Lec5_EthicsofHackingandCracking (1).pdf

Full Transcript

Ethics of Hacking and Cracking
 Ethics

 Laws cannot comprehensively encompass every aspect of acceptable
behavior within society. Instead, we depend on ethics to establish
widely recognized norms for appropriate conduct.
 Ethics refers to the study and practice of principles and values that
govern human behavior and decision-making.
 Ethics are guidelines for distinguishing between what is morally right
and wrong, as determined by the prevailing norms within a society.
 Are subject to change with change in time.

Principles of Information Security, 2nd Edition 2
Key Aspects in Ethical Considerations

 Privacy: Respect individuals' data and information.
 Security: Safeguard against cyber threats and vulnerabilities.
 Transparency: Be transparent about data collection and use.
 Accountability: Take responsibility for your actions and their
consequences.

Principles of Information Security, 2nd Edition 3
Hackers vs. Crackers

 Hackers and crackers possess in-depth knowledge of computer
systems, networks, programming, and security aspects, distinguishing
them as experts in these domains.
 A hacker is an individual who identifies weaknesses in security
systems and strives to enhance them.
 Conversely, a cracker is someone who unethically exploits highly
sensitive information and capitalizes on security system weaknesses
to their advantage.

Principles of Information Security, 2nd Edition 4
 Hacking
 Process of gaining unauthorized access to computer systems,
networks, or digital devices.

 Ethical Hacking (White Hat Hacking): Ethical hackers are individuals
who are authorized to test the security of computer systems,
networks, or software applications. They do this to identify
vulnerabilities and weaknesses so that they can be fixed before
malicious hackers exploit them. Ethical hackers operate within legal
boundaries and follow ethical guidelines.

 Unethical Hacking (Black Hat Hacking): Unethical hackers, often
referred to as "black hat hackers," engage in hacking activities with
malicious intent. They may seek to steal sensitive information, cause
damage, or engage in criminal activities. Black hat hacking is illegal
and can lead to legal consequences.

Principles of Information Security, 2nd Edition 5
 Hacking
 Grey Hat Hacking:

 Grey hat hackers fall in between white hat and black
hat hackers. They may identify vulnerabilities without
permission but may disclose them to the affected party
after finding them.
 While their intentions may be in the right place, their
methods can be considered unethical or even illegal,
depending on the circumstances.

Principles of Information Security, 2nd Edition 6
Penetration test vs. Security test
 Penetration test
 Legally breaking into a company’s network to find its
weaknesses
 Tester only reports findings
 Security test
 More than a penetration test
 Also includes:
 Analyzing company’s security policy and procedures
 Offering solutions to secure or protect the network

Security Policy
- Sets rules for expected behaviors by users (e.g. regular patches download, strong passwords, etc.), and IT
personnel (e.g. no unauthorized access to users’ files, …), etc.
- Defines access control rules. Passwords must not be
written down
- Defines consequences of violations.
-Helps track compliance with regulations.
7 - Etc.
The Role of Security and Penetration
Testers
 Script kiddies or packet monkeys
 Young inexperienced hackers
 Copy codes and techniques from knowledgeable hackers
 Experienced penetration testers write programs or scripts
using these languages
 Practical Extraction and Report Language (Perl), C, C++, Python,
JavaScript, Visual Basic, SQL, and many others
 Script
 Set of instructions that runs in sequence

Hands-On Ethical Hacking and Network Defense 8
 White box

Penetration Testing Models Black box
Gray box

 White box model
 Tester is told everything about the network topology and technology
 Tester is authorized to interview IT personnel and company employees
 Makes tester’s job a little easier

Note: some diagrams may show routers, firewalls, etc.
9
 Network Diagram

 From ratemynetworkdiagram.com (Link Ch 1g)
Hands-On Ethical Hacking and Network Defense 10
 White box
Black box
Penetration Testing Models (cont.) Gray box

 Black box model
 Company staff does not know about the test
 Tester is not given details about the network.
 Burden is on the tester to find these details
 Tests if security personnel are able to detect an attack

 Question: What is the disadvantage of letting the
company’s employees know about the penetration test?
______________________________________________
 Question: What is the disadvantage of letting the IT
staff know about the penetration test?
11
 White box
Black box
Penetration Testing Models (cont.) Gray box

 Gray box model
 Hybrid of the white and black box models
 Company gives tester partial information

12
 Computer 1 Computer 2

Overview of TCP/IP
Layer 1 Layer 1
Layer 2 Layer 2
Layer 3 Layer 3
Layer 4 Layer 4

 Transmission Control Protocol/Internet Protocol
(TCP/IP)
Most widely used protocol set
 TCP/IP is a protocol set with 4 layers*
 Protocol
Common language used by computers for
“speaking”
 IPX/SPX is another protocol set used in Novell
networks.
 Some company protect their network by using
IPX/SPX internally. IPX/SPX LAN
TCP/IP
“poor man’s firewall” network
13
* A layer can be seen as a group of tasks/activities/jobs
 TCP/IP protocol set

Computer 1 Computer 2
Application layer Application layer
Transport layer Transport layer
Internet layer Internet layer
Interface layer Interface layer
Network interface layer

 TCP/IP is implemented as
software and hardware that
work together to create
messages that could be
“understood” by each computer

14
 Computer 1

The Application Layer
Application layer
Transport layer
Internet layer
Interface layer
 Front end to the lower-layer protocols
 Many Application layer protocols: HTTP, FTP, ARP, etc.
 Includes network services and client software
 Examples: Web (HTTP service), Web browser

 Commands/utilities for connecting & using
Application layer network services:
 ftp: used to transfer files between clients and servers
15
 telnet servername [port number]: to log on to a server
 Using the ftp utility
 Unlike SFTP, FTP is not secure because it allows anonymous logins.
 Most companies do not allow FTP connection to their servers.
 If user has an account, they can use it to connect using SFTP-based
client program.

