Ethical Hacking for Educators

1
Ethical Hacking for Educators

• Presented By
• Regina DeLisse Hartley, Ph.D.
• Caldwell Community College
• Technical Institute

2
Overview

• Old School Hackers History of Hacking
• Ec-Council Certified Ethical Hacker
• Learning Competencies
• Teaching Resources Ethical Hacking Textbooks
• Hacking Tools
• Hacker Challenge Websites
• Additional Web Sites
• Questions and Answers

3
Old School Hackers History of Hacking
4

• PREHISTORY
• 1960s The Dawn of HackingOriginal meaning of
  the word "hack" started at MIT meant elegant,
  witty or inspired way of doing almost anything
  hacks were programming shortcuts
• ELDER DAYS (1970-1979)
• 1970s Phone Phreaks and Cap'n Crunch One
  phreak, John Draper (aka "Cap'n Crunch"),
  discovers a toy whistle inside Cap'n Crunch
  cereal gives 2600-hertz signal, and can access
  ATT's long-distance switching system.

• Draper builds a "blue box" used with whistle
  allows phreaks to make free calls.
• Steve Wozniak and Steve Jobs, future founders of
  Apple Computer, make and sell blue boxes.THE
  GOLDEN AGE (1980-1991)
• 1980 Hacker Message Boards and GroupsHacking
  groups form such as Legion of Doom (US), Chaos
  Computer Club (Germany).
• 1983 Kids' GamesMovie "War Games" introduces
  public to hacking.

5

• THE GREAT HACKER WAR
• Legion of Doom vs Masters of Deception online
  warfare jamming phone lines.
• 1984 Hacker 'ZinesHacker magazine 2600
  publication online 'zine Phrack.
• CRACKDOWN (1986-1994)
• 1986 Congress passes Computer Fraud and Abuse
  Act crime to break into computer systems.
• 1988 The Morris WormRobert T. Morris, Jr.,
  launches self-replicating worm on ARPAnet.

• 1989 The Germans , the KGB and Kevin Mitnick.
• German Hackers arrested for breaking into U.S.
  computers sold information to Soviet KGB.
• Hacker "The Mentor arrested publishes Hacker's
  Manifesto.
• Kevin Mitnick convicted first person convicted
  under law against gaining access to interstate
  network for criminal purposes.

6

• 1993 Why Buy a Car When You Can Hack One?Radio
  station call-in contest hacker-fugitive Kevin
  Poulsen and friends crack phone they allegedly
  get two Porsches, 20,000 cash, vacation trips
  Poulsen now a freelance journalist covering
  computer crime.
• First Def Con hacking conference in Las Vegas
• ZERO TOLERANCE (1994-1998)
• 1995 The Mitnick Takedown Arrested again
  charged with stealing 20,000 credit card numbers.
  

• 1995 Russian Hackers Siphon 10 million from
  Citibank Vladimir Levin, leader.
• Oct 1998 teenager hacks into Bell Atlantic phone
  system disabled communication at airport
  disables runway lights.
• 1999 hackers attack Pentagon, MIT, FBI web
  sites.
• 1999 E-commerce company attacked blackmail
  threats followed by 8 million credit card
  numbers stolen. (www.blackhat.info www.h2k2.net
  www.slais.ubc.ca/ www.sptimes.com
  www.tlc.discovery.com)

7
Ec-Council Certified Ethical Hacker
8
EC-Council has certified IT professionals from
the following organizations as CEH

• Novell, Canon, Hewlett Packard, US Air Force
  Reserve, US Embassy, Verizon, PFIZER, HDFC Bank,
  University of Memphis, Microsoft Corporation,
  Worldcom, Trusecure, US Department of Defense,
  Fedex, Dunlop, British Telecom, Cisco, Supreme
  Court of the Philippines, United Nations,
  Ministry of Defense, UK, Nortel Networks, MCI,
  Check Point Software, KPMG, Fleet International,
  Cingular Wireless, Columbia Daily Tribune,
  Johnson Johnson, Marriott Hotel, Tucson
  Electric Power Company, Singapore Police Force

9
(Cont.)

• PriceWaterhouseCoopers, SAP, Coca-Cola
  Corporation, Quantum Research, US Military, IBM
  Global Services, UPS, American Express, FBI,
  Citibank Corporation, Boehringer Ingelheim,
  Wipro, New York City Dept Of IT Telecom
  DoITT, United States Marine Corps, Reserve Bank
  of India, US Air Force, EDS, Bell Canada, SONY,
  Kodak, Ontario Provincial Police, Harris
  Corporation, Xerox, Philips Electronics, U.S.
  Army, Schering, Accenture, Bank One, SAIC,
  Fujitsu, Deutsche Bank

10
Hackers are here. Where are you?

• The explosive growth of the Internet has brought
  many good thingsAs with most technological
  advances, there is also a dark side criminal
  hackers.
• The term hacker has a dual usage in the
  computer industry today. Originally, the term was
  defined as
• HACKER noun. 1. A person who enjoys learning the
  details of computer systems and how to stretch
  their capabilities. 2. One who programs
  enthusiastically or who enjoys programming rather
  than just theorizing about programming.

11
What is a Hacker?

• Old School Hackers 1960s style Stanford or MIT
  hackers. Do not have malicious intent, but do
  have lack of concern for privacy and proprietary
  information. They believe the Internet was
  designed to be an open system.
• Script Kiddies or Cyber-Punks Between 12-30
  predominantly white and male bored in school
  get caught due to bragging online intent is to
  vandalize or disrupt systems.
• Professional Criminals or Crackers Make a
  living by breaking into systems and selling the
  information.
• Coders and Virus Writers See themselves as an
  elite programming background and write code but
  wont use it themselves have their own networks
  called zoos leave it to others to release
  their code into The Wild or Internet.
  (www.tlc.discovery.com)

12
What is Ethical Hacking?

• Ethical hacking defined methodology adopted by
  ethical hackers to discover the vulnerabilities
  existing in information systems operating
  environments.
• With the growth of the Internet, computer
  security has become a major concern for
  businesses and governments.
• In their search for a way to approach the
  problem, organizations came to realize that one
  of the best ways to evaluate the intruder threat
  to their interests would be to have independent
  computer security professionals attempt to break
  into their computer systems.

13
Who are Ethical Hackers?

• One of the best ways to evaluate the intruder
  threat is to have an independent computer
  security professionals attempt to break their
  computer systems
• Successful ethical hackers possess a variety of
  skills. First and foremost, they must be
  completely trustworthy.
• Ethical hackers typically have very strong
  programming and computer networking skills.
• They are also adept at installing and maintaining
  systems that use the more popular operating
  systems (e.g., Linux or Windows 2000) used on
  target systems.
• These base skills are augmented with detailed
  knowledge of the hardware and software provided
  by the more popular computer and networking
  hardware vendors.

14
What do Ethical Hackers do?

• An ethical hackers evaluation of a systems
  security seeks answers to these basic questions
• What can an intruder see on the target systems?
• What can an intruder do with that information?
• Does anyone at the target notice the intruders
  at tempts or successes?
• What are you trying to protect?
• What are you trying to protect against?
• How much time, effort, and money are you willing
  to expend to obtain adequate protection?

15
How much do Ethical Hackers get Paid?

• Globally, the hiring of ethical hackers is on the
  rise with most of them working with top
  consulting firms.
• In the United States, an ethical hacker can make
  upwards of 120,000 per annum.
• Freelance ethical hackers can expect to make
  10,000 per assignment.
• Some ranges from 15,000 to
• 45,000 for a standalone ethical
• hack.

16
Certified Ethical Hacker (CEH) Training

• InfoSec Academy
• http//www.infosecacademy.com
• Five-day Certified Ethical Hacker (CEH) Training
  Camp Certification Training Program
• (CEH) examination
• CEH Certified Ethical
• Hacker Training Camp(5-Day Package)3,595(2,58
  0 training only)

(Source www.eccouncil.org)
17
Learning Competencies
18
Required Skills of an Ethical Hacker

• Routers knowledge of routers, routing
  protocols, and access control lists
• Microsoft skills in operation, configuration
  and management.
• Linux knowledge of Linux/Unix security
  setting, configuration, and services.
• Firewalls configurations, and operation of
  intrusion detection systems.
• Mainframes
• Network Protocols TCP/IP how they function and
  can be manipulated.
• Project Management knowledge of leading,
  planning, organizing, and controlling a
  penetration testing team.

(Source http//www.examcram.com)
19
Modes of Ethical Hacking

• Insider attack
• Outsider attack
• Stolen equipment attack
• Physical entry
• Bypassed authentication attack (wireless access
  points)
• Social engineering attack

(Source http//www.examcram.com)
20
Anatomy of an attack

• Reconnaissance attacker gathers information
  can include social engineering.
• Scanning searches for open ports (port scan)
  probes target for vulnerabilities.
• Gaining access attacker exploits
  vulnerabilities to get inside system used for
  spoofing IP.
• Maintaining access creates backdoor through use
  of Trojans once attacker gains access makes sure
  he/she can get back in.
• Covering tracks deletes files, hides files, and
  erases log files. So that attacker cannot be
  detected or penalized.

(Source www.eccouncil.org)
21

• Hacker classes
• Black hats highly skilled,
• malicious, destructive crackers
• White hats skills used for
• defensive security analysts
• Gray hats offensively and
• defensively will hack for different
• reasons, depends on situation.
• Hactivism hacking for social and political
  cause.
• Ethical hackers determine what attackers can
  gain access to, what they will do with the
  information, and can they be detected.

(Source www.eccouncil.org)
22
Teaching Resources Ethical Hacking Textbooks
23
Ec-Council

• Certified Ethical Hacker

www.eccouncil.org ISBN 0-9729362-1-1
24
Ec-Council Topics Covered

• Introduction to Ethical Hacking
• Footprinting
• Scanning
• Enumeration
• System Hacking
• Trojans and Backdoors
• Sniffers
• Denial of Service
• Social Engineering
• Session Hijacking
• Hacking Web Servers

25
Ec-Council (Cont.)

• Web Application Vulnerabilities
• Web Based Password Cracking Techniques
• SQL Injection
• Hacking Wireless Networks
• Viruses
• Novell Hacking
• Linux Hacking
• Evading IDS, Firewalls and Honeypots
• Buffer Overflows
• Cryptography

26
Certified Ethical Hacker Exam Prep
http//www.examcram.com ISBN 0-7897-3531-8
27
Certified Ethical Hacker Exam Prep

• The Business Aspects of Penetration Testing
• The Technical Foundations of Hacking
• Footprinting and Scanning
• Enumeration and System Hacking
• Linux and automated Security Assessment Tools
• Trojans and Backdoors
• Sniffers, Session Hyjacking, and Denial of
  Service

28
Certified Ethical Hacker Exam Prep (Cont.)

• Web Server Hacking, Web Applications, and
  Database Attacks
• Wireless Technologies, Security, and Attacks
• IDS, Firewalls, and Honeypots
• Buffer Overflows, Viruses, and Worms
• Cryptographic Attacks and Defenses
• Physical Security and Social Engineering

29
Hands-On Information Security Lab Manual, Second
Edition
1. Footprinting2. Scanning and Enumeration3.
Operating System Vulnerabilities and
Resolutions4. Network Security Tools and
Technologies5. Security Maintenance6.
Information Security Management7. File System
Security and Cryptography8. Computer Forensics
http//www.course.com/ ISBN 0-619-21631-X
30
Hacking Tools Footprinting and Reconnaissance
31
Whois
32
Whois (cont.)
http//www.allwhois.com/
33
Whois (cont.)
34
Sam Spade
35
Sam Spade (Cont.)
36
Nslookup
37
Nslookup Options
38
Traceroute
39
Ping
40
Ping Options
41
Hacking Tools Scanning and Enumeration
42
nmap
43
NMapWin
44
SuperScan
45
SuperScan (Cont.)
46
IP Scanner
47
Hyena
48
Retina
49
LANguard
50
Hacking Tools System Hacking
51
telnet
52
Snadboy
53
Password Cracking with LOphtcrack
54
Keylogger
55
Hacking Tools Trojans and Backdoors
56
NetBus
57
Game Creates Backdoor for NetBus
58
SubSeven
59
Hacking Tools Sniffers
60
Spoofing a MAC addressOriginal Configuration
61
Spoofed Mac
62
Ethereal
63
Iris
64
Snort
65
Hacking Tools Web Based Password Cracking
66
Cain and Abel
67
Cain and Abel (Cont.)
68
Cain and Abel (Cont.)
69
Legion
70
Brutus
71
Hacking Tools Covering Tracks
72
ImageHide
73
ClearLogs
74
ClearLogs (Cont.)
75
Hacking Tools Google Hacking and SQL Injection
76
Google Hacking
77
Google Cheat Sheet
78
SQL Injection

• Allows a remote attacker to
• execute arbitrary database
• commands
• Relies on poorly formed database queries and
  insufficient
• input validation
• Often facilitated, but does not rely on unhandled
• exceptions and ODBC error messages
• Impact MASSIVE. This is one of the most
  dangerous
• vulnerabilities on the web.

79
Common Database Query
80
Problem Unvalidated Input
81
Piggybacking Queries withUNION
82
Hacker Challenge Websites
83
http//www.hackr.org/mainpage.php
84
(No Transcript)
85
Hackthissite.org
http//www.hackthissite.org
86
Answers revealed in code
87
Hackits
http//www.hackits.de/challenge/
88
Additional Web Sites
89
Legion of Ethical Hacking
90
Legion of Ethical Hacking (Cont.)
91
Hacker Highschool
http//www.hackerhighschool.org/
92
Hacker Highschool
93
johnny.ihackstuff.com/
94
HappyHacker.org
95
Foundstone
96
Insecure.org
97
SANS Institute
98
Questions Answers