Documente Academic
Documente Profesional
Documente Cultură
considered one of nice guys, a white hat hacker is one who hacks and the
informs the owner of the hacking
Black Hat
in contrast, the black hat hacker is considered a criminal and uses his/her
skills to break the law
Gray Hat
as one would imagine, a gray hat hacker sometimes is good, and sometimes
is criminal;
a combination of the white and black hat
Script Kiddie
a demeaning term, used for those who hack but do so by following directions
and not creating anything of their own
Trojan horse
deceptive programs that pretend they do one thing, only to enter the computer
system and do another; however, they need not be bad for the computer
Virus
a self-replicating program that inserts itself into executable codes or
documents
Worm
also a self-replicating program, but a worm breeds itself in computer systems.
Tools Hackers Need To Get Into Websites
Some of the tools that a hacker may use are often varied and
constantly changing. One such tool that was used last year
allowed a hacker to gain control of the computers of those who
simply mistyped the word Google - when trying to get the
popular search engine. This automatically directed them to a
special website that would give them such malware items as
Trojan downloaders, backdoors and spyware.
Another tool would be the robot spider. These can be sent out
and put on automatic and will look for ports of access into your
computer. These spiders are running around all the time and
some say that they may hit most computers that are online - up
to 50 times a day.
Other tools use email attachments. It is claimed that as much as
65% of all email is spam. And as much as 1 in about 30 emails
contains a virus, or some form of malware. This is why having
your own virus and spam protection is a must, as well as a
good spyware remover. Someone is busy. Once someone has
been hacking information on a computer they will often leave a
Trojan file that will give them further access - often more than
one file. Then they could use your computer to send out spam
attacks - without you even knowing that it is taking place. Or,
they could simply be hacking your personal information off of
your computer. These are just a few of their tools.
DeCSS 1.2b is used as a cracking tool, is highly
engineered software that has been designed in order to
modify the other software with an intention to remove the
usage restriction.
Linus
Bill Gates and Paul Baran Bjarne Stroustrup
Torvalds
Paul Allen
Example of Crackers
Kevin
Mitnik
Hackers
The computer hackers actually trespass or circumvent
artistically, yet scientifically into the other computer
system with a hunger to know the programmable systems,
how they perform and their internal structures
a hacker generally does not have intention destroy data
maliciously or to steel things.
a hacker who cracks and hacks systems is not only
interested in breaking the security of the system but also
in knowing about the system's details, by which he gains
much more than by simply cracking systems.
Crackers
Cracking means to break off the computer's security
system. This is a subject matter of hard-core science with
an aesthetic undertone of artistic skill that has attracted a
few millions of teenagers and young adults all over the
world.
The cracker breaks through the system's security and
proves to be far more dangerous than the hackers who just
quench his or her thirst by simply discovering the
workings of a system.
Ethical Hacker
They dedicate their skills to serve their clients. Instead of
spending long nights inside obscure rooms filled with
computers looking for some victim, they work inside
corporations, finding ways to protect the networks and
computer systems.
Defining Cyber Crime
In the early 1990's, when hacker efforts stopped AT&T
communications altogether, the U.S. Government
launched its program to go after the hackers.
One of the most famous for his computer crimes hacking
was Kevin Mitnick, who was tracked by computer, and
caught in 1995. He served a prison sentence of about five
years.
Others have likewise been caught. Another case is that of
Vasily Gorshkov from Russia, who was 26 years old when
convicted in 2001.
How To Defeat The Attempts Of A Black Hat
Hacker
Basic Knowledge
So, the first thing that we need to know is that computers,
and networks, are like houses. If they don't have the
windows and doors properly secured, anyone can enter.
Firewall
In order to secure our "house", we need to have a firewall
installed and properly configured. A firewall is like a lock
that assures that all the entrances to your computer are
properly closed, so no one from the outside can access it.
Anti Virus Software
Antivirus have been around since the first personal
computers since viruses have always existed.
Unfortunately, the internet has generated a demographic
explosion and now they wander, freely, through the net.
There are several software packages in the market, so test
the ones with which you feel more comfortable and stay
with the one that is more convenient for you.
Regular Updates
Regular Updates
The next step is to update your operating system,
especially if it is Windows XP. Ninety percent of the
worldwide operating system market is owned by
Microsoft. For that reason, it is the preferred choice for
crackers in the entire world. They are constantly looking
for ways to bypass the security of this operating system,
looking for weaknesses of all kind (even in something as
innocent as the Media Player). In order to stop them,
maintain your operating system updated.
