Ethical Hacking and Countermeasures: Attack Phases, Second Edition. Chapter 1 Introduction to Ethical Hacking

Similar documents
ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Chapter 10: Security and Ethical Challenges of E-Business

Introduction to Penetration Testing: Part One. Eugene Davis UAH Information Security Club February 21, 2013

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Guide to Network Security First Edition. Chapter One Introduction to Information Security

Question 1: What steps can organizations take to prevent incidents of cybercrime? Answer 1:

Overview. Handling Security Incidents. Attack Terms and Concepts. Types of Attacks

Chapter 4. Network Security. Part I

Ethics and Information Security. 10 주차 - 경영정보론 Spring 2014

n Given a scenario, analyze and interpret output from n A SPAN has the ability to copy network traffic passing n Capacity planning for traffic

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

MIS5206-Section Protecting Information Assets-Exam 1

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

How Breaches Really Happen

Introduction to Ethical Hacking. Chapter 1

Choosing the Right Security Assessment

VULNERABILITY ASSESSMENT: SYSTEM AND NETWORK PENETRATION TESTING. Presented by: John O. Adeika Student ID:

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security

5. Execute the attack and obtain unauthorized access to the system.

Ethical Hacking and Prevention

God is in the Small Stuff and it all matters. .In the Small Stuff. Security and Ethical Challenges. Introduction to Information Systems Chapter 11

Certified Ethical Hacker (CEH)

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Curso: Ethical Hacking and Countermeasures

An ICS Whitepaper Choosing the Right Security Assessment

CYBER SECURITY AND MITIGATING RISKS

ANATOMY OF AN ATTACK!

Securing Information Systems

EC-Council C EH. Certified Ethical Hacker. Program Brochure

Principles of ICT Systems and Data Security

Attackers Process. Compromise the Root of the Domain Network: Active Directory

Online Threats. This include human using them!

The Value of Automated Penetration Testing White Paper

Sage Data Security Services Directory

e-commerce Study Guide Test 2. Security Chapter 10

Vulnerability Assessment. Detection. Aspects of Assessment. 1. Asset Identification. 1. Asset Identification. How Much Danger Am I In?

716 West Ave Austin, TX USA

CEH: CERTIFIED ETHICAL HACKER v9

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

Integrated Access Management Solutions. Access Televentures

Security Solutions. Overview. Business Needs

Figure 11-1: Organizational Issues. Managing the Security Function. Chapter 11. Figure 11-1: Organizational Issues. Figure 11-1: Organizational Issues

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

10 Hidden IT Risks That Might Threaten Your Business

HOW SAFE IS YOUR DATA? Micho Schumann, KPMG, Cayman Islands

Carbon Black PCI Compliance Mapping Checklist

Certified Ethical Hacker

What are PCI DSS? PCI DSS = Payment Card Industry Data Security Standards

Computer Security Policy

CHAPTER 8 SECURING INFORMATION SYSTEMS

Information Technology Enhancing Productivity and Securing Against Cyber Attacks

A (sample) computerized system for publishing the daily currency exchange rates

CYBER FRAUD & DATA BREACHES 16 CPE s May 16-17, 2018

Chapter 1 Ethical Hacking Overview. Revised

Acceptable Use Policy

EC-Council. Program Brochure. EC-Council. Page 1

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Teradata and Protegrity High-Value Protection for High-Value Data

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 1 Introduction to Security

IT Security Auditing. Mr. Watcharaphon Wongaphai. Senior Information Security Instructor. GIAC GCFA,SSCP,E CSA,C EH,CNE6,Security+,CCNA,Network+

The Honest Advantage

CSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague

CoreMax Consulting s Cyber Security Roadmap

IT SECURITY FOR NONPROFITS

Information Security Is a Business

Acceptable Use Policy

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Acceptable Use Policy

Design your network to aid forensics investigation

Cyber Security Audit & Roadmap Business Process and

RiskSense Attack Surface Validation for IoT Systems

Cyber Security. Building and assuring defence in depth

Acceptable Use Policy

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

GATHERING SENSITIVE HEALTHCARE INFORMATION USING SOCIAL ENGINEERING TECHNIQUES

E-guide Getting your CISSP Certification

White paper Cybersecurity

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Certified Cyber Security Analyst VS-1160

n Explain penetration testing concepts n Explain vulnerability scanning concepts n Reconnaissance is the first step of performing a pen test

