1. A HISTORY OF HACKING
Hacking has been around for more than a century. In the 1870s, several teenagers were flung off
the country's brand new phone system by enraged authorities. Here's a peek at how busy
hackers have been in the past 35 years.
1.1. Early 1960s
University facilities with huge mainframe computers, like MIT's artificial intelligence lab, become
staging grounds for hackers. At first, "hacker" was a positive term for a person with a mastery of
computers who could push programs beyond what they were designed to do.
1.2. Early 1970s
John Draper makes a long-distance call for free by blowing a precise tone into a telephone that
tells the phone system to open a line. Draper discovered the whistle as a give-away in a box of
children's cereal. Draper, who later earns the handle "Captain Crunch," is arrested repeatedly for
phone tampering throughout the 1970s.
John Draper
Yippie social movement starts YIPL/TAP (Youth International Party Line/ Technical Assistance
Program) magazine to help phone hackers (called "phreaks") make free long-distance calls.
Two members of California's Homebrew Computer Club begin making "blue boxes," devices used
to hack into the phone system. The members, who adopt handles "Berkeley Blue" (Steve Jobs)
and "Oak Toebark" (Steve Wozniak), later go on to found Apple Computer.
1.3. Early 1980s Author William Gibson coins the term "cyberspace" in a science fiction novel called Neuromancer. In one of the first arrests of hackers, the FBI busts the Milwaukee-based 414s (named after the local area code) after members are accused of 60 computer break-ins ranging from Memorial Sloan-Kettering Cancer Center to Los Alamos National Laboratory. Comprehensive Crime Control Act gives Secret Service jurisdiction over credit card and computer fraud. Two hacker groups form, the Legion of Doom in the United States and the Chaos Computer Club in Germany. 2600: The Hacker Quarterly is founded to share tips on phone and computer hacking. 1.4. Late 1980s The Computer Fraud and Abuse Act gives more clout to federal authorities. Computer Emergency Response Team is formed by U.S. defense agencies. Based at Carnegie Mellon University in Pittsburgh, its mission is to investigate the growing volume of attacks on computer networks. At 25, veteran hacker Kevin Mitnick secretly monitors the e-mail of MCI and Digital Equipment security officials. He is convicted of damaging computers and stealing software and is sentenced to one year in prison. First National Bank of Chicago is the victim of a $70-million computer heist. An Indiana hacker known as "Fry Guy" -- so named for hacking McDonald's -- is raided by law enforcement. A similar sweep occurs in Atlanta for Legion of Doom hackers known by the handles "Prophet," "Leftist" and "Urvile." 1.5. Early 1990s After AT&T long-distance service crashes on Martin Luther King Jr. Day, law enforcement starts a national crackdown on hackers. The feds nab St. Louis' "Knight Lightning" and in New York grab Masters of Deception trio "Phiber Optik," " Acid Phreak" and "Scorpion." Fellow hacker "Eric Bloodaxe" is picked up in Austin, Texas.
Operation Sundevil, a special team of Secret Service agents and members of Arizona's organized crime unit, conducts raids in 12 major cities, including Miami. A 17-month search ends in the capture of hacker Kevin Lee Poulsen ("Dark Dante"), who is indicted for stealing military documents. Hackers break into Griffith Air Force Base, then pewwwte computers at NASA and the Korean Atomic Research Institute. Scotland Yard nabs "Data Stream," a 16-year-old British teenager who curls up in the fetal position when seized. A Texas A&M professor receives death threats after a hacker logs on to his computer from off-campus and sends 20,000 racist e-mail messages using his Internet address. In a highly publicized case, Kevin Mitnick is arrested (again), this time in Raleigh, N.C., after he is tracked down via computer by Tsutomu Shimomura at the San Diego Supercomputer Center. Kevin Mitnick 1.6. Late 1990s Hackers break into and deface federal Web sites, including the U.S. Department of Justice, U.S. Air Force, CIA, NASA and others. Report by the General Accounting Office finds Defense Department computers sustained 250,000 attacks by hackers in 1995 alone. A Canadian hacker group called the Brotherhood, angry at hackers being falsely accused of electronically stalking a Canadian family, break into the Canadian Broadcasting Corp. Web site and leave message: "The media are liars." Family's own 15-year-old son eventually is identified as stalking culprit.
