SlideShare a Scribd company logo

Introduction of ethical hacking.........

Download as PPTX, PDF
A
AalyanAbid

This document provides an overview of ethical hacking. It begins by defining information security and explaining the need for security. It then discusses what hacking is, different types of hackers (black hats, white hats, etc.), and hacker motives. It covers common attack vectors and the phases of a hacking attempt (reconnaissance, scanning, gaining access, maintaining access, clearing tracks). Finally, it discusses what ethical hacking is, why it is necessary, skills required, and advantages/disadvantages. The document aims to give the reader a comprehensive introduction to the topics of hacking and ethical hacking.

1 of 38
Download to read offline
ETHICAL HACKING INSTRUCTOR: • IRFAN AHMED
What is Information Security? Information security is “the state of the well-being of information and infrastructure in which the possibility of theft, tampering, or disruption of information and services is kept low or tolerable. Information security refers to the protection or safeguarding of information and information systems that use, store, and transmit information from unauthorized access, disclosure, alteration, and destruction.
Need for Security
The Security, Functionality, and Usability Triangle
What is Hacking?
Who is a Hacker? A hacker is a person who breaks into a system or network without authorization to destroy, steal sensitive data, or perform malicious attacks. A hacker is an intelligent individual with excellent computer skills, along with the ability to create and explore the computer’s software and hardware.
Motives, Goals, and Objectives of Information Security Attacks Attacks = Motive (Goal) + Method + Vulnerability Once the attacker determines their goal, they can employ various tools, attack techniques, and methods to exploit vulnerabilities in a computer system or security policy and controls.
Why Hackers Hack ◦ Hacking as a hobby ◦ Hacking to steal ◦ Hacking to bring a site down ◦ Hacking to leak information ◦ Hacking with political motive ◦ Idealism or Hacktivism ◦ Security reasons
Hacker Classes/Threat Actors Black Hats ◦ Black hats are individuals who use their extraordinary computing skills for illegal or malicious purposes. White Hats ◦ White hats or penetration testers are individuals who use their hacking skills for defensive purposes. Gray Hats ◦ Gray hats are the individuals who work both offensively and defensively at various times. Suicide Hackers ◦ Suicide hackers are individuals who aim to bring down critical infrastructure for a “cause” and are not worried about facing jail terms or any other kind of punishment. Script Kiddies ◦ Script kiddies are unskilled hackers who compromise systems by running scripts, tools, and software developed by real hackers.
Cyber Terrorists ◦ Cyber terrorists are individuals with a wide range of skills who are motivated by religious or political beliefs to create the fear of large-scale disruption of computer networks. State-Sponsored Hackers ◦ State-sponsored hackers are skilled individuals having expertise in hacking and are employed by the government to penetrate, gain top-secret information from, and damage the information systems of other government or military organizations. Hacktivist ◦ Hacktivism is a form of activism in which hackers break into government or corporate computer systems as an act of protest. Hacker Teams ◦ A hacker team is a consortium of skilled hackers having their own resources and funding.
Industrial Spies ◦ Industrial spies are individuals who perform corporate espionage by illegally spying on competitor organizations. They focus on stealing critical information such as blueprints, formulas, product designs, and trade secrets. Insiders ◦ An insider is any employee (trusted person) who has access to critical assets of an organization. Criminal Syndicates ◦ Criminal syndicates are groups of individuals or communities that are involved in organized, planned, and prolonged criminal activities. Organized Hackers ◦ Organized hackers are a group of hackers working together in criminal activities.
Classification of Attacks Passive Attacks ◦ Passive attacks involve intercepting and monitoring network traffic and data flow on the target network and do not tamper with the data. Active Attacks ◦ Active attacks tamper with the data in transit or disrupt communication or services between the systems to bypass or break into secured systems. Close-in Attacks ◦ Close-in attacks are performed when the attacker is in close physical proximity with the target system or network.
Insider Attacks Insider attacks are performed by trusted persons who have physical access to the critical assets of the target. Distribution Attacks Distribution attacks occur when attackers tamper with hardware or software prior to installation.
Information Security Attack Vectors Cloud computing threats ◦ Cloud computing refers to the on-demand delivery of IT capabilities in which IT infrastructure and applications are provided to subscribers as a metered service over a network. Advanced persistent threats (APTs) ◦ This refers to an attack that focuses on stealing information from the victim machine without its user being aware of it. Viruses and worms ◦ Viruses and worms are the most prevalent networking threats, and are capable of infecting a network within seconds. Ransomware ◦ Ransomware is a type of a malware that restricts access to the computer system’s files and folders and demands an online ransom payment to the malware creator(s) in order to remove the restrictions.
Mobile threats ◦ Attackers are increasingly focusing on mobile devices due to the increased adoption of smartphones for business and personal use and their comparatively fewer security controls. Botnet ◦ A botnet is a huge network of compromised systems used by attackers to perform denial-of-service attacks. Bots, in a botnet, perform tasks such as uploading viruses, sending mails with botnets attached to them, stealing data, and so on. Insider attack ◦ An insider attack is an attack by someone from within an organization who has authorized access to its network and is aware of the network architecture.
Phishing ◦ Phishing refers to the practice of sending an illegitimate email falsely claiming to be from a legitimate site in an attempt to acquire a user’s personal or account information. Web application threats ◦ Attacks such as SQL injection and cross-site scripting has made web applications a favorable target for attackers to steal credentials, set up phishing site, or acquire private information. IoT threats ◦ IoT devices connected to the Internet have little or no security, which makes them vulnerable to various types of attacks.
What is Ethical Hacking? Ethical hacking is the practice of employing computer and network skills in order to assist organizations in testing their network security for possible loopholes and vulnerabilities. They perform hacking in ethical ways, with the permission of the network or system owner and without the intention to cause harm. Ethical hackers report all vulnerabilities to the system and network owner for remediation, thereby increasing the security of an organization’s information system. Ethical hacking involves the use of hacking tools, tricks, and techniques typically used by an attacker to verify the existence of exploitable vulnerabilities in system security.
Why Ethical Hacking is Necessary
Skills of an Ethical Hacker
Scope and Limitations of Ethical Hacking • An ethical hacker should know the penalties of unauthorized hacking into a system. • No ethical hacking activities associated with a network-penetration test or security audit should begin before receiving a signed legal document giving the ethical hacker express permission to perform the hacking activities from the target organization. • Ethical hackers must be judicious with their hacking skills and recognize the consequences of misusing those skills. • Unless the businesses first know what they are looking for and why they are hiring an outside vendor to hack their systems in the first place, chances are there would not be much to gain from experience. • An ethical hacker, thus, can only help the organization to better understand its security system. • It is up to the organization to place the right safeguards on the network.
