Ethical Hacking v10 Module 1 - Introduction to Ethical Hacking
Ethical hacking
-
Upload
monika-deswal -
Category
Technology
-
view
124 -
download
0
description
Transcript of Ethical hacking
Presented By:Monika
Roll no:16
Introduction
Hacking vs. Ethical Hacking
Type of hackers
Types of Attacks
Methodology of hacking Advantages and disadvantages
Conclusion
Today more and more software are developing and people are getting more and more options in their present software. But many are not aware that they are being hacked without their knowledge. One reaction to this state of affairs is a behavior termed Ethical Hacking.
The Art of exploring various security breaches is termed as Hacking.
Hackers Know about the security holes within system and reasons of their existence.
Hacker evaluates target system security Report back to the owners about the Vulnerabilities found Ethical hacking also known as penetration testing or white-hat
hacking. Involves the same tools, tricks, and techniques that hackers use, but
with one major difference that Ethical hacking is legal.Ethical hacking is performed with the target‘s permission.
White hat hackers
Black hat hackers
Grey hat hackers
Script Kiddies
Worm: Can replicate itself and spread automatically
Worm can hijack computers and can send emails hiding their identity.
Eg. Code red worm, Love bug, Mydoom.
Sending too many requests to the server so that it become inaccessible for use to to which it is intended for.
Syn flood attack:
A SYN flood attack sends a great number of SYN packets to a target server to exhaust the server’s half-open connection resources, resulting in denial of normal services.
Designed to spread from one computer to another.
Delete comp data.
Attach itself with code and executed each time when the code is executed.
Eg. Macro virus: spread through mails
The various stages in the hacking Reconnaissance : known as pre attack
phase which gather info about the target.
Scanning :use previous phase information for network scanning .
Tools : nmap or network mapper Synatx : nmap<target’s url> nmap _O<target’s url>
This is the phase where real hacking takesplace in which attacker enters the system.
Maintaining access:by using software like trozan horse.
Clearing tracks:Auditpol.exe is a command line tool which
disable auditing and evidence elevator remove all the evidences.
Certified Ethical Hacker
Professional certification is provided by the
International Council of E-Commerce Consul
tants (EC-Council.)
to the ethical hackers.
Provides security to banking and financial establishments
An evolving technique To catch a thief you have to think like a thief
All depends upon the trustworthiness of the ethical hacker
Hiring professionals is expensive.
No software is made with zero Vulnerabilities. So while studying we should study the various possibilities and should study how to prevent .
Business is directly related to Security. So while making new software there should be vulnerabilities as less as possible.