CUNY John Jay College of Criminal Justice MATH AND COMPUTER SCIENCE

CYBERSECURITY PENETRATION TESTING - INTRODUCTION

DumpsTorrent. Latest dumps torrent provider, real dumps

Whitepaper on AuthShield Two Factor Authentication with SAP

Today s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches

OPSEC and defense agains social engineering for devels, execs, and sart-ups

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8

Troubleshooting and Cyber Protection Josh Wheeler

Cyber Criminal Methods & Prevention Techniques. By

Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any

Fundamentals of Information Systems Security Lesson 5 Auditing, Testing, and Monitoring

Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Security Testing. - a requirement for a secure business. ISACA DAY in SOFIA. Gabriel Mihai Tanase, Director, Cyber Services KPMG in CEE

A Passage to Penetration Testing!

Vulnerabilities. To know your Enemy, you must become your Enemy. Information security: Vulnerabilities & attacks threats. difficult.

Transcription:

Ethical Hacking and Countermeasures: Attack Phases, Second Edition Chapter 1 Introduction to Ethical Hacking

Objectives After completing this chapter, you should be able to: Understand the importance of information security in today s world Understand the elements of security Identify the phases of the hacking cycle Identify the different types of hacker attacks Understand hacktivism 2

Objectives After completing this chapter, you should be able to (cont d): Understand ethical hacking Understand vulnerability research and identify tools assisting in vulnerability research Identify steps for conducting ethical hacking Understand computer crimes and implications 3

Introduction to Ethical Hacking Hackers have various motivations for breaking into secure systems Duty of system administrators and network security professionals To guard their infrastructure against exploits by knowing the enemies who seek to use the same infrastructure for their own purposes One of the best ways to do this is to hire an ethical hacker Someone who has all of the skills of a malicious hacker, but is on the client s side 4

Importance of Security Today, companies are completely networked, exchanging information almost instantly Of utmost importance to secure assets from outside threats Security policy Specification for how objects in a security domain are allowed to interact There is an increased dependency on computers Any disruption in their operation or integrity can mean the loss of time, the loss of money, and sometimes even the loss of life 5

Threats and Vulnerabilities Vulnerability Weakness in a defined asset that could be taken advantage of or exploited by some threat Threat Action or event that might compromise security Every vulnerability does not lead to an attack, and all attacks do not result in success Factors that result in the success of an attack Degree of vulnerability, the strength of the attack, and the extent to which countermeasures are adopted 6

Attacks Target of evaluation Information resource or asset that is being protected from attacks Attack Deliberate assault on that system s security Attacks can be classified as Active modify the target system Passive violate the confidentiality of a system s data without affecting the state of that system Example: electronic eavesdropping 7

Attacks Attacks can also be categorized as inside or outside attacks Inside initiated from within a network by an authorized user Outside caused by an external intruder who does not have authorization to access the network 8

Security Breaches Exploit A specific way to breach the security of an IT system through a vulnerability Exposure A breach in security Can vary from one company to another, or even from one department to another Imperative for organizations to address both penetration and protection issues 9

Exposure Exposure Loss due to an exploit Examples of loss include Disclosure, deception, disruption, and usurpation Vulnerability is the primary entry point an attacker can use to gain access to a system or to its data Once the system is exposed, an attacker can collect confidential information with relative ease, and usually erase his or her tracks afterwards 10

Elements of Security Security: the state of well-being of a system s data and infrastructure Assurance Confidence that the system will behave according to its specifications 11

Accountability Accountability System administrators or concerned authorities need to be able to know by whom, when, how and why system resources have been accessed An audit trail or log files can address this 12

Reusability Reusability Generally, not all resources are available to all users Having access controls on predefined parameters can help increase the level of security One user or program may not reuse or manipulate objects that another user or program is currently accessing in order to prevent violation of security Also known as availability 13

The Security, Functionality, and Ease of Use Triangle Figure 1-1 Moving toward security means moving away from functionality and ease of use 14

The Growth of Hacking Originally, hacking required extraordinary computer skills Today there are automated tools and codes available on the Internet that make it possible for almost anyone to successfully hack a system A victim will often keep the attack secret For fear of losing the goodwill and faith of employees, customers, and partners Critical to take countermeasures to prevent any exploits that can result in loss 15

Phases of an Attack In general, there are five phases that make up an attack: 1. Reconnaissance 2. Scanning 3. Gaining access 4. Maintaining access 5. Covering tracks 16

