Scribd Logo
Upload

Welcome to Scribd!

  • 279 views

    Information Security Chapter 2

    Uploaded by

    bscitsemv
    The document provides an overview of ethical hacking and penetration testing. It discusses the history and evolution of the terms "hacker" and different types of hackers such as script kiddies, professional criminals, and ethical hackers. It defines penetration testing as evaluating security by simulating attacks to identify vulnerabilities. The document outlines the steps of a penetration test including reconnaissance, scanning, gaining access, maintaining access, and covering tracks. It discusses why organizations conduct penetration tests to identify threats, reduce costs, and ensure compliance.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd

    Information Security Chapter 2

    Uploaded by

    bscitsemv
    279 views20 pages
    The document provides an overview of ethical hacking and penetration testing. It discusses the history and evolution of the terms "hacker" and different types of hackers such as script kiddies, professional criminals, and ethical hackers. It defines penetration testing as evaluating security by simulating attacks to identify vulnerabilities. The document outlines the steps of a penetration test including reconnaissance, scanning, gaining access, maintaining access, and covering tracks. It discusses why organizations conduct penetration tests to identify threats, reduce costs, and ensure compliance.

    Original Description:

    Information Security Chapter 2

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document provides an overview of ethical hacking and penetration testing. It discusses the history and evolution of the terms "hacker" and different types of hackers such as script kiddies, professional criminals, and ethical hackers. It defines penetration testing as evaluating security by simulating attacks to identify vulnerabilities. The document outlines the steps of a penetration test including reconnaissance, scanning, gaining access, maintaining access, and covering tracks. It discusses why organizations conduct penetration tests to identify threats, reduce costs, and ensure compliance.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    279 views20 pages

    Information Security Chapter 2

    Uploaded by

    bscitsemv
    The document provides an overview of ethical hacking and penetration testing. It discusses the history and evolution of the terms "hacker" and different types of hackers such as script kiddies, professional criminals, and ethical hackers. It defines penetration testing as evaluating security by simulating attacks to identify vulnerabilities. The document outlines the steps of a penetration test including reconnaissance, scanning, gaining access, maintaining access, and covering tracks. It discusses why organizations conduct penetration tests to identify threats, reduce costs, and ensure compliance.

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Download as ppt, pdf, or txt
    of 20

    BlueCrest Information Security

    and Audit
    Chapter 2

    Ethical Hacking

    Welcome to the world of Ethical Hacking


    PREHISTORY
    1960s: The Dawn of Hacking
    Original meaning of the word "hack" started
    at MIT; meant elegant, witty or inspired way
    of doing almost anything; hacks were
    programming shortcuts

    Hackers are here. Where are you?


    The explosive growth of the Internet has
    brought many good thingsAs with most
    technological advances, there is also a dark
    side: criminal hackers.
    The term hacker has a dual usage in the
    computer industry today. Originally, the term
    was defined as:
    HACKER noun. 1. A person who enjoys
    learning the details of computer systems and
    how to stretch their capabilities. 2. One who
    programs enthusiastically or who enjoys
    programming rather than just theorizing
    about programming.

    What is a Hacker?
    Old School Hackers: 1960s style Stanford or MIT
    hackers. Do not have malicious intent, but do have
    lack of concern for privacy and proprietary
    information. They believe the Internet was designed
    to be an open system.
    Script Kiddies or Cyber-Punks: Between 12-30;
    predominantly white and male; bored in school; get
    caught due to bragging online; intent is to vandalize
    or disrupt systems.
    Professional Criminals or Crackers: Make a living by
    breaking into systems and selling the information.
    Coders and Virus Writers: See themselves as an
    elite; programming background and write code but
    wont use it themselves; have their own networks
    called zoos; leave it to others to release their code
    into The Wild or Internet.

    What is Ethical Hacking?


    Ethical hacking defined methodology adopted by
    ethical hackers to discover the vulnerabilities existing
    in information systems operating environments.
    With the growth of the Internet, computer security
    has become a major concern for businesses and
    governments.
    In their search for a way to approach the problem,
    organizations came to realize that one of the best
    ways to evaluate the intruder threat to their interests
    would be to have independent computer security
    professionals attempt to break into their computer
    systems.

    Who are Ethical Hackers?

    One of the best ways to evaluate the intruder


    threat is to have an independent computer security
    professionals attempt to break their computer
    systems
    Successful ethical hackers possess a variety of skills.
    First and foremost, they must be completely
    trustworthy.
    Ethical hackers typically have very strong
    programming and computer networking skills.
    They are also adept at installing and maintaining
    systems that use the more popular operating
    systems (e.g., Linux or Windows ) used on target
    systems.
    These base skills are augmented with detailed
    knowledge of the hardware and software provided
    by the more popular computer and networking
    hardware vendors.

    What do Ethical Hackers do?


    An ethical hackers evaluation of a systems security seeks
    answers to these basic questions:
    What can an intruder see on the target systems?
    What can an intruder do with that information?
    Does anyone at the target notice the intruders attempts
    or successes?
    What are you trying to protect?
    How much time, effort, and money are you willing to
    expend to obtain adequate protection?