 Helpcommand: give info about the command
 Open ftp.eiu.edu should open an ftp session with the ftp.eiu.edu
server.
 Some public anonymous ftp servers: ftp.arsc.edu, ftp.ussg.iu.edu,
ftp.loc.gov/pub. Detailed list at http://www.ftp-sites.org/
16
 Computer 1
Application layer

The Transport Layer
Transport layer
Internet layer
Interface layer
 Prepares Application layer messages for proper
“transportation” to a receiving device
 Main protocol used:
 The TCP protocol for connection-oriented “dialog”
 The User Datagram Protocol or UDP for connectionless transmissions

Makes sure messages arrive at destination
exactly as they left source (in case of
connection-oriented communication)
 TCP opens connections using 3-way handshake
 Computer 1 sends a Synchronization SYN request
 Computer 2 replies with a Sync-Acknowledgement SYN-ACK packet
Computer 1 Computer 2
 Computer 1 replies with an ACK packet Application layer Application layer
SYN
Transport layer Transport layer
SYN/ACK
Internet layer Internet layer
17 SYN
Interface layer Interface layer
 TCP Ports
 Identifies the service that is running
 Helps you stop or disable services that are not
needed
 Open ports are an invitation for an attack
 Only the first 1023 ports are considered well-
known
 List of well-known ports
 Available at the Internet Assigned Numbers Authority
(IANA) Web site (www.iana.org)
Port Service Explanation
20 and 21 File Transfer Protocol (FTP) Used for sharing files over the
Internet. Requires a logon name and
password. More secure than Trivial
File Transfer Protocol (TFTP)
25 Simple Mail Transfer E-mail servers listen on this port
Protocol (SMTP) email
53 Domain Name Service – DNS Helps users connect to Web sites
18 using URLs instead of IP addresses
 TCP Ports (continued)
Port Service Explanation
69 Trivial File Transfer Protocol - Could be implemented using a very small
amount of memory.
- Implemented on top of the User Datagram
Protocol (UDP) using port number 69.
- Used for transferring router configurations
- TFTP only reads and writes files from/to a
remote server. It cannot list directories,
- Currently has no provisions for user
authentication
80 Hypertext Transfer Protocol - Used when connecting to a Web server
(HTTP)

19
 TCP Ports (continued)
Port Service Explanation
110 Post Office Protocol 3 (POP3) Used for retrieving e-mails from server

119 Network News Transfer Protocol For use with newsgroups
135 Remote Procedure Call (RPC) Critical for the operation of Microsoft
Exchange Server and Active Directory.
139 NetBIOS Used by Microsoft’s NetBIOS Session Service
143 Internet Message Access Used for retrieving e-mail. Better than POP3.
Protocol 4 (IMAP4) Could maintain mails on servers. Allows
searches, etc.

 Netstat command line
 displays open ports on a computer indicating
what services/applications are running.

20
 Computer 1

The Internet Layer
Application layer
Transport layer
Internet layer
Interface layer

 Responsible for routing packets to their destination
address
 Uses a logical address, called an IP address
 Main protocols used: IP and ICMP
 Internet Control Message Protocol (ICMP)
Used to send messages related to network operations
Helps in troubleshooting a network
Some Internet layer commands/utilities for
troubleshooting network connections. More complex
versions included in hacking tools:
 Ping: determines whether a computer is connected
 Traceroute and tracert: determine route to get to a computer
21
 Using the ping utility
 Most companies do not allow “pinging” their computers from outside.

Pinging under Widows OS
Pinging under Linux

22
 Using tracert and traceroute
 As a Network [Internet] layer tool, Tracert and Traceroute generate a
network map, showing how to get to a target computer.

 Some of these
options may be
abused by
hackers as we
will see later.

 This is likely a firewall
or a router in EIU’s
network which real IP
address is hidden using
Network Address
23 Translation.
 Questions

Pinging under Widows OS

 Based on your knowledge of the PING command, what possible damage may be
done when it is used with the –l option?

24
 Computer 1

The Network Interface Layer
Application layer
Transport layer
Internet layer
Interface layer

 Represents the network pathway (i.e. transmission
media)
 Implemented through Network Interface Cards (NIC)
 Includes Medium Access Control (MAC) address
MAC is a physical address recorded on NICs)

 Breaks messages into short frames and adds MAC to
each
 Converts messages into signal for transmission

25
 Cracking
 Cracking typically refers to the process of bypassing or removing
software protection measures, such as digital rights management
(DRM) or copy protection, with the intent of making unauthorized
copies or using software or media without paying for it.
 Cracking is generally considered unethical and often illegal.
 Crackers often distribute cracked software or media, and this can lead
to copyright infringement issues.

