860 likes | 1.61k Vues
Introduction to Ethical Hacking. BAI514 – Security I. Introduction to Ethical Hacking. The consequences of successful hacking attacks can have far-reaching implications Financial loss Loss of reputation Drop in stock value Many, many legal issues. Terminology.
E N D
Introduction to Ethical Hacking BAI514 – Security I
Introduction to Ethical Hacking • The consequences of successful hacking attacks can have far-reaching implications • Financial loss • Loss of reputation • Drop in stock value • Many, many legal issues
Terminology • CIA - basic tenets of information system security • Confidentiality • Integrity • Availability
Terminology • Confidentiality – ensures that information is not disclosed to unauthorized persons or processes • Integrity – achieved by 3 goals • Prevent modification on information by unauthorized users • Prevent unintentional modification by authorized users • Preserve internal and external consistency • Internal Consistency – a logical connection among data in the system • External Consistency – a logical connection among objects in the real world and their representation in the system
Terminology • Availability – ensures that a system’s authorized users have timely and uninterrupted access to the information in the system
Terminology • Authenticity • The confirmation of the origin and identity of an information source • Identification • A user claiming an identity to an information system • Authentication • The confirmation and reconciliation of evidence of a user’s identity
Terminology • Accountability • Assigning responsibility for a user’s actions • Privacy • Protection of individually identifiable information • Organization Security Policy • High level statement of management intent regarding the control of access to information and the personnel authorized to receive that information
Terminology • Threat • Event or activity that has the potential to cause harm to the information systems or networks • Vulnerability • A weakness or lack of a safeguard that can be exploited by a threat, causing harm to the information systems or networks • Can exist in hardware, OS, firmware, applications, and config files
Terminology • Risk • The potential for harm or loss to an information system or network • The probability that a threat will materialize • Attack • An action against an information system or network that attempts to violate the system security policy • Usually the result of a threat realized
Terminology • Target of Evaluation • An IT product, element, or system designated to have a security evaluation • Exploit • A means of exploiting a weakness or vulnerability in an IT system to violate the system’s security
Terminology -Hackers, Crackers, and Phreaks! • Hacker (historical) • A person who is intellectually curious and wants to learn as much as possible about a computer system. • Hacking was the development and improvement of software to increase the performance of the computing system(s) • Cracker • A person using the same techniques as a hacker, but for harmful or malicious purposes against computer systems
Terminology -Hackers, Crackers, and Phreaks! • Ethical Hacker • A security professional who uses their computing capabilities for defensive purposes and to increase the security posture of information systems • Script Kiddie • An individual, usually young, without programming skills who uses attack software that is freely available on the Internet. Typically do not understand how the tools they use work.
Terminology -Hackers, Crackers, and Phreaks! • Phreaker • A hacker who focuses on communication systems • Steal calling card numbers • Make free phone calls • Attack PBXs • Acquire access, illegally, to communication devices • Cyber-Terrorist • An individual who works for a government or terrorist group that is engaged in sabotage, espionage, financial theft, and attacks on a nation’s critical infrastructure
Terminology -Hactivism • Hackers who conduct their activities for a cause are said to be practicing hactivism • Targets include any organization they perceive are behind social injustice
Terminology –Threats • Information Warfare • Computer-related attacks for military of economic purposes • Cyber Terrorism • Attacks against a nation’s critical infrastructure • Criminal • Theft, fraud, physical damage • Violation of Data Integrity • Theft , modification, or loss of data • Late or Delayed Processing • Delays in processing that lead to reduced income, penalties, or additional expenses
Terminology –Threats • Acquiring High Sensitivity Data • Using inference, data aggregation, or other methods to acquire data of higher sensitivity than allowed • Malware • Viruses, trojans, worms, and other software to cause harm to information systems • Denial of Service • Preventing normal access to a systems resources • Personnel-Related • Unauthorized access to personnel records or attacks by disgruntled employees • Environmental • Failures caused by environmental issues
History of Hacking • Began in the 1960’s • MIT Students attempted to learn more about mainframe computing • Telephone systems were tempting to phreakers • John Draper (aka Captain Crunch) found a way to generate a tone to allow access to the AT&T long distance network • This led to the building of the infamous “blue box” that generated specific tones for use in making long distance calls • Others who were involved in blue boxes include Steve Jobs and Steve Wozniak
History of Hacking • 1980’s • Hackers shared info and password files on bulletin boards (e.g. Sherwood Forest) • Hacker clubs started to form (e.g. Chaos Computer Club) • Magazine 2600 debuted in 1984 • 1986 – Attacks against US classified systems • Affiliates of the Chaos Computer Club working for KGB • 1988 – Morris worm, written by Robert Morris, caused a major DoS
History of Hacking • 1990’s • 1990 - Kevin Poulson hacked a radio stations phone system to win prizes • 1993 – First Def Con hacker conference held in Las Vegas • 1995 – Kevin Mitnick arrested for many crimes including attacks against phone systems • See the movie “Takedown” • 1995 Vladimir Leven made transfers of $10 million to numerous international banks
History of Hacking • 1990’s cont… • 1998 – Trojan “Back Orifice” released by “The Cult of the Dead Cow” • 2000’s • DoS attacks against Amazon.com and ZDNet • Microsoft hacked and source code for OS stolen • Your turn!
Ethical Hacking Objectives and Motivations • Try to duplicate intent and actions of malicious hacker, without cause harm. • Perform penetration testing (pen testing) • Operate with permission and knowledge of target organization • Sometimes only senior management may be informed to allow a “double blind” environment • Pen tester needs to know • Assets to be protected • Potential threat sources • Extent to which the organization will support the ethical hackers’s efforts. • How far down the rabbit hole should you go…
Steps in Malicious Hacking • Reconnaissance • Active • Passive • Scanning • Enumeration • Nmap, Nessus, war dialers, SuperScan
Steps in Malicious Hacking • Gaining Access • Operating System level • Application level • Network level • Elevated privileges • Denial of Service • Maintaining Access • Uploading programs/data • Downloading programs/data • Altering programs/data • Fix vulnerability
Steps in Malicious Hacking • Covering, clearing tracks, and installing back doors • Modify log files • Install rootkits to hide hacker processes • Hide hacker files • Hidden directories • Hidden attributes • Tunneling • Steganography • Alternate Data Streams (ADS)
Hacker & Ethical Hacker Characteristics and Operations • Three classes of Hackers • Black Hat • Has the necessary computing expertise to carry out harmful attacks on information systems. • Gray Hat • At times, will not break the law and might help defend a network. • At other times, will revert to a Black Hat hacker. • White Hat • Usually has exceptional computer skills • Uses skills to increase security posture
Hacker & Ethical Hacker Characteristics and Operations • Classes of Entities that perform ethical hacking • White Hat • Has the appropriate computer skills and understanding of the black hat hacker mentality and methods. • Might be an independent consultant. • Former Black Hat • Brings actual black hat experience • May be a concern in terms of trust • Consulting Companies
Hacker & Ethical Hacker Characteristics and Operations • Skills needed by an Ethical Hacker • Computer expert adept at technical domains. • In-depth knowledge about target platforms (such as windows, Unix, Linux). • Exemplary knowledge in networking and related hardware/software. • Knowledgeable about security areas and related issues – though not necessarily a security professional
Hacker & Ethical Hacker Characteristics and Operations • Types of Information System Security Testing • Methods to attempt access • Dial-up network connection • Insider local network connection • Remote outsider network connection • Stolen equipment connection • Wireless network connection • Social Engineering – enabled connection • Physical entry attack
Hacker & Ethical Hacker Characteristics and Operations • Types of Information System Security Testing • Categories of security testing • Whitebox (full knowledge) • As much knowledge as possible is known about target • Graybox (partial knowledge) • Knowledge available that might be relevant to a specific type of attack by a person internal to the target organization • Blackbox (zero knowledge) • No previous knowledge of target • Must begin from scratch • Simulates attacks perpetrated by outsiders
Hacker & Ethical Hacker Characteristics and Operations • Types of Information System Security Testing • Institute for Security and Open Methodologies • www.isecom.org • Open Source Security Testing Methodology Manual (OSSTMM) • Information and data controls • Personnel security awareness levels • Fraud and social engineering control levels • Computer and telecommunications networks • Physical security access controls
Hacker & Ethical Hacker Characteristics and Operations • Ethical Hacking Outputs • Formal report • Background of project • Detailed description of work accomplished • Result of ethical hacking • Remediation recommendations
Hacker & Ethical Hacker Characteristics and Operations • Protections and Obligations for the Ethical Hacker • Ethical Hacker can be open to dismissal and/or prosecution unless contract terms are included to protect the penetration testers • Protect information uncovered during the penetration test • Conduct business in an ethical manner • Limitation of liability • Remain with the scope of the assignment • Develop a testing plan • Comply with relevant laws and regulations • Health Insurance Portability and Accountability Act (HIPAA) • Gramm-Leach-Bliley Act (GLBA)
Related Types of Computer Crime • Theft of passwords • Social engineering • Denial of Service (DoS) • Distributed Denial of Service (DDoS) • Network intrusions • Fraud • Software piracy • Dumpster diving • Malicious code
Related Types of Computer Crime • Spoofing of IP addresses • Embezzlement • Data-didding • Information warfare • Masquerading • Use of readily available attack scripts on the Internet
Related Types of Computer Crime • Existing laws can be used to prosecute computer crimes • Wiretap laws • Fraud • Embezzlement • Theft • Etc…