Advantages of Ethical Hacking ◦ Can be used to recover lost information ◦ Teaches that no technology is 100% secure ◦ To test how good security is on your own system, known as White Hat Hacking ◦ To prevent website, system or network hacking from Black Hat Hackers.
Disadvantages of Ethical Hacking ◦ Everything depends upon the trustworthiness of the Ethical Hacker ◦ Visibility of the company’s financial and banking details. ◦ Hiring Professionals is Expensive
Elements of Information Security Confidentiality ◦ Confidentiality is the assurance that the information is accessible only to authorized. Integrity ◦ Integrity is the trustworthiness of data or resources in the prevention of improper and unauthorized changes—the assurance that information is sufficiently accurate for its purpose. Availability ◦ Availability is the assurance that the systems responsible for delivering, storing, and processing information are accessible when required by authorized users.
Authenticity ◦ Authenticity refers to the characteristic of communication, documents, or any data that ensures the quality of being genuine or uncorrupted. Non-Repudiation ◦ Non-repudiation is a way to guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.
Various Information Security Laws and Regulations Payment Card Industry Data Security Standard (PCI DSS) This standard offers robust and comprehensive standards and supporting materials to enhance payment card data security. These materials include a framework of specifications, tools, measurements, and support resources to help organizations ensure the safe handling of cardholder information.
ISO/IEC 27001:2022 ISO/IEC 27001:2022 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of an organization. It includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
Health Insurance Portability and Accountability Act (HIPAA) The HIPAA Privacy Rule provides federal protections for the individually identifiable health information held by covered entities and their business associates and gives patients an array of rights to that information. At the same time, the Privacy Rule permits the disclosure of health information needed for patient care and other necessary purposes.
Sarbanes Oxley Act (SOX) Enacted in 2002, the Sarbanes-Oxley Act aims to protect the public and investors by increasing the accuracy and reliability of corporate disclosures. This act does not explain how an organization must store records but describes the records that organizations must store and the duration of their storage. The Act mandated several reforms to enhance corporate responsibility, enhance financial disclosures, and combat corporate and accounting fraud. The Digital Millennium Copyright Act (DMCA) The DMCA is an American copyright law that implements two 1996 treaties from the World Intellectual Property Organization (WIPO): the WIPO Copyright Treaty and the WIPO Performances and Phonograms Treaty. In order to implement US treaty obligations, the DMCA defines legal prohibitions against circumvention of the technological protection measures employed by copyright owners to protect their works, and against the removal or alteration of copyright management information.
The Federal Information Security Management Act (FISMA) The Federal Information Security Management Act of 2002 was enacted to produce several key security standards and guidelines required by Congressional legislation. The FISMA provides a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support federal operations and assets. It requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or another source.
General Data Protection Regulation (GDPR) The General Data Protection Regulation (GDPR) is one of the most stringent privacy and security laws globally. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018. With the GDPR, Europe signifies its firm stance on data privacy and security when more people are entrusting their data with cloud services, and breaches are a daily occurrence. The regulation itself is extensive, far-reaching, and relatively light on specifics, making GDPR compliance a daunting prospect, particularly for small and medium-sized enterprises (SMEs).
Data Protection Act 2018 (DPA) The DPA 2018 sets out the framework for data protection law in the UK. It updates and replaces the Data Protection Act 1998 and came into effect on 25 May, 2018. It was amended on 01 January, 2021 by regulations under the European Union (Withdrawal) Act 2018 to reflect the UK’s status outside the EU.
HACKING PHASES In general, there are five phases of hacking: ◦ Reconnaissance ◦ Scanning ◦ Gaining Access ◦ Maintaining Access ◦ Clearing Tracks
Reconnaissance ◦ Reconnaissance refers to the preparatory phase in which an attacker gathers as much information as possible about the target prior to launching the attack. ◦ The reconnaissance target range may include the target organization’s clients, employees, operations, network, and systems. ◦ Part of this reconnaissance may involve social engineering, dumpster diving, use the Internet to obtain information such as employees’ contact information, business partners, technologies currently in use, and other critical business knowledge.
Scanning ◦ Scanning is the phase immediately preceding the attack. Here, the attacker uses the details gathered during reconnaissance to scan the network for specific information. ◦ Scanning involves more in-depth probing on the part of the attacker. ◦ Scanning can include the use of dialers, port scanners, network mappers, ping tools, vulnerability scanners, or other tools. Attackers extract information such as live machines, port, port status, OS details, device type, and system uptime to launch an attack.
Gaining Access ◦ This is the phase in which real hacking occurs. Attackers use vulnerabilities identified during the reconnaissance and scanning phases to gain access to the target system and network. ◦ Gaining access refers to the point where the attacker obtains access to the operating system or to applications on the computer or network. ◦ Attackers gain access to the target system locally (offline), over a LAN, or the Internet. Examples include password cracking, stack-based buffer overflows, denial-of-service, and session hijacking.
Maintaining Access ◦ Maintaining access refers to the phase when the attacker tries to retain his or her ownership of the system. ◦ Once an attacker gains access to the target system with admin or root-level privileges (thus owning the system), they can use both the system and its resources at will. ◦ Attackers who choose to remain undetected remove evidence of their entry and install a backdoor or a Trojan to gain repeat access. They can also install rootkits at the kernel level to gain full administrative access to the target computer. ◦ They can maintain control over the system for a long time by closing up vulnerabilities to prevent other hackers from taking control of them, and sometimes, in the process, render some degree of protection to the system from other attacks. Attackers use the compromised system to launch further attacks.
Clearing Tracks ◦ Clearing tracks refers to the activities carried out by an attacker to hide malicious acts. ◦ For obvious reasons, such as avoiding legal trouble and maintaining access, attackers will usually attempt to erase all evidence of their actions. ◦ The attacker’s intentions include continuing access to the victim’s system, remaining unnoticed and uncaught, and deleting evidence that might lead to their own prosecution. ◦ Attackers always cover their tracks to hide their identity. ◦ They use utilities such as PsTools, Netcat, or Trojans to erase their footprints from the system’s log files. Other techniques include steganography and tunneling.
THANK YOU

Recommended

Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
Sweta Kumari Barnwal
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
chakrekevin
 
Ethical hacking & cyber security
Ethical hacking & cyber securityEthical hacking & cyber security
Ethical hacking & cyber security
ankit gandharkar
 
Information Security Bachelor in Information technology unit 1
Information Security Bachelor in Information technology unit 1Information Security Bachelor in Information technology unit 1
Information Security Bachelor in Information technology unit 1
ssuserf35ac9
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
Sweta Kumari Barnwal
 
Engineering report ca2_Kritakbiswas.pptx
Engineering report ca2_Kritakbiswas.pptxEngineering report ca2_Kritakbiswas.pptx
Engineering report ca2_Kritakbiswas.pptx
prosunghosh7
 
Cyber security.pptxelectronic systems, networks, and data from malicious
Cyber security.pptxelectronic systems, networks, and data from maliciousCyber security.pptxelectronic systems, networks, and data from malicious
Cyber security.pptxelectronic systems, networks, and data from malicious
BhimNathTiwari1
 
cybersecurity-180303131014.pdf
cybersecurity-180303131014.pdfcybersecurity-180303131014.pdf
cybersecurity-180303131014.pdf
yashgupta810747
 
Cyber security & Importance of Cyber Security
Cyber security & Importance of Cyber SecurityCyber security & Importance of Cyber Security
Cyber security & Importance of Cyber Security
Mohammed Adam
 
Cyber Sequrity.pptx is life of cyber security
Cyber Sequrity.pptx is life of cyber securityCyber Sequrity.pptx is life of cyber security
Cyber Sequrity.pptx is life of cyber security
perweeng31
 
IT Security.pdf
IT Security.pdfIT Security.pdf
IT Security.pdf
ManassahIjudigal
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
nazar60
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendations
BilalMehmood44
 
Cyber Security, cyber crime and cyber safety all .pptx
Cyber Security, cyber crime and cyber safety all .pptxCyber Security, cyber crime and cyber safety all .pptx
Cyber Security, cyber crime and cyber safety all .pptx
sri223n
 
Domain 1 of CEH v11 Information Security and Ethical Hacking.pptx
Domain 1 of CEH v11 Information Security and Ethical Hacking.pptxDomain 1 of CEH v11 Information Security and Ethical Hacking.pptx
Domain 1 of CEH v11 Information Security and Ethical Hacking.pptx
Infosectrain3
 
Hacking.pptx
Hacking.pptxHacking.pptx
Hacking.pptx
Yogesh Chauhan
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
Roshni814224
 
