Certified Ethical Hacker is a qualification obtained in assessing the security of computer systems, using penetration testing techniques. The code for the CEH exam is 312-50, the certification is in Version 9 as of late 2015.
1. Ethical Hacking
Introduction
Ethical hacking are known as penetration testing or White-hat hacking, involves the same
tools, tricks and techniques that hackers use, but with one major difference that ethical
hacking is legal.
Ethical hacking can also ensure that vendors claims about the security of their products
legitimate.
It is Legal.
Permission is obtained from the target.
Part of an overall security program.
Identify vulnerabilities visible from Internet at particular point of time.
Ethical hackerspossessessameskills, mindset and tools of a hackerbutthe attacks are
done in a non-destructive manner.
Why – Ethical Hacking
Protection From Possible External Attacks
Viruses, Trojan
Horses,
and Worms
Social
Engineering
Automated
Attacks
Accidental
Breaches in
Security
Denial of
Service (DoS)
Organizational
Attacks
Restricted
Data
2. Ethical Hacking History
Sincethe1980's,theInternethasvastlygrowninpopularity andcomputersecurityhasbecome
a major concernforbusinessesandgovernments.Organizationswouldliketo usethe Internet
to their advantage by utilizing the Internet as a medium for e-commerce, advertising,
information distribution andaccess,aswellasotherendeavors.However,theyremainworried
that they may be hacked which could lead to a loss of control of private and personal
information regarding the organization, its employees, and its clients.
From the early days of computers, ethical hacking has been used as an evaluation of system
security. Many early ethical hacks were conducted by the United States Military to cary out
security evaluations on their operating systems to determine whether they should employ a
two-level (secret/top secret) classification system. However, with the growth of computing
and networking in the early 1990's, computer and network vulnerability studies began to
appear outside of the military organization. In December of 1993, two computer security
researchers,DanFarmer fromElementalSecurity and Wietse Venemafrom IBM, suggested
thatthe techniques usedbyhackerscanbeusedtoassesthesecurityofan information system.
What does an Ethical Hacker do ?
An ethical hackeris a person doing ethical hacking that is he is a security personalwho tries
to penetrate in to a network to find if there is some vulnerability in the system. An ethical
hacker will always have the permission to enter into the target network.
If he succeedin penetratinginto the system then he will report to the companywith adetailed
report about the particular vulnerab-ility exploiting which he got in to the system.
Expressed(often written) permission to probe the network and attempt to identify
potentialsecurity risks.
They respectthe individual's or company'sprivacy.
3. They closeout yourwork, not leavinganything openfor you orsomeoneelse to
exploit ata later time.
They let the software developerorhardware manufacturerknow of any security
vulnerabilities you locate in their software or hardware,if notalready knownby the
company.
The term "ethicalhacker" hasreceivedcriticism at times from peoplewho say that there is
no suchthing as an "ethical" hacker.Hacking is hacking,no matter how youlook atit and
those who do the hackingare commonlyreferred to as computercriminals or cyber
criminals. However,the work that ethicalhackersdo for organizationshashelped improve
system security andcan be said to be quite effective and successful.
Ethicalhackingandethicalhackeraretermsusedtodescribe hackingperformedbyacompany
or individual to help identify potential threats on a computer or network. An ethical hacker
attempts to bypasssystemsecurity and searchfor any weak points that could be exploited by
malicious hackers. This information is then used by the organization to improve the system
security, in an effort to minimize or eliminate any potential attacks
4. Required Skills of an Ethical Hacker
Microsoft,mainframe computer
Linux,infosec
Firewalls
Routers
Network Protocols
Project and problem Management
knowledge of threat sources
Hardware software network
Certification
Comunicaton report writing Due to the controversy surrounding the profession of ethical
hacking, the International Council of E-Commerce Consultants (EC-Council) provides a
professional certification for Certified Ethical Hackers (CEH).
5. The Ethical Hacking Process
Planning -
Planningis essentialfor havinga successfulproject.It providesan opportunity to give critical
thoughtto what needsto be done, allows for goals to be set, and allows for a risk assessment
to evaluate how a project should be carried out.
Thereare a large numberofexternalfactors thatneedto beconsideredwhenplanningto carry
out an ethical hack. These factors include existing sequrity policies, culture, laws and
regulations, best practices, and industry requirements. Each of these factors play an integral
role in the decision making process when it comesto ethicalhacking. The planning phaseof
an ethical hack will have a profound influence on how the hack is performed and the
information shared and collected, and will directly influence the deliverable and integration
of the results into the security program.
The planning phasewill describe many of the details of a controlled attack. It will attempt to
answerquestions regarding how the attack is going to be supported and controlled, whatthe
underlying actions that must be performed and who does what, when, where, and for how
long.
Reconnaissance-
Reconnaissance is the search for freely available information to assist in an attack. This can
be as simple as a ping or browsing newsgroups on the Internet in search of disgruntled
employees divulging secret information or as messy as digging through the trash to find
receipts or letters.
Reconnaissancecan include social engineering, tapping phones and networks, or even theft.
The search for information is limited only by the extremes at which the organization and
ethical hacker are willing to go in order to recover the information they are searching for.
The reconnaissance phase introduces the relationship between the tasks that must be
completed and the methods that will need to be used in order to protect the organization's
assets and information.
6. Enumeration-
Enumeration is also known as network or vulnerability discovery. It is the act of obtaining
information that is readily availablefrom the target's system, applicationsand networks.It is
important to note that the enumeration phase is often the point where the line between an
ethicalhack and a malicious attack can becomeblurred as it is often easyto go outside ofthe
boundaries outlined in the original attack plan.
In order to constructa picture of an organization's environment, severaltools and techniques
are available. These tools and techniques include port scanning and NMap. Although it is
rather simple to collect information, it is rather difficult to determine the value of the
information in the hands of a hacker.
At first glance, enumeration is simple: take the collected data and evaluate it collectively to
establish a plan for more reconnaissanceor building a matrix for the vulnerability analysis
phase. However, the enumeration phase is where the ethical hacker's ability to make logical
deductions plays an enormous role.
Vulnerability Analysis-
In order to effectively analyze data, an ethical hacker must employ a logical and pragmatic
approach. In the vulnerability analysis phase, the collected information is compared with
known vulnerabilities in a practical process.
Information is usefulno matter whatthe source.Any little bit can help in discoveringoptions
for exploitation andmaypossiblylead to discoveriesthatmaynothavebeenfoundotherwise.
Knownvulnerabilities, incidents,service packs,updates,andevenavailablehackertoolshelp
in identifying a point of attack. The Internet provides a vast amount of information that can
easily be associated with the architecture and strong and weak points of a system.
Final Analysis-
Although the exploitation phase has a numberof checks and validations to ensure success, a
final analysisis required to categorize the vulnerabilities of the system in terms of their level
of exposure and to assist in the derivation of a mitigation plan. The final analysis phase
7. provides a link between the exploitation phase and the creation of a deliverable. A
comprehensiveviewoftheentire attackmustexistin orderto constructa biggerpicture ofthe
security posture of the environment and express the vulnerabilities in a clear and useful
manner. The final analysis is part interpretation and part empirical results.
Important METHODOLOGY OF HACKING
This literal meaning of the Word reconnaissance means a preliminary survey to gain the
information . This is also knownas foot-printing. As given in the analogy,this is the stagein
which the hackercollectsinformation aboutthe companywhichthepersonalis going to hack.
This is one of the pre-attacking phases.
Scanning
The hacker tries to make a blue print of the target network. The blue print includes the IP
addressesofthetargetnetworkwhicharelive, theserviceswhicharerunningonthosesystems
andso on Modern portscanningusesTCPprotocolto doscanning andthey couldevendetect
the operating systems running on the particular hosts.
Gaining access
This is the actual hacking phase in which the hackergains access to the system. The hacker
will make useofall the information he collectedin the pre-attacking phases.Usuallythemain
hindrancetogainingaccesstoasystemisthepasswords.IntheSystemhackingfirstthehacker
will try to get in to the system.
Password Cracking
Thereare manymethodsforcrackingthe passwordandthengetin to the system.Thesimplest
method is to guess the password. But this is a tedious work. But in order to make this work
easier there are many automated tools for password guessing like legion.
Privilege escalation
8. Privilege escalationistheprocessofraisingtheprivilegesoncethehackergetsintothe system
The privilege escalation processusually uses the vulnerabilities presentin the hostoperating
systemorthe software.There aremanytools like hk.exe,metasploitetc.One suchcommunity
of hackers is the metasploit.
Maintaining Access
Now the hackeris inside the system . This means that he is now in a position to upload some
files and downloadsome of them. The nextaim will be to make an easierpath to get in when
he comes the next time. This is analogous to making a small hidden door in the building so
that he can directly enter in to the building through the door easily
Clearing Tracks
Whenevera hackerdownloadssomefile or installs somesoftware, its log will be storedin the
serverlogs.So in order to erasethe hackerusesman tools.One suchtoolis windowsresource
kit’s auditpol.exe. Another tool which eliminates any physical evidence is the evidence
eliminator.. The Evidence Eliminator deletes all such evidences.
Ethical hacking tools
Ethical hackers utilize and have developed variety of tools intrude into different kinds of
systems and to evaluate the security levels. The nature of these tools differs widely.
Samspade
Samspadeis a simple tool which provides us information abouta particular host. This
tool is very much helpful in finding the addresses, phone number etc
Email Tracker and Visual Route
9. Email trackeris a software which help us to find from which serverthe mail does
actually came from. Every message we receive will have a header associated
with It . The email tracker uses this header information for find location.
Visualroute is a tool which displaysthe location a particular serverwith the help
of IP addresses. When we connect this with the email tracker we can find the
server which actually sends the mail .
Advantages and disadvantages
Ethical hacking nowadays is a backbone of network security .Each day its relevance is
increasing ,the major pros & cons of ethical hacking.
Advantages-
“To catch a thief you have to think like a thief”
Help in closing the open holes in the network.
Provides security to banking and financial establishments.
Prevents website defacements.
An evolving technique.
Disadvantages-
All depend upon the trustworthiness of the ethical hacker
Hiring professionals is expensive
10. Future enhancements
Asit anevolvingbranchthescopeofenhancementintechnologyis immense.Noethical
hacker can ensure the system security by using the same technique repeatedly. He
would He would have to improve , develop and explore new avenues repeatedly.
More enhanced software’s should be used for optimum protection . Tools used , need
to be updated regularly and more efficient ones need to be developed.
With companies having so much data, it has to be protected i.e. from disgruntled workers or
criminal hackers. There was a case with foxybingo.com were thieves ended up with 65,000
customers data, and he was trying to sell them to numberof contacts in the gaming industry.
The OpenSecurity Foundation’sDataLossDBgathersinformation abouteventsinvolvingthe
loss, theft, or exposureof personally identifiable information (PII). DataLossDB’sdataset,in
currentandpreviousforms,hasbeenusedinresearchbynumerouseducational,governmental,
and commercial entities, which often have been able to provide statistical analysis with
graphicalpresentations.In thefirst graphfrom aboveitshows,thatthere was56% ofdataloss
due to hacking in the current month and the highestof all time was in 2008 where there was
986 incidents of data loss.This is a quote from Ankit Fadia:” Technologyis evolving at such
a rapid pace that we’re now being introduced to mundane, everyday objects that have their
own internet connection. Telephones, televisions, refrigerators and even cars are starting to
havetheir own IP address.Butas technologyadvancessodoesthe complexity ofits security.
“Five years ago, you had people hacking into others’ desktops and laptops. Now you see
peoplehackingintosmartphonesandATMs.Anotherfiveyearsfrom now,you’llhavepeople
trying to hack into a TV or a car and try to misuse it in some way. The point I’m trying to
makeis thatjust aboutevery deviceis going to be connected.Andwhenthatis the case,there
is alwaysthe possibility of hacking into them. Thatis where the challengelies — in securing
them.”
11. Conclusion
An ethical hacker is a computer and networking expert who systematically attempts to
penetrate a computer system or network on behalf of its owners for the purpose of finding
security vulnerabilities that a malicious hacker could potentially exploit. The word "hacker"
carries weight. People strongly disagree as to what a hackeris. Hacking may be defined as
legalorillegal, ethicalorunethical.The media’sportrayalof hackinghasboostedoneversion
of discourse.Theconflict betweendiscoursesis important for ourunderstandingofcomputer
hackingsubculture. Also, the outcomeof the conflict may prove critical in deciding whether
or notour society andinstitutions remain in the controlof a small elite or we move towardsa
radical democracy (a.k.a. socialism). It is my hope that the hackers of the future will move
beyond their limitations (through inclusion of women, a deeper politicization, and more
concern for recruitment and teaching)and become hacktivists. They need to work with non-
technologicallybasedand technology-borrowingsocialmovements(like mostmodern social
movementswhouse technologytodo their task more easily)in the strugglefor globaljustice.
Otherwise the non-technologicallybasedsocialmovements may face difficulty continuingto
resist as their powerbase is eroded while that of the new technopowerelite is growing – and
the fictionesque cyberpunk-1984 world may become real.
Recommendations
Other than closing the internet down, the ethical hackershave to keeptwo steps ahead ofthe
criminals. With companies making millions of pounds, from the internet they have to spend
some the money protecting their websitesand data. we think there shouldbe more coursesin
colleges, and university’s in the training of ethical hacking.
Doing this assigment on ethical hacking, we have learnt how to do the Harvard system and
nexttime we would focus on one aspectof ethical hackingsuchviruses or ddosattacks, with
ethical hacking having such a range of topics to cover.