ETHICAL HACKING BY: 1) 2) 3) 4) 5) 6) 7) 8) 9)
RISHABH DHINGRA NAINA GUPTA SOMYA JAIN JAVITESH MOT SEEMANT KHANNA SOUMIK MANDAL VASUDEV ANURAG ANURADHA BAKSHI DEBLINA MUKHERJEE
INTRODUCTION WHAT IS HACK? WHAT IS HACKING?
WHAT IS ETHICAL HACKING?
TYPES OF HACKERS 1. White Hat – Also known as ethical hackers, White Hat hackers are the good guys of the hacker world. They’ll help you remove a virus or PenTest a company. Most White Hat hackers hold a college degree in IT security or computer science and must be ce rtified to pursue a career in hacking. The most popular certification is the CEH (Certifi ed Ethical Hacker) from the EC-Council.
2. Black Hat – Also known as crackers, these are the men and women you hear about i n the news. They find banks or other companies with weak security and steal money or credit card information. The surprising truth about their methods of attack is that th ey often use common hacking practices they learned early on. 3. Gray Hat – Nothing is ever just black or white; the same is true in the world of hackin g. Gray Hat hackers don’t steal money or information (although, sometimes they defa ce a website or two), yet they don’t help people for good (but, they could if they want ed to). These hackers comprise most of the hacking world, even though Black Hat ha ckers garner most (if not all) of the media’s attention.
DIFFERENCE BETWEEN HACKER & ETHICAL HACKER
MODES OF ETHICAL HACKING •
INSIDER ATTACK
•
OUTSIDER ATTACK
•
STOLEN EQUIPMENT ATTACK
•
PHYSICAL ENTRY
•
BYPASSED AUTHENTICATION ATTACK (wireless access point)
•
SOCIAL ENGINEERING
PROCESS OF ETHICAL HACKING STEPS INVOLVED IN THE PROCESS: 1. Reconnaissance
2. Scanning 3. Gaining Access
4. Maintaining Access 5. Clearing Tracks
6. Reporting
FLOW CHART OF THE PROCESS:
INDETAIL VEIW OF THE STEPS INVOLVED IN ETHICAL HACKING
1. Reconnaissance- Reconnaissance means to collect informati on without interacting with victim. It involves collecting information from public records, social networking sites, etc.
2. Scanning- Next comes Scanning the system. Scanning also means to collect information but active information. For eg: Pinging on the system, checking the ports, servers. 3. Gaining Access- Then according to information gathered fro m the above two phases, we plan and implement our attack.
4. Maintaining Access- After gaining the access, the next step is to maintain the access. It’s very important so that if the victim even switch off or restart the system, connection is not lost. So, it's necessary to migrate the process or create a backdoor to m aintain the access using different techniques. 5. Clearing Tracks- The final step is to clean all traces which indicate the attackers presence so that all logs or tracks are cle ared as this is an evidence of attacker's presence. 6. Reporting- Reporting is the last step of finishing the ethical hacking process. Here the Ethical Hacker compiles a report with his findings and the job that was done such as the tools used, the success rate,vulnerabilities found, and the exploit processes.
Advantages of Ethical hacking Most of the benefits of ethical hacking are obvious, but many are overlooked. The benefits range from simply preventing malicious hacking to preventing na tional security breaches. The benefits include: Fighting against terrorism and national security breaches Having a computer system that prevents malicious hackers from gaining ac cess Having adequate preventative measures in place to prevent security breach es Prevents Website Defacements
DISADVANTAGES OF ETHICAL HACKING As with all types of activities which have a darker side, there will be……dishonest people presenting drawbacks. The possible drawbacks of ethical hacking include: 1.
The ethical hacker using the knowledge they gain to do malicious hacking activities
2.
Allowing the company’s financial and banking details to be seen
3.
The possibility that the ethical hacker will send and/or place malicious code, viruses, malware and other destructive and harmful things on a computer system
4.
Massive security breach
These are not common; however, they are something all companies should consider when using the services of an ethical hacker.
CONCLUSION • Security is very important for any organization
• Hacking can be both constructive or destructive 1. White hat 2. Black hat 3. Grey hat • Ethical Hackers
THANK YOU