Hackers pierce security in Microsoft's NT operating system to illustrate its weaknesses. Popular Internet search engine Yahoo! is hit by hackers claiming a "logic bomb" will go off in the PCs of Yahoo!'s users on Christmas Day 1997 unless Kevin Mitnick is released from prison. "There is no virus," Yahoo! spokeswoman Diane Hunt said. 1.7. 1998 Anti-hacker ad runs during Super Bowl XXXII. The Network Associates ad, costing $1.3-million for 30 seconds, shows two Russian missile silo crewmen worrying that a computer order to launch missiles may have come from a hacker. They decide to blow up the world anyway. In January, the federal Bureau of Labor Statistics is inundated for days with hundreds of thousands of fake information requests, a hacker attack called "spamming." Hackers break into United Nation's Children Fund Web site, threatening a "holocaust" if Kevin Mitnick is not freed. Hackers claim to have broken into a Pentagon network and stolen software for a military satellite system. They threaten to sell the software to terrorists. The U.S. Justice Department unveils National Infrastructure Protection Center, which is given a mission to protect the nation's telecommunications, technology and transportation systems from hackers. Hacker group L0pht, in testimony before Congress, warns it could shut down nationwide access to the Internet in less than 30 minutes. The group urges stronger security measures.
2. WHY IS SECURITY NEEDED?
Security is needed because:
information is a strategic resource
a significant portion of organisational budget is spent on manageing information
there are many types of information
have several security related objectives
confidentiality (secrecy) - protect info value
integrity - protect info accuracy
availabilty - ensure info delivery
threats to information security
various surveys, with results of order:
55% human error
10% disgruntled employees
10% dishonest employees
10% outsider access
3. WHAT IS ETHICAL HACKING? Ethical hacking is the process of hacking the information that is considered to be confidential. The information through the ethical hacking does not remain secret at all. The ethical hacking process is also known as the intrusion testing, penetration testing or red teaming. However the ethical hacking also gives s professional certification to the certified ethical hacker where the hacking of the computer system or some other devices takes place. This service had been made available to the people by the international council of e-commerce consultants. Moreover for the ethical hacking the user has to be an ethical hacker which is somehow the name that is given to the person and for this the person must be a penetration tester. The ethical hacker is responsible for the performance of different activities. The main role that had been allotted to the ethical hacker is that he is the person who is mainly working for an organization or the organization hires the ethical hacker for the purpose of penetrating the information from different networks or systems. The organization trusts the ethical hacker as he is responsible for providing different services to the firm. The ethical hacking service is very much similar to that of the hacking and the ethical hacker is also working in the same way as the hacker is working for different purposes. The ethical hacker is the person who is found to be a computer expert and at the same time he is also responsible for the working of the networking systems as well. He is the person who works on behalf of the members of the organization. At times the hacking service that is being provided by the hacker can also be dangerous for the firm and hence it can exploit the systems of the company An Ethical Hacker is an expert hired by a company to attempt to attack their network and computer system the same way a hacker would. Ethical Hackers use the same techniques and tactics as those used by illegal hackers to breach corporate security systems. The end result is the company's ability to prevent an intrusion before it ever occurs.
Ask any developer if he has ever hacked. Ask yourself if you ever been a hacker. The answers will probably be yes. We have all hacked, at one time or another, for one reason or another. Administrators hack to find shortcuts around configuration obstacles. Security professionals attempt to wiggle their way into an application/database through unintentional (or even intentional) backdoors; they may even attempt to bring systems down in various ways. Security professionals hack into networks and applications because they are asked to; they are asked to find any weakness that they can and then disclose them to their employers. They are performing ethical hacking in which they have agreed to disclose all findings back to the employer, and they may have signed nondisclosure agreements to verify that they will Not disclose this information to anyone else. But you don’t have to be a hired security professional to perform ethical hacking. Ethical hacking occurs anytime you are “testing the limits” of the code you have written or the code that has been written by a co-worker. Ethical hacking is done in an attempt to prevent malicious attacks from being successful. Malicious hacking, on the other hand, is completed with no intention of disclosing weaknesses that have been discovered and are exploitable. Malicious hackers are more likely to exploit a weakness than they are to report the weakness to the necessary people, thus avoiding having a patch/fix created for the weakness. Their intrusions could lead to theft, a DDoS attack, defacing of a Web site, or any of the other attack forms that are listed throughout this chapter. Simply put, malicious hacking is done with the intent to cause harm. Somewhere in between the definition of an ethical hacker and a malicious hacker lies the argument of legal issues concerning any form of hacking. Is it ever truly okay for someone to scan your ports or poke around in some manner in search of an exploitable weakness? Whether the intent is to report the findings or to exploit them. If a company hasn’t directly requested attempts at an intrusion, then the “assistance” is unwelcome.
5. TYPES OF HACKERS There are eight types of hackers: 1. Script kiddies: In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks. It is generally assumed that script kiddies are like amateur kids who lack the ability to write sophisticated hacking programe or exploits on their own, and that their objective is to try to impress their friends or gain credit in underground hacker communities.
2. White hat hackers: They are generally security professionals white hat hackers in computer slang’s refers to an ethical hacker, a penetration or vulnerabilities tester or a security expert. White hat hackers are computer security experts who specialize in penetration testing and other testing methodologies, to ensure security. This white hat hacker uses the computer security tools, hacker tools and tactics to find or identify the exploits or vulnerabilities and works for security. Now basically saying white hat hackers uses hacking techniques and skills in an ethical manner i.e. in defense purposes 3. Black hat hackers: Comparing to white hat hackers black hat hackers are villains or bad guy’s, especially as the name suggests white hat hackers uses the hacking techniques for their profit, it can be from stealing information or money by gaining unauthorized access or by destroy vital data Or anything it means they intent to cause problems for their subjects or targets.They break the Law, exploit Vulnerabilities, in other words they violate the system integrity with malicious intent. 4. Gray hat hackers: These hackers generally hack to learn. These types of hackers are the combination of both i.e. white hat hackers and Black hat hackers. Gray hat hackers may work for offensive purposes or defensive, depends on the situation and the choice. There are self proclaimed ethical hackers, who are interested in gaining knowledge mostly for curious purposes. Most of the people fall in this category
5. Hacktivists: Some people describing themselves as hacktivists have taken to defacing websites for political reasons, such as attacking and defacing government websites as well as web sites of groups who oppose their ideology. Hacktivist is a mixture of the words Hacker and Activist. Their activities include many political ideals and issues. Hacktivism is a controversial term. Some argue it was coined to describe how electronic direct action might work toward social change by combining programming skills with critical thinking. Others use it as practically synonymous with malicious, destructive acts that undermine the security of the internet as a technical, economic, and political platform. 6. State sponsored hackers: Governments around the globe realize that it serves their military objectives to be well positioned online. The saying used to be, “He who controls the seas controls the world,” and then it was, “He who controls the air controls the world.” Now it’s all about controlling cyberspace. State sponsored hackers have limitless time and funding to target civilians, corporations, and governments.
7. Spy hackers: Corporations hire hackers to infiltrate the competition and steal trade secrets. They may hack in from the outside or gain employment in order to act as a mole. Spy hackers may use similar tactics as hacktivists, but their only agenda is to serve their client’s goals and get paid. 8. Cyber terrorists: These hackers, generally motivated by religious or political beliefs, attempt to create fear and chaos by disrupting critical infrastructures. Cyber terrorists are by far the most dangerous, with a wide range of skills and goals. Cyber Terrorists ultimate motivation is to spread fear, terror and commit murder.
