Ethical Hacking

Presentation by:

GIRISH AMETA MAMRAJ Sharma GAURAV RAJAWAT

B.Tech CS-A 8th SEM JAGANNATH GUPTA INSTITUTE OF ENGINEERING & TECHNOLOGY, jaipur

HACKER

Hacker is a word that has two meanings:

Traditionally, a Hacker is someone who likes to play with Software or Electronic Systems. Recently, Hacker has taken on a new meaning someone who maliciously breaks into systems for personal gain. Technically, these criminals & are known as Crackers

The Role of Security and Penetration Testers

Hackers Access computer system or network without authorization

Breaks the law; can go to prison

Crackers Break into systems to steal or destroy data

U.S. Department of Justice calls both hackers

Ethical hacker Performs most of the same activities but with owners permission

What do Hackers do?

Penetration test
Legal attempt to break into a companys network to find its weakest link Tester only reports findings, does not solve problems

What do Hackers do?

Security test
More than an attempt to break in; also includes analyzing companys security policy and procedures Tester offers solutions to secure or protect the network

What do Hackers do?

A few examples of Web application hacks

File Query Browser caching Cookie and URL hacks SQL Injection Cross-site Scripting (# 1 threat today!)

Ethical Hacking is good because:

Independent computer security Professionals breaking into the computer systems. Neither damage the target systems nor steal information. Evaluate target systems security and report back to owners about the vulnerabilities found.

Ethical Hackers but not Criminal Hackers

Completely trustworthy. Strong programming and computer networking skills. Learn about the system and trying to find its weaknesses. Techniques of Criminal hackers-Detection-Prevention. Published research papers or released security software.

Why Ethical Hacking?

It is Legal Permission is obtained from the target

Part of an overall security program

Identify vulnerabilities visible from Internet at particular point of time

Ethical hackers possesses same skills, mindset

and tools of a hacker but the attacks are done in a non-destructive manner

WHITE HATS
These are good hackers . Have genuine license to hack. Have registered police records Evolves themselves in good works

Generally owned by companies for security designing

Have high pay scales. Generally these are coders

BLACK HATS
very dangerous persons. Always have motive to earn huge profit. Highly paid persons.

Evolves themselves mostly in criminal activities.

These could be coders, admins as well as scripts kiddies

GREY HATS
Also known as red hats. Perform both tasks fair as well as unfair. Generally these are admins. Have little high pay than white hats.

Generally not so dangerous, but sometimes could

be.

Security & Counter Measures for us

Use of anti-viruses. Proper logout after use of mail id. Manual opening browser don't open spam. Password protected admin account.

Suggestions or queries ?

THANKS !! YOU