Ethical Hacking Basics

By Revati Manurkar
What is Hacking ?
• Exploiting digital systems and networks through unauthorized access to any account or computer
is a typical explanation of hacking. It is a malicious activity performed to cause harm to data,
network, devices etc.
Why do hackers Hack ?
1. Monetary benefits
2. Hacker’s pride
3. Co-operate rivalry
4. Stealing confidential data which causes national threat or personal loss

In this digital era every device we use are attractive target for hackers.
In order to safeguard our devices, computers, network we need ‘Ethical Hackers’.
Ethical Hacking

What is Ethical Hacking?

Ethical hacking is a legal method of
breaching a security system of an app,
system, organization infrastructure to
detect potential security threats ie
vulnerabilities.
Ethical hackers look at systems to see if
there are any flaws that cybercriminals
could take advantage of.
Common terms in Hacking
• Hacking Value
• Vulnerability
• Exploit
• Payload
• Botnet
• Zero-day-attack
• Daisy Chaining
Types of Attack

Operating Application Level Shrink Wrap Misconfiguration

System Attack Attack code Attack Attack
Attack Classification
1. Passive Attack: 4. Insider attack:
Do not temper with data. Involvs Intercepting, This attack is performed by someone
Monitoring, data flow of target machine.
inside the organization or network who
Eg: Sniffing has privileged access and intentionally
2. Active Attack: wants to cause harm.
Data tempering is done when in transit. Services
or communication between the devices are
Eg: Planting key loggers, Malwares
disturbed on purpose to break in to the system.
Eg: DOS, MITM, SQL Injuction 5. Distribution Attack:
3. Close-In Attack:
This attack happenes when the attacker
This attack is performed with attacker in close
physical proximity with target to obtain, modify,
tempers with the H/W or S/W prior to
or disrupt the access information. the installation.
Eg: Shoulder Sniffing, Dumpster diving
Cyber Laws
• Are the laws which govern and control the cyber filed are :
• The patents Act, 1999
• Trade mark Act, 1999
• Copyright Act, 1957
• Info. Technology Act

Get more info on:

http://www.ipindia.nic.in
http://www.meity.gov.in

India along with world are investing more n more into the National Cybersecurity.
Networking Basics
• What is OSI Model
• TCp/IP Model
• Network Components
OSI Reference
Model
'Open System Interconnection’ (OSI) model is developed by the
international standards org. (ISO) in 1984, which describes the flow
of information from one device to another device over the network.
As per OSI model the information flows in seven layers that
computer systems use to communicate over a network.
OSI model is also called as ‘ISO OSI reference model’.
In OSI Model, each layer provides service to layer above n below it.
Flow of data transmission starts from Application layer to physical
layer and then data is transmitted through physical medium like
cable to receiving device. Where it data first reaches to Physical layer
and then all the ay goes up to Application Layer.
OSI reference model
1. Physical Layer
• This is the first layer of the OSI model where all the connectivity of the devices
takes place in the network.
• The main job of Physical layer is to convert the data into binary bits and transfer
to data link layer.
• over the network.
• It defines the electrical, mechanical and network interface specifications like type
of signal used for transmission (ie electrical or optical depending upon the
physical cable used), cables, connectors, network topologies etc.
• It establishes, maintains and deactivates the physical connection.
• Physical layer protocols used eg Ethernet Physical Layer, IEEE1394, RS-232 etc
2. Data Link Layer
• Data link layer is the second layer of OSI model, it convert binary bits into smaller ‘frames’.
• The main function of data link layer is error free transmission of data frames to network layer.
• It also perform error detection - correction, structure formation and flow control before data
transmission.
• Structure formation:- Here the data frame is encapsulated with some more important
information which helps transmission of data, as shown below.

• Flag bits: indicates Start & Stop of the frame.

