Documente Academic
Documente Profesional
Documente Cultură
What is a Ethical Hacking? Defining hacker. Information security and Ethical hacking. Ethical hacking approaches. Ethical Hacking 101. Understanding the Need to Hack Your Own Systems. Understanding the Dangers Your Systems Face Some attacks. Obeying the Ethical Hacking Commandments. Goals ,Need, Benefits and Drawback of Ethical hacking. Sources.
acquired through formal education in computer programming. This work requires creativity, and the ethical hacker must be able to think outside of the box, coming up with as many possible ways as he or she can derive, a system might be encroached upon by black hats. Ethical Hacking is the most extreme form of technical security testing. On the basis of a clearly defined assignment from the client, our security consultants attempt to gain electronic access to the target system (components in the DMZ or LAN/WAN). Unlike in a security scan, penetration test or an application security audit, the testers are looking for vulnerabilities only until they find an appropriate one to reach the predefined target. Therefore, not all vulnerabilities will be identified and documented. The aim of ethical hacking is to discover design-based security holes and to exploit trusts. In addition to the above, the response of the internal security team/equipment is tested, another important component of a security model. Furthermore, the objective of an ethical hacking test is to cover the points which a typical penetration test lacks. In an ethical hacking test, different approaches will be used depending on the objectives of the project. Since the goal is to focus on the design and not on the software, the number of the systems which are in scope should be fairly large. Due to growing of IT hacking activity worldwide, people are becoming more and more concerned about their security system failures. Throughout your business or everyday life you probably came across with such issues as hacking, system security, data protection etc. The cancer of modern technology, hacking, is having rapid development and expanding its targets absorbing business, state and other confidential systems. If you are running a business which deals with huge amount of data and networking then you should really care about your systems security and protection... But is it possible to ensure system security in this age of technology and networks? The answer is Yes and we will find out how it works. Anatomy of Hack When protecting against hacking it is essential to understand precisely its anatomy and the phases it passes from preparing the attack to gaining access. Usually hack passes this type of activity cycle. 1. Reconnaissance: trespasser or attacker gathers information on potential target and plans his attack. This may be complemented with either passive or active reconnaissance. a. On Active Reconnaissance phase attacker carefully probes the network structure with an objective of finding open hosts and ports, routers, operating systems. b. Passive Reconnaissance assumes monitoring and scanning of system data or operating system components to identify available parts for hacking.
2. Scanning: this is the scanning of the target system to detect its vulnerable points for access. This kind of exploit points can be found in different parts of the system like open ports, software and hosting systems. 3. Access or Attack: at this phase attacker is gaining access to the targeted system and launches their attack. Hacking can have different forms and affects; system and servers hacking, passwords cracking, viruses and worms, cryptography, sniffers, manipulating of log files, service denials or termination, protocol attacks etc. Most hackers are inclined to maintain access of the system and periodically attack it. If the system is not protected and monitored properly they succeed mostly. In such cases damage and data loss cannot be measured and reverted. The White Hat Concept The process of monitoring, testing and securing of IT systems is called Ethical Hacking or White Hat (also known as penetration testing, intrusion testing, red teaming). Ethical hackers or white hat hackers specialize in scanning, securing and protecting systems and networks. They are penetration testers who deploy various testing techniques and tools, to uncover system security vulnerabilities and protect them from external intrusion. Ethical hacking assumes not only scanning and securing systems. It also handles the task of exploring different aspects of hacking and engagement of effective methodologies. a. Detection of vulnerable parts in the system b. Defining level and extent of the usage of accessed information c. Catching potential threats and preventing them successfully d. Capability of tracking any attempts of external access to system Identify your security priorities Actual needs bring in new problems and require optimal solutions. The more a company expands the more it requires utmost attention for IT system and network security. Before you hire any ethical hacker service you should first distinctly identify security priorities for your system or network. You may need to review your companys privacy policy or business requirements to understand what to protect and when, thus revealing your system security cases. Mostly, when possible to identify possible direction or sources of danger, planning and implementation of penetration testing will be more effective. Time to eth-hack! Today they are many companies and experts who provide ethical hacking services. Except reviewing their experience and portfolio you should also do some research on methodologies and tools they utilize for ethical hacking. While getting acquainted to some new software you may find some of them comprehensive or useless for you.
