SlideShare a Scribd company logo

Ethical Hacking by Krutarth Vasavada

K
Krutarth Vasavada

Krutarth Vasavada presented on ethical hacking and cybersecurity. He began with definitions of ethical and hacking. Ethical hacking involves authorized access to computer systems to test security without malicious intent. Vasavada discussed why individuals and organizations are interested in hacking, including to understand current security status. He covered common types of attacks like denial of service, malware, and social engineering. The causes of attacks include footprinting, sniffing, fingerprinting and password hacking. Prevention requires unique approaches depending on the target. Ethical hackers can help by understanding vulnerabilities and having no malicious intent. Career opportunities in ethical hacking require skills and certifications in computer systems, programming, and networking.

Engineering
Related topics:
Information Security
1 of 36
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
Presented to ATMIYA University ethical /ˈɛθɪk(ə)l/ adjective relating to moral principles or the branch of knowledge dealing with these.
Krutarth Vasavada • B.E. (Electronics and Communication), AITS 2002-06 • M.S. (Computer Engineering), San Jose State University, California, US • Certified Cloud Security Professional, ISC2 • 13+ Years into Software Product Development, Cybersecurity, Information Security Audits, Data Privacy & Compliance • Worked in India, USA, EU (currently) in Automobile, Chemicals, Insurance, Investment Banking, and e- Commerce domains.
Topics Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
Let’s Refresh: Why Cybersecurity? CONFIDENTIALITY Unauthorized individuals or entities can not get any information that is not intended for them. INTEGRITY The accuracy and completeness of data must be assured. AVAILABILITY It must be ensured that vital information is available whenever needed.
Let’s Refresh: How are we dealing with cyber attacks? To be honest, pretty badly! Here’s the list of data breaches occurred during the year 2020 so far.
Next Topic Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
What is Hacking? Hacking is an attempt to exploit a computer system or a private network. In simple words, it is the unauthorized access made over computer network security systems for some illicit / illegal purpose.
What is Ethical Hacking? Ethical Hacking is an attempt to exploit a computer system or a private network. In simple words, it is the unauthorized access made over computer network security systems for some illicit / illegal known / valid / approved purpose.
Characteristics of Ethical Hacking • Target is almost always known • Identity of technical professionals involved is known to some extent • Neither the target system is damaged, nor information is stolen • Vulnerabilities are always reported back to the owner(s)
Who is an ethical hacker? Person who is • interested in cybersecurity • keen to explore various computer networks • aware of damage a security loophole can cause • interested in improving overall security of the target system Remember, being motivated by monitory reasons is NOT a bad thing for an ethical hacker.
Next Topic Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
Who is interested in hacking – ethically or otherwise? Individuals Corporations Governments
Why to hack – ethically or otherwise? Many reasons • Steal information • Earn money (not always a bad thing!) • Just for fun! • Attack enemy system/company/country/ideology • To understand the current security status of the system • To remain secure
Next Topic Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
Hacking Attack Success, scale, and impact of any hacking attempt depends on three things. Exploitability – How easy the system is to exploit? Prevalence – How widespread/prevalent the system and vulnerability are? Detectability – How easy it is to detect the intended security defect?
Type of Vulnerabilities Before understanding type of attacks, it is important to understand type of vulnerabilities. Let’s go the most trusted industry standard resource: Open Web Application Security Project (OWASP)
Commonly Known Cybersecurity Attacks Denial-of-service (DoS) and distributed denial- of-service (DDoS) Man-in-the-middle (MitM) Phishing Drive-by attack Identity Theft SQL Injection Cross-site scripting (XSS) Eavesdropping Malware/Ransomware
Next Topic Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
How an attack is caused? Footprinting Sniffing Fingerprinting DNS Poisoning Social Engineering Password Hacking
Attack type: Footprinting In this type of attack, a hacker attempts to gather something information around • Domain name • IP Addresses • Namespaces • Employee information • Phone numbers • E-mails • Job Information Depending on type of the target system, this can be very crucial or not-so-crucial information.
Attack type: Sniffing Sniffing is the process of monitoring and capturing all the packets passing through a given network using sniffing tools. It is a form of “tapping phone wires” and get to know about the conversation. It is also called wiretapping applied to the computer networks. One can sniff the following sensitive information from a network − Email traffic FTP passwords Web traffics Telnet passwords Router configuration Chat sessions DNS traffic
Attack type: Fingerprinting Active Fingerprinting Active fingerprinting is accomplished by sending specially crafted packets to a target machine and then noting down its response and analyzing the gathered information to determine the target OS. Passive Fingerprinting Passive fingerprinting is based on sniffer traces from the remote system. Based on the sniffer traces (such as Wireshark) of the packets, you can determine the operating system of the remote host.
Attack type: DNS Poisoning DNS Poisoning is a technique that tricks a DNS server into believing that it has received authentic information when, in reality, it has not. It results in the substitution of false IP address at the DNS level where web addresses are converted into numeric IP addresses. DNS poisoning is used to redirect the users to fake pages which are managed by the attackers.
Attack type: Social Engineering A phishing attack is a computer-based social engineering, where an attacker crafts an email that appears legitimate. Such emails have the same look and feel as those received from the original site, but they might contain links to fake websites. If you are not careful enough, then you will type your user ID and password and will try to login which will result in failure and by that time, the attacker will have your ID and password to attack your original account.
Attack type: Password/Dictionary Hacking In a dictionary attack, the hacker uses a predefined list of words from a dictionary to try and guess the password. If the set password is weak, then a dictionary attack can decode it quite fast.
Topics Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
How to prevent attacks Question: Is it possible to be 100% secure? Answer: It depends. Answer Explanation: Don’t put a $10 lock on a $5 bicycle!
How to prevent attacks Each attack requires unique approach in averting them. Multiple factors contribute in determining the course of action. • Tactical Fix or Strategic Solution? • Impacted target audience? • Geography? • Functional area/Domain? • Historical trends? etc.
How to prevent attacks Good News – Ethical Hackers Can Help! • Know their subject • Understand impact of an attack • Aware of known vulnerabilities • Wide range of tools/technology to choose from • Most importantly – no malicious intention
Remember… The more you sweat in peace, the less you bleed in war! Ethical hacking is a proactive and preventive measure
Next Topic Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
What are the skills needed? computer systems expertise strong programming skills computer networking knowledge patience
Which tools* can help me? nmap burp suite etherpeak qualysguard webinspect postman etc. * there can never be an exhaustive or a definitive tool list. Consider these as a recommendation to start with.
How to avail career opportunities? Step 1 •Obtain a Bachelor’s degree in Computer Science (or, similar) or A+ Certification •Gain an understanding of the most common hardware and software technologies. Step 2 •Get into a programmer’s role for a few years Step 3 •Proceed to get network certifications or security certification Step 4 •Keep going through various books, tutorials and papers to understand various computer security aspects Step 5 •Master the art of penetration testing, footprinting and reconnaissance, and social engineering. Step 6 •Certified Ethical Hacker (CEH) Certification
In conclusion “Government agencies and business organizations today are in constant need of ethical hackers to combat the growing threat to IT security. A lot of government agencies, professionals and corporations now understand that if you want to protect a system, you cannot do it by just locking your doors” EC-Council
Questions? Thank you!

