHER ETHICAL HACKING
CERTIFICATIONS ARE PREFERRED OR REQUIRED.
1. ETHICAL ISSUES
One of the concerns about teaching ethical hacking is that the
wrong people may be taught very dangerous skills. Hacking
skills were traditionally acquired by many hours of practice or
intense tutoring from another hacker. University programs and
commercial training classes are now offering a new way for
aspiring hackers to learn how to penetrate systems. Teaching
students how to attack systems without providing ethical training
may be teaching criminals and terrorists how to pursue their
illegal activities. Some individuals have compared teaching ethical
hacking to undergraduate students to handing them a loaded gun.
2. LEGAL LIABILITY
• Adding ethical hacking to a curriculum raises a variety of legal issues where
schools and faculty members may be held responsible for the actions of their
students. The use of many hacking tools outside of an isolated test
network may be illegal. By allowing unmonitored hacking sessions, the
school or faculty member may be allowing a breach of the law or violation of
software licensing agreements.
• In a case of The United States versus Morris, a judge determined that the
Computer Fraud and Misuse Act (18 USC 1030) applies to educational
institutions and that an individual is liable for the accidental release
of malware . The schools that facilitated the creation of malware would be
liable for damages from malware released from their labs.
FORCING SERVICES AND INFORMATION ON
ORGANIZATIONS AND SOCIETY
• Sometimes ethical hackers operate without the permission or knowledge of the owners
of a system. The rationale given for this is that they are only testing security and do not
intend to cause damage or compromise any individual’s privacy.
• However, ethical hackers may be able to uncover information about Web sites and
applications that the owners of these sites and applications do not want uncovered.
The situation is compared to finding a note on your refrigerator informing you that "I
was testing the security of back doors in the neighborhood and found yours
unlocked. I just looked around. I didn't take anything. You should fix your lock."
This situation is what leads to the necessity for a proper test plan and strict guidelines
for following it.
FUTURE
SCOPE
OF
ETHICA
L
HACKIN
AS IT IS AN INVOLVING BRANCH ,THE
SCOPE OF ENHANCEMENT IN
TECHNOLOGY IS IMMENSE .
NO ETHICAL HACKER CAN ENSURE THE
SYSTEM SECURITY BY USING THE SAME
TECHNIQUES REPEATEDLY .
HOW WOULD HAVE TO IMPROVE ,
DEVELOP AND EXPLORE NEW AVENUES
REPEATEDLY.
MORE ENHANCED SOFTWARE’S SHOULD
BE USED FOR OPTIMUM PROTECTION .
TOOLS USED, NEED TO BE UPDATED
REGULARLY AND MORE EFFICIENT ONES
NEED TO BE DEVELOPED
•
REFERENCES
Twincling Society Ethical Hacking Seminar 2006. Retrieved March 27, 2009.
• Krutz, Ronald L. and Vines, Russell Dean. The CEH Prep Guide: The Comprehensive Guide to Certified Ethical Hacking .Published by John Wiley and Sons, 2007.
• Palmer, Charles. Ethical Hacking Published in IBM Systems Journal: End-to-End Security, Volume 40, Issue 3, 2001.
• Tiller, James S. The ethical hack: a framework for business value penetration testing Published by CRC Press, 2005.
• Beaver, Kevin and McClure, Stuart. Hacking For Dummies Published by For Dummies, 2006.
• Certified Ethical Hacking Seminar 2006. Retrieved March 27, 2009.
• Certified Ethical Hacking EC-Council 2009. Retrieved March 27, 2009.
• Certified Ethical Hacking EC-Council 2009. Retrieved March 27, 2009.
• Ethical Hacking Jobs 2009. Retrieved March 27, 2009.
• D'Ottavi, Alberto. Interview: Father of the Firewall 2003. Retrieved March 27, 2009.
• Livermore, Jeffery. What Are Faculty Attitudes Toward Teaching Ethical Hacking and Penetration Testing? Published in Proceedings of the 11th Colloquium for
Information Systems Security Education, 2007