Education in Security Techniques
Finally, if you are inside a company, assure yourself that
the users are trained. They must be able to detect if they
are being victims of cracker scam.
It can be through the internet messaging system, an email
or even an innocent looking PowerPoint attachment sent
by a friend. People are the last line of defense against
black hat hacking.
FI R EWALL
What is firewall ?
Firewall
protects the resources of a private network from users from other networks
LAN INTERNET
Main purpose of using firewalls
Packet filtering
Analyzing packets
Proxy service
Provide access to other networks e.g INTERNET
INTERNET
LAN
How a firewall works ?
Sniffing Mode
1) An attacker tries to compromise a service on the protected
network.
2) The Firewall identifies the attempt.
Reset
Harden
Alert
Applications Applications
Presentation Presentation
Sessions Sessions
Transport Transport
Network PROXY Network
DataLink DataLink
Physical Physical
Stateful Inspection
Advantages
Operates at 2nd/3rd layer in the OSI stack -- faster than Application Proxy
Application independent
More granularity then Circuit Proxy or Packet Filter
Disadvantages
Less granularity than Application Proxy
Applications
Applications Presentation Applications
Presentation Sessions Presentation
Sessions Transport Sessions
Transport Network Transport
Network Network
DataLink DataLink DataLink
Physical Physical Physical
INSPECT
State
Engine Tables
What firewall protects us from
Remote login
Application backdoors
Operating system bugs
Denial of service
E-mail bombs
Viruses
SPAMs
Trojans
.
Popular hardware & software firewalls
Software Firewall Hardware Firewall
Ms. ISA Server Cisco PIX
Norton Internet Security Fortiguard
Mcafee Internet Security Cyberoam
ZoneAlarm Check Point
Kerio NetScreen
BlackICE NetD
Outpost WatchGuard
What is proxy ?
Proxy
Indirect access to other networks e.g INTERNET. all computers on the local
network have to go through it before accessing information on the Internet.
LAN INTERNET
Main purpose of using proxies
Improve Performance
Act as Cache server
Bandwidth control
Filter Requests
Prevent access to some web sites!!!
Prevent access to some protocols
Time division
Surfing Anonymously
Browsing the WWW without any identification!!!
Improve Performance
Caching
Reduce latency Caching can greatly speed up Internet access. If one or more Internet
sites are frequently requested, they are kept in the proxy's cache, so
Reduce Network Traffic that when a user requests them, they are delivered directly from the
proxy's cache instead of from the original Internet site.
Bandwidth control
Policy-based Bandwidth Limits
Deny by content type
INTERNET
512 Kbps
1 Mbps
128 Kbps
64 Kbps
Filter Requests
Prevent access to some web sites!!!
Categories web sites
Adult/Sexually Explicit
Advertisements & Pop-Ups
Chat
Gambling
Games
Hacking
Peer-to-Peer
Check by content type
.Exe / .Com
.Mid / .MP3 / .Wav
.Avi / .Mpeg / .Rm
What do you need for
proxy installation?
Proxy Software
Ms ISA Server , Squid , WinRoute ,
Server
At least 2 network cards
DIRECT INTERNET connection (Public IP Address)
Switch/Hub (elective)
Private IP Address
10.0.0.1/8 172.16.0.1/16 192.168.0.1/24
How a proxy works ?
IP : 172.16.0.1
Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
LAN IP : 172.16.0.2
Gw : 172.16.0.1
Source IP
172.16.0.2
www.yahoo.com Change Source IP Address
Source IP
Dest IP
209.191.93.52 217.219.66.2
www.yahoo.com
Dest IP
209.191.93.52
IP : 172.16.0.1
Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
LAN IP : 172.16.0.2
Gw : 172.16.0.1
IP : 172.16.0.1
Proxy Server
INTERNET
Source IP
IP : 217.219.66.2
209.191.93.52
Gw : 217.219.66.1
Dest IP
217.219.66.2
Source IP
209.191.93.52
Dest IP Source IP
172.16.0.2 Change Dest. IP Address
209.191.93.52
Dest IP
217.219.66.2
IP : 172.16.0.1
Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
LAN
IP : 172.16.0.2
Gw : 172.16.0.1
Source IP
209.191.93.52
Dest IP
172.16.0.2
IP : 172.16.0.1
Proxy Server
INTERNET
IP : 217.219.66.2
Gw : 217.219.66.1
Proxy types
Web proxies
Caching proxies
Transparent proxies
Open proxies
Proxy setting in IE
Popular hardware & software proxies
Software Proxy Hardware Proxy
Ms. ISA Server Cisco PIX
Squid Blue Coat
WWWOFFLE Cyberoam
Ziproxy Alacer
SafeSquid
tinyproxy
Privoxy
WinGate
Introduction to Cyber Crime
Computer Crime, E-Crime, Hi-Tech Crime or Electronic Crime is where a
computer is the target of a crime or is the means adopted to commit a crime.