Principles of Information Security, 2nd Edition 26
 Cracking
 Legal Software Cracking (Reverse Engineering):

 Some individuals engage in reverse engineering or cracking to understand
how software works or to modify it for legitimate purposes, such as
improving compatibility or removing copy protection.
 When done within the confines of the law, with appropriate permissions
or for purposes like security research, it can be considered ethical.

 Illegal Software Cracking (Piracy):

 Cracking software to remove copy protection, distribute copyrighted
material without authorization, or create counterfeit software is illegal
and unethical.
 This type of activity results in financial losses for software developers and
can have legal consequences.

Principles of Information Security, 2nd Edition 27
 What You Cannot Do Legally
 Accessing a computer without permission is illegal
 Other illegal actions
 Installing worms or viruses
 Denial of Service attacks
 Denying users access to network resources
 Be careful your actions do not prevent customers from
doing their jobs

Hands-On Ethical Hacking and Network Defense 28
 Case Study
 The Cambridge Analytica and Facebook debacle

 Learning Objectives:
 implications of data privacy,
 ethics in technology,
 the role of social media in influencing public opinion.

Principles of Information Security, 2nd Edition 29
 Case Study
 The Cambridge Analytica and Facebook debacle refers to a major
privacy scandal that came to light in 2018, involving the British
political consulting firm Cambridge Analytica and the social media
giant Facebook. This incident raised significant ethical and privacy
concerns.
 In 2014, Cambridge Analytica accessed the personal data of
approximately 87 million Facebook users without their explicit
consent. This data was primarily obtained through a personality quiz
app called "This Is Your Digital Life," which was created by a
researcher named Dr. Aleksandr Kogan.
 Cambridge Analytica used the collected data to create detailed
psychological profiles of users. This information was allegedly used to
target political advertising and influence voter behavior during various
political campaigns.

Principles of Information Security, 2nd Edition 30
 Group Discussion
(The Cambridge Analytica and Facebook debacle)
 1st Group: Data Privacy: Was Facebook negligent in protecting user
data? How should companies handle user data to prevent such
breaches?

 2nd Group: Ethics: Was it ethical for Cambridge Analytica to use the
data in the way they did? What are the ethical responsibilities of tech
companies?

 3rd Group : Facebook’s Role: What could Facebook have done
differently? How should tech companies be regulated to prevent future
incidents?

 4th Group: Public Trust: How did this incident impact public trust in
social media platforms and technology companies? What can
companies do to rebuild trust?

Principles of Information Security, 2nd Edition 31
 Case Study
1. Privacy Violations: The unauthorized access and use of personal data
without user consent violated users' privacy rights.
2. Informed Consent: Users were not adequately informed about how
their data would be used when they participated in the quiz app.
3. Manipulation: The incident raised concerns about the potential
manipulation of users' beliefs and behaviors through targeted
advertising and content.
4. Lack of Transparency: Facebook faced criticism for not adequately
protecting user data and for its lack of transparency regarding third-
party access to user information.
5. Regulatory Scrutiny: The scandal led to increased regulatory scrutiny
of tech companies and calls for stronger data privacy regulations,
including the European Union's General Data Protection Regulation
(GDPR).

Principles of Information Security, 2nd Edition 32
 Case Study
Aftermath:

 Cambridge Analytica filed for bankruptcy in 2018, partly as a result of
the scandal and subsequent investigations.

 Facebook CEO Mark Zuckerberg testified before Congress and made
commitments to improve user data protection and privacy practices.

 The incident prompted discussions about the need for more robust data
privacy regulations and greater transparency in the tech industry.

Principles of Information Security, 2nd Edition 33
 Benefits of Ethical Practices
Professional Reputation:
Ethical behavior enhances credibility.
Legal Compliance:
Avoids legal consequences and liabilities.
Innovation:
Ethical practices encourage responsible innovation.
Customer Trust:
Builds trust with users and clients.

Principles of Information Security, 2nd Edition 34
Certification Programs for Network Security
Personnel
 Certification programs available in almost every
area of network security
 Basics:
 CompTIA Security+ (CNIT 120)
 Network+ (CNIT 106 or 201)

Hands-On Ethical Hacking and Network Defense 35
 Take Certification Tests Here
 CNIT is a Prometric Vue testing center
 Certification tests are given in S214
 CompTIA and Microsoft
 The next tests will be in the second week of April, right
after Spring Break
 Email [email protected] if you want to take a test

Hands-On Ethical Hacking and Network Defense 36
Certified Ethical Hacker (CEH)

37
 References
 https://news.gatech.edu/archive/features/classroom-bob-
kirkman.shtml
 https://www.educba.com/hackers-vs-crackers/
 MIS 4600 - MBA 5880 © Abdou Illia
 https://dl.acm.org/doi/10.5555/1841599

Principles of Information Security, 2nd Edition 38