CYBER SECURITY AND ETHICAL

HACKING
CYBERSECURITY: the state of being protected against the criminal or
unauthorized use of electronic data or the measures taken to achieve this.

HACKING: it is the science of testing network for security vulnerabilities and

plugging the loop holes you find before the bad guys get a chance to exploit
them.

ETHICAL HACKING: it is the act of locating weaknesses and vulnerabilities of

computer and information systems by duplicating the intent and actions of
malicious hackers.
TYPES OF HACKERS:

TYPES OF HACKERS:
1.white hat hackers:
these are also known as ethical hackers . they try to find out the
weaknesses in a computer or a network system as a part of penetration
testing and vulnerability assessments.

2.Black hat hackers:

these are also known as crackers , are those who hack in-order to
gain unauthorized access to a system and harm its operations or steal
sensitive information.
3.Grey hat hackers:
these are a blend of both white and black
hat hackers.they act without malicious intent
but for their own fun.
MISCELLIOUS HACKERS:
1.Red hat hackers:
these are also a blend of both white and black hat hackers . they usually hack on the govt agencies and
any sensitive information.

2.Blue hat hackers:

they find the malicious content or find the loop holes that can be exploited and try to close them or
solve them.

3. Green hat hackers:

he is someone who is new to hacking and has almost no knowledge or experience of working of
technology and hacking.
Elite hackers:
this is a social status among hackers,which is used to describe the most skilled.newly
discovered exploits will circulate among these.

Script kiddie:
a script kiddie is a non-expert who breaks into computer systems by using pre-packaged
automated tools written by others,usually with little understanding of the underlying concept.

Hacktivist:
a hacktivist is a hacker who utilizes technology to announce a social,ideological,religious or
political message.most hacktivism involves website defacement or denial-of-service attacks.
TYPES OF NETWORKS:

1.Personal area network(PAN):

a PAN is made up of a wireless modem,a computer or two phones,printers etc., and revolves around one
person in one building.

2.Local area network(LAN):

LANs connect group of computers and low voltage devices together across short distances between a
group of two or three buildings in close proximity to share information and resources.

3.Wireless local area network(WLAN):

functioning like a LAN,WLANs make use of wireless network technology,such as WiFi.

4.Campus area network(CAN):

larger than LANs but smaller than MANs.they can be spread across several buildings that are fairly close to
each other so users can share resources.
5.Metropolitan area network(MAN):
MANs span an entire geographic area i.e., a town or city,but sometimes a campus.

6.Wide area network:

a WAN connects computers together across longer physical distances.this allows computers to
remotely connect to each other over one large network to communicate even when they’re miles
apart.

7.Storage area network(SAN):

Storage Area Network or SAN is a network that has been designed for storing and transferring
files. This network setup is often made up of servers with large storage capacity and special
switches and interface cards.

8.System area network(SAN):

it connects computers that are in a High Performance Computing setting. These are often used
where high processing is needed. Computer clusters make use of System Area Networks to achieve
connectivity.
9.Passive optical local area network(POLAN):
POLAN uses optical splitters to split an optical signal from one strand of singlemode optical
fiber into multiple signals to serve users and devices.

10.Enterprise private network(EPN):

These types of networks are built and owned by businesses that want to securely
connect its various locations to share computer resources.

11.Virtual private network(VPN):

a VPN lets its users send and receive data as if their devices were connected to the
private network – even if they’re not.
OPERATING SYSTEM:

An operating system (OS) is system software that manages computer hardware and software
resources and provides common services for computer programs.

BIOS(basic input output system):

BIOS is the program that a personal computer's microprocessor uses to get the computer
system started after you turn it on. It also manages data flow between the computer's operating
system and attached devices such as the hard disk, video adapter, keyboard, mouse and printer.

Difference b/w BIOS and UEFI

BIOS UEFI
1.Bios was the first firmware for desktop 1.UEFI is the successor to BIOS

2.It uses master boot record(MBR) 2.it uses GUID partition table(GPT)
partitioning scheme
3.Max partition size in MBR is 2TB 3.the partition size in GPT is 9ZB
4.MBR can have at max 4 primary 4.in GPT it can have 128 partitions.
Partitions.
LINUX:
Linux is a Unix like, open source and community-developed operating system for computers, servers,
mainframes, mobile devices and embedded devices.

Differences of windows and linux:

Windows Linux
1.It is Expensive 1. it is Free of cost
2.it is not an open source 2.it is an open source

3.It is not customizable 3. it is customizable

4.It is Vulnerable to viruses and malware attacks 4.it is more secure
5.booting is done in Only primary partition. 5.booting is done either in primary or
logical partition
6.Separation of the directories using back slash 6.in linux it is using forward slash
7.File names are case insensitive. 7.file names are case sensitive

8.It uses microlithic kernel 8.it uses monolithic kernel

KERNEL:

A kernel is the central part of an operating system. It manages the operations of the computer
and the hardware - most notably memory and CPU time.