6. BUILDING AN APPROACH FOR ETHICAL HACKING There are two approaches for ethical hacking: 1. Shoot all: The shoot-all approach is adopted to evaluate the security risk and related consequences, if a host of the audited network is compromised. All available resources of the compromised host are utilised to exploit design-based vulnerabilities. This can be done by means of post-exploitation techniques, such as installing back doors, tools for finding user/administrator credentials, etc. In addition, the network traffic is analysed to gain access information from the data stream. Captured credentials are then used to jump from one host in the network to another one, which to that point would have been considered secure. Examples of possible techniques are: hijacking Windows NT access tokens, Kerberos credentials hijacking, using ssh private keys, UNIX TTY hijacking, etc.
2. Capture the flag: The capture-the-flag approach is adopted to evaluate the probability that a system belonging to the object of investigation is compromised. Although the objective usually is to assess a specific and critical component, the capture-the-flag approach lends itself to testing the response of an internal security team in case of an attack. Because the range of exploited components is reduced, security probes are less likely to be triggered. Before the project starts, a flag is defined, which represents the critical resource (e.g. data, e-mail, system, etc.) that has to be conquered within a given time frame. Techniques used are similar to the ones in the shoot-all-approach. In addition, bots may be employed. The capture-the-flag approach comes closest to a real hacker attack.
7. STEPS INVOLVED IN ETHICAL HACKING Hackers can target many different platforms, operating systems, and hardware yet the methodology stays remarkably similar. The steps involved in hacking generally involve: 1. Footprinting/information gathering: This step involves gathering potential information about target system. In fact hacker spends 90% of time for this phase only and next 10% time for rest of the steps. 2. Scanning: During this phase network is scanned for vulnerability. 3. System hacking: This is the step where real hacking takes place. Hacker takes advantage of vulnerability found in scanning phase and penetrates the victim system. 4. Maintaining access: After gaining access hacker makes provision to come back by planting root-kit and backdoor. 5. Covering tracks: In this phase hacker removes all traces of his/her presence in system by removing log files and event logs.
Hacking has been around for more than a century. In the 1870s, several teenagers were flung off
the country's brand new phone system by enraged authorities. Here's a peek at how busy
hackers have been in the past 35 years.
1.1. Early 1960s
University facilities with huge mainframe computers, like MIT's artificial intelligence lab, become
staging grounds for hackers. At first, "hacker" was a positive term for a person with a mastery of
computers who could push programs beyond what they were designed to do.
1.2. Early 1970s
John Draper makes a long-distance call for free by blowing a precise tone into a telephone that
tells the phone system to open a line. Draper discovered the whistle as a give-away in a box of
children's cereal. Draper, who later earns the handle "Captain Crunch," is arrested repeatedly for
phone tampering throughout the 1970s.
John Draper
Yippie social movement starts YIPL/TAP (Youth International Party Line/ Technical Assistance
Program) magazine to help phone hackers (called "phreaks") make free long-distance calls.
Two members of California's Homebrew Computer Club begin making "blue boxes," devices used
to hack into the phone system. The members, who adopt handles "Berkeley Blue" (Steve Jobs)
and "Oak Toebark" (Steve Wozniak), later go on to found Apple Computer.