Most of these crimes are not new. Criminals simply devise different ways to
undertake standard criminal activities such as fraud, theft, blackmail, forgery,
and embezzlement using the new medium, often involving the Internet
Computer vulnerability
Computers store huge amounts of data in small spaces
Ease of access
Complexity of technology
Human error
One of the key elements that keeps most members of any society honest is
fear of being caught the deterrence factor. Cyberspace changes two of
those rules. First, it offers the criminal an opportunity of attacking his
victims from the remoteness of a different continent and secondly, the
results of the crime are not immediately apparent.
Need new laws and upgraded technology to combat cyber crimes
Different Types of Cybercrimes
Cyber crimes
Web jacking
Denial of Trojan
Information E-mail Salami Service
Hacking attacks
Theft bombing attacks attacks
Types of Cyber crimes
Data diddling: This kind of an attack involves altering the raw data just before it is
processed by a computer and then changing it back after the processing is completed.
Salami attacks: These attacks are used for the commission of financial crimes. The
key here is to make the alteration so insignificant that in a single case it would go
completely unnoticed e.g. A bank employee inserts a program into banks servers, that
deducts a small amount from the account of every customer
Denial of Service: This involves flooding computer resources with more requests
than it can handle. This causes the resources to crash thereby denying authorized users
the service offered by the resources.
Phishing
Phishing, the mass distribution of spoofed e-mail
messages, which appear to come from banks,
insurance agencies, retailers or credit card
companies and are designed to fool recipients into
divulging personal data such as account names,
passwords, or credit card numbers.
Phishing
Delhi doctor Sanjay Sood discovered this modus operandi recently.
He received an official-sounding email, supposedly from the website
administrator, asking for an update of his name, date of birth and pin
code. Reassured that it did not ask for his password, he quickly
provided the information.
Apparently, these details were used to decode his password and
hijack his email ID. Next morning, he was flooded with the kind of
distress calls that have been extensively reported these days.
Somebody had sent emails to all my contacts to kindly send dollars
to my bank account as I was supposedly stranded in Malaysia.
Sood had fallen to yet another instance of phishing, a criminal act of
pretending to be an official website or email of typically a bank,
payment site or website administrator. Private information thus
collected is used to access bank accounts and defraud in other ways.
Carding
Carding, which entails using stolen credentials
(and can include package reshipping, money
moving, and identity theft schemes)
How to hack PayPal and get up to $40,000 USD in
your account!
) Visit (CLICK HERE TO DOWNLOAD) to order a special
donation code (SEE PROGRAM BELOW) to access my
program that captures and decrypts SSL money packets going
around from PayPal users around the world and adds that
money to your account. In other words, you will be receiving
lots and lots of "random" payments from people you never
knew, as seen below in my payments page. This program does
not NEED your Paypal password like all the scams you see
on youtube that steal your account. This is by far the only
working Paypal Bypass, below is a free trial.
Types of viruses
There are two main types of spam, and they have different effects on Internet users.Cancellable Usenet
spam is a single message sent to 20 or more Usenet newsgroups. (Through long experience, Usenet
users have found that any message posted to so many newsgroups is often not relevant to most or all of
them.) Usenet spam is aimed at "lurkers", people who read newsgroups but rarely or never post and
give their address away. Usenet spam robs users of the utility of the newsgroups by overwhelming
them with a barrage of advertising or other irrelevant posts. Furthermore, Usenet spam subverts the
ability of system administrators and owners to manage the topics they accept on their systems.