An An Exploration Into the Cyber Security
An An Exploration Into the Cyber SecurityAn An Exploration Into the Cyber Security
An An Exploration Into the Cyber Security
sivasakthin2022cse
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
Vikram Khanna
 
introduction class1(HACKING), basic information
introduction class1(HACKING), basic informationintroduction class1(HACKING), basic information
introduction class1(HACKING), basic information
animefun210
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptx
Janani S
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
TanushreeChakraborty27
 
Zero Trust.pptx
Zero Trust.pptxZero Trust.pptx
Zero Trust.pptx
ThavaselviMunusamy1
 
Top 20 cyber security interview questions and answers in 2023.pdf
Top 20 cyber security interview questions and answers in 2023.pdfTop 20 cyber security interview questions and answers in 2023.pdf
Top 20 cyber security interview questions and answers in 2023.pdf
AnanthReddy38
 
Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptx
MsVaishaliKumar
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
Sitamarhi Institute of Technology
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security Concepts
Sitamarhi Institute of Technology
 
What-is-Hacking and why is it important what are it’s benefits
What-is-Hacking and why is it important what are it’s benefitsWhat-is-Hacking and why is it important what are it’s benefits
What-is-Hacking and why is it important what are it’s benefits
animefreak00005
 
How to Subscribe Newsletter From Odoo 18 Website
How to Subscribe Newsletter From Odoo 18 WebsiteHow to Subscribe Newsletter From Odoo 18 Website
How to Subscribe Newsletter From Odoo 18 Website
Celine George
 
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam SuccessUltimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Mark Soia
 

More Related Content

Similar to Introduction of ethical hacking......... (20)

Cyber security & Importance of Cyber Security
Cyber security & Importance of Cyber SecurityCyber security & Importance of Cyber Security
Cyber security & Importance of Cyber Security
Mohammed Adam
 
Cyber Sequrity.pptx is life of cyber security
Cyber Sequrity.pptx is life of cyber securityCyber Sequrity.pptx is life of cyber security
Cyber Sequrity.pptx is life of cyber security
perweeng31
 
IT Security.pdf
IT Security.pdfIT Security.pdf
IT Security.pdf
ManassahIjudigal
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
nazar60
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendations
BilalMehmood44
 
Cyber Security, cyber crime and cyber safety all .pptx
Cyber Security, cyber crime and cyber safety all .pptxCyber Security, cyber crime and cyber safety all .pptx
Cyber Security, cyber crime and cyber safety all .pptx
sri223n
 
Domain 1 of CEH v11 Information Security and Ethical Hacking.pptx
Domain 1 of CEH v11 Information Security and Ethical Hacking.pptxDomain 1 of CEH v11 Information Security and Ethical Hacking.pptx
Domain 1 of CEH v11 Information Security and Ethical Hacking.pptx
Infosectrain3
 
Hacking.pptx
Hacking.pptxHacking.pptx
Hacking.pptx
Yogesh Chauhan
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
Roshni814224
 
An An Exploration Into the Cyber Security
An An Exploration Into the Cyber SecurityAn An Exploration Into the Cyber Security
An An Exploration Into the Cyber Security
sivasakthin2022cse
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
Vikram Khanna
 
introduction class1(HACKING), basic information
introduction class1(HACKING), basic informationintroduction class1(HACKING), basic information
introduction class1(HACKING), basic information
animefun210
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptx
Janani S
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
TanushreeChakraborty27
 
Zero Trust.pptx
Zero Trust.pptxZero Trust.pptx
Zero Trust.pptx
ThavaselviMunusamy1
 
Top 20 cyber security interview questions and answers in 2023.pdf
Top 20 cyber security interview questions and answers in 2023.pdfTop 20 cyber security interview questions and answers in 2023.pdf
Top 20 cyber security interview questions and answers in 2023.pdf
AnanthReddy38
 
Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptx
MsVaishaliKumar
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
Sitamarhi Institute of Technology
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security Concepts
Sitamarhi Institute of Technology
 
What-is-Hacking and why is it important what are it’s benefits
What-is-Hacking and why is it important what are it’s benefitsWhat-is-Hacking and why is it important what are it’s benefits
What-is-Hacking and why is it important what are it’s benefits
animefreak00005
 
Cyber security & Importance of Cyber Security
Cyber security & Importance of Cyber SecurityCyber security & Importance of Cyber Security
Cyber security & Importance of Cyber Security
Mohammed Adam
 
Cyber Sequrity.pptx is life of cyber security
Cyber Sequrity.pptx is life of cyber securityCyber Sequrity.pptx is life of cyber security
Cyber Sequrity.pptx is life of cyber security
perweeng31
 
IT Security.pdf
IT Security.pdfIT Security.pdf
IT Security.pdf
ManassahIjudigal
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
nazar60
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendations
BilalMehmood44
 
Cyber Security, cyber crime and cyber safety all .pptx
Cyber Security, cyber crime and cyber safety all .pptxCyber Security, cyber crime and cyber safety all .pptx
Cyber Security, cyber crime and cyber safety all .pptx
sri223n
 