• Header: contains Address information of Source and Destination along with the protocol
used.
• Payload field: Consists of real data.
• Trailer: field contains error control, flow control and end of frame bit.
• Data link layer protocols are used to transmit the frame over to the network layer. (eg: DHCP,
IEE 802(for MAC Add), L2TP etc
2. Data Link Layer
• Error Control:- ‘Error detection’ is achieved by adding an extra bit (numerical
value) in transmitted data, this method is called as ‘Checksum Method’.
crosschecking the value of checksum at Tx & Rx end will assure the error free
transmission.
Checksum Method eg: MD5, SHA1, SHA2

Error Correction:- a calculated CRC (Cyclic Redundancy Check) value is added in the
trailer filed. When there is an error Rx sends an acknowledgement signal asking for
retransmission of the data. It is easier to resend the data than correcting it.

• Flow Control: It is a technique which maintains the flow of data between the
transmission and receiver ends balanced to avoid data corruption. The signal is send to
transmitter once the data buffer is full at receiver end.
3. Network Layer:
• It is a third layer in OSI module, which manages device addressing, tracks the
location of devices on the network.
• Router a layer 3 device works in this layer which is responsible for routing and
forwarding the packets internetwork.
• This Layer also determines the best path to move data from source to the
destination based on the network conditions, the priority of service, and other
factors.
• Network layer also maps IP Address to the MAC address used by data link layer.
• At receiving end data frames are converted in to ‘Packets’ and then the packets
are transmitted over the N/W.
• Network layer uses ‘Packet sequence control’ tech. to rearrange the received
frames sequentially.
• Network protocol used in this layer are IP, ICMP etc
4. Transport Layer
• This 4th layer in OSI model is responsible for ‘End-to-end connections and reliability’. It convert data into
smaller units called ‘segments’ before sending it over the network.
• This layer ensures that, messages are delivered error-free, in sequence and with no loss or duplication.
• This layer verifies that the application transmitting the data is actually allowed to access the network
and verifies that both ends of the connection can start the data transfer process. Ie point to point
connection between Source and destination.
Transport layer protocols are :-
• User Datagram Protocol (UDP): UDP is a connectionless protocol that does not provide reliable data
transport. As in this case receiver does not send any acknowledgment when the packet is received, the
sender does not wait for any acknowledgment.
This protocol gives a higher throughput and shorter latency and is often used for multicasting,
broadcasting and real-time multimedia communication where occasional packet loss is acceptable.
Messages sent with UDP are referred to as datagrams.
• Transmission Control Protocol (TCP). TCP is a connection-orientated protocol that offers greater
reliability when it comes to transporting data than what UDP provides. With TCP, the application which
sends the data receives acknowledgment or verification that the data was actually received.
It is used for many protocols, including HTTP web browsing and email transfer where lossless data
transfer is important. Individual units of data transmission in the TCP protocol are referred to
as segments.
5. Session Layer

• This fifth layer of OSI model is responsible for maintaining proper communication by establishing, managing and
terminating sessions (a property of TCP) between communicating devices.
• Data synchronization is performed for session layer of sender and session layer of receiver.
• Session layer protocols are NetBios, RPC etc

6. Presentation Layer

• This is the sixth layer of OSI model, this layer deals with syntax and semantics of the data exchanged between two
devices.
• Data encryption: This layer takes care that, the data is sent in such a way that only receiver will understand the
information/data.
• On receiving end, Presentation layer translates the data into a format which the application can read.
• presentation layer act as a translator, when languages (syntax) are different for the two communicating systems.
• In short this layer performs Data compression, Data encryption, Data conversion etc.
• Presentation layer protocols are X.25, ZIP, JSON, XML, JPEG etc
7. Application Layer
• Application layer is the topmost layer (seventh layer) of OSI model.
• The Application layer is the location where users and application processes
access network services.
Some commonly needed functions provided by this layer:
> Resource sharing
> Remote file access
> Remote printer access
> Network management
> Directory services
> Electronic messaging

• Application Layer Protocols are FTP, HTTP, DNS, SMTP, SSH etc
TCP/IP Model:
• TCP/IP (Transmission Control
Protocol/Internet Protocol) this Network
Model offers ‘basic communication protocol
used by current internet and intranet’. These
protocols describe the movement of data
between the source and destination or over
the internet.
• TCP/IP is a two-layer protocol, The higher
layer TCP protocol divides the message into
smaller packets called ‘segments’ before
transmitting them over the network. The
lower layer IP protocol manages the
addressing part of the packets.
• Each router in the network checks these
addresses to determine the destination to
forward the packets.