More Related Content

PPTX
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Simplilearn
 
PPTX
Ethical hacking
Vishesh Singhal
 
PDF
Yehia Mamdouh @ DTS Solution - The Gentleman Thief
Shah Sheikh
 
PDF
Hackers
Reyansh Vishwakarma
 
PPTX
Ethical hacking
SVishnupriya5
 
DOCX
Full seminar report on ethical hacking
Georgekutty Francis
 
PDF
Ethical hacking
Mohammad Affan
 
PDF
How to analyze cyber threats
AkankshaPathak27
 
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Simplilearn
 
Ethical hacking
Vishesh Singhal
 
Yehia Mamdouh @ DTS Solution - The Gentleman Thief
Shah Sheikh
 
Hackers
Reyansh Vishwakarma
 
Ethical hacking
SVishnupriya5
 
Full seminar report on ethical hacking
Georgekutty Francis
 
Ethical hacking
Mohammad Affan
 
How to analyze cyber threats
AkankshaPathak27
 

What's hot (20)

DOCX
Ethical hacking.
Khushboo Aggarwal
 
PPTX
Ethical Hacking
Nitheesh Adithyan
 
PPT
Ethical Hacking
Binit Kumar
 
PPT
Ethical Hacking
Mukul Agarwal
 
PPTX
Ethical hacking
Saqib Raza
 
PPT
Ethical hacking
kawsarahmedchoudhuryzzz
 
PPTX
ethical hacking
samprada123
 
PPTX
Hacking
VipinYadav257
 
PDF
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
Edureka!
 
PDF
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
Shah Sheikh
 
PPTX
Ethical Hacking
Aryan Saxena
 
PPTX
Ethical hacking & cyber security
ankit gandharkar
 
DOCX
Ethical Hacking (CEH) - Industrial Training Report
Raghav Bisht
 
PPTX
Ethical hacking
Praneeth Reddy
 
PPT
Introduction to Hacking
Rishabha Garg
 
PPTX
Ethical hacking introduction to ethical hacking
MissStevenson1
 
PPTX
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
Shivam Sahu
 
PPT
Social Engineering | #ARMSec2015
Hovhannes Aghajanyan
 
PPTX
Hacking and Penetration Testing - a beginners guide
Pankaj Dubey
 
PPTX
Cse ethical hacking ppt
SHAHID ANSARI
 
Ethical hacking.
Khushboo Aggarwal
 
Ethical Hacking
Nitheesh Adithyan
 
Ethical Hacking
Binit Kumar
 
Ethical Hacking
Mukul Agarwal
 
Ethical hacking
Saqib Raza
 
Ethical hacking
kawsarahmedchoudhuryzzz
 
ethical hacking
samprada123
 
Hacking
VipinYadav257
 
What is Ethical Hacking? | Ethical Hacking for Beginners | Ethical Hacking Co...
Edureka!
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
Shah Sheikh
 
Ethical Hacking
Aryan Saxena
 
Ethical hacking & cyber security
ankit gandharkar
 
Ethical Hacking (CEH) - Industrial Training Report
Raghav Bisht
 
Ethical hacking
Praneeth Reddy
 
Introduction to Hacking
Rishabha Garg
 
Ethical hacking introduction to ethical hacking
MissStevenson1
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
Shivam Sahu
 
Social Engineering | #ARMSec2015
Hovhannes Aghajanyan
 
Hacking and Penetration Testing - a beginners guide
Pankaj Dubey
 
Cse ethical hacking ppt
SHAHID ANSARI
 

Similar to Ethical Hacking by Krutarth Vasavada (20)

PPTX
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
GovandJamalSaeed
 
PPTX
building foundation for ethical hacking.ppt
ShivaniSingha1
 
PPTX
Introduction-to-Hacking.pptx............
HasnainAli608821
 
PDF
What-is-Hacking and why is it important what are it’s benefits
animefreak00005
 
PDF
IRJET- Study of Hacking and Ethical Hacking
IRJET Journal
 
PDF
IRJET- Ethical Hacking
IRJET Journal
 
DOCX
Final report ethical hacking
samprada123
 
PPTX
Ethical Hacking
Tharindu Kalubowila
 
PDF
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
PPT
Ethi mini - ethical hacking
Being Uniq Sonu
 
PDF
Introduction to Ethical Hacking pdf file
debmajumder741249
 
PPT
Ethichack 2012
santhosh kumarRG
 
PPTX
Presentation on ethical hacking
Sunny Sundeep
 
PDF
Module 3-cyber security
Sweta Kumari Barnwal
 
PPT
Ethical Hacking
Harshit Upadhyay
 
PPT
Ethical hacking
Altacit Global
 
PDF
A Beginner’s Guide to Ethical Hacking.pdf
uzair
 
PPTX
Ethical hacking : Its methodologies and tools
chrizjohn896
 
PDF
IRJET- An Overview of Ethical Hacking
IRJET Journal
 
DOCX
3.Seminar Report Ashar Shaikh Final.docx
asharshaikh8
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
GovandJamalSaeed
 
building foundation for ethical hacking.ppt
ShivaniSingha1
 
Introduction-to-Hacking.pptx............
HasnainAli608821
 
What-is-Hacking and why is it important what are it’s benefits
animefreak00005
 
IRJET- Study of Hacking and Ethical Hacking
IRJET Journal
 
IRJET- Ethical Hacking
IRJET Journal
 
Final report ethical hacking
samprada123
 
Ethical Hacking
Tharindu Kalubowila
 
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
Ethi mini - ethical hacking
Being Uniq Sonu
 
Introduction to Ethical Hacking pdf file
debmajumder741249
 
Ethichack 2012
santhosh kumarRG
 
Presentation on ethical hacking
Sunny Sundeep
 
Module 3-cyber security
Sweta Kumari Barnwal
 
Ethical Hacking
Harshit Upadhyay
 
Ethical hacking
Altacit Global
 
A Beginner’s Guide to Ethical Hacking.pdf
uzair
 
Ethical hacking : Its methodologies and tools
chrizjohn896
 
IRJET- An Overview of Ethical Hacking
IRJET Journal
 
3.Seminar Report Ashar Shaikh Final.docx
asharshaikh8
 

Recently uploaded (20)

PDF
BIO-INSPIRED HORMONAL MODULATION AND ADAPTIVE ORCHESTRATION IN S-AI-GPT
ijaia
 
PPTX
Artificial Intelligence
dikshendrasarpate2
 
PDF
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
IJAEMSJORNAL
 
PPTX
Sustainable Sites - Green Building Construction
mhdumerali
 
PDF
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
PDF
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
PDF
III.4.1.2_The_Space_Environment.p pdffdf
sittiporn2
 
PPTX
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PPTX
additive manufacturing of ss316l using mig welding
premcdr7799
 
PPTX
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
PPTX
Geodesy 1.pptx...............................................
abhi1361yadav
 
PPTX
Infosys Presentation by1.Riyan Bagwan 2.Samadhan Naiknavare 3.Gaurav Shinde 4...
bapushinde7218
 
PDF
Unit I ESSENTIAL OF DIGITAL MARKETING.pdf
Nitin Shelake
 
PPTX
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
PPTX
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
PDF
737-MAX_SRG.pdf student reference guides
ssusere2119a1
 
PDF
Model Code of Practice - Construction Work - 21102022 .pdf
AinieButt1
 
PPTX
CH1 Production IntroductoryConcepts.pptx
RacemMellouli1
 
PPTX
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
PDF
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
BIO-INSPIRED HORMONAL MODULATION AND ADAPTIVE ORCHESTRATION IN S-AI-GPT
ijaia
 
Artificial Intelligence
dikshendrasarpate2
 
Mitigating Risks through Effective Management for Enhancing Organizational Pe...
IJAEMSJORNAL
 
Sustainable Sites - Green Building Construction
mhdumerali
 
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
Embodied AI: Ushering in the Next Era of Intelligent Systems
Yu Huang
 
III.4.1.2_The_Space_Environment.p pdffdf
sittiporn2
 
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
additive manufacturing of ss316l using mig welding
premcdr7799
 
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
Geodesy 1.pptx...............................................
abhi1361yadav
 
Infosys Presentation by1.Riyan Bagwan 2.Samadhan Naiknavare 3.Gaurav Shinde 4...
bapushinde7218
 
Unit I ESSENTIAL OF DIGITAL MARKETING.pdf
Nitin Shelake
 
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
737-MAX_SRG.pdf student reference guides
ssusere2119a1
 
Model Code of Practice - Construction Work - 21102022 .pdf
AinieButt1
 
CH1 Production IntroductoryConcepts.pptx
RacemMellouli1
 
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 

Ethical Hacking by Krutarth Vasavada

  • 1. Presented to ATMIYA University ethical /ˈɛθɪk(ə)l/ adjective relating to moral principles or the branch of knowledge dealing with these.
  • 2. Krutarth Vasavada • B.E. (Electronics and Communication), AITS 2002-06 • M.S. (Computer Engineering), San Jose State University, California, US • Certified Cloud Security Professional, ISC2 • 13+ Years into Software Product Development, Cybersecurity, Information Security Audits, Data Privacy & Compliance • Worked in India, USA, EU (currently) in Automobile, Chemicals, Insurance, Investment Banking, and e- Commerce domains.
  • 3. Topics Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
  • 4. Let’s Refresh: Why Cybersecurity? CONFIDENTIALITY Unauthorized individuals or entities can not get any information that is not intended for them. INTEGRITY The accuracy and completeness of data must be assured. AVAILABILITY It must be ensured that vital information is available whenever needed.
  • 5. Let’s Refresh: How are we dealing with cyber attacks? To be honest, pretty badly! Here’s the list of data breaches occurred during the year 2020 so far.
  • 6. Next Topic Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
  • 7. What is Hacking? Hacking is an attempt to exploit a computer system or a private network. In simple words, it is the unauthorized access made over computer network security systems for some illicit / illegal purpose.
  • 8. What is Ethical Hacking? Ethical Hacking is an attempt to exploit a computer system or a private network. In simple words, it is the unauthorized access made over computer network security systems for some illicit / illegal known / valid / approved purpose.
  • 9. Characteristics of Ethical Hacking • Target is almost always known • Identity of technical professionals involved is known to some extent • Neither the target system is damaged, nor information is stolen • Vulnerabilities are always reported back to the owner(s)
  • 10. Who is an ethical hacker? Person who is • interested in cybersecurity • keen to explore various computer networks • aware of damage a security loophole can cause • interested in improving overall security of the target system Remember, being motivated by monitory reasons is NOT a bad thing for an ethical hacker.
  • 11. Next Topic Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
  • 12. Who is interested in hacking – ethically or otherwise? Individuals Corporations Governments
  • 13. Why to hack – ethically or otherwise? Many reasons • Steal information • Earn money (not always a bad thing!) • Just for fun! • Attack enemy system/company/country/ideology • To understand the current security status of the system • To remain secure
  • 14. Next Topic Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
  • 15. Hacking Attack Success, scale, and impact of any hacking attempt depends on three things. Exploitability – How easy the system is to exploit? Prevalence – How widespread/prevalent the system and vulnerability are? Detectability – How easy it is to detect the intended security defect?
  • 16. Type of Vulnerabilities Before understanding type of attacks, it is important to understand type of vulnerabilities. Let’s go the most trusted industry standard resource: Open Web Application Security Project (OWASP)
  • 17. Commonly Known Cybersecurity Attacks Denial-of-service (DoS) and distributed denial- of-service (DDoS) Man-in-the-middle (MitM) Phishing Drive-by attack Identity Theft SQL Injection Cross-site scripting (XSS) Eavesdropping Malware/Ransomware
  • 18. Next Topic Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
  • 19. How an attack is caused? Footprinting Sniffing Fingerprinting DNS Poisoning Social Engineering Password Hacking
  • 20. Attack type: Footprinting In this type of attack, a hacker attempts to gather something information around • Domain name • IP Addresses • Namespaces • Employee information • Phone numbers • E-mails • Job Information Depending on type of the target system, this can be very crucial or not-so-crucial information.