There are two types of kernels:

A micro kernel, which only contains basic functionality;
A monolithic kernel, which contains many device drivers.
Addressing:
A network address is a key networking technology component that facilitates identifying a network
node/device and reaching a device over a network. It has several forms, including the Internet
Protocol (IP) address, media access control (MAC) address and host address.

There are 2 different types of network addresses,

one is a MAC (Media Access Control) address and the other one is an IP (Internet Protocol) address.
MAC Address:
The MAC address is a physical address and it exists on the Data Link layer of the OSI (Open Systems
Interconnection).  
The IP address is a virtual address and it operates on Network layer.
MAC addresses are unique address it is burnt into the hardware by the manufacture at the time it is
made. MAC address is 48 bits in length and there are 281,474,976,710,656 possible addresses.

IP Address:
IP address is an Internet Protocol address. The IP address is used to identify the different computers
and websites on the internet or intranet. Each device must have a unique IP address.
An IP address is made up of 4 separate numbers, each between 0 and 255, and arranged with dots
in between them.there are two versions of IP address (IPv4 and IPv6).
 STATIC IP:
A static IP address is an IP address that was manually configured for a device, versus one that was
assigned via a DHCP server. It's called static because it doesn't change.
Routers, phones, tablets,desktops, laptops, and any other device that can use an IP address can be
configured to have a static IP address.

DYNAMIC IP:
A dynamic IP is assigned to a node until it’s connected to the network; therefore, the same node may
have a different IP address every time it reconnects with the network. It’s called dynamic because it
changes.

SUBNET MASK:
A Subnet mask is a 32-bit number that masks an IP address, and divides the IP address into network
address and host address. Subnet Mask is made by setting network bits to all "1"s and setting host bits to
all "0"s.
Within a given network, two host addresses are reserved for special purpose, and cannot be assigned to
hosts. The "0" address is assigned a network address and "255" is assigned to a broadcast address, and
they cannot be assigned to hosts.
OSI MODEL:
OSI (Open Systems Interconnection) is a reference model for how applications communicate over a network.

OSI MODEL LAYERS:

In the OSI model, control is passed from one layer to the next, starting at the application layer (Layer 7) in one
station, and proceeding to the bottom layer, over the channel to the next station and back up the hierarchy. The
OSI model takes the task of inter-networking and divides that up into what is referred to as a vertical stack that
consists of the following 7 layers.

1.Application layer:
This layer provides application services for file transfers, e-mail, and other network software services.

2.Presentation layer:
The presentation layer works to transform data into the form that the application layer can accept. This layer
formats and encrypts data to be sent across a network, providing freedom from compatibility problems.

3.Session layer:
The session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the
applications at each end. It deals with session and connection coordination.
4.Transport layer:
provides transparent transfer of data between end systems, or hosts, and is responsible for end-to-
end error recovery and flow control. It ensures complete data transfer.

5.Network layer:
provides switching and routing technologies, creating logical paths, known as virtual circuits, for
transmitting data from node to node. Routing and forwarding are functions of this layer, as well as
addressing, internetworking, error handling, congestion control and packet sequencing.

6.Data Link layer:

data packets are encoded and decoded into bits. It furnishes transmission protocol knowledge and
management and handles errors in the physical layer, flow control and frame synchronization. The data
link layer is divided into two sub layers: The Media Access Control (MAC) layer and the Logical Link
Control (LLC) layer.

7.Physical layer:
conveys the bit stream - electrical impulse, light or radio signal — through the network at the electrical
and mechanical level. It provides the hardware means of sending and receiving data on a carrier,
including defining cables, cards and physical aspects.
FIREWALL:

A firewall is a network security system designed to prevent unauthorized access to or from a private
network.
Firewalls can be implemented as both hardware and software, or a combination of both. Network
firewalls are frequently used to prevent unauthorized Internet users from accessing private networks
connected to the Internet, especially intranets.
All messages entering or leaving the intranet pass through the firewall, which examines each message
and blocks those that do not meet the specified security criteria.

IDS(intrusion detection system):

An intrusion detection system (IDS) is a device or software application that monitors a network or
systems for malicious activity or policy violations.
Any malicious activity or violation is typically reported either to an administrator or collected centrally
using a security information and event management (SIEM) system.
A SIEM system combines outputs from multiple sources, and uses alarm filtering techniques to
distinguish malicious activity from false alarms
TYPES OF IDS:
1.NIDS(network intrusion detection system)
*it is network based
*Analysis: matches traffic to the library of known attack
*it monitors , captures and analyze network traffic
*it detects malicious data present in the network
*NIDS analysis very difficult in busy network

2.HIDS(host based intrusion detection system)

*it is host based
*it is installed on individual host or device on network
*it monitors data packets from the device only and alerts the admin if suspicious activity is detected
IPS(intrusion protection system):
An Intrusion Prevention System is a network device/software that goes deeper than a firewall to identify
and block network threats by assessing each packet based on the network protocols in the application layer.

TYPES OF INTRUSION PREVENTION SYSTEM:

Intrusion prevention systems come in four primary types:
Network-based: Protect your computer network
Wireless: Protect wireless networks only
Network behavior: Examine network traffic
Host-based: Come as installed software to protect a single computer