Ethical hacking
- 2. Copyright © 2015 Accenture All rights reserved. 2 OVERVIEW OF HACKING Hacking Examine something very minutely The rapid crafting of new program or the making of changes to existing,usually complicated software.
- 3. Copyright © 2015 Accenture All rights reserved. 3 OBJECTIVES OF ETHICAL HACKING Ethical hacking offers an objective analysis of an organizations information security posture for organizations of any level of security expertise. The result of such an assessment is an actionable report with valuable remediation advice tailored to the customers unique IT environment,capabilities,and security objectives. As organizations of all sizes and sophistication levels can benefit from objective expert.third party analysis,ethical hacking has become a more mainstream service in the past decade.
- 4. Copyright © 2015 Accenture All rights reserved. 4 FUTURE SCOPE OF ETHICAL HACKING As it an evolving branch the scope of enhancement in technology is immense.No ethical hacker can ensure the system security by using the same technique repeatedly.He would have to improve,develop and explore new avenues repeatedly. More enhanced software’s should be used for optimum protection.Tools used,need to be updated regularly and more efficient ones needtobe developed.
- 5. Copyright © 2015 Accenture All rights reserved. 5 HACKING VS CRACKING HACKER The person who hacks. CRACKER System intuder/destroyer. Hacking With Malicious Intention Is Cracking The basic difference is hackers do not do anything disastrous. Cracking yield more devastating results. Cracking is CRIME. Cyber crime are the results of cracking,not hacking.
- 6. Copyright © 2015 Accenture All rights reserved. 6 WHY DO PEOPLE HACK?? To make security stronger(Ethical Hacking) Just for Fun Show off Hack other systems secretly & steal important information.
- 7. Copyright © 2015 Accenture All rights reserved. 7 TYPES OF HACKER White Hat Hacker Good guys Don’t use their skill for illegal purpose Computer security experts and help to protect from Black Hats. Black Hat Hacker Bad guys Use their skill maliciously for personal gain Hack books,used credit cards and deface websites Grey Hat Hacker It is a combination of white hat and black hat Hackers. Goal of grey hat hackers is to provide national security
- 8. Copyright © 2015 Accenture All rights reserved. 8 HACKER AND ETHICAL HACKER Hacker Access computer system or network without authorization Breaks the law Ethical Hacker Performs most of the same activities buit with owners permission Employeed by companies to perform Penetration Tests
- 9. Copyright © 2015 Accenture All rights reserved. 9 WHAT ARE THE VARIOUS QUALITIES A HACKER SHOULD POSSES Good coder Well knowledgeable person both hardware as well as well as software Should have knowledge on security system Trusted person
- 10. Copyright © 2015 Accenture All rights reserved. 10 HACKING -PROCESS FootPrinting Scanning Gaining Access Maintaining Access Clearing Traces
- 11. Copyright © 2015 Accenture All rights reserved. 11 FOOTPRINTING Footprinting is the technique used for gathering information about computer systems. Who is Lookup NS lookup IP Lookup
- 12. Copyright © 2015 Accenture All rights reserved. 12 SCANNING Network scanning is a procedure for identifying active hosts on a network,either for the purpose of attacking them or for network security assessment. Port Scanning Network Scanning Finger Printing Fire walking
- 13. Copyright © 2015 Accenture All rights reserved. 13 Gaining Access Gaining access is the most important phase of an attack in terms of potential damage,Attackers need not always gain priviliges of system to cause damage. Password Attack Social Engineering Viruses
- 14. Copyright © 2015 Accenture All rights reserved. 14 MAINTAINING ACCESS Once an attacker gains access to the target system,the attacker can choose to use both the system and its resources,and further use the system a launch pad to scan and exploit other systems,or to keep a low profile and continue exploiting. Trojans Malwares Clearing tracks
- 15. Copyright © 2015 Accenture All rights reserved. 15 ADVANTAGES & DISADVANTAGES ADVANTAGES Provides security to banking and financial establishments Prevents website defacements An evolving technique To catch a thief you have to think like a thief DISADVANTAGES All depends upon the trustworthiness of the ethical hacker Hiring professionals is expensive.
- 16. Copyright © 2015 Accenture All rights reserved. 16 REQUIRED SKILLS OF ETHICAL HACKER Linux: knowledge of linux/unix;security setting,configuration,and services. Routers: knowledge of routers,routing protocols,and access control lists. Firewalls: configurations,and operationof intrusion detection system Microsoft: skills in operation,configuration and management. Technical & Security Knowledge Operating System Knowledge Network Knowledge Computer Expert
- 17. Copyright © 2015 Accenture All rights reserved. 17 TYPES OF ATTACKS Operating System a attack Dos attack Ddos attack Spoofing attack Password attack Application attack Identity attack
- 18. Copyright © 2015 Accenture All rights reserved. 18 HOW CAN WE PROTECT THE SYSTEM? Patch security hole often Encrypt important data Do not run unused daemon Remove unused program Setup loghost Backup the system often Setup Firewall Setup IDS
- 19. Copyright © 2015 Accenture All rights reserved. 19 WHAT SHOULD DO AFTER HACKED? Shutdown the system. Separate the system from network Restore the system with the backup Connect the system to the network
- 20. Copyright © 2015 Accenture All rights reserved. 20 Conclusion In the preceeding sections we saw the methodology of hacking,why should we aware of hacking and some tools which a hacker may use. Now we can see what can we do against hacking or to protect ourselves from hacking. The first thing we should do is to keep ourselves updated about those softwares we and using for official and reliable sources. Educate the employees and the users against black hat hacking.