  • 21. Attack type: Sniffing Sniffing is the process of monitoring and capturing all the packets passing through a given network using sniffing tools. It is a form of “tapping phone wires” and get to know about the conversation. It is also called wiretapping applied to the computer networks. One can sniff the following sensitive information from a network − Email traffic FTP passwords Web traffics Telnet passwords Router configuration Chat sessions DNS traffic
  • 22. Attack type: Fingerprinting Active Fingerprinting Active fingerprinting is accomplished by sending specially crafted packets to a target machine and then noting down its response and analyzing the gathered information to determine the target OS. Passive Fingerprinting Passive fingerprinting is based on sniffer traces from the remote system. Based on the sniffer traces (such as Wireshark) of the packets, you can determine the operating system of the remote host.
  • 23. Attack type: DNS Poisoning DNS Poisoning is a technique that tricks a DNS server into believing that it has received authentic information when, in reality, it has not. It results in the substitution of false IP address at the DNS level where web addresses are converted into numeric IP addresses. DNS poisoning is used to redirect the users to fake pages which are managed by the attackers.
  • 24. Attack type: Social Engineering A phishing attack is a computer-based social engineering, where an attacker crafts an email that appears legitimate. Such emails have the same look and feel as those received from the original site, but they might contain links to fake websites. If you are not careful enough, then you will type your user ID and password and will try to login which will result in failure and by that time, the attacker will have your ID and password to attack your original account.
  • 25. Attack type: Password/Dictionary Hacking In a dictionary attack, the hacker uses a predefined list of words from a dictionary to try and guess the password. If the set password is weak, then a dictionary attack can decode it quite fast.
  • 26. Topics Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
  • 27. How to prevent attacks Question: Is it possible to be 100% secure? Answer: It depends. Answer Explanation: Don’t put a $10 lock on a $5 bicycle!
  • 28. How to prevent attacks Each attack requires unique approach in averting them. Multiple factors contribute in determining the course of action. • Tactical Fix or Strategic Solution? • Impacted target audience? • Geography? • Functional area/Domain? • Historical trends? etc.
  • 29. How to prevent attacks Good News – Ethical Hackers Can Help! • Know their subject • Understand impact of an attack • Aware of known vulnerabilities • Wide range of tools/technology to choose from • Most importantly – no malicious intention
  • 30. Remember… The more you sweat in peace, the less you bleed in war! Ethical hacking is a proactive and preventive measure
  • 31. Next Topic Let’s Refresh 01 What is hacking? – Ethical / Unethical 02 Why hack(ing)? 03 Type of attacks 04 Cause of attacks 05 Prevention 06 Career Opportunities 07
  • 32. What are the skills needed? computer systems expertise strong programming skills computer networking knowledge patience
  • 33. Which tools* can help me? nmap burp suite etherpeak qualysguard webinspect postman etc. * there can never be an exhaustive or a definitive tool list. Consider these as a recommendation to start with.
  • 34. How to avail career opportunities? Step 1 •Obtain a Bachelor’s degree in Computer Science (or, similar) or A+ Certification •Gain an understanding of the most common hardware and software technologies. Step 2 •Get into a programmer’s role for a few years Step 3 •Proceed to get network certifications or security certification Step 4 •Keep going through various books, tutorials and papers to understand various computer security aspects Step 5 •Master the art of penetration testing, footprinting and reconnaissance, and social engineering. Step 6 •Certified Ethical Hacker (CEH) Certification
  • 35. In conclusion “Government agencies and business organizations today are in constant need of ethical hackers to combat the growing threat to IT security. A lot of government agencies, professionals and corporations now understand that if you want to protect a system, you cannot do it by just locking your doors” EC-Council