1

Presented By
Ghanshyam K. Patel

It 5th Sem

Computer Crimes
The public streets and highways of the internet have become like neighborhoods where it is no longer safe to venture. Hackers, scammers, virus builders and other Web predators are looming in the

Flow of the session

Historical perspective Threats and Attacks Threats Types of Attacks

Types of Non-authorized Users

Hacker: people who access a computer resource, without authorization Crackers: a hacker who uses his or her skills to commit unlawful acts, or to deliberately create mischief Script Kiddies: a hacker who downloads the scripts and uses them to commit unlawful acts, or to deliberately create mischief, without fully understanding the scripts.

How Many Types Of Hackers?

There are six types of hackers: 1) CODERS 2) ADMINS 3) SCRIPT KIDDIES 4) WHITE HAT HACKER 5) BLACK HAT HACKER 6) GREY HAT HACKER

CODERS: The Real Hackers are the Coders, the ones who revise the methods and create tools that are available in the market.

 Admins are the computer guys who use the tools and exploits prepared by the coders. They do not develop their own techniques, however they uses the tricks which are already prepared by the

SCRIPT KIDDIES:
Script Kiddies are the bunnies who use script and programs developed by others to attack computer systems and Networks.

WHITE HAT HACKER:

They are also known as an Ethical Hacker or a Penetration Tester. They focus on Securing and Protecting IT systems.

BLACK HAT HACKER:

A Black Hat Hacker is computer guy who performs Unethical Hacking. These are the Criminal Hackers or Crackers who use their skills and knowledge for illegal or malicious purposes.

GREY HAT HACKER:

A Grey Hat Hacker is a Computer guy who sometimes acts legally, sometimes in good will, and sometimes not. They are hybrid between White Hat and Black Hat Hackers.

Cyber Terrorist
They are Hackers who are called Cyber Terrorists, who attack government computers or public utility infrastructures, such as power stations and air-traffic-control towers

Attack Method For Web Server

Web Ripping Google Hacking Cross Site Scripting (XSS) SQL Injection PHP Remote Code Execution Directory Access controls

Web Ripping
Web Ripping is finding and extracting pictures and other media files from specific website URLs and save them to your hard drive.

Google Hacking
Google hacking involves using Advance Search Operators in the Google search engine to locate specific strings of text within search results. Some of the more popular examples are finding specific versions of Vulnerable Web Applications.

Cross Site Scripting

Cross-Site Scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include

SQL Injection
A SQL injection attack exploits vulnerabilities in a web server database that allow the attacker to gain access to the database and read, modify, or delete information.

PHP Remote Code Execution

This attack provides the means for a Hacker to execute his or her system level code on a target web server. With this capability, an attacker can compromise the web server and access files with the same rights as the server system

Directory Access Controls

Properly controlling access to web content is crucial for running a secure web server. Directory Traversal is an HTTP exploit which allows attackers to access restricted directories and execute commands outside of the web server's root directory.

Attack With Trojans

A Trojan is a malicious program misguided as some very important application. Many Trojans are used to manipulate files on the victim computer, manage processes, remotely run commands, intercept keystrokes, watch screen images, and restart or shut down

Some Famous Trojans Pro Rate Girl Friend Netbus

Beast Back Orifice Sub Seven

Types of Attacks
Attacks on computer systems using the computers Web-site defacement or Revealing the data to unauthorized persons/theft of sensitive information/ stealing information like stealing credit card numbers bank frauds or Damage to data through Hacking or Virus/Worms

Types Of Attacks
Hoax Letters: Examples

[continue]

Malicious code (viruses and trojan horses) Urban myths Scam letters to entrap the receiver

Internet gambling Internet Pornography Link Flooding Packet Intercepting, Password Sniffing

Types Of Attacks

[continue]

propagate false routing entries (black holes and sink holes) domain hijacking Phishing attacks: use e-mails that often appear to come from a legitimate e-mail address and include links to spoofed Web addresses. The receiver responds to the link, which takes the receiver to a site, other than what the receiver thinks he is going to. (announced by MS on 16 Dec 2003, as a problem with Internet Explorer).