Professional Practices

CS 625

Free Powerpoint Templates

Page 1
 Introduction to hacking

The process of attempting to gain or successfully gaining,

unauthorized access to computer resources is called hacking.

OR

The process of modifying the features of a system, in order to

accomplish a goal outside of the creator's original purpose.

Free Powerpoint Templates

Page 2
 Who is hacker?

 A computer hacker is someone who develops, changes or attempts

to circumvent computer security hardware or software.
 Intelligent, having advance knowledge of hardware and software.

 Can either happen for negative (criminal) or positive reasons.

 Criminal hackers develop computer malware or spyware to gain

access to confidential information.

Free Powerpoint Templates

Page 3
 Types of hacking
 Website Hacking

 Net Hacking

 Password Hacking

 Software Hacking

 Ethical Hacking

 Email Hacking

 Computer Hacking

Free Powerpoint Templates

Page 4
 Website Hacking

 Hacking a website means taking control from the website

owner to a person who hacks the website.

Free Powerpoint Templates

Page 5
 Net Hacking

 Gathering information about the domain

 IP address (Address of your computer in the internet)

 Port (It is logical port on your computer which hacker can use to
enter in the system)

Free Powerpoint Templates

Page 6
 Password Hacking

 Password Hacking or Password cracking is the process of

recovering secret passwords from data that has been stored in or
transmitted by a computer system.
 Brute force (Hackers try out all the combination of all keyboard
letters)
 Dictionary based (Hackers use predefine passwords. It is
unsuccessful method)

Free Powerpoint Templates

Page 7
 Software Hacking

 In that hackers changes the look & execution way of that

software. For example change the demo version into the full
version of that software.
 Modifying existing features of the software.

Free Powerpoint Templates

Page 8
 Ethical Hacking

 The process in which a person hacks to find weakness in a

system and then usually patches them.
 Can be used to recover lost information where the computer
password has been lost.
 To test security of the system.

 Also called white hat computer hacking.

Free Powerpoint Templates

Page 9
 Email Hacking

 Email hacking is unauthorized access to an email account or

email correspondence.

Free Powerpoint Templates

Page 10
 Computer Hacking

 Computer Hacking is when files on computer are viewed,

created, edited or deleted without authorization.

Free Powerpoint Templates

Page 11
 What should do after hacked?

 Shut down /Turn off the system

 Separate the system from network

 Restore the system with backup Or reinstall all programs

 Connect the system to the network

 Good to call the police

Free Powerpoint Templates

Page 12
 Tools of Hacking
Scanners

A program that automatically detects security weakness in remote host

Telnet

It is terminal emulation program that allows us to connect to remote system

FTP

FTP is one type of protocol but some time it is used as hacking tool, port 21
for the ftp. For connecting ftp we need some ftp s/w known as ftp client.
For connecting ftp server you have to hammer that server.

Free Powerpoint Templates

Page 13
 Computer Security Ethics
 Being ethical is not necessarily following one’s feelings; “feelings
frequently deviate from what is ethical“.
 Ethics is not confined to religion nor is the same as religion. Also
being ethical is not solely following the law
 Example: “If a person conceives of engineering activity as only
making money, then one's definition of practical ethics, one's
actions and values will, be guided by this basic philosophical
position. “

Free Powerpoint Templates

Page 14
 Ethical Hackers

 Performs most of the same activities but with owner’s

permission such as penetration tests.

 Penetration test means Legal attempt to break into a company’s

network to find its weakest link Tester only reports findings

Free Powerpoint Templates

Page 15
 Penetration-Testing Methodologies
 White box model
Tester is told everything about the network topology and technology and is authorized
to interview IT personnel as well. Makes the job easier for him

 Black box model

Company staff does not know about the test. Tester is not given detail about the
network so the burden is on the tester to find out the details. The test determines if the
security personnel are able to detect an attack.

 Gray box model

This mode of test is combination of both white and black box models. The company
provides the tester with partial information about the network.

Free Powerpoint Templates

Page 16
 Hackers Code of Conduct
Hacker creed (Steven Levy’s “Hackers: Heroes of Computer
Revolution” - 1984 ):
 Access to computers should be unlimited and total.

 Always yield to the Hands-On Imperative

 All information should be free.

 Mistrust authority -- promote decentralization.

 Hackers should be judged by their hacking.

 You can create art and beauty on a computer.

 Computers can change your life for the better.

Free Powerpoint Templates

Page 17
New Code of Ethics (90s) - Steven Mizrach :
 Above all else, do no harm"

 Protect Privacy

 "Waste not, want not."

 Exceed Limitations

 The Communicational Imperative

 Leave No Traces

 Share!

 Self Defense

 Hacking Helps Security

 Trust, but Test!

Free Powerpoint Templates

Page 18
 Certified Ethical Hackers

 Developed by the International Council of Electronic

Commerce Consultants (EC-Council)
 Based on 21 domains (subject areas)

 Web site: www.eccouncil.org

 Red team: Composed of people with varied skills

 Conducts penetration tests

Free Powerpoint Templates

Page 19
 Thank you!

Free Powerpoint Templates

Page 20