ETHICAL HACKING

B .Krishna Teja Reddy

Md . Haseeb furkhan
Contents - Hacking
Hacking?
Who is Hacker?
History of Hacking
Hacking incidents
Types of Hacking
How do Hackers Hack?
Why do Hackers Hack?
What Hackers do after Hacking?
How to be a real Hacker?
 HACKING
What Hack actually mean???
Hack definition:
1) an article or project without
constructive end
2) work undertaken on bad self-advice
3)Examine something very minutely
Who is hacker?

Hacker

The person who hacks

Cracker

System intruder/destroyer
History of hacking

Telephone hacking
Use telephone freely
Its called phreaking
Computer virus
Destroy many computers
Network hacking
Hack the important server remotely and
destroy/modify/disclose the information
Hacking incidents

Internet Worm
Robert T. Morris made an internet worm. It
spread through the internet and crashed
about 6000 systems.
Indian Defense Server
Recent hacking of Defense top secrets by
CHINEESE
And many more..
Types of hacking
Normal
data transfer
U S S-Server H-Hacker U-User

Interruption Interception
U S U S

Modification Fabrication
U S U S

H H
How Hackers Hack?

E-mail Hacking
Email forgery , Password Cracking, Phishing
System Hacking
Key loggers , Trojans, Backdoors , viruses
Wireless Hacking
WLAN hacking , network hacking
Web Server Hacking
Hacking websites , servers , databases etc
Why do hackers hack?

Just for fun

Show off
To know others secrets
Notify many people their thought
Steal important information
Destroy enemys computer network
during the war
What do hackers do after hacking?

Patch security hole

The other hackers cant intrude
Clear logs and hide themselves
Install rootkit ( backdoor )
The hacker who hacked the system can use the
system later
It contains trojan or other viruses and so on
Uses system silently without users notice
How can be a real hacker?

Study C/C++/python/assembly language

Study computer architecture
Study operating system
Study computer network
Examine the hacking tools thoroughly
Think the problem of the computer
Lots of practice and patience
Contents Ethical Hacking

Ethical Hacking
Who are Ethical Hackers?
Why Ethical Hacking?
Why cant prevent Hacking
How Ethical Hacker defends?
How to protect against Hacking?
What to do after being Hacked
Laws , fine and penalties
Computer fraud & abuse act
 ETHICAL HACKING
Itis Legal
Permission is obtained from the target user
Part of an overall security program
Learn about the system and trying to find its
weaknesses.
Who are Ethical Hackers???

Completely trustworthy.
Strong programming and computer
networking skills.
Techniques of Criminal hackers-
Detection-Prevention.
Ethical hackers possesses same skills,
mindset and tools of a hacker but the
attacks are done in a non-destructive
manner
Black-hat Hackers White-hat Ethical Hackers
Why Ethical Hacking???
Why Ethical Hacking??
Defacement Statistics for Indian Websites
June 01, 2006 to Dec.31, 2006

Domains No of Defacements
.com 922
.gov.in 24
.org 53
.net 39
.biz 12
.co.in 48
.ac.in 13
.info 3
.nic.in 2
.edu 2
other 13

Total 1131
Why cant we be protect against
hacking?
There are many unknown security hole
Hackers need to know only one security
hole to hack the system
Admin need to know all security holes to
defend the system
How Ethical Hackers defend???

Harden the servers

Scan, test and apply patches
Monitor logs
Train the technical staff on security
Serious policy and procedures!
How to prevent Hacking???

Encrypt important data

Ex) confidential data
Do not run unknown programs
Setup firewall
Ex) ipchains , antivirus
Check unintentional changes
Backup the system often
Good physical security
What to do after being hacked?
Shutdown the system
Or turn off the system
Separate the system from network
Restore the system with the backup
Or reinstall all programs
Connect the system to the network
It can be good to call the police
 Laws,Fines and Penalities
Hackers, virus and worm writers could get 20 years
to life in federal prison.
Anyone who uses computers to cause death or
bodily harm, such as bringing down power grids or
airport control centers, can get the maximum
sentence.
The sentence is increased by 25% if they steal
personal information.
The sentence is increased by 50% if they share the
stolen information.
If posted on the Internet, sentence is doubled!
 Computer Fraud & Abuse Act
Offense -Sentence
Obtaining National Security Information -10 (20) years
Compromising the Confidentiality of a Computer -1 or 5
Trespassing in a Government Computer -1 (10)
Accessing a Computer to Defraud & Obtain Value -5
(10)
Knowing Transmission and Intentional Damage -10 (20
or life)
Intentional Access and Reckless Damage -5 (20)
Intentional Access and Damage -1 (10)
Trafficking in Passwords -1 (10)
Extortion Involving Threats to Damage Computer -5 (10)
 ANY
QUERIES??
THANK YOU