Domain 1 of CEH v11 Information Security and Ethical Hacking.pptx
Domain 1 of CEH v11 Information Security and Ethical Hacking.pptxDomain 1 of CEH v11 Information Security and Ethical Hacking.pptx
Domain 1 of CEH v11 Information Security and Ethical Hacking.pptx
Infosectrain3
 
Hacking.pptx
Hacking.pptxHacking.pptx
Hacking.pptx
Yogesh Chauhan
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
Roshni814224
 
An An Exploration Into the Cyber Security
An An Exploration Into the Cyber SecurityAn An Exploration Into the Cyber Security
An An Exploration Into the Cyber Security
sivasakthin2022cse
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
Vikram Khanna
 
introduction class1(HACKING), basic information
introduction class1(HACKING), basic informationintroduction class1(HACKING), basic information
introduction class1(HACKING), basic information
animefun210
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptx
Janani S
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
TanushreeChakraborty27
 
Zero Trust.pptx
Zero Trust.pptxZero Trust.pptx
Zero Trust.pptx
ThavaselviMunusamy1
 
Top 20 cyber security interview questions and answers in 2023.pdf
Top 20 cyber security interview questions and answers in 2023.pdfTop 20 cyber security interview questions and answers in 2023.pdf
Top 20 cyber security interview questions and answers in 2023.pdf
AnanthReddy38
 
Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptx
MsVaishaliKumar
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
Sitamarhi Institute of Technology
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security Concepts
Sitamarhi Institute of Technology
 
What-is-Hacking and why is it important what are it’s benefits
What-is-Hacking and why is it important what are it’s benefitsWhat-is-Hacking and why is it important what are it’s benefits
What-is-Hacking and why is it important what are it’s benefits
animefreak00005
 

Recently uploaded (20)

How to Subscribe Newsletter From Odoo 18 Website
How to Subscribe Newsletter From Odoo 18 WebsiteHow to Subscribe Newsletter From Odoo 18 Website
How to Subscribe Newsletter From Odoo 18 Website
Celine George
 
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam SuccessUltimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Mark Soia
 
Quality Contril Analysis of Containers.pdf
Quality Contril Analysis of Containers.pdfQuality Contril Analysis of Containers.pdf
Quality Contril Analysis of Containers.pdf
Dr. Bindiya Chauhan
 
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public SchoolsK12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
dogden2
 
Operations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdfOperations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdf
Arab Academy for Science, Technology and Maritime Transport
 
Sinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_NameSinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_Name
keshanf79
 
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACYUNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
DR.PRISCILLA MARY J
 
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - WorksheetCBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
Sritoma Majumder
 
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Library Association of Ireland
 
To study Digestive system of insect.pptx
To study Digestive system of insect.pptxTo study Digestive system of insect.pptx
To study Digestive system of insect.pptx
Arshad Shaikh
 
How to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odooHow to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odoo
Celine George
 
One Hot encoding a revolution in Machine learning
One Hot encoding a revolution in Machine learningOne Hot encoding a revolution in Machine learning
One Hot encoding a revolution in Machine learning
momer9505
 
LDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini UpdatesLDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini Updates
LDM Mia eStudios
 
To study the nervous system of insect.pptx
To study the nervous system of insect.pptxTo study the nervous system of insect.pptx
To study the nervous system of insect.pptx
Arshad Shaikh
 
2541William_McCollough_DigitalDetox.docx
2541William_McCollough_DigitalDetox.docx2541William_McCollough_DigitalDetox.docx
2541William_McCollough_DigitalDetox.docx
contactwilliamm2546
 
Political History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptxPolitical History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptx
Arya Mahila P. G. College, Banaras Hindu University, Varanasi, India.
 
GDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptxGDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptx
azeenhodekar
 
apa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdfapa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdf
Ishika Ghosh
 
How to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of saleHow to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of sale
Celine George
 
pulse ppt.pptx Types of pulse , characteristics of pulse , Alteration of pulse
pulse ppt.pptx Types of pulse , characteristics of pulse , Alteration of pulsepulse ppt.pptx Types of pulse , characteristics of pulse , Alteration of pulse
pulse ppt.pptx Types of pulse , characteristics of pulse , Alteration of pulse
sushreesangita003
 
How to Subscribe Newsletter From Odoo 18 Website
How to Subscribe Newsletter From Odoo 18 WebsiteHow to Subscribe Newsletter From Odoo 18 Website
How to Subscribe Newsletter From Odoo 18 Website
Celine George
 
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam SuccessUltimate VMware 2V0-11.25 Exam Dumps for Exam Success
Ultimate VMware 2V0-11.25 Exam Dumps for Exam Success
Mark Soia
 
Quality Contril Analysis of Containers.pdf
Quality Contril Analysis of Containers.pdfQuality Contril Analysis of Containers.pdf
Quality Contril Analysis of Containers.pdf
Dr. Bindiya Chauhan
 
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public SchoolsK12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
K12 Tableau Tuesday - Algebra Equity and Access in Atlanta Public Schools
dogden2
 
Operations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdfOperations Management (Dr. Abdulfatah Salem).pdf
Operations Management (Dr. Abdulfatah Salem).pdf
Arab Academy for Science, Technology and Maritime Transport
 
Sinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_NameSinhala_Male_Names.pdf Sinhala_Male_Name
Sinhala_Male_Names.pdf Sinhala_Male_Name
keshanf79
 
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACYUNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
UNIT 3 NATIONAL HEALTH PROGRAMMEE. SOCIAL AND PREVENTIVE PHARMACY
DR.PRISCILLA MARY J
 
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - WorksheetCBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
CBSE - Grade 8 - Science - Chemistry - Metals and Non Metals - Worksheet
Sritoma Majumder
 
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Niamh Lucey, Mary Dunne. Health Sciences Libraries Group (LAI). Lighting the ...
Library Association of Ireland
 
To study Digestive system of insect.pptx
To study Digestive system of insect.pptxTo study Digestive system of insect.pptx
To study Digestive system of insect.pptx
Arshad Shaikh
 
How to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odooHow to Set warnings for invoicing specific customers in odoo
How to Set warnings for invoicing specific customers in odoo
Celine George
 
One Hot encoding a revolution in Machine learning
One Hot encoding a revolution in Machine learningOne Hot encoding a revolution in Machine learning
One Hot encoding a revolution in Machine learning
momer9505
 
LDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini UpdatesLDMMIA Reiki Master Spring 2025 Mini Updates
LDMMIA Reiki Master Spring 2025 Mini Updates
LDM Mia eStudios
 
To study the nervous system of insect.pptx
To study the nervous system of insect.pptxTo study the nervous system of insect.pptx
To study the nervous system of insect.pptx
Arshad Shaikh
 
2541William_McCollough_DigitalDetox.docx
2541William_McCollough_DigitalDetox.docx2541William_McCollough_DigitalDetox.docx
2541William_McCollough_DigitalDetox.docx
contactwilliamm2546
 
Political History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptxPolitical History of Pala dynasty Pala Rulers NEP.pptx
Political History of Pala dynasty Pala Rulers NEP.pptx
Arya Mahila P. G. College, Banaras Hindu University, Varanasi, India.
 
GDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptxGDGLSPGCOER - Git and GitHub Workshop.pptx
GDGLSPGCOER - Git and GitHub Workshop.pptx
azeenhodekar
 
apa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdfapa-style-referencing-visual-guide-2025.pdf
apa-style-referencing-visual-guide-2025.pdf
Ishika Ghosh
 
How to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of saleHow to manage Multiple Warehouses for multiple floors in odoo point of sale
How to manage Multiple Warehouses for multiple floors in odoo point of sale
Celine George
 
pulse ppt.pptx Types of pulse , characteristics of pulse , Alteration of pulse
pulse ppt.pptx Types of pulse , characteristics of pulse , Alteration of pulsepulse ppt.pptx Types of pulse , characteristics of pulse , Alteration of pulse
pulse ppt.pptx Types of pulse , characteristics of pulse , Alteration of pulse
sushreesangita003
 

Introduction of ethical hacking.........

