Skip to main content

ethics and hacking 2

What they are??
•Ethics :
 Moral principles that govern a person's or group's behaviour.
•Hacking :
 The practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose.

Hacking: How it all began??
•Been around for more than a century.
•1960s – MIT’s artificial intelligence lab became staging grounds for hackers.
•1970s – John Draper makes a long-distance call for free.


•1980s – Kevin Mitnick, secretly monitors the e-mail of MCI and Digital Equipment security officials.
•1990s – Hackers break into and deface federal Web sites, including the U.S. Department of Justice, U.S. Air Force, CIA, NASA and others.

SINE IIT Bombay Why is security needed ??
•Information is a strategic resource.
•A significant portion of the organizational budget is spent on managing information.
•Have several security related objectives:
 Confidentiality - keep info secret
 Integrity - protect info accuracy
 Availability - ensure info delivery

Ethical Hacking: An Introduction
•Process of legally hacking the information that is considered to be confidential.
•a.k.an Intrusion Testing, Penetration Testing or Red Teaming.

•An expert hired by an organisation to attempt to attack their network and computer system the same way a hacker would.
•Uses the same techniques & tactics used by the hackers.
•End result is the company’s ability to prevent an intrusion, before it occurs.

Types of Hackers
•Script Kiddies :
Amateurs, copy others codes to attack
•White Hat Hackers :
Professional term for ethical hackers
•Black Hat Hackers :
Professional term for malicious hackers
•Gray Hat Hackers :
Combination of both, hack to learn
Self-proclaimed ethical hackers

•Hacktivists :
Hacker + Activists
•State-Sponsored Hackers :
Limitless time & funding by govt.
•Spy Hackers :
Hired hackers by corporations
•Cyber Terrorists:
Motivated by religious / political beliefs
Spread fear, terror, and commit murders

Steps Involved :
•Foot printing/Information Gathering :
Gathering potential information about the target system.
A good hacker consumes 90% of the time for this phase.
•Scanning :
Network is scanned for any vulnerabilities.

•System Hacking :
Involves actual hacking
Taking advantage of vulnerabilities found during scanning, & penetrate the victim’s system.
•Maintaining Access :
Making provisions by planting backdoors
•Covering Tracks :
Removing all the traces of his presence in system by removing log files & event logs


Comments

Post a Comment

Popular posts from this blog

networks nd networking 1

Types Of Network •LAN - Local Area Network is in a small geographical area, such as a college or office building. •WAN - Wide Area Network Combination of multiple LANs. •WLAN - Wireless Local Area Network Links two or more devices using some wireless distribution method and usually providing a connection through an access point to the wider internet. Local Area Network (LAN) •A LAN connects network devices within a limited geographical area such as office buildings or schools. •The data transfer is managed by a transport protocol such as TCP/IP. •The transmission of data is performed by the access method (Ethernet, Token Ring, etc.). Wide Area Network (WAN) •A WAN covers a wide geographic area, carrying data over long distances, such as a country •WANs can be formed by different LANs •The connection between different LANs may not be permanent •WANs are sophisticated networks, but transmission speeds have generally been slower than those commonly achieved on LANs WLAN (Wireles
Post a Comment
Read more

MAN-IN-THE-MIDDLE ATTACK (MITM ATTACK)

What is Man-in-the-middle (MITM) attack? A man in the middle attack is one in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting his own public key for the requested one, so that the two original parties still appear to be communicating with each other. The attack gets its name from the ball game where two people try to throw a ball directly to each other while one person in between them attempts to catch it. In a man in the middle attack, the intruder uses a program that appears to be the server to the client and appears to be the client to the server. The attack may be used simply to gain access to the message, or enable the attacker to modify the message before retransmitting it. Man in the middle attacks is sometimes known as fire brigade attacks. The term derives from the bucket brigade method of putting out a fire by handing buckets of water from one person to another between a water source and the fire. What is BackTrack
Post a Comment
Read more

NMAP and ZenMAP

NMAP and ZenMAP are useful tools for the scanning phase of Ethical Hacking in Kali Linux. NMAP and ZenMAP are practically the same tool, however NMAP uses command line while ZenMAP has a GUI. NMAP is a free utility tool for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. NMAP uses raw IP packets in novel ways to determine which hosts are available on the network, what services (application name and version) those hosts are offering, which operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, etc. Now, let’s go step by step and learn how to use NMAP and ZenMAP. Step 1 − To open, go to Applications → 01-Information Gathering → nmap or zenmap. Step 2 − The next step is to detect the OS type/version of the target host. Based on the help indicated by NMAP, the parameter of
Post a Comment
Read more