1.3. Early 1980s Author William Gibson coins the term "cyberspace" in a science fiction novel called Neuromancer. In one of the first arrests of hackers, the FBI busts the Milwaukee-based 414s (named after the local area code) after members are accused of 60 computer break-ins ranging from Memorial Sloan-Kettering Cancer Center to Los Alamos National Laboratory. Comprehensive Crime Control Act gives Secret Service jurisdiction over credit card and computer fraud. Two hacker groups form, the Legion of Doom in the United States and the Chaos Computer Club in Germany. 2600: The Hacker Quarterly is founded to share tips on phone and computer hacking. 1.4. Late 1980s The Computer Fraud and Abuse Act gives more clout to federal authorities. Computer Emergency Response Team is formed by U.S. defense agencies. Based at Carnegie Mellon University in Pittsburgh, its mission is to investigate the growing volume of attacks on computer networks. At 25, veteran hacker Kevin Mitnick secretly monitors the e-mail of MCI and Digital Equipment security officials. He is convicted of damaging computers and stealing software and is sentenced to one year in prison. First National Bank of Chicago is the victim of a $70-million computer heist. An Indiana hacker known as "Fry Guy" -- so named for hacking McDonald's -- is raided by law enforcement. A similar sweep occurs in Atlanta for Legion of Doom hackers known by the handles "Prophet," "Leftist" and "Urvile." 1.5. Early 1990s After AT&T long-distance service crashes on Martin Luther King Jr. Day, law enforcement starts a national crackdown on hackers. The feds nab St. Louis' "Knight Lightning" and in New York grab Masters of Deception trio "Phiber Optik," " Acid Phreak" and "Scorpion." Fellow hacker "Eric Bloodaxe" is picked up in Austin, Texas.
Operation Sundevil, a special team of Secret Service agents and members of Arizona's organized crime unit, conducts raids in 12 major cities, including Miami. A 17-month search ends in the capture of hacker Kevin Lee Poulsen ("Dark Dante"), who is indicted for stealing military documents. Hackers break into Griffith Air Force Base, then pewwwte computers at NASA and the Korean Atomic Research Institute. Scotland Yard nabs "Data Stream," a 16-year-old British teenager who curls up in the fetal position when seized. A Texas A&M professor receives death threats after a hacker logs on to his computer from off-campus and sends 20,000 racist e-mail messages using his Internet address. In a highly publicized case, Kevin Mitnick is arrested (again), this time in Raleigh, N.C., after he is tracked down via computer by Tsutomu Shimomura at the San Diego Supercomputer Center. Kevin Mitnick 1.6. Late 1990s Hackers break into and deface federal Web sites, including the U.S. Department of Justice, U.S. Air Force, CIA, NASA and others. Report by the General Accounting Office finds Defense Department computers sustained 250,000 attacks by hackers in 1995 alone. A Canadian hacker group called the Brotherhood, angry at hackers being falsely accused of electronically stalking a Canadian family, break into the Canadian Broadcasting Corp. Web site and leave message: "The media are liars." Family's own 15-year-old son eventually is identified as stalking culprit.
Hackers pierce security in Microsoft's NT operating system to illustrate its weaknesses. Popular Internet search engine Yahoo! is hit by hackers claiming a "logic bomb" will go off in the PCs of Yahoo!'s users on Christmas Day 1997 unless Kevin Mitnick is released from prison. "There is no virus," Yahoo! spokeswoman Diane Hunt said. 1.7. 1998 Anti-hacker ad runs during Super Bowl XXXII. The Network Associates ad, costing $1.3-million for 30 seconds, shows two Russian missile silo crewmen worrying that a computer order to launch missiles may have come from a hacker. They decide to blow up the world anyway. In January, the federal Bureau of Labor Statistics is inundated for days with hundreds of thousands of fake information requests, a hacker attack called "spamming." Hackers break into United Nation's Children Fund Web site, threatening a "holocaust" if Kevin Mitnick is not freed. Hackers claim to have broken into a Pentagon network and stolen software for a military satellite system. They threaten to sell the software to terrorists. The U.S. Justice Department unveils National Infrastructure Protection Center, which is given a mission to protect the nation's telecommunications, technology and transportation systems from hackers. Hacker group L0pht, in testimony before Congress, warns it could shut down nationwide access to the Internet in less than 30 minutes. The group urges stronger security measures.