  • 2. What is Information Security? Information security is “the state of the well-being of information and infrastructure in which the possibility of theft, tampering, or disruption of information and services is kept low or tolerable. Information security refers to the protection or safeguarding of information and information systems that use, store, and transmit information from unauthorized access, disclosure, alteration, and destruction.
  • 4. The Security, Functionality, and Usability Triangle
  • 6. Who is a Hacker? A hacker is a person who breaks into a system or network without authorization to destroy, steal sensitive data, or perform malicious attacks. A hacker is an intelligent individual with excellent computer skills, along with the ability to create and explore the computer’s software and hardware.
  • 7. Motives, Goals, and Objectives of Information Security Attacks Attacks = Motive (Goal) + Method + Vulnerability Once the attacker determines their goal, they can employ various tools, attack techniques, and methods to exploit vulnerabilities in a computer system or security policy and controls.
  • 8. Why Hackers Hack ◦ Hacking as a hobby ◦ Hacking to steal ◦ Hacking to bring a site down ◦ Hacking to leak information ◦ Hacking with political motive ◦ Idealism or Hacktivism ◦ Security reasons
  • 9. Hacker Classes/Threat Actors Black Hats ◦ Black hats are individuals who use their extraordinary computing skills for illegal or malicious purposes. White Hats ◦ White hats or penetration testers are individuals who use their hacking skills for defensive purposes. Gray Hats ◦ Gray hats are the individuals who work both offensively and defensively at various times. Suicide Hackers ◦ Suicide hackers are individuals who aim to bring down critical infrastructure for a “cause” and are not worried about facing jail terms or any other kind of punishment. Script Kiddies ◦ Script kiddies are unskilled hackers who compromise systems by running scripts, tools, and software developed by real hackers.
  • 10. Cyber Terrorists ◦ Cyber terrorists are individuals with a wide range of skills who are motivated by religious or political beliefs to create the fear of large-scale disruption of computer networks. State-Sponsored Hackers ◦ State-sponsored hackers are skilled individuals having expertise in hacking and are employed by the government to penetrate, gain top-secret information from, and damage the information systems of other government or military organizations. Hacktivist ◦ Hacktivism is a form of activism in which hackers break into government or corporate computer systems as an act of protest. Hacker Teams ◦ A hacker team is a consortium of skilled hackers having their own resources and funding.
  • 11. Industrial Spies ◦ Industrial spies are individuals who perform corporate espionage by illegally spying on competitor organizations. They focus on stealing critical information such as blueprints, formulas, product designs, and trade secrets. Insiders ◦ An insider is any employee (trusted person) who has access to critical assets of an organization. Criminal Syndicates ◦ Criminal syndicates are groups of individuals or communities that are involved in organized, planned, and prolonged criminal activities. Organized Hackers ◦ Organized hackers are a group of hackers working together in criminal activities.
  • 12. Classification of Attacks Passive Attacks ◦ Passive attacks involve intercepting and monitoring network traffic and data flow on the target network and do not tamper with the data. Active Attacks ◦ Active attacks tamper with the data in transit or disrupt communication or services between the systems to bypass or break into secured systems. Close-in Attacks ◦ Close-in attacks are performed when the attacker is in close physical proximity with the target system or network.
  • 13. Insider Attacks Insider attacks are performed by trusted persons who have physical access to the critical assets of the target. Distribution Attacks Distribution attacks occur when attackers tamper with hardware or software prior to installation.
  • 14. Information Security Attack Vectors Cloud computing threats ◦ Cloud computing refers to the on-demand delivery of IT capabilities in which IT infrastructure and applications are provided to subscribers as a metered service over a network. Advanced persistent threats (APTs) ◦ This refers to an attack that focuses on stealing information from the victim machine without its user being aware of it. Viruses and worms ◦ Viruses and worms are the most prevalent networking threats, and are capable of infecting a network within seconds. Ransomware ◦ Ransomware is a type of a malware that restricts access to the computer system’s files and folders and demands an online ransom payment to the malware creator(s) in order to remove the restrictions.
  • 15. Mobile threats ◦ Attackers are increasingly focusing on mobile devices due to the increased adoption of smartphones for business and personal use and their comparatively fewer security controls. Botnet ◦ A botnet is a huge network of compromised systems used by attackers to perform denial-of-service attacks. Bots, in a botnet, perform tasks such as uploading viruses, sending mails with botnets attached to them, stealing data, and so on. Insider attack ◦ An insider attack is an attack by someone from within an organization who has authorized access to its network and is aware of the network architecture.
  • 16. Phishing ◦ Phishing refers to the practice of sending an illegitimate email falsely claiming to be from a legitimate site in an attempt to acquire a user’s personal or account information. Web application threats ◦ Attacks such as SQL injection and cross-site scripting has made web applications a favorable target for attackers to steal credentials, set up phishing site, or acquire private information. IoT threats ◦ IoT devices connected to the Internet have little or no security, which makes them vulnerable to various types of attacks.
  • 17. What is Ethical Hacking? Ethical hacking is the practice of employing computer and network skills in order to assist organizations in testing their network security for possible loopholes and vulnerabilities. They perform hacking in ethical ways, with the permission of the network or system owner and without the intention to cause harm. Ethical hackers report all vulnerabilities to the system and network owner for remediation, thereby increasing the security of an organization’s information system. Ethical hacking involves the use of hacking tools, tricks, and techniques typically used by an attacker to verify the existence of exploitable vulnerabilities in system security.
  • 18. Why Ethical Hacking is Necessary
  • 19. Skills of an Ethical Hacker
  • 20. Scope and Limitations of Ethical Hacking • An ethical hacker should know the penalties of unauthorized hacking into a system. • No ethical hacking activities associated with a network-penetration test or security audit should begin before receiving a signed legal document giving the ethical hacker express permission to perform the hacking activities from the target organization. • Ethical hackers must be judicious with their hacking skills and recognize the consequences of misusing those skills. • Unless the businesses first know what they are looking for and why they are hiring an outside vendor to hack their systems in the first place, chances are there would not be much to gain from experience. • An ethical hacker, thus, can only help the organization to better understand its security system. • It is up to the organization to place the right safeguards on the network.
  • 21. Advantages of Ethical Hacking ◦ Can be used to recover lost information ◦ Teaches that no technology is 100% secure ◦ To test how good security is on your own system, known as White Hat Hacking ◦ To prevent website, system or network hacking from Black Hat Hackers.