Phase 1 - Reconnaissance Reconnaissance Preparatory phase where an attacker gathers as much information as possible about the target prior to launching the attack Reconnaissance may involve social engineering Convincing other people to reveal information such as unlisted phone numbers, passwords, etc. Dumpster diving Looking through an organization s trash for any discarded sensitive information 17

Phase 1 - Reconnaissance Reconnaissance types Passive: attacker does not interact with the system directly Active: attacker interacts with the target system by using tools to detect open ports, accessible hosts, router locations, network mapping, details of operating systems, and applications An ethical hacker must be able to distinguish among various reconnaissance methods Advocate preventative measures 18

Phase 2 - Scanning Attacker uses the details gathered during reconnaissance to identify specific vulnerabilities An attacker can gather critical network information, such as the mapping of systems, routers, and firewalls By using simple tools such as the Windows utility Traceroute Port scanners can be used to detect listening ports to find information about the nature of services running on the target machine Vulnerability scanners: most commonly used tools 19

Phase 3 Gaining Access Gaining access Where most of the damage is usually done, yet hackers can cause damage without gaining any access to the system Access can be gained locally, offline, over a LAN, or over the Internet Spoofing Technique used to exploit the system be pretending to be a legitimate user 20

Phase 3 Gaining Access Smurf attacks Attempt to cause users on a network to flood each other with data, making it appear as if everyone is attacking each other A hacker s chances of gaining access into a target system are influenced by factors such as: Architecture and configuration of the target system Skill level of the perpetrator Initial level of access obtained 21

Phase 4 Maintaining Access Attackers, who choose to remain undetected Remove evidence of their entry Install a backdoor or a Trojan to gain repeat access Install rootkits at the kernel level to gain full administrator access to the target compute Hackers can use Trojans to transfer user names, passwords, and any other information stored on the system Organizations can use intrusion detection systems or deploy traps known as honeypots and honeynets to detect intruders 22

Phase 5 Covering Tracks Attackers will usually attempt to erase all evidence of their actions Trojans such as ps or netcat are often used to erase the attacker s activities from the system s log files Steganography Process of hiding data in other data, for instance image and sound files Tunneling Takes advantage of the transmission protocol by carrying one protocol over another 23

Phase 5 Covering Tracks System administrators can deploy host-based IDS (intrusion detection systems) In order to detect Trojans and compromised files and directories As an ethical hacker You must be aware of tools and techniques that attackers deploy in order to advocate and implement countermeasures 24

Types of Hacker Attacks Hacker attacks can be categorized as: Operating system attacks Application-level attacks Shrink-wrap code attacks Misconfiguration attacks 25

Operating System Attacks Today s operating systems contain many features, making them increasingly complex Keeping up with latest patches and hotfixes can be challenging with today s complex networks Attackers are constantly looking for OS vulnerabilities to exploit 26

Application-Level Attacks Software developers often do not have time to completely test their products before shipping them Leaving undiscovered security holes Security is frequently delivered as an add-on component after release Not all instances of the software will have the same level of security Error checking can be very poor Which leads to buffer overflow attacks 27

Shrink-Wrap Code Attacks Software developers will often use free libraries and code licensed from other sources in their programs If vulnerabilities in that code are discovered, many pieces of software are at risk Developers need to customize and fine-tune code in order to make it more secure And different enough that the same exploit will not work 28

Misconfiguration Attacks System administrators need to be careful when configuring systems Create a simple, but usable configuration Remove all unnecessary services and software 29

Hacktivism Hacktivism When hackers break into government or corporate computer systems as an act of protest Use it to increase awareness of their social or political agendas Considered a crime, irrespective of intentions 30

Hacker Classes Black hats Use skills for illegal or malicious purposes White hats Use skills for defensive purposes Gray hats Believe in full disclosure (information is better out in the open than kept in secret) Suicide hackers Hacktivists who are willing to become martyrs for their cause 31

Ethical Hackers Ethical hackers Information security professionals who specialize in evaluating and defending against threats from attackers Use excellent computer skills to protect the integrity of computer systems rather than hurting them Ethical hackers categories: Former black hats White hats Consulting firms 32

