Recommandé
Contenu connexe
Tendances
Tendances (20)
Similaire à Ethical hacking
Similaire à Ethical hacking (20)
Dernier
Dernier (20)
Ethical hacking
- 1. E t h ic a l H a c k in g
- 2. HACKING
- 3. PREHISTORY ► Draper builds a "blue box" ► 1960s: The Dawn of used with whistle allows Hacking phreaks to make free calls. Original meaning of the word ► Steve Wozniak and Steve "hack" started at MIT; meant Jobs, future founders of elegant, witty or inspired way Apple Computer, make and of doing almost anything; sell blue boxes. hacks were programming THE GOLDEN AGE shortcuts (1980-1991) ELDER DAYS (1970-1979) ► 1980: Hacker Message ► 1970s: Phone Phreaks and Boards and Groups Cap'n Crunch: One phreak, Hacking groups form; such as John Draper (aka "Cap'n Legion of Doom (US), Chaos Crunch"), discovers a toy Computer Club (Germany). whistle inside Cap'n Crunch ► 1983: Kids' Games cereal gives 2600-hertz signal, Movie "War Games" and can access AT&T's long- introduces public to hacking. distance switching system.
- 4. THE GREAT HACKER WAR ► 1989: The Germans , ► Legion of Doom vs Masters the KGB and Kevin of Deception; online warfare; Mitnick. jamming phone lines. ► German Hackers ► 1984: Hacker 'Zines arrested for breaking into Hacker magazine 2600 U.S. computers; sold publication; online 'zine information to Soviet KGB. Phrack. ► Hacker "The Mentor“ CRACKDOWN (1986-1994) arrested; publishes ► 1986: Congress passes Hacker's Manifesto. Computer Fraud and Abuse ► Kevin Mitnick convicted; Act; crime to break into first person convicted computer systems. under law against gaining ► 1988: The Morris Worm access to interstate network for criminal Robert T. Morris, Jr., launches purposes. self-replicating worm on ARPAnet.
- 8. Ethical Hacking ► Independent computer security Professionals breaking into the computer systems. ► Neither damage the target systems nor steal information. ► Evaluate target systems security and report back to owners about the vulnerabilities found.
- 9. Ethical Hackers but not Criminal Hackers ► Completely trustworthy. ► Strong programming and computer networking skills. ► Learn about the system and trying to find its weaknesses. ► Techniques of Criminal hackers- Detection-Prevention. ► Published research papers or released security software. ► No Ex-hackers.
- 10. Being Prepared ► What can an intruder see on the target systems? ► What can an intruder do with that information? ► Does anyone at the target notice the intruder's attempts or successes? 6. What are you trying to protect? 7. Who are you trying to protect against? 8. How much time, effort, and money are you willing to expend to obtain adequate protection?
- 11. Ethical Hacker’s Prospective ► Ethical Hacker’s demand a lot of time and persistence. ► Security evaluation plan 1. Identify system to be tested 2. How to test? 3. Limitations on that testing ► Evaluation done under a “no-holds-barred” approach. ► Clients should be aware of risks. ► Limit prior knowledge of test.
- 12. Required Skills of an Ethical Hacker ► Routers: knowledge of routers, routing protocols, and access control lists ► Microsoft: skills in operation, configuration and management. ► Linux: knowledge of Linux/Unix; security setting, configuration, and services. ► Firewalls: configurations, and operation of intrusion detection systems. ► Mainframes ► Network Protocols: TCP/IP; how they function and can be manipulated. ► Project Management: knowledge of leading, planning, organizing, and controlling a penetration testing team.
- 13. Kinds of Testing ► Remote Network ► Remote dial-up network ► Local network ► Stolen laptop computer ► Social engineering ► Physical entry 1.Total outsider 2.Semi-outsider 3.Valid user
- 14. REVIEW Therefore Ethical Hackers and Network Security experts are highly required as well as demanded by many organization’s for the security of their own data, if it fell in the wrong hands a competitor might use it for corporate espionage, a hacker might use it to break into the client’s computers, or a prankster might just post the report’s contents on the Web as a joke.