Ethical Hacking

and Network
Defense
BY
MUHAMMAD TAHIR ZAMAN
 Objectives
Describe the role of an ethical hacker
Describe what you can do legally as an ethical hacker
Describe what you cannot do as an ethical hacker
Script will be provided for practice to perform ethical hacking or penetration
testing

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 2

 Introduction to Ethical
Hacking
 Ethical hackers
 Employed by companies to perform penetration tests who makes cooperate
network more secure
 A person who hacks into a computer network in order to test or evaluate system
security rather then malicious or criminal intent.
 Penetration test
 Legal attempt to break into a company’s network to find its weakest link
 Tester only reports findings, does not solve problems
 Security test
 More than an attempt to break in; also includes analyzing company’s security
policy and procedures
 Tester offers solutions to secure or protect the network

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 3

 The Role of Security and
Penetration Testers
 Hackers
 Access computer system or network without authorization

 Breaks the law; can go to prison

 Crackers
 Break into systems to steal or destroy data.

Crack station, Brutus, Rainbow attack

 Department of Justice calls both hackers

 Ethical hacker
 Performs most of the same activities but with owner’s permission

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 4

The Role of Security and
Penetration Testers
 Script kiddies or packet monkeys
 Young inexperienced hackers
 Copy codes and techniques from knowledgeable hackers

 Experienced penetration testers write programs or scripts using these

languages
 Practical Extraction and Report Language (Perl), C, C++, Python, JavaScript, Visual
Basic, SQL, and many others
 Script
 Set of instructions that runs in sequence

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 5

It Takes Time to
Become a Hacker
This class alone won’t make you a hacker, or an expert
◦ It might make you a script kiddie

It usually takes years of study and experience to earn respect in the

hacker community
It’s a hobby, a lifestyle, and an attitude
◦ A drive to figure out how things work

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 6

Security testing tools
Open source testing tools:
Zed
Attackproxy
Wapiti
wfuzz etc..
Commercial security testing tools:
Grammatech
Appscan
Veracode

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 7

The Role of Security and
Penetration Testers
Tiger box
◦ It is a security testing technique
◦ It is done on a system with Collection of OSs and hacking tools
◦ We Usually perform hacking on a laptop.
◦ Helps penetration testers and security testers conduct vulnerabilities assessments
and attacks.

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 8

Penetration testing
methodologies
Tiger box testing
White box
Black box
Grey box

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 9

 Penetration-Testing
Methodologies
White box model
◦ Tester is told everything about the network topology and technology
 Network diagram

◦ Tester is authorized to interview IT personnel and company employees

◦ Makes tester’s job a little easier

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 10

Network Diagram

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 11

This is a Floor Plan

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 12

 Penetration-Testing
Methodologies
 Black box model
 Company staff does not know about the test

 Tester is not given details about the network

▪ Burden is on the tester to find these details

 Tests if security personnel are able to detect an attack

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 13

 Penetration-Testing Methodologies
Gray box model
◦ Hybrid of the white and black box models
◦ Company gives tester partial information

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 14

 Certification Programs
for Network Security
Personnel
Certification programs available in almost every area of network security
Basics:
CEH: Certified Ethical Hacker. ...
CISSP: Certified Information Systems Security Professional. ...
CISM: Certified Information Security Manager. ...
CCSP: Certified Cloud Security Professional. ...
CISA: Certified Information Systems Auditor. ...
COBIT 5 Certification Training.

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 15

Certified Ethical Hacker
(CEH)

16
Professional
Security Tester
(OPST)

Designated by the Institute for Security and Open Methodologies (ISECOM)

◦ Uses the Open Source Security Testing Methodology Manual (OSSTMM)
◦ Test is only offered in Connecticut and outside the USA, as far as I can tell
◦ See links Ch 1f and Ch 1h on my Web page

17
 Certified Information
Systems Security
Professional (CISSP)

Issued by the International Information Systems Security

Certifications Consortium (ISC2)
Usually more concerned with policies and procedures
than technical details
Web site
◦ www.isc2.org

18
 SANS Institute
 SysAdmin, Audit, Network, Security (SANS)
 Offers certifications through Global Information Assurance Certification
(GIAC)
 Top 20 list
 One of the most popular SANS Institute documents
 Details the most common network exploits
 Suggests ways of correcting vulnerabilities

 Web site
 www.sans.org (links Ch 1i & Ch 1j)

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 19

 What You Can Do
Legally
Laws involving technology change as rapidly as technology itself
Find what is legal for you locally
◦ Laws change from place to place
Be aware of what is allowed and what is not allowed

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 20

 Laws of the Land
Tools on your computer might be illegal to possess
Contact local law enforcement agencies before installing hacking tools
Written words are open to interpretation
Governments are getting more serious about punishment for cybercrimes

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 21

Is Port Scanning Legal?
 Some states deem it legal
 Not always the case
 Federal Government does not see it as a violation
 Allows each state to address it separately

 Read your ISP’s “Acceptable Use Policy”

 IRC “bots” may be forbidden
 Program that sends automatic responses to users

 Gives the appearance of a person being present

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 22

 Federal Laws
Federal computer crime laws are getting more specific
◦ Cover cybercrimes and intellectual property issues
Computer Hacking and Intellectual Property (CHIP)
◦ New government branch to address cybercrimes and intellectual property issues

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 23

What You Cannot Do
Legally
Accessing a computer without permission is illegal
Other illegal actions
◦ Installing worms or viruses
◦ Denial of Service attacks
◦ Denying users access to network resources
Be careful your actions do not prevent customers from doing their jobs

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 24

Anti-Spam Vigilantes:
The Future
Ch 1p: Call for help creating distributed, open-source Blue Frog
replacement -- May 17, 2006
◦ Not in textbook, see links on my page (samsclass.info)

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 25

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 26
 Ethical Hacking in a
Nutshell
What it takes to be a security tester
◦ Knowledge of network and computer technology
◦ Ability to communicate with management and IT personnel
◦ Understanding of the laws
◦ Ability to use necessary tools

HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE 27