Ethical Hacking Overview PDF
Document Details
Uploaded by OrganizedDivisionism2656
Tags
Summary
This presentation provides an overview of ethical hacking and penetration testing. It defines key terms like threats, vulnerabilities, risks, and exploits. It also discusses the importance of adhering to legal regulations related to cybercrimes.
Full Transcript
ETHICAL HACKING OVERVIEW The Mindset of Penetration Testers and Ethical Hackers Overview Successful penetration testers and ethical hackers must maintain a mindset that involves two often contradictory- sounding concepts – Think outside of the box, be pragmatic, do things differently –But at the...
ETHICAL HACKING OVERVIEW The Mindset of Penetration Testers and Ethical Hackers Overview Successful penetration testers and ethical hackers must maintain a mindset that involves two often contradictory- sounding concepts – Think outside of the box, be pragmatic, do things differently –But at the same time, be thorough, methodical, and careful; take good notes; and make your work repeatable Balance between these two is crucial for success ETHICAL HACKING OVERVIEW To start the session, we need to define some terms so that the terminology is consistently used throughout the rest of the class What is ethical hacking ? How is it associated with penetration testing? How do vulnerability scans and penetration tests differ ? ETHICAL HACKING OVERVIEW Ethical hacking and penetration testing are tools for dealing with threats, vulnerabilities, risks, and exploits. Many people in the information security business throw around these terms interchangeably, often confusing threats with risk or vulnerabilities with exploits. Each has a distinct meaning, though, and the terms should be applied carefully. Threat – is an actor or agent that may want to or actually can cause harm to the target organization. Threats include organized crime, spyware ETHICAL companies, and disgruntled internal employees who start attacking their HACKING employer. Worms and viruses also represent threats because they could cause harm in your OVERVIEW organization—even without a human directing them to do so—by infecting machines and causing damage automatically. ETHICAL HACKING OVERVIEW Vulnerability – is a flaw in the environment that an attacker can use to cause damage. numerous arenas in environments, including architectural design, business processes, deployed software, and system configurations Risk – where threat and vulnerability overlap. That is, a risk occurs when systems have a vulnerability that a given threat can attack. ETHICAL HACKING OVERVIEW Exploit – is the vehicle by which the attacker uses a vulnerability to cause damage to the target system. The exploit could be a package of code that generates packets that overflow a buffer in software running on the target. Alternatively, the exploit could be a social engineering scheme whereby the bad guy talks a user into revealing sensitive information, such as a password, over the phone As security professionals: Work hard to minimize this risk by minimizing vulnerabilities and blocking threats. That's what penetration testing is all about ETHICAL Model the activities of real-world threats to HACKING discover find vulnerabilities … and then, in a controlled fashion, to exploit these OVERVIEW vulnerabilities to determine the business risk they pose to the organization … and recommend appropriate defenses. Then These recommendations must apply in light of the operations environment of the target organization The term hacking means different things to peopl different e: Traditionally, hacking refers to the exploration of technology, trying to ETHICAL understand it at a deep level to manipulate HACKING it into doing something that it was not designed to do. OVERVIEW People started to use the term ethical hacker to refer to individuals who applied the process of breaking into computer systems but with the wholesome purpose of finding security vulnerabilities so that they could be fixed Pulling all this together : ETHICAL HACKING OVERVIEW Ethical hacking: ethical hacking is the process of using computer attack techniques to find security flaws with the permission of the target owner and the goal of improving the target's security. The overall penetration testing process involves preparation, testing, and conclusion phases. Non-Disclosure Agreement (NDA), ETHICAL especially if the test HACKING is conducted by a third-party organization. Rules of Engagement that describe how the OVERVIEW testing will occur. Next, the scope of the test is determined The next step is absolutely crucial. You need to get official, written permission to conduct the test, even if it is against targets in your own organization. Many countries have instituted laws for dealing with crimes committed using a computer, so-called cybercrime laws. ETHICAL As penetration testers and ethical hackers, we HACKING want to make sure we carefully adhere to the laws of the countries in which we operate. OVERVIEW Your Permission Memo (the Get Out of Jail Free Card) is a helpful thing in ensuring that you have the permission of the target organization that owns and operates the systems you will test UNIT TWO TCP/IP Concepts Review Describe the TCP/IP protocol stack Explain the basic concepts of IP addressing Explain the binary, octal, and hexadecimal numbering system IP VERSION 4 (IPV4) HEADER The TTL field is 8 bits long and indicates how many hops this packet can travel before it must be discarded Source IP Address- Where packets are sent from Destination IP Address- Where the packets are sent TCP/IP CONCEPTS REVIEW When you configure the TCP/IP protocol on a Windows computer, the TCP/IP configuration settings require: An IP address A subnet mask A default gateway TCP/IP CONCEPTS REVIEW An IP address is a 32-bit number. It uniquely identifies a host (computer or other device, such as a printer or router) on a TCP/IP network. IP addresses are normally expressed in dotted-decimal format, with four numbers separated by periods, such as 192.168.123.132. TCP/IP CONCEPTS REVIEW For example, the dotted-decimal IP address 192.168.123.132 is (in binary notation) the 32-bit number 110000000101000111101110000100. This number may be The example IP address, then, becomes 11000000.10101000.01111011.1000 0100. These 8-bit sections are known as octets. TCP/IP CONCEPTS REVIEW The second item, which is required for TCP/IP to work, is the subnet mask. The subnet mask is used by the TCP/IP protocol to determine whether a host is on the local subnet or on a remote network. TCP/IP CONCEPTS REVIEW Example: The subnet mask is 255.255.255.0 In this example. It isn't obvious what this number means unless you know 255 in binary notation equals 11111111. So, the subnet mask is 11111111.11111111.11111111.00000000. TCP/IP CONCEPTS REVIEW If a TCP/IP computer needs to communicate with a host on another network, it will usually communicate through a device called a router. In TCP/IP terms, a router that is specified on a host, which links the host's subnet to other networks, is called a default gateway. TCP/IP CONCEPTS REVIEW END OF PRESENTATION
