SlideShare une entreprise Scribd logo

Hacking and Computer Forensics

Kristian Arjianto
Kristian Arjianto
Technologie
1  sur  29
CS 6262 Spring 02 - Lecture #14 (Thursday, 2/21/2002) Hacking and Computer Forensics
How Hackers Prevail (and You Lose) Jim Yuill NC State Computer Science Department Security Research Group
Hacker Techniques ,[object Object],[object Object],[object Object],[object Object]
Disclaimer ,[object Object],[object Object],[object Object],[object Object]
Reconnaissance ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Public Info: www.internic.net ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Public Information: news postings ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Network Scanning ,[object Object],[object Object],[object Object]
Network Scanning (cont’d) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Operating System Detection ,[object Object],[object Object],[object Object],[object Object],[object Object]
War-dialing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Gain access to first machine ,[object Object],[object Object]
Configuration errors: NFS ,[object Object],[object Object],[object Object]
Config errors: anonymous ftp (#1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Config errors: anonymous ftp (#2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Config errors: anonymous ftp (#3) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
System-software errors: imapd (#1) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
System-software errors: imapd (#2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Get further access (#1) ,[object Object],[object Object],[object Object],[object Object],[object Object]
Get further access (#2) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Packet Sniffing
Sniffing: Captured Passwords 333.22.112.11.3903-333.22.111.15.23: login [root] 333.22.112.11.3903-333.22.111.15.23: password [sysadm#1] 333.22.112.11.3710-333.22.111.16.23: login [root] 333.22.112.11.3710-333.22.111.16.23: password [sysadm#1] 333.22.112.91.1075-333.22.112.94.23: login [lester] 333.22.112.91.1075-333.22.112.94.23: password [l2rz721] 333.22.112.64.1700-444.333.228.48.23: login [rcsproul] 333.22.112.64.1700-444.333.228.48.23: password [truck] Source IP.port Destination IP.port
Hacker Resources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
 
 
 
 
 
Hacker Techniques ,[object Object],[object Object],[object Object],[object Object]

Recommandé

Intro To Hacking
Intro To HackingIntro To Hacking
Intro To Hacking
nayakslideshare
 
Linux networking commands
Linux networking commandsLinux networking commands
Linux networking commands
Sayed Ahmed
 
Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)
Avansa Mid- en Zuidwest
 
Lab telematicos
Lab telematicosLab telematicos
Lab telematicos
León Velarde
 
101 3.5 create, monitor and kill processes
101 3.5 create, monitor and kill processes101 3.5 create, monitor and kill processes
101 3.5 create, monitor and kill processes
Acácio Oliveira
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub
Cassio Ramos
 
Network configuration
Network configurationNetwork configuration
Network configuration
engshemachi
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commands
Hanan Nmr
 

Recommandé

Intro To Hacking
Intro To HackingIntro To Hacking
Intro To Hacking
nayakslideshare
 
Linux networking commands
Linux networking commandsLinux networking commands
Linux networking commands
Sayed Ahmed
 
Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)
Avansa Mid- en Zuidwest
 
Lab telematicos
Lab telematicosLab telematicos
Lab telematicos
León Velarde
 
101 3.5 create, monitor and kill processes
101 3.5 create, monitor and kill processes101 3.5 create, monitor and kill processes
101 3.5 create, monitor and kill processes
Acácio Oliveira
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub
Cassio Ramos
 
Network configuration
Network configurationNetwork configuration
Network configuration
engshemachi
 
Linux Network commands
Linux Network commandsLinux Network commands
Linux Network commands
Hanan Nmr
 
2 netcat enum-pub
2 netcat enum-pub2 netcat enum-pub
2 netcat enum-pub
Cassio Ramos
 
Network commands
Network commandsNetwork commands
Network commands
Dr. Mahadev Gawas
 
How hackers attack networks
How hackers attack networksHow hackers attack networks
How hackers attack networks
Adeel Javaid
 
Licão 06 process text streams with filters
Licão 06 process text streams with filtersLicão 06 process text streams with filters
Licão 06 process text streams with filters
Acácio Oliveira
 
Networking in linux
Networking in linuxNetworking in linux
Networking in linux
Varnnit Jain
 
Linux Networking Commands
Linux Networking CommandsLinux Networking Commands
Linux Networking Commands
tmavroidis
 
Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoE
amiable_indian
 
Basic dns-mod
Basic dns-modBasic dns-mod
Basic dns-mod
Harry Potter
 
Log
LogLog
Log
limathauan
 
08 tcp-dns
08 tcp-dns08 tcp-dns
08 tcp-dns
pantu_1961
 
Oss forensics fosscomm_2011
Oss forensics fosscomm_2011Oss forensics fosscomm_2011
Oss forensics fosscomm_2011
fangjiafu
 
Tcpdump
TcpdumpTcpdump
Tcpdump
Sourav Roy
 
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...
Ontico
 
Hacking Exposed LIVE: Attacking in the Shadows
Hacking Exposed LIVE: Attacking in the ShadowsHacking Exposed LIVE: Attacking in the Shadows
Hacking Exposed LIVE: Attacking in the Shadows
Priyanka Aash
 
Advances in Open Source Password Cracking
Advances in Open Source Password CrackingAdvances in Open Source Password Cracking
Advances in Open Source Password Cracking
n|u - The Open Security Community
 
Penetration Testing Boot CAMP
Penetration Testing Boot CAMPPenetration Testing Boot CAMP
Penetration Testing Boot CAMP
Shaikh Jamal Uddin l CISM, QRadar, Hack Card Recovery Expert
 
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
Felipe Prado
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory Forensics
Andrew Case
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory Forensics
Andrew Case
 