2. WHY IS SECURITY NEEDED?
Security is needed because:
information is a strategic resource
a significant portion of organisational budget is spent on manageing information
there are many types of information
have several security related objectives
confidentiality (secrecy) - protect info value
integrity - protect info accuracy
availabilty - ensure info delivery
threats to information security
various surveys, with results of order:
55% human error
10% disgruntled employees
10% dishonest employees
10% outsider access
3. WHAT IS ETHICAL HACKING? Ethical hacking is the process of hacking the information that is considered to be confidential. The information through the ethical hacking does not remain secret at all. The ethical hacking process is also known as the intrusion testing, penetration testing or red teaming. However the ethical hacking also gives s professional certification to the certified ethical hacker where the hacking of the computer system or some other devices takes place. This service had been made available to the people by the international council of e-commerce consultants. Moreover for the ethical hacking the user has to be an ethical hacker which is somehow the name that is given to the person and for this the person must be a penetration tester. The ethical hacker is responsible for the performance of different activities. The main role that had been allotted to the ethical hacker is that he is the person who is mainly working for an organization or the organization hires the ethical hacker for the purpose of penetrating the information from different networks or systems. The organization trusts the ethical hacker as he is responsible for providing different services to the firm. The ethical hacking service is very much similar to that of the hacking and the ethical hacker is also working in the same way as the hacker is working for different purposes. The ethical hacker is the person who is found to be a computer expert and at the same time he is also responsible for the working of the networking systems as well. He is the person who works on behalf of the members of the organization. At times the hacking service that is being provided by the hacker can also be dangerous for the firm and hence it can exploit the systems of the company An Ethical Hacker is an expert hired by a company to attempt to attack their network and computer system the same way a hacker would. Ethical Hackers use the same techniques and tactics as those used by illegal hackers to breach corporate security systems. The end result is the company's ability to prevent an intrusion before it ever occurs.
Ask any developer if he has ever hacked. Ask yourself if you ever been a hacker. The answers will probably be yes. We have all hacked, at one time or another, for one reason or another. Administrators hack to find shortcuts around configuration obstacles. Security professionals attempt to wiggle their way into an application/database through unintentional (or even intentional) backdoors; they may even attempt to bring systems down in various ways. Security professionals hack into networks and applications because they are asked to; they are asked to find any weakness that they can and then disclose them to their employers. They are performing ethical hacking in which they have agreed to disclose all findings back to the employer, and they may have signed nondisclosure agreements to verify that they will Not disclose this information to anyone else. But you don’t have to be a hired security professional to perform ethical hacking. Ethical hacking occurs anytime you are “testing the limits” of the code you have written or the code that has been written by a co-worker. Ethical hacking is done in an attempt to prevent malicious attacks from being successful. Malicious hacking, on the other hand, is completed with no intention of disclosing weaknesses that have been discovered and are exploitable. Malicious hackers are more likely to exploit a weakness than they are to report the weakness to the necessary people, thus avoiding having a patch/fix created for the weakness. Their intrusions could lead to theft, a DDoS attack, defacing of a Web site, or any of the other attack forms that are listed throughout this chapter. Simply put, malicious hacking is done with the intent to cause harm. Somewhere in between the definition of an ethical hacker and a malicious hacker lies the argument of legal issues concerning any form of hacking. Is it ever truly okay for someone to scan your ports or poke around in some manner in search of an exploitable weakness? Whether the intent is to report the findings or to exploit them. If a company hasn’t directly requested attempts at an intrusion, then the “assistance” is unwelcome.
5. TYPES OF HACKERS There are eight types of hackers: 1. Script kiddies: In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks. It is generally assumed that script kiddies are like amateur kids who lack the ability to write sophisticated hacking programe or exploits on their own, and that their objective is to try to impress their friends or gain credit in underground hacker communities.
2. White hat hackers: They are generally security professionals white hat hackers in computer slang’s refers to an ethical hacker, a penetration or vulnerabilities tester or a security expert. White hat hackers are computer security experts who specialize in penetration testing and other testing methodologies, to ensure security. This white hat hacker uses the computer security tools, hacker tools and tactics to find or identify the exploits or vulnerabilities and works for security. Now basically saying white hat hackers uses hacking techniques and skills in an ethical manner i.e. in defense purposes 3. Black hat hackers: Comparing to white hat hackers black hat hackers are villains or bad guy’s, especially as the name suggests white hat hackers uses the hacking techniques for their profit, it can be from stealing information or money by gaining unauthorized access or by destroy vital data Or anything it means they intent to cause problems for their subjects or targets.They break the Law, exploit Vulnerabilities, in other words they violate the system integrity with malicious intent. 4. Gray hat hackers: These hackers generally hack to learn. These types of hackers are the combination of both i.e. white hat hackers and Black hat hackers. Gray hat hackers may work for offensive purposes or defensive, depends on the situation and the choice. There are self proclaimed ethical hackers, who are interested in gaining knowledge mostly for curious purposes. Most of the people fall in this category
5. Hacktivists: Some people describing themselves as hacktivists have taken to defacing websites for political reasons, such as attacking and defacing government websites as well as web sites of groups who oppose their ideology. Hacktivist is a mixture of the words Hacker and Activist. Their activities include many political ideals and issues. Hacktivism is a controversial term. Some argue it was coined to describe how electronic direct action might work toward social change by combining programming skills with critical thinking. Others use it as practically synonymous with malicious, destructive acts that undermine the security of the internet as a technical, economic, and political platform. 6. State sponsored hackers: Governments around the globe realize that it serves their military objectives to be well positioned online. The saying used to be, “He who controls the seas controls the world,” and then it was, “He who controls the air controls the world.” Now it’s all about controlling cyberspace. State sponsored hackers have limitless time and funding to target civilians, corporations, and governments.
7. Spy hackers: Corporations hire hackers to infiltrate the competition and steal trade secrets. They may hack in from the outside or gain employment in order to act as a mole. Spy hackers may use similar tactics as hacktivists, but their only agenda is to serve their client’s goals and get paid. 8. Cyber terrorists: These hackers, generally motivated by religious or political beliefs, attempt to create fear and chaos by disrupting critical infrastructures. Cyber terrorists are by far the most dangerous, with a wide range of skills and goals. Cyber Terrorists ultimate motivation is to spread fear, terror and commit murder.
6. BUILDING AN APPROACH FOR ETHICAL HACKING There are two approaches for ethical hacking: 1. Shoot all: The shoot-all approach is adopted to evaluate the security risk and related consequences, if a host of the audited network is compromised. All available resources of the compromised host are utilised to exploit design-based vulnerabilities. This can be done by means of post-exploitation techniques, such as installing back doors, tools for finding user/administrator credentials, etc. In addition, the network traffic is analysed to gain access information from the data stream. Captured credentials are then used to jump from one host in the network to another one, which to that point would have been considered secure. Examples of possible techniques are: hijacking Windows NT access tokens, Kerberos credentials hijacking, using ssh private keys, UNIX TTY hijacking, etc.
2. Capture the flag: The capture-the-flag approach is adopted to evaluate the probability that a system belonging to the object of investigation is compromised. Although the objective usually is to assess a specific and critical component, the capture-the-flag approach lends itself to testing the response of an internal security team in case of an attack. Because the range of exploited components is reduced, security probes are less likely to be triggered. Before the project starts, a flag is defined, which represents the critical resource (e.g. data, e-mail, system, etc.) that has to be conquered within a given time frame. Techniques used are similar to the ones in the shoot-all-approach. In addition, bots may be employed. The capture-the-flag approach comes closest to a real hacker attack.
7. STEPS INVOLVED IN ETHICAL HACKING Hackers can target many different platforms, operating systems, and hardware yet the methodology stays remarkably similar. The steps involved in hacking generally involve: 1. Footprinting/information gathering: This step involves gathering potential information about target system. In fact hacker spends 90% of time for this phase only and next 10% time for rest of the steps. 2. Scanning: During this phase network is scanned for vulnerability. 3. System hacking: This is the step where real hacking takes place. Hacker takes advantage of vulnerability found in scanning phase and penetrates the victim system. 4. Maintaining access: After gaining access hacker makes provision to come back by planting root-kit and backdoor. 5. Covering tracks: In this phase hacker removes all traces of his/her presence in system by removing log files and event logs.
Comments
Post a Comment