Email spam targets individual users with direct mail messages. Email spam lists are often created by
scanning Usenet postings, stealing Internet mailing lists, or searching the Web for addresses. Email
spams typically cost users money out-of-pocket to receive. Many people - anyone with measured phone
service - read or receive their mail while the meter is running, so to speak. Spam costs them additional
money. On top of that, it costs money for ISPs and online services to transmit spam, and these costs are
transmitted directly to subscribers.
Frequency of incidents of Cyber
crimes in India
Denial of Service: Section 43
Virus: Section: 66, 43
Data Alteration: Sec. 66
U/A Access : Section 43
Email Abuse : Sec. 67,
500, Other IPC Sections
Data Theft : Sec 66, 65
(b) the amount of loss caused to any person as a result of the default;
Punishment
imprisonment up to three years, and / or
fine up to Rs. 2 lakh
Cognizable, Non Bailable,
Section 66 covers data theft aswell as data alteration
Sec. 67. Pornography
Ingredients
Publishing or transmitting or causing to be published
in the electronic form,
Obscene material
Punishment
On first conviction
imprisonment of either description up to five years and
fine up to Rs. 1 lakh
On subsequent conviction
imprisonment of either description up to ten years and
fine up to Rs. 2 lakh
Section covers
Internet Service Providers,
Search engines,
Pornographic websites
Cognizable, Non-Bailable, JMIC/ Court of Sessions
Computer Related Crimes under IPC and Special
Laws
section 419A that prescribes punishment of up to 5 years imprisonment and fine for
'cheating by impersonation' using a network or computer resource.
Forgery
Andhra Pradesh Tax Case
In the explanation of the Rs. 22 Crore which was recovered
from the house of the owner of a plastic firm by the sleuths of
vigilance department, the accused person submitted 6000
vouchers to legitimize the amount recovered, but after careful
scrutiny of vouchers and contents of his computers it revealed
that all of them were made after the raids were conducted . All
vouchers were fake computerized vouchers.
Cyber stalking
Ritu Kohli (first lady to register the cyber stalking
case) is a victim of cyber-stalking. A friend of her
husband gave her phone number and name on a chat
site for immoral purposes. A computer expert, Kohli
was able to trace the culprit. Now, the latter is being
tried for "outraging the modesty of a woman", under
Section 509 of IPC.
Cyber defamation
SMC Pneumatics (India) Pvt. Ltd. v. Jogesh Kwatra: Indias first case of cyber
defamation was reported when a companys employee (defendant) started
sending derogatory, defamatory and obscene e-mails about its Managing
Director. The e-mails were anonymous and frequent, and were sent to many
of their business associates to tarnish the image and goodwill of the plaintiff
company.
The plaintiff was able to identify the defendant with the help of a private
computer expert and moved the Delhi High Court. The court granted an ad-
interim injunction and restrained the employee from sending, publishing
and transmitting e-mails, which are defamatory or derogatory to the
plaintiffs.
Online gambling: virtual casinos, Cases of
money laundering
Cyber lotto case: In Andhra Pradesh one Kola Mohan created
a website and an email address on the Internet with the address
'eurolottery@usa.net.' which shows his own name as
beneficiary of 12.5 million pound in Euro lottery. After getting
confirmation with the email address a telgu newspaper
published this as news.
He gathered huge sums from the public as well as from some
banks. The fraud came to light only when a cheque amounting
Rs 1.73 million discounted by him with Andhra bank got
dishonored.
FIR NO 76/02 PS PARLIAMENT
STREET
Mrs. SONIA GANDHI RECEIVED THREATING
E-MAILS
E- MAIL FROM
missonrevenge84@khalsa.com
missionrevenge84@hotmail.com
THE CASE WAS REFERRED ACCUSED
PERSON LOST HIS PARENTS DURING 1984
RIOTS
Cyber Crime Online Challenges
Brand exploitation
Domain Name
Graphical user interface (GUI) based tools that exploit known software
vulnerabilities.
Electronic World
Email worms
Password Authentication protocol
Use strong encryption - in case they are trying to break it, make it
harder for them.
Turn off WAP when not in use - do you leave your TV on running when
you are not at home?
10 Ways To Wireless Security
Change your default SSID - yes, there are at least 50 other linksys stations
around, and they are easier to find.
Use MAC filtering - you give keys to your home only to trusted people - do the
same with the wireless network.
Isolate the wireless LAN from the rest of the network - why did you think
Titanic sank? Create levels of protection.
Control the wireless signal - unless you want to power the whole city, there is no
need to use signal amplifiers.