Network security
Network securityNetwork security
Network security
Greater Noida Institute Of Technology
 
Hacking
HackingHacking
Hacking
Sweta Leena Panda
 
Operating System Fingerprinting Prevention
Operating System Fingerprinting PreventionOperating System Fingerprinting Prevention
Operating System Fingerprinting Prevention
dcalhoun1984
 

Contenu connexe

Tendances

Oss forensics fosscomm_2011
Oss forensics fosscomm_2011Oss forensics fosscomm_2011
Oss forensics fosscomm_2011
fangjiafu
 
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...
Ontico
 

Tendances (13)

2 netcat enum-pub
2 netcat enum-pub2 netcat enum-pub
2 netcat enum-pub
 
Network commands
Network commandsNetwork commands
Network commands
 
How hackers attack networks
How hackers attack networksHow hackers attack networks
How hackers attack networks
 
Licão 06 process text streams with filters
Licão 06 process text streams with filtersLicão 06 process text streams with filters
Licão 06 process text streams with filters
 
Networking in linux
Networking in linuxNetworking in linux
Networking in linux
 
Linux Networking Commands
Linux Networking CommandsLinux Networking Commands
Linux Networking Commands
 
Access over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoEAccess over Ethernet: Insecurites in AoE
Access over Ethernet: Insecurites in AoE
 
Basic dns-mod
Basic dns-modBasic dns-mod
Basic dns-mod
 
Log
LogLog
Log
 
08 tcp-dns
08 tcp-dns08 tcp-dns
08 tcp-dns
 
Oss forensics fosscomm_2011
Oss forensics fosscomm_2011Oss forensics fosscomm_2011
Oss forensics fosscomm_2011
 
Tcpdump
TcpdumpTcpdump
Tcpdump
 
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...
Как HeadHunter удалось безопасно нарушить RFC 793 (TCP) и обойти сетевые лову...
 

Similaire à Hacking and Computer Forensics

Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
ClubHack
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
 
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
ClubHack
 
Unix Web servers and FireWall
Unix Web servers and FireWallUnix Web servers and FireWall
Unix Web servers and FireWall
webhostingguy
 
Unix Web servers and FireWall
Unix Web servers and FireWallUnix Web servers and FireWall
Unix Web servers and FireWall
webhostingguy
 

Similaire à Hacking and Computer Forensics (20)

Hacking Exposed LIVE: Attacking in the Shadows
Hacking Exposed LIVE: Attacking in the ShadowsHacking Exposed LIVE: Attacking in the Shadows
Hacking Exposed LIVE: Attacking in the Shadows
 
Advances in Open Source Password Cracking
Advances in Open Source Password CrackingAdvances in Open Source Password Cracking
Advances in Open Source Password Cracking
 
Penetration Testing Boot CAMP
Penetration Testing Boot CAMPPenetration Testing Boot CAMP
Penetration Testing Boot CAMP
 
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory Forensics
 
Hunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory ForensicsHunting Mac Malware with Memory Forensics
Hunting Mac Malware with Memory Forensics
 
Network security
Network securityNetwork security
Network security
 
Hacking
HackingHacking
Hacking
 
Operating System Fingerprinting Prevention
Operating System Fingerprinting PreventionOperating System Fingerprinting Prevention
Operating System Fingerprinting Prevention
 
Penetration Testing and Intrusion Detection System
Penetration Testing and Intrusion Detection SystemPenetration Testing and Intrusion Detection System
Penetration Testing and Intrusion Detection System
 
Incident response: Advanced Network Forensics
Incident response: Advanced Network ForensicsIncident response: Advanced Network Forensics
Incident response: Advanced Network Forensics
 
Stu t17 a
Stu t17 aStu t17 a
Stu t17 a
 
Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008Kunal - Introduction to backtrack - ClubHack2008
Kunal - Introduction to backtrack - ClubHack2008
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
 
Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008Kunal - Introduction to BackTrack - ClubHack2008
Kunal - Introduction to BackTrack - ClubHack2008
 
Computer technicians-quick-reference-guide
Computer technicians-quick-reference-guideComputer technicians-quick-reference-guide
Computer technicians-quick-reference-guide
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunick
 
Stuxnet dc9723
Stuxnet dc9723Stuxnet dc9723
Stuxnet dc9723
 
Unix Web servers and FireWall
Unix Web servers and FireWallUnix Web servers and FireWall
Unix Web servers and FireWall
 
Unix Web servers and FireWall
Unix Web servers and FireWallUnix Web servers and FireWall
Unix Web servers and FireWall
 

Dernier

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Dernier (20)

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 

Hacking and Computer Forensics

  • 1. CS 6262 Spring 02 - Lecture #14 (Thursday, 2/21/2002) Hacking and Computer Forensics
  • 2. How Hackers Prevail (and You Lose) Jim Yuill NC State Computer Science Department Security Research Group
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 22. Sniffing: Captured Passwords 333.22.112.11.3903-333.22.111.15.23: login [root] 333.22.112.11.3903-333.22.111.15.23: password [sysadm#1] 333.22.112.11.3710-333.22.111.16.23: login [root] 333.22.112.11.3710-333.22.111.16.23: password [sysadm#1] 333.22.112.91.1075-333.22.112.94.23: login [lester] 333.22.112.91.1075-333.22.112.94.23: password [l2rz721] 333.22.112.64.1700-444.333.228.48.23: login [rcsproul] 333.22.112.64.1700-444.333.228.48.23: password [truck] Source IP.port Destination IP.port
  • 23.
  • 24.  
  • 25.  
  • 26.  
  • 27.  
  • 28.  
  • 29.

Notes de l'éditeur

  1. A careful look at the destination addresses reveals that some target machines are inside the LI-COR network, and others are outside.