    Anatomy of an attack:
    Reconnaissance attacker gathers information;
    can include social engineering.
    Scanning searches for open ports (port scan)
    probes target for vulnerabilities.
    Gaining access attacker exploits vulnerabilities
    to get inside your system; used for spoofing IP.
    Maintaining access creates backdoor through
    use of Trojans; once attacker gains access makes
    sure he/she can get back in.
    Covering tracks deletes files, hides files, and
    erases log files. So that attacker cannot be
    detected or penalized.

    Classes/Types of Hackers
    Black hats highly
    skilled,
    malicious, destructive
    crackers
    White hats skills used
    for
    defensive security
    analysts
    Gray hats offensively
    and
    defensively; will hack for
    different
    reasons, depends on
    situation.

    So Now You Know ..

    Hacker
    Access computer system or network without
    authorization
    Breaks the law . So becomes a cracker

    Ethical Hacker
    Performs most of the same activities but with
    owners permission
    Employed by companies to perform Penetration Tests
    Hactivism hacking for social and political cause.

    Penetration Test
    Protecting an organisations asset is a continual process.
    The process involves an active analysis of the system for
    any
    weaknesses, technical flaws or vulnerabilities.
    This analysis is carried out from a position of a potential
    attacker, and can involve active exploitation of security
    vulnerabilities.

    Any security issues that are found will be presented to


    the system owner together with an assessment of their
    impact and often with a proposal for mitigation or a
    technical solution.

    Types of Security Assessments


    Vulnerability scanning:

    Focuses on known weaknesses

    Can be automated

    Does not necessarily require expertise

    Penetration testing:

    Focuses on known and unknown weaknesses

    Requires highly skilled testers

    Carries tremendous legal burden in certain countries/organizations

    IT security auditing:

    Focuses on security policies and procedures

    Used to provide evidence for industry regulations

    Why Does Network Security Fail?


    Network security fails in several common areas,
    including:

    Human awareness
    Policy factors
    Hardware or software misconfigurations
    Poor assumptions
    Ignorance
    Failure to stay up-to-date

    What is a Penetration Test?


    A penetration test is the process of actively evaluating your information
    security measures. Or
    A penetration test is a method of evaluating the security of a computer
    system or network by simulating an attack from a malicious source,
    known as Black hat Hacker or Cracker.
    Identifying vulnerabilities of a particular system, application, network, or
    process
    Exploiting those vulnerabilities
    mechanisms can and will fail

    to

    demonstrate

    that

    the

    security

    The good guys usually get some small piece of proof and exit
    as quietly as they came
    There are a number of ways that this can be undertaken, but the most common procedure is
    that the security measures are actively analyzed for design weaknesses, technical flaws and
    vulnerabilities; the results are then delivered comprehensively in a report, to Executive,
    Management and Technical audiences.

    Why Penetration Testing: Why would you want it?


    There are several reasons why organizations choose to perform a
    penetration test; they range from technical to commercial but the
    most common are:
    Identify the threats facing your organizations information assets
    so that you can quantify your information risk and provide
    adequate information security expenditure.
    Reduce your organizations IT security costs and provide a better
    Return on IT Security Investment by identifying and resolving
    vulnerabilities and weaknesses in the design or implementation.
    Provide your organization with assurance a thorough and
    comprehensive assessment of organizational security covering
    policy, procedure, design and implementation.

    Answer the questions Is our network secure? and How


    do we know that our network is secure?

    Provide a baseline to help improve security

    Find configuration mistakes or missing

    security updates

    Reveal unexpected weaknesses in your


    organizations security

    Ensure regulatory compliance

    Using Penetration Testing to Assess Network Security

    Steps to a successful penetration test include:


    Determine how the attacker is most likely to go about
    attacking a network or an application
    Locate areas of weakness in network or application
    defenses
    Determine how an attacker could exploit weaknesses
    Locate assets that could be accessed, altered, or
    destroyed
    Determine whether the attack was detected
    Determine what the attack footprint looks like
    Make recommendations

    Legal Issues Before You Start


    First, can you do what you want to do where you want to do it?
    Is a war-driving legal against your own systems when going through a
    central office?

    Make sure you are protected with a Letter of Authority.


    Protect yourself with a Get out of jail type letter.

    Encrypt your data. You dont want to be liable if your data is


    compromised.
    Think through your actions before doing them.
    Run these tools at your own risk. I am not responsible
    Test them on a stand-alone network with a network sniffer and review the
    source code
    Obtain tools from the proper source

    Log all of your actions

    Different Types of Tests Available


    The different types of penetration testing are as follows:
    a) External Penetration Testing
    - Focuses on ITs infrastructure and underlying software of the target.

    b) Internal Security Assessment


    - Testing carried out from various access points being logical or physical eg.
    DMZ

    c) Application Security Assessment


    - Testing for customised, proprietary applications or systems

    d) Wireless/Remote Access Security (RAS) Security Assessment


    - Testing for risk associated with mobile computing mobile work force

    e) Telephony Security Assessment


    - Testing for risk associated with voice technologies in an organisation

    f) Social Engineering
    - Is a non-technical test to trick people into braking normal security
    procedures.

    Different Types of Approach


    Penetration tests can be conducted in one of
    two ways:
    a) Black-Box: With no prior knowledge of the
    infrastructure to be tested.

    b) White-Box: With complete knowledge of the


    infrastructure to be tested.

    You might also like