What Do Ethical Hackers Do? Ethical hacker s evaluation of a client s information system security seeks answers to three basic questions: 1. What can an attacker see on the target system? 2. What can an intruder do with that information? 3. Are the attackers attempts being noticed on the target systems? Ethical hacker must convey to the client that it is never possible to guard systems completely However, they can always be improved 33

Can Hacking Be Ethical? Today, the term hacking is closely associated with illegal and unethical activities Most companies use IT professionals to audit their systems for known vulnerabilities Ethical hackers usually employ the same tools and techniques as attackers With the exception that once access is gained, no damage is done Distinction between ethical hackers and crackers is consent Crackers attempt to gain unauthorized access 34

Skills of an Ethical Hacker Ethical hackers must be computer experts Must have a strong grasp on programming and networking Should be comfortable with installing and maintaining systems using all popular OSs Ethical hackers must possess detailed knowledge of both hardware and software Any ethical hacker must have plenty of patience Analysis stage consumes more time than the testing stage 35

What is Vulnerability Research? Vulnerability research includes: Discovering system design faults and weaknesses that might allow attackers to compromise a system Keeping informed of new products and technologies in order to find news related to current exploits Checking underground hacking Web sites for newly discovered vulnerabilities and exploits Checking newly released alerts regarding relevant innovations and product improvements for security systems 36

Why Hackers Need Vulnerability Reasons: Research? To identify and correct network vulnerabilities To protect the network from being attacked To get information that helps to prevent security issues To gather information about viruses and malware To find weaknesses in the network and to alert the network administrator before a network attack To know how to recover from a network attack 37

Vulnerability Research Web Sites Vulnerability research web sites include: US-CERT (http://www.us-cert.gov) National Vulnerability Database (http://nvd.nist.gov) Securitytracker (http://www.securitytracker.com) SecuriTeam (http://www.securiteam.com) SecurityFocus (http://www.securityfocus.com) SCMagazine (http://www.scmagazine.com) 38

Conducting Ethical Hacking Each ethical hacking assignment has six basic steps: 1. Talk with the client about the importance of security and the necessity of testing 2. Prepare NDA (nondisclosure agreement) documents and have the client sign them 3. Prepare an ethical hacking team and create a schedule for testing 4. Conduct the test 5. Analyze the results and prepare the report 6. Deliver the report to the client 39

How Do They Go About It? Security testing involves three phases: preparation, conduct, and conclusion After discussing security issues with the client, a formal contract should be drawn up that contains NDA, to protect the client s confidential data Clause stating that the ethical hacker has full consent of the client to hack into their systems Conduct phase Two most common approaches: Limited vulnerability analysis Attack and penetration testing 40

How Do They Go About It? The needs of the client Clients will often prefer a limited vulnerability analysis because they do not want to lose any data or risk any unintended damage While conducting an evaluation, ethical hackers may come across security holes that cannot be fixed within the predetermined time frame Client should be warned of this Final phase is the conclusion phase A report is prepared for the client 41

Approaches to Ethical Hacking Ethical hacker will attempt attacks over various channels: Remote network Remote dial-up network Local network Stolen equipment Social engineering Physical entry 42

Ethical Hacking Testing Approaches fall into one of three categories: Black box testing Ethical hacker is given no prior knowledge or information about a system White box testing Ethical hacker is given full advance knowledge of the system Gray box testing Internal testing performed by system administrator and network professionals 43

Ethical Hacking Deliverables In the conclusion phase, the ethical hacker creates a detailed report for the client Analyzing the possibility and impact of hacking Vulnerabilities that were detected are explained in detail Along with specific recommendations to patch them in order to bring about a permanent security solution Client may also solicit the participation of its employees by asking them for suggestions or observations during the course of the evaluation Final report should be delivered only in a hard copy 44

Computer Crimes and Implications Computer crimes can be separated into two categories: Crimes facilitated by use of a computer Crimes where the computer is the target The Cyber Security Enhancement Act 2002 allows life sentences for hackers who recklessly endanger the lives of others For more information, visit the United States Department of Justice s Cyber Crime and Intellectual Property section at http://www.cybercrime.gov 45

Summary The importance of security in any network is often underestimated Ethical hacking simulates a malicious attack without trying to cause damage Hacking involves five distinct phases: reconnaissance, scanning, gaining access, maintaining access, and clearing tracks Vulnerability research can be done via several Web sites 46

Summary Security testing involves three phases preparation, conduct, and conclusion Cyber crime is underreported, but taken very seriously when it is 47

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback