Scribd
Upload
151 views14 pages

Why - Ethical Hacking: Social Engineering Automated Attacks Protection From Possible External Attacks

The document discusses ethical hacking, which involves testing a company's security systems to identify vulnerabilities by simulating real attacks. The process involves preparation, footprinting, enumeration and fingerprinting, identifying vulnerabilities, and exploiting vulnerabilities. Some key steps include collecting information about targets, identifying open ports and services, scanning for vulnerabilities, exploiting weaknesses to gain access, and reporting findings to help companies improve security. The goal of ethical hacking is to protect organizations from actual hackers by improving security before it can be breached.

Uploaded by

faiza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
151 views14 pages

Why - Ethical Hacking: Social Engineering Automated Attacks Protection From Possible External Attacks

The document discusses ethical hacking, which involves testing a company's security systems to identify vulnerabilities by simulating real attacks. The process involves preparation, footprinting, enumeration and fingerprinting, identifying vulnerabilities, and exploiting vulnerabilities. Some key steps include collecting information about targets, identifying open ports and services, scanning for vulnerabilities, exploiting weaknesses to gain access, and reporting findings to help companies improve security. The goal of ethical hacking is to protect organizations from actual hackers by improving security before it can be breached.

Uploaded by

faiza
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 14

Why – Ethical Hacking

Protection from possible External Attacks


Social
Engineering
Automated
Organizational Attacks
Attacks

Restricted
Data

Accidental
Breaches in
Security Denial of
Viruses, Trojan Service (DoS)
Horses,
and Worms
1
!@ #
Ethical Hacking - Process
1. Preparation
2. Footprinting
3. Enumeration & Fingerprinting
4. Identification of Vulnerabilities
5. Attack – Exploit the Vulnerabilities

2
!@ #
Preparation
 Identification of Targets – company websites,
mail servers, extranets, etc.
 Signing of Contract
 Agreement on protection against any legal issues
 Contracts to clearly specifies the limits and dangers of
the test
 Specifics on Denial of Service Tests, Social Engineering,
etc.
 Time window for Attacks
 Total time for the
 testing
 Prior Knowledge of the
systems
Key people who are
!@ #
3

made aware of the


Footprinting
Collecting as much information about the target
 DNS Servers
 IP Ranges
 Administrati
 ve Contacts
Problems
revealed by
Information Sources
administrato
 Search engines
rs
 Forums
 Databases –
 whois, ripe,
arin, apnic
Tools – PING,
!@ #
4
whois,
Traceroute,
Enumeration & Fingerprinting
 Specific targets determined
 Identification of Services / open ports
 Operating System Enumeration

Methods
 Banner grabbing
 Responses to various protocol (ICMP &TCP) commands
 Port / Service Scans – TCP Connect, TCP SYN, TCP FIN, etc.

Tools
 Nmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh,
telnet, SNMP Scanner

!@ #
5
Identification of Vulnerabilities
Vulnerabilities

 Insecure Configuration
 Weak passwords
 Unpatched vulnerabilities in services, Operating
systems, applications
 Possible Vulnerabilities in Services, Operating
Systems
 Insecure programming
 Weak Access Control

!@ #
6
Identification of Vulnerabilities
Methods
 Unpatched / Possible Vulnerabilities – Tools,
Vulnerability information Websites
 Weak Passwords – Default Passwords, Brute
force, Social Engineering, Listening to
Traffic
 Insecure Programming – SQL Injection, Listening
to Traffic
 Weak Access Control – Using the Application
Logic, SQL Injection

!@ #
7
Identification of Vulnerabilities
Tools
Vulnerability Scanners - Nessus, ISS, SARA, SAINT
Listening to Traffic – Ethercap, tcpdump
Password Crackers – John the ripper, LC4, Pwdump
Intercepting Web Traffic – Achilles, Whisker,
Legion

Websites
Common Vulnerabilities & Exposures –
 http://cve.mitre.org Bugtraq – www.securityfocus.com
 Other Vendor Websites

!@ #
8
Attack – Exploit the vulnerabilities
 Obtain as much information (trophies) from
the Target Asset
 Gaining Normal Access
 Escalation of privileges
 Obtaining access to other connected systems

Last Ditch Effort – Denial of Service

!@ #
9
Attack – Exploit the vulnerabilities
Network Infrastructure Attacks
 Connecting to the network through modem
 Weaknesses in TCP / IP, NetBIOS
 Flooding the network to cause DOS

Operating System Attacks


 Attacking Authentication Systems
 Exploiting Protocol Implementations
 Exploiting Insecure configuration
 Breaking File-System Security

!@ #
10
Attack – Exploit the vulnerabilities
Application Specific Attacks
 Exploiting implementations of HTTP, SMTP
protocols
 Gaining access to application Databases
 SQL Injection
 Spamming

!@ #
11
Attack – Exploit the vulnerabilities
Exploits
Free exploits from Hacker Websites Customised free
exploits

Internally Developed

Tools – Nessus, Metasploit Framework,

!@ #
12
Reporting
 Methodology
 Exploited Conditions & Vulnerabilities that
could not be exploited
 Proof for Exploits - Trophies
 Practical Security solutions

!@ #
13
Ethical Hacking - Commandments
 Working Ethically
 Trustworthiness
 Misuse for personal gain
 Respecting Privacy
 Not Crashing the Systems

!@ #
14

You might also like