  • 22. Disadvantages of Ethical Hacking ◦ Everything depends upon the trustworthiness of the Ethical Hacker ◦ Visibility of the company’s financial and banking details. ◦ Hiring Professionals is Expensive
  • 23. Elements of Information Security Confidentiality ◦ Confidentiality is the assurance that the information is accessible only to authorized. Integrity ◦ Integrity is the trustworthiness of data or resources in the prevention of improper and unauthorized changes—the assurance that information is sufficiently accurate for its purpose. Availability ◦ Availability is the assurance that the systems responsible for delivering, storing, and processing information are accessible when required by authorized users.
  • 24. Authenticity ◦ Authenticity refers to the characteristic of communication, documents, or any data that ensures the quality of being genuine or uncorrupted. Non-Repudiation ◦ Non-repudiation is a way to guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.
  • 25. Various Information Security Laws and Regulations Payment Card Industry Data Security Standard (PCI DSS) This standard offers robust and comprehensive standards and supporting materials to enhance payment card data security. These materials include a framework of specifications, tools, measurements, and support resources to help organizations ensure the safe handling of cardholder information.
  • 26. ISO/IEC 27001:2022 ISO/IEC 27001:2022 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of an organization. It includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
  • 27. Health Insurance Portability and Accountability Act (HIPAA) The HIPAA Privacy Rule provides federal protections for the individually identifiable health information held by covered entities and their business associates and gives patients an array of rights to that information. At the same time, the Privacy Rule permits the disclosure of health information needed for patient care and other necessary purposes.
  • 28. Sarbanes Oxley Act (SOX) Enacted in 2002, the Sarbanes-Oxley Act aims to protect the public and investors by increasing the accuracy and reliability of corporate disclosures. This act does not explain how an organization must store records but describes the records that organizations must store and the duration of their storage. The Act mandated several reforms to enhance corporate responsibility, enhance financial disclosures, and combat corporate and accounting fraud. The Digital Millennium Copyright Act (DMCA) The DMCA is an American copyright law that implements two 1996 treaties from the World Intellectual Property Organization (WIPO): the WIPO Copyright Treaty and the WIPO Performances and Phonograms Treaty. In order to implement US treaty obligations, the DMCA defines legal prohibitions against circumvention of the technological protection measures employed by copyright owners to protect their works, and against the removal or alteration of copyright management information.
  • 29. The Federal Information Security Management Act (FISMA) The Federal Information Security Management Act of 2002 was enacted to produce several key security standards and guidelines required by Congressional legislation. The FISMA provides a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support federal operations and assets. It requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or another source.
  • 30. General Data Protection Regulation (GDPR) The General Data Protection Regulation (GDPR) is one of the most stringent privacy and security laws globally. Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. The regulation was put into effect on May 25, 2018. With the GDPR, Europe signifies its firm stance on data privacy and security when more people are entrusting their data with cloud services, and breaches are a daily occurrence. The regulation itself is extensive, far-reaching, and relatively light on specifics, making GDPR compliance a daunting prospect, particularly for small and medium-sized enterprises (SMEs).
  • 31. Data Protection Act 2018 (DPA) The DPA 2018 sets out the framework for data protection law in the UK. It updates and replaces the Data Protection Act 1998 and came into effect on 25 May, 2018. It was amended on 01 January, 2021 by regulations under the European Union (Withdrawal) Act 2018 to reflect the UK’s status outside the EU.
  • 32. HACKING PHASES In general, there are five phases of hacking: ◦ Reconnaissance ◦ Scanning ◦ Gaining Access ◦ Maintaining Access ◦ Clearing Tracks
  • 33. Reconnaissance ◦ Reconnaissance refers to the preparatory phase in which an attacker gathers as much information as possible about the target prior to launching the attack. ◦ The reconnaissance target range may include the target organization’s clients, employees, operations, network, and systems. ◦ Part of this reconnaissance may involve social engineering, dumpster diving, use the Internet to obtain information such as employees’ contact information, business partners, technologies currently in use, and other critical business knowledge.
  • 34. Scanning ◦ Scanning is the phase immediately preceding the attack. Here, the attacker uses the details gathered during reconnaissance to scan the network for specific information. ◦ Scanning involves more in-depth probing on the part of the attacker. ◦ Scanning can include the use of dialers, port scanners, network mappers, ping tools, vulnerability scanners, or other tools. Attackers extract information such as live machines, port, port status, OS details, device type, and system uptime to launch an attack.
  • 35. Gaining Access ◦ This is the phase in which real hacking occurs. Attackers use vulnerabilities identified during the reconnaissance and scanning phases to gain access to the target system and network. ◦ Gaining access refers to the point where the attacker obtains access to the operating system or to applications on the computer or network. ◦ Attackers gain access to the target system locally (offline), over a LAN, or the Internet. Examples include password cracking, stack-based buffer overflows, denial-of-service, and session hijacking.
  • 36. Maintaining Access ◦ Maintaining access refers to the phase when the attacker tries to retain his or her ownership of the system. ◦ Once an attacker gains access to the target system with admin or root-level privileges (thus owning the system), they can use both the system and its resources at will. ◦ Attackers who choose to remain undetected remove evidence of their entry and install a backdoor or a Trojan to gain repeat access. They can also install rootkits at the kernel level to gain full administrative access to the target computer. ◦ They can maintain control over the system for a long time by closing up vulnerabilities to prevent other hackers from taking control of them, and sometimes, in the process, render some degree of protection to the system from other attacks. Attackers use the compromised system to launch further attacks.
  • 37. Clearing Tracks ◦ Clearing tracks refers to the activities carried out by an attacker to hide malicious acts. ◦ For obvious reasons, such as avoiding legal trouble and maintaining access, attackers will usually attempt to erase all evidence of their actions. ◦ The attacker’s intentions include continuing access to the victim’s system, remaining unnoticed and uncaught, and deleting evidence that might lead to their own prosecution. ◦ Attackers always cover their tracks to hide their identity. ◦ They use utilities such as PsTools, Netcat, or Trojans to erase their footprints from the system’s log files. Other techniques include steganography and tunneling.