Principles of ICT Systems and Data Security

Transcription

1 Principles of ICT Systems and Data Security Ethical Hacking

2 Ethical Hacking What is ethical hacking?

3 Ethical Hacking It is a process where a computer security expert, who specialises in penetration testing and in other testing and testing methodologies, tries some hacking techniques to ensure the security organisations information systems.

4 White Hat The term "white hat" in Internet slang refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems.

5 Black Hat The term black hat" describes a deceptive user, computer hacker, or an individual who attempts to break into a computer system or computer network. Their intent is often to steal, destroy, or otherwise modify data on that computer system without permission.

6 Grey Hat The term grey hat refers to a computer hacker or computer security expert who may sometimes violate laws or typical ethical standards, but does not have the malicious intent typical of a black hat hacker.

7 Penetration Testing Penetration testing is an art, and it takes months if not years of practice to master it. So how to get started? Having no idea about hacking is okay, but being a newbie with computers in general is not allowed. When I say beginner, I mean someone who has no experience with programming and with hacking methodologies. I didn't mean someone who needs a 1 page guide on how to turn on a machine and download a tool. If you want to be a penetration tester you have to work hard

8 Phases of Penetration Testing

9 Reconnaissance Step to map out the target network and systems The hacker will try to list all the systems on the network, then try to list all the holes available on the target subsystems.

10 Social Media. Twitter Facebook LinkedIn Instagram SnapChat Blogs Other Ideas? Reconnaissance

11 Job Listings LinkedIn YouTube New Stories Press Releases Conferences Internet Searches Reconnaissance

12 Methods Social Engineering Google Searching Google hacking Ping Sweeps Extracting Info from DNS

13 Methods Based on the information obtained in the previous phase, determine goals based on business or target values. Employee Records Customer Records Trade Secrets User Accounts Financial Data Policy Information

14 Vulnerabilities Try to determine what vulnerabilities exist.

15 Vulnerability Detection Nmap Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon (used to discover hosts and services on a computer network, thus creating a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses. The software provides a number of features for probing computer networks, including host discovery and service and operating system detection. These features are extensible by scripts that provide more advanced service detection, vulnerability detection, and other features. Nmap is also capable of adapting to network conditions including latency and congestion during a scan.

16 Vulnerability Detection Nessus Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in It now costs $2,190 per year. A free Nessus Home version is also available, though it is limited and only licensed for home network use. Nessus is constantly updated, with more than 70,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones

17 Vulnerability Detection Wireshark Wireshark is a free and open source packet analyser. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues. Wireshark is cross-platform, using the Qt widget toolkit in current releases to implement its user interface, and using pcap to capture packets; it runs on Linux, OS X, Unix Microsoft Windows. It released under the terms of the GNU General Public License.

18 Vulnerabilities Further information is then gathered to determine how best target any vulnerabilities and weaknesses in the system.

19 Vulnerabilities Remember The most important and most dangerous step.

20 Exploitation Gaining Control over a system. It s a piece of software, a chunk of data or a sequence of commands that takes advantage of a vulnerability.

21 Dos Denial of Service BoF Buffer Overflow Attack Cookie Stealing Sniffing Attacks Ping of Death Common Attacks

22 Backdoor and Root Kits Backdoor programs are used to gain unauthorised access to a system. A rootkit is a stealthy type of software, often malicious, designed to hide the existence of certain processes or programs from normal methods of dectection and enable continued privileged access to a system.

23 Post Exploitation What's more impressive to a client? 1. I got root shell on your Dev server using a well known privilege escalation vulnerability. 2. Here are the names and addresses of all your customers last month, along with what they ordered.

24 Goal of Pentesting Remember The goal is not exploitation for exploitations sake. The goal is to determine what business value would be lost if an actual adversary was able to do the things that you have done.

25 Ethical Hacking Ethical hacking is used to build a system that helps prevent penetration from hackers

26 Why Kali Linux With Kali Linux, ethical hacking/penetration testing becomes much easier since you have all the tools (more than 300 pre-installed tools) you are probably ever going need. Others can be downloaded easily. In this session you will get started and you'll be penetration testing with Kali Linux before you know it.

27 Installing Kali in a Virtual Machine Follow work sheet provided. Remember! Login: root Password: toor

28 Its Not Magic It is not magic tool, which is easy to use, It is not any of the following. works on Windows, can be download by searching on Google and clicking on the first link we see, will do all the hacking itself on the push of a button. Sadly, no such tool exists.

29 How Legal is it? Let s make one thing crystal clear! Penetration testing requires that you get permission from the person who owns the system. Otherwise, you would be hacking the system, which is illegal in most of the world Trust me, you won t look good in an orange jump suit The difference between penetration testing and hacking is whether you have the system owner s permission. If you want to do a penetration test on someone else's system, it is highly recommended that you get written permission.

30 Always Remember

31 Penetration Testing Hackers come in all shapes, sizes and colours. I'm not referring to the physical characters of the hackers, I'm talking about the field of specialization.

32 Careers

33 CompTIA Security + (SYO-401) The Security+ exam covers the most important foundational principles for securing a network and managing risk. Access control, identity management and cryptography are important topics on the exam, as well as selection of appropriate mitigation and deterrent techniques to address network attacks and vulnerabilities. Security concerns associated with cloud computing, BYOD and SCADA are addressed in the SY0-401 exam. Andrew Blundell

34 Certified Ethical Hacker CEH provides a comprehensive ethical hacking and network security-training program to meet the standards of highly skilled security professionals. Hundreds of SMEs and authors have contributed towards the content presented in the CEH courseware. Latest tools and exploits uncovered from the underground community are featured in the new package. Our researchers have invested thousands of man hours researching the latest trends and uncovering the covert techniques used by the underground community.