Furthermore, some of them provide user-friendly features and GUIs so that one could find them handy for personal use. If you find one actually you will save your time and money planned for testing your system security. Many companies focus on reviewing and rating of software and applications available in market. Rating is provided through such factors as features, user-friendliness, performance, support, value for money etc. So if you are interested in deploying effective software and tools for your IT security you should have closer a look at some popular ratings by authoritative reviewers.
Defining hacker
Hacker is a word that has two meanings: Traditionally, a hacker is someone who likes to tinker with software or electronic systems. Hackers enjoy exploring and learning how computer systems operate. They love discovering new ways to work electronically. Recently, hacker has taken on a new meaning someone who maliciously breaks into systems for personal gain. Technically, these criminals are crackers (criminal hackers). Crackers break into (crack) systems with malicious intent. They are out for personal gain: fame, profit, and even revenge. They modify, delete, and steal critical information, often making other people miserable. The good-guy (white-hat) hackers dont like being in the same category as bad-guy (black-hat) hackers. (These terms come from Western movies where the good guys wore white cowboy hats and the bad guys wore black cowboy hats.) _ Hackers (or bad guys) try to compromise computers. _ Ethical hackers (or good guys) protect computers against illicit entry.
Security Compliance is must for all companies with IT backbone. The requirement is high with organizations in IT / ITES segment. Information workers lack of basic security knowledge Information Security Industry is going through an exponential growth rate, current worldwide growth rate is billed at 21%. Higher salaries are been offered to professionals in IT security. Information Security industry is currently over $ 100 billion (2006), $ 60 bn in US, $ 20 bn in UK, $4.5 bn in Japan, $ 1.5 bn in India, etc.
Shoot all: The shoot-all approach is adopted to evaluate the security risk and related
consequences, if a host of the audited network is compromised. All available resources of the compromised host are utilised to exploit design-based vulnerabilities. This can be done by means of post-exploitation techniques, such as installing back doors, tools for finding user/administrator credentials, etc. In addition, the network traffic is analysed to gain access information from the data stream. Captured credentials are then used to jump from one host in the network to another one, which to that point would have been considered secure. Examples of possible techniques are: hijacking Windows NT access tokens, Kerberos credentials hijacking, using ssh private keys, UNIX TTY hijacking, etc. Capture the flag: The capture-the-flag approach is adopted to evaluate the probability that a system belonging to the object of investigation is compromised. Although the objective usually is to assess a specific and critical component, the capture-the-flag approach lends itself to testing the response of an internal security team in case of an attack. Because the range of exploited components is reduced, security probes are less likely to be triggered. Before the project starts, a flag is defined, which represents the critical resource (e.g. data, e-mail, system, etc.) that has to be conquered within a given time frame. Techniques used are similar to the ones in the shoot-allapproach. In addition, bots may be employed. The capture-the-flag approach comes closest to a real hacker attack.
Degree of Information
The client defines how much information should be shared with both parties (tester and administrators/users of the systems in scope):
Double blind: The testers do not have knowledge about the systems to be tested prior to the
audit. The administrators and users of the tested systems are unaware of the security audit. This is the most realistic approach. Blind: The administrators and users of the audited systems are unaware of the security audit. The objective is to test the response of the security team. Black box: The testers do not have knowledge about the systems to be tested prior to the audit. Administrators/users are informed before the test. The objective is to assess the vulnerabilities and to exploit them. White box: The testers obtain all information of the systems to be audited in detail. Administrators/users are informed before the audit. The objective is to simulate an attack with
insider information.
Grey box: The testers obtain partial information of the systems. Administrators/users are
informed before the audit. This approach allows to speed up the audit by avoiding wasting precious project time.
Depending on the project, the same information channels are used as those by hackers before the actual attacks (e.g. social engineering, dumpster diving, footprinting and fingerprinting). The majority of the work is brainwork, i.e. the scope for using tools is limited. The basic module ethical hacking can be extended with several optional supplementary modules.
all possible vulnerabilities on all your systems. You cant plan for all possible attacks -especially the ones that are currently unknown. However, the more combinations you try the more you test whole systems instead of individual units the better your chances of discovering vulnerabilities that affect everything as a whole. Dont take ethical hacking too far, though. It makes little sense to harden your systems from unlikely attacks. For instance, if you dont have a lot of foot traffic in your office and no internal Web server running, you may not have as much to worry about as an Internet hosting provider would have. However, dont forget about insider threats from malicious employees! Your overall goals as an ethical hacker should be as follows: Hack your systems in a nondestructive fashion. Enumerate vulnerabilities and, if necessary, prove to upper management that vulnerabilities exist. Apply results to remove vulnerabilities and better secure your systems.
Nontechnical attacks
Exploits that involve manipulating people end users and even yourself are the greatest vulnerability within any computer or network infrastructure. Humans are trusting by nature, which can lead to social-engineering exploits. Social engineering is defined as the exploitation of the trusting nature of human beings to gain information for malicious purposes. Hackers break into buildings, computer rooms, or other areas containing critical information or property.
Physical attacks
It can include dumpster diving (rummaging through trash cans and dumpsters for intellectual property, passwords, network diagrams, and other information).
Network-infrastructure attacks
Hacker attacks against network infrastructures can be easy, because many networks can be reached from anywhere in the world via the Internet. Here are some examples of networkinfrastructure attacks: Connecting into a network through a rogue modem attached to a computer behind a firewall Exploiting weaknesses in network transport mechanisms, such as TCP/IP and NetBIOS Flooding a network with too many requests, creating a denial of service (DoS) for legitimate requests Installing a network analyzer on a network and capturing every packet that travels across it, revealing confidential information in clear text Piggybacking onto a network through an insecure 802.11b wireless configuration Operating-system attacks
Hacking operating systems (OSs) is a preferred method of the bad guys. OSs comprise a large portion of hacker attacks simply because every computer has one and so many well-known exploits can be used against them. Occasionally, some operating systems that are more secure out of the box such as Novell NetWare and the flavors of BSD UNIX are attacked, and vulnerabilities turn up. But hackers prefer attacking operating systems like Windows and Linux because they are widely used and better known for their vulnerabilities. Here are some examples of attacks on operating systems: Exploiting specific protocol implementations Attacking built-in authentication systems Breaking file-system security
Cracking passwords and encryption mechanisms
Application attacks
Applications take a lot of hits by hackers. Programs such as e-mail server software and Web applications often are beaten down: Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol(SMTP) applications are frequently attacked because most firewalls andother security mechanisms are configured to allow full access to theseprograms from the Internet. Malicious software (malware) includes viruses, worms, Trojan horses, and spyware. Malware clogs networks and takes down systems. Spam (junk e-mail) is wreaking havoc on system availability and storage space. And it can carry malware. Ethical hacking helps reveal such attacks against your computer systems.
Working ethically
The word ethical in this context can be defined as working with high professional morals and principles. Whether youre performing ethical hacking tests against your own systems or for someone who has hired you, everything you do as an ethical hacker must be aboveboard and must support the companys goals. No hidden agendas are allowed! Trustworthiness is the ultimate tenet. The misuse of information is absolutely forbidden. Thats what the bad guys do.
Respecting privacy
Treat the information you gather with the utmost respect. All information you obtain during your testing from Web-application log files to clear-text passwords must be kept private. Dont use this information to snoop into confidential corporate information or private lives. If you sense that someone should know theres a problem, consider sharing that information with the appropriate manager. Involve others in your process. This is a watch the watcher system that can build trust and support your ethical hacking projects.
Identify any and all networks they will test Detail the testing interval Detail the testing process Create their plan and then share it with stakeholders Get the plan approved
Ethical hacking has a variety of uses on the primary and secondary levels. The primary uses include:
Quality assurance by using information technology security analysis Compliance documentation with respect to legal regulations, standards and parameters Supporting arguments for information technology activities and projects in the future Prevention to provide for indirect and direct cost savings as time goes on Know-how transfer Building awareness at all levels
Primary and secondary uses are basically the questions that ethical hacking answers. These include:
Do the technical measures put into place in the company adhere to legal requirements? Are any necessary patches up to date, and/or is the firewall correctly configured? Is the e-shop or mail server properly protected against potential attacks? Are all promises delivered by the external service provider? Have all necessary and possible security measures been put into place? Is home office access to the company's network adequately secure? Is protection against malicious code, such as denial-of-service tools, trojans, and viruses, adequate? Are there any illegal installations or are all of the company's systems set up in conformance with the standards?
Fighting against terrorism and national security breaches Having a computer system that prevents malicious hackers from gaining access Having adequate preventative measures in place to prevent security breaches
Sources
www.google.com www.yahoo.com www.wikipedia.com www.howstuffworks.com