•
1. Network Access Layer(physical + data-link layer)

• A network layer is the lowest layer of the TCP/IP model.

• A network layer is the combination of the Physical layer and Data
Link layer defined in the OSI reference model.
• It defines how the data should be sent physically through the network.
• This layer is mainly responsible for the transmission of the data
between two devices on the same network.
• The functions carried out by this layer are encapsulating the IP
datagram into frames transmitted by the network and mapping of IP
addresses into physical addresses.
• Protocols used by this layer are ethernet, token ring, FDDI, X.25,
frame relay.
2. Internet Layer

• This is the second layer of TCP/IP Model.

• The Internet Layer, sometimes referred to as the Network Layer, is
where IP (Internet Protocol) resides.
• Internet layer is mainly responsible for wrapping data up into IP
packets (Packaging), attaching addresses to them(addressing), and
sending them on their way. Also, it handles routing, which ensures
that these packets find the most efficient path to their destination.
• IP (Internet Protocol) is used in this layer.
3. Transport Layer
This is third layer in TCP/IP model, it is responsible for reliability, flow control, and
correction of data which is being sent over the network.
• Functions such as multiplexing, segmenting or splitting on the data is done by
transport layer.
• The applications can read and write to the transport layer.
• Transport layer adds header information to the data. In Hearder,
UDP adds-
>source and destination port add (Application program address)
>Total Length of data
Checksum (16 bit field for error detection)
TCP adds:-
At sender end TCP breaks the message (data) into small units called segments.They
contain sequence no to reorder/ rearrange the data.
4. Application layer
This layer combines application layer, presentation layer & session layer from OSI model. This is the
top most layer in TCP/IP model.
• This layer allows the user to interact with the application. In other words, this layer is all about
providing services to the user. When you’re browsing a website, sending an email, or
downloading a file, you’re interacting with the Application Layer.
• When one application layer wants to communicate with another application layer, it forwards its
data to the transport layer.
• Below are the few protocols used by this layer,
HTTP, SNMP,DNS, TELNET, SMTP, FTP etc
 Networking Devices
1. Repeater:- A repeater operates at the physical layer.
The function of the repeater is to regenerate the signal bit-by-bit over the same network before the signal
becomes too weak orgets corrupted. It is generally used to extend the length of signal transmission over the
same network. Repeater do not amplify the signal.

2. Hub:- network hub is one of the most commonly used networking devices. It can be easily found on small
network such as home or office. Hub operates at the physical layer of OSI model.
Basically hub is a repeater with multi-ports. It just sends the data packets to ALL the connected devices.
• Types of hub :-
i) Passive hub - this type of hub do not require power as they do not regenerate signal before passing
forward
ii) Active hub - this type of hub regenerate the received signal before passing forward it to all the ports, so
active hub requires power supply.
iii) Intelligent hub - this type of hubs provide additional features to the active hub this type of hub is also
known as manageable hub as each port on the hub can be configured by the network operator
according to the network requirement. All the ports can be configured, monitored, enabled or disabled.
3. Switch:- switch are used in data link layer of OSI model.
A network switch is a hardware that connects devices on a computer network to each other, enabling them to talk
by exchanging data packets.
It is a multiport device that uses MAC table (MAC addresses along with port info) to forward data to destination
devices which are in same network. Due to which it prevents unnecessary traffic on network and user receive
filtered data packets without any errors.

4. Bridge:- bridge works in data link layer of OSI model.

It divides a LAN (Large N/W) into multiple segments. Bridge works in bus topology, It broadcast the data to all the
connected devices in the network at a time.
5. Router:- A router works on Network layer of OSI model.
Router has ability to connect 2 or more different networks with each other . It is similar to switch, just that it can
transfer data in the form of packets over the different networks. It acts as ‘default gateway’.
6. Brouter:- (Bridge + Router) It operates at both data link and network layers of OSI Model.
It connects networks which uses different protocols. It can ONLY be programmed to work as a bridge or router at a
time. When it is configured as a bridge, it forwards data packets to appropriate segment using a specific protocol.
When it is configured as a router, it routes the data packets to the appropriate network using a routed protocol
such as IP.
Information Security