Why - Ethical Hacking: Social Engineering Automated Attacks Protection From Possible External Attacks

Download as pptx, pdf, or txt
Download as pptx, pdf, or txt
You are on page 1of 14

Why – Ethical Hacking

Protection from possible External Attacks


Social
Engineering
Automated
Organizational Attacks
Attacks

Restricted
Data

Accidental
Breaches in
Security Denial of
Viruses, Trojan Service (DoS)
Horses,
and Worms
1
!@ #
Ethical Hacking - Process
1. Preparation
2. Footprinting
3. Enumeration & Fingerprinting
4. Identification of Vulnerabilities
5. Attack – Exploit the Vulnerabilities

2
!@ #
Preparation
 Identification of Targets – company websites,
mail servers, extranets, etc.
 Signing of Contract
 Agreement on protection against any legal issues
 Contracts to clearly specifies the limits and dangers of
the test
 Specifics on Denial of Service Tests, Social Engineering,
etc.
 Time window for Attacks
 Total time for the
 testing
 Prior Knowledge of the
systems
Key people who are
!@ #
3

made aware of the


Footprinting
Collecting as much information about the target
 DNS Servers
 IP Ranges
 Administrati
 ve Contacts
Problems
revealed by
Information Sources
administrato
 Search engines
rs
 Forums
 Databases –
 whois, ripe,
arin, apnic
Tools – PING,
!@ #
4
whois,
Traceroute,
Enumeration & Fingerprinting
 Specific targets determined
 Identification of Services / open ports
 Operating System Enumeration

Methods
 Banner grabbing
 Responses to various protocol (ICMP &TCP) commands
 Port / Service Scans – TCP Connect, TCP SYN, TCP FIN, etc.

Tools
 Nmap, FScan, Hping, Firewalk, netcat, tcpdump, ssh,
telnet, SNMP Scanner

!@ #
5
Identification of Vulnerabilities
Vulnerabilities

 Insecure Configuration
 Weak passwords
 Unpatched vulnerabilities in services, Operating
systems, applications
 Possible Vulnerabilities in Services, Operating
Systems
 Insecure programming
 Weak Access Control

!@ #
6
Identification of Vulnerabilities
Methods
 Unpatched / Possible Vulnerabilities – Tools,
Vulnerability information Websites
 Weak Passwords – Default Passwords, Brute
force, Social Engineering, Listening to
Traffic
 Insecure Programming – SQL Injection, Listening
to Traffic
 Weak Access Control – Using the Application
Logic, SQL Injection

!@ #
7
Identification of Vulnerabilities
Tools
Vulnerability Scanners - Nessus, ISS, SARA, SAINT
Listening to Traffic – Ethercap, tcpdump
Password Crackers – John the ripper, LC4, Pwdump
Intercepting Web Traffic – Achilles, Whisker,
Legion

Websites
Common Vulnerabilities & Exposures –
 http://cve.mitre.org Bugtraq – www.securityfocus.com
 Other Vendor Websites

!@ #
8
Attack – Exploit the vulnerabilities
 Obtain as much information (trophies) from
the Target Asset
 Gaining Normal Access
 Escalation of privileges
 Obtaining access to other connected systems

Last Ditch Effort – Denial of Service

!@ #
9
Attack – Exploit the vulnerabilities
Network Infrastructure Attacks
 Connecting to the network through modem
 Weaknesses in TCP / IP, NetBIOS
 Flooding the network to cause DOS

Operating System Attacks


 Attacking Authentication Systems
 Exploiting Protocol Implementations
 Exploiting Insecure configuration
 Breaking File-System Security

!@ #
10
Attack – Exploit the vulnerabilities
Application Specific Attacks
 Exploiting implementations of HTTP, SMTP
protocols
 Gaining access to application Databases
 SQL Injection
 Spamming

!@ #
11
Attack – Exploit the vulnerabilities
Exploits
Free exploits from Hacker Websites Customised free
exploits

Internally Developed

Tools – Nessus, Metasploit Framework,

!@ #
12
Reporting
 Methodology
 Exploited Conditions & Vulnerabilities that
could not be exploited
 Proof for Exploits - Trophies
 Practical Security solutions

!@ #
13
Ethical Hacking - Commandments
 Working Ethically
 Trustworthiness
 Misuse for personal gain
 Respecting Privacy
 Not Crashing the Systems

!@ #
14

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy