Lecture 2: Information Security and Ethical Hacking PDF

Menoufia University Faculty of Electronic Engineering Department of Computer Science and Engineering Computer and Information Security (CSE 316) Lecture 2 Information Security and Ethical Hacking Presented By Dr.Marwa Sharaf EL-Din Department of Computer Science and Engineering Faculty of Electronics Engineering Menoufia University 10/15/2024 1 Agenda Basics of Information Security Hacking Terms Hacking and Ethical Hacking Agenda Building of Your Penetration Testing Laboratory How to become a Certified Ethical Hacker Summary 10/15/2024 2 Basics of Information Security 10/15/2024 3 Proactive and Reactive Security There are two basic methods of dealing with security breaches: ❑ Reactive Method is passive; when a breach occurs, you respond to it, doing damage control at the same time you track down how the intruder or attacker got in and cut off that means of access so it will not happen again. ❑ Proactive Method is active; instead of waiting for the hackers to show you where you are vulnerable, you put on your own hacker hat in relation to your own network and set out to find the vulnerabilities yourself, before anyone else discovers and exploits them. ✓ The best security strategy employs both reactive and proactive mechanisms. IDS, for example, are reactive in that they detect suspicious network activity so that you can respond to it appropriately. 10/15/2024 4 Security Terms  Attack ▪ It is any action that breaching/violating security.  Hack Value ▪ It is the notion among hackers that something is worth doing or interesting.  Threat ▪ An action or event that may compromise security. A threat is a potential violation of security.  Malware ▪ Malware is an acorn of Malicious Software that describes any malicious software like program or code that harms systems. 10/15/2024 5 Security Terms Threat Attack Threats can be intentional or unintentional. The attack is intentional. Threats may or may not be malicious. The attack is malicious. Circumstances that can cause damage. The objective is to cause damage. The chance for information alteration and damage is Information may or may not be altered or damaged. very high. The threat is comparatively hard to detect. Comparatively easy to detect. Cannot be blocked by just controlling the Can be blocked by control of vulnerabilities. vulnerabilities. 10/15/2024 6 Security Terms (cont.)  Vulnerability ▪ Existence of a weakness design, implementation error that can lead to unexpected breaching of system security.  Exploit ▪ A defined way to breach the security of IT system through a vulnerability.  A Zero-Day ▪ A computer that tries to exploit computer application vulnerabilities that are unknown to others or undisclosed to the software developer.  Target of Evaluation ▪ It is the IT system or product that is identified to a required security evaluation. 10/15/2024 7 Security Evaluation Plan Security professionals use their skills to perform security evaluations. These tests and evaluations have three phases, generally ordered as follows: 1. Preparation: The Preparation phase involves a formal agreement between the security professionals or security tester and the organization. This agreement should include the full scope of the test, the types of attacks (inside or outside) to be used, and the testing types: white, black, or grey box. 2. Security Evaluation: During Security Evaluation phase, the tests are conducted, after which the tester prepares a formal report of vulnerabilities and other findings. 3. Conclusion: The findings are presented to the organization in the conclusion phase along with any recommendations to improve security. 10/15/2024 8 Elements of Information Security These three elements known as CIA or Security Triangle. 10/15/2024 9 Elements of Information Security (cont.)  Confidentiality ▪ Assurance that the information is accessible only to authorized users.  Integrity ▪ Assurance that not changing or tampering in the information by unauthorized users.  Availability ▪ Assurance that the systems that responsible of delivering, processing and accessing information are available when are required by authorized users. 10/15/2024 10 Security, Functionality and Usability Triangle ✓ Security level at any system depends on the Strength of three elements of Triangle. 10/15/2024 11 Defense in Depth Defense in Depth: It is a security strategy in which many protection layers are provided. It helps to prevent attacks. Defense-in-Depth is also known as a “layered approach” 10/15/2024 12 Defense in Depth(Cont.) 10/15/2024 13 Authentication, Authorization, and Accounting (AAA) ❑Authentication: Users and administrators must prove their identity. Authentication can be established using username and password combinations, challenge and response questions, token cards, and other methods. ❑Authorization: Determines which resources the user can access and the operations that the user is allowed to perform. ❑Accounting: Accounting is also known as auditing. It means recording what the user accessed, the amount of time the resource is accessed, and any changes made. Hacking Terms 10/15/2024 15 Hacking Impact  Damage to the information.  Theft of information.  Using attacked machines as spam zombies.  Damage or theft customers/users data such as credit card details.  Theft email addresses. 10/15/2024 16 Who is a Hacker ?  Intelligent person with excellent or high qualified computer skills (i.e. computer hardware and software).  It is like a hoppy to breach security of systems.  His/her intention may for gain knowledge or malicious activities (i.e. depends on their goals). 10/15/2024 17 Types of Hacker  Black Hats ▪ Persons/individuals with strong computer skills, restoring to malicious or destructive activities. They known as crackers.  White Hats ▪ Persons/individuals with strong computer skills, restoring to defensive purposes. They known as security analysts.  Gray Hats ▪ Persons/individuals who working both offensively or defensively at various times. 10/15/2024 18 Hacker, Cracker and Ethical Hacker  Hackers ▪ Access computer system or network without authorization.  Crackers ▪ Break into systems to steal or destroy data.  Ethical Hacker ▪ Performs most of the same activities but with owner’s permission. 10/15/2024 19 Ethical Hackers, Penetration and Security Tester  Ethical Hackers ▪ Employed by companies to perform penetration tests.  Penetration Tester ▪ Legal attempt to break into a company’s network to find its weakest link. ▪ Tester only reports findings, does not solve problems.  Security Tester ▪ More than an attempt to break in; also includes analyzing company’s security policy and procedures. ▪ Tester offers solutions to secure or protect the network. 10/15/2024 20 Types of Attacks  Operating System Attacks.  Application-Level Attacks.  Mis–configuration Attacks. ….and a lot of other types of attacks…. 10/15/2024 21 Hacking and Ethical Hacking 10/15/2024 22 The Kill Chain in Cyberdefense Kill Chain is the stages of an information systems attack. 1. Reconnaissance – Gathers information 2. Weaponization - Creates targeted exploit and malicious payload 3. Delivery - Sends the exploit and malicious payload to the target 4. Exploitation – Executes the exploit 5. Installation - Installs malware and backdoors 6. Command and Control - Remote control from a command and control channel or server. 7. Action – Performs malicious actions or additional attacks on other devices 10/15/2024 23 Hacking and Ethical Hacking Hacking Hacking is process of violating security of systems for illegal purpose. Ethical Hacking Ethical Hacking is a legal and authorized attempt to locate and successfully exploit computer systems for the purpose of making those systems more secure. Its known as Pen Testing The process includes probing for vulnerabilities as well as providing proof of concept (POC) attacks to demonstrate the vulnerabilities are real. Proper penetration testing always ends with specific recommendations for addressing and fixing the issues that were discovered during the test. on the whole, this process is used to help secure computers and networks against future attacks. It also called Penetration Testing or White Hat Hacking 10/15/2024 24 Ethical Hacking/Penetration Testing Methodologies ❑ White Box Methodology ◦ Tester is known everything about the network topology and technology. ◦ Tester is authorized to interview IT personnel and company employees. ◦ Makes tester’s job a little easier. ❑ Black Box Methodology ◦ Company staff does not know about the test. ◦ Tester is not given details about the network. ◦ Tests if security personnel are able to detect an attack. ❑ Gray Box Methodology ◦ Hybrid of the white and black box models. ◦ Organization or company gives tester partial or some information. 10/15/2024 25 Phases of Hacking or Ethical Hacking (Penetration Testing) 10/15/2024 26 Phases 1: Reconnaissance Reconnaissance, also known as information gathering or footprinting, is the most significant of the five main phases of hacking/penetration testing. The more time you spend collecting information on your target, the more likely you are to be successful in the later phases. Types of Reconnaissance 1. Active Reconnaissance: This involves acquiring information with directly interacting with the target system. In this case, the target may record your IP address and log your activity. 2. Passive Reconnaissance: This involves acquiring information without directly interacting with the target system. In this case, the target has no way of knowing, recording, or logging our activity. 10/15/2024 27 Phases 2: Scanning Scanning is the process of scanning network for specific information based on the information gathered from phase 1. This phase includes port scanning and vulnerabilities scanning..etc. The attackers or pen testers can collect information like computer name and IP address. The scanning process includes three distinct phases: 1. Determining if a system is alive or not. 2. Port scanning the system. 3. Scanning the system for vulnerabilities. 10/15/2024 28 Phases 3: Gaining Access Gaining Access is the process of obtaining control and access to the target such as access OS or application on the victim system. Attackers can perform attacks such as DoS, password cracking and so on. This process also known as exploitation which refers to the process of gaining control over a system. METASPLOIT FRAMEWORK: It is powerful, flexible, free, offensive tool for hacking and PT purposes. Just write in terminal of kali Linux or back track, the follow command: root$ msfconsole 10/15/2024 29 Phases 4 : Maintaining Access Maintaining Access is the process that occurs when attackers trying to retain his/her ownership in the target system (compromised system). Attackers has full control in this system and also he/she use this system for launching future attacks. This means attacker make back path to access the target system again in the future (Zombie) 10/15/2024 30 Phases 5: Cleaning Track Cleaning or Covering Track refers to the process of hiding the malicious activities that done by attackers for preventing tracing them (i.e. delete any evidence behind him). For example, attackers delete or overwrites or modify system, application logs to avoid find him/her. Tor Browser 10/15/2024 31 10/15/2024 32 Lecture 3: Virtualization 10/15/2024 33 Virtualization Today, virtualization technology change the way of digital content storing, managing and delivering for organizations. Benefits of virtualization such as reduce cost, high efficiency and best utilization of hardware resources. Virtualization It is a technique of abstracting the physical compute hardware and enabling multiple operating systems (OSs) to run concurrently on a single or clustered physical machine(s). Virtualization Layer (Hypervisor) x86 Architecture CPU NIC Card Memory Hard Disk 10/15/2024 34 Before and After Virtualization Virtualization Layer (Hypervisor) x86 Architecture x86 Architecture CPU NIC Card Memory Hard Disk CPU NIC Card Memory Hard Disk Before Virtualization After Virtualization Runs single operating system (OS) per machine at a Runs multiple operating systems (OSs) per physical time machine concurrently Couples s/w and h/w tightly Makes OS and applications h/w independent May create conflicts when multiple applications Isolates VM from each other, hence, no conflict run on the same machine Improves resource utilization Underutilizes resources Offers flexible infrastructure at low cost Is inflexible and expensive 10/15/2024 35 Types of Hypervisor ✓ There are two types of hypervisors as follows: 1. Type 1: Bare-metal Hypervisor The Bare-metal Hypervisor straight operates on a physical hardware system, such as VMware ESXi 2. Type 2: Hosted-based Hypervisor The Hosted based hypervisor runs on top of an already installed standard operating systems such as Linux, Mac, and Windows, such as Virtual box or VMware Workstation 10/15/2024 36 Virtual Server Using VMware ESXi 10/15/2024 37 Virtual Data Center vSphere Client 10/15/2024 38 Practical Hacking Scenario 10/15/2024 39 Practical Hacking Scenario Victim Internet Attacker 10/15/2024 40 Practical Hacking Scenario (cont.) Hack Attacker Under Control Victim 10.10.9.101 10.10.9.100 10/15/2024 41 Hands On: Practical Hacking Scenario Demo 10/15/2024 42 Certified Ethical Hacker(CEH) 10/15/2024 43 Certified Ethical Hackers (CEH) Ethical Hacker attempts to answer following questions: 1. What can attacker find/see in the target system. 2. What can attacker do using the gathered information from the target system. 3. Does any one can notice the attacker during the hacking of the target system. Skills to become an Ethical Hacker : 1. Platform knowledge(i.e various OSs). 2. Network knowledge. 3. Security knowledge. 4. Programming knowledge. 5. Web and database Knowledge. 10/15/2024 44 10/15/2024 45

Lecture 2: Information Security and Ethical Hacking PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue