Title: Computer Security
1Computer Security
- From Basics to Pro Hacker
By Jit Ray Chowdhury Roll 04 BCA 6th SEMESTER
Dinabandhu Andrews Institute of Technology and
Management Email ID-jit.ray.c_at_gmail.com Contact
No- 9831546599
2Your computer could be watching your every move!
Image Source - http//www.clubpmi.it/upload/serviz
i_marketing/images/spyware.jpg
3Introduction
- Basic protection for Dummies
4Virus!!
-
- They dont just attack you computer but actually
first they attack you as mostly they need some
user interaction to get your PC infected and for
that they play with your mind and fool you to do
so.
5Protecting against Virus.
- For protecting your PC from virus you not only
need to have a updated antivirus and firewall
installed but also be aware of the ways virus
fools you. - Example- like you commonly run external scripts
send by virus on your scrapbook.
6Must Know About
- A program that monitors your actions. While they
are sometimes like a remote control program used
by a hacker, software companies to gather data
about customers. The practice is generally
frowned upon.
SPYWARE
Definition from BlackICE Internet Security
Systems - http//blackice.iss.net/glossary.php
An apparently useful and innocent program
containing additional hidden code which allows
the unauthorized collection, exploitation,
falsification, or destruction of data.
Definition from Texas State Library and
Archives Commission - http//www.tsl.state.tx.us/l
d/pubs/compsecurity/glossary.html
TROJAN HORSE
7Symptoms
- Targeted Pop-ups
- Slow Connection
- Targeted E-Mail (Spam)
- Unauthorized Access
- Spam Relaying
- System Crash
- Program Customisation
SPYWARE
SPYWARE / TROJAN
SPYWARE
TROJAN HORSE
TROJAN HORSE
SPYWARE / TROJAN
SPYWARE
8Spyware-Network Overview
- Push
- Advertising
- Pull
- Tracking
- Personal data
Image Source Image derived and produced by
Andrew Brown, Tim Cocks and Kumutha Swampillai,
February 2004.
9Virus, Worm, Trojan Horse, Spyware
- Virus cannot replicate themselves but worm and
Trojan can do that. - A virus cannot be spread without a human action
such as running an infected file or program but
worm and Trojan have the capabilities to spread
themselves automatically from computer to
computer through network connection.
10- A virus do not consume system memory but worm
consumes too much system memory and network
bandwidth. - Trojans are used by malicious users to access
your computer information but viruses and worms
cant do so, they simply infect your computer. - Spyware collect data from your computer without
consent for Precision Marketing by various
companies
11Hackers
- The Attitude to the Infinity
11
12What is Hacker?
- Its about technical adeptness , being delight in
solving problems and overcoming limits. - There is a community of expert programmers and
networking wizards that traces its history back
through decades to the first time-sharing
minicomputers and the earliest ARPAnet
experiments. The members of this culture
originated the term hacker. Hackers built the
Internet. Hackers made the Unix operating system
what it is today. Hackers make the World Wide Web
work. If you are part of this culture, if you
have contributed to it and other people in it
know who you are and call you a hacker, you're a
hacker.
13-
- The hacker mind-set is not confined to this
software-hacker culture. There are people who
apply the hacker attitude to other things, like
electronics or music actually, you can find it
at the highest levels of any science or art.
Software hackers recognize these kindred spirits
elsewhere and may call them hackers too and
some claim that the hacker nature is really
independent of the particular medium the hacker
works in. But in the rest of this document we
will focus on the skills and attitudes of
software hackers, and the traditions of the
shared culture that originated the term hacker.
Jit Ray Chowdhury
http//jit.ray.c_at_googlepages.coom
14- There is another group of people who loudly call
themselves hackers, but aren't. These are people
(mainly adolescent males) who get a kick out of
breaking into computers and freaking the phone
system. Real hackers call these people crackers
and have nothing to do with them. Real hackers
mostly think crackers are lazy, irresponsible,
and not very bright, and object that being able
to break security doesn't make you a hacker any
more than being able to hotwire cars makes you an
automotive engineer. Unfortunately, many
journalists and writers have been fooled into
using the word hacker to describe crackers
this irritates real hackers no end. - The basic difference is this hackers build
things, crackers break them.
15The Hacker Attitude
- Dont learn to Hack, Hack to Learn.
- The world is full of fascinating problems waiting
to be solved. - No problem should ever have to be solved twice.
- Boredom and drudgery are evil.
- Attitude is no substitute for competence.
16Dont learn to Hack, Hack to Learn
-
- Hackers solve problems and build things, and
they believe in freedom and voluntary mutual
help.. You also have to develop a kind of faith
in your own learning capacity a belief that
even though you may not know all of what you need
to solve a problem, if you tackle just a piece of
it and learn from that, you'll learn enough to
solve the next piece and so on, until you're
done.
17The world is full of fascinating problems waiting
to be solved
- Being a hacker is lots of fun, but it's a kind
of fun that takes lots of effort. The effort
takes motivation. Successful athletes get their
motivation from a kind of physical delight in
making their bodies perform, in pushing their own
physical limits. Similarly, to be a hacker you
have to get a basic thrill from solving problems,
sharpening your skills, and exercising your
intelligence. If you aren't the kind of person
that feels this way naturally, you'll need to
become one in order to make it as a hacker.
Otherwise you'll find your hacking energy is
drained by distractions like money, and social
approval.
18No problem should ever have to be solved twice.
- Creative brains are a valuable, limited resource.
They shouldn't be wasted on re-inventing the
wheel when there are so many fascinating new
problems waiting out there - To behave like a hacker, you have to believe that
the thinking time of other hackers is precious
so much so that it's almost a moral duty for you
to share information, solve problems and then
give the solutions away just so other hackers can
solve new problems instead of having to
perpetually re-address old ones
19Boredom and drudgery are evil.
- Hackers (and creative people in general) should
never be bored or have to drudge at stupid
repetitive work, because when this happens it
means they aren't doing what only they can do
solve new problems. This wastefulness hurts
everybody. Therefore boredom and drudgery are not
just unpleasant but actually evil . - To behave like a hacker, you have to believe this
enough to want to automate away the boring bits
as much as possible, not just for yourself but
for everybody else (especially other hackers).
20Attitude is no substitute for competence.
- To be a hacker, you have to develop some of these
attitudes. But copying an attitude alone won't
make you a hacker. Becoming a hacker will take
intelligence, practice, dedication, and hard
work. - Therefore, you have to learn to distrust attitude
and respect competence of every kind. Hackers
won't let posers waste their time, but they
worship competence. - The hacker attitude is vital, but skills are even
more vital. Attitude is no substitute for
competence, and there's a certain basic toolkit
of skills which you have to have before any
hacker will dream of calling you one. This
toolkit changes slowly over time as technology
creates new skills and makes old ones obsolete.
21Basic Hacking Skills
- Learn how to program.
- Get one of the open-source Unixes and learn to
use and run it. - Learn how to use the World Wide Web and write
HTML. - If you don't have functional English, learn it.
22Class of Hackers
- Black hats
- Individuals with extraordinary computing skills,
resorting to malicious or destructive activities.
Also known as Crackers. - Gray Hats
- Individuals who work both offensively and
defensively at various times. - White Hats
- Individuals professing hacker skills and using
them for defensive purposes. Also known as
Security Analysts.
23- Script Kiddies
- Person, normally not technologically
sophisticated, who randomly seeks out a specific
weakness over the internet to gain root access to
a system without really understanding what he is
exploiting because the weakness was discovered by
someone else. - Phreak
- Person who breaks into telecommunications
systems. - Ethical Hacker
- May be Independent or maybe group of
consultants - Claims to be knowledgeable about
black hat activities.
24Responsibility of Hackers
- Write open-source software
- Help test and debug open-source software
- Publish useful information
- Serve the hacker culture itself
25Disciplined Life of Hackers
- Again, to be a hacker, you have to enter the
hacker mindset. There are some things you can do
when you're not at a computer that seem to help.
They're not substitutes for hacking (nothing is)
but many hackers do them, and feel that they
connect in some basic way with the essence of
hacking. - Read science fiction. Go to science fiction
conventions (a good way to meet hackers and
proto-hackers). - Develop your appreciation of puns and wordplay
26- Train in a martial-arts form. The kind of mental
discipline required for martial arts seems to be
similar in important ways to what hackers do. The
most popular forms among hackers are definitely
Asian empty-hand arts such as Tae Kwon Do,
various forms of Karate, Kung Fu, Aikido, or Ju
Jitsu. The most hackerly martial arts are those
which emphasize mental discipline, relaxed
awareness, and control, rather than raw strength,
athleticism, or physical toughness. - Study an actual meditation discipline. The
perennial favorite among hackers is Zen. Other
styles may work as well, but be careful to choose
one that doesn't require you to believe crazy
things. - Develop an analytical ear for music. Learn to
appreciate peculiar kinds of music. Learn to play
some musical instrument well, or how to sing.
27- The more of these things you already do, the more
likely it is that you are natural hacker
material. Why these things in particular is not
completely clear, but they're connected with a
mix of left- and right-brain skills that seems to
be important hackers need to be able to both
reason logically and step outside the apparent
logic of a problem at a moment's notice. - Work as intensely as you play and play as
intensely as you work. For true hackers, the
boundaries between "play", "work", "science" and
"art" all tend to disappear, or to merge into a
high-level creative playfulness. Also, don't be
content with a narrow range of skills. Though
most hackers self-describe as programmers, they
are very likely to be more than competent in
several related skills system administration,
web design, and PC hardware troubleshooting are
common ones. A hacker who's a system
administrator, on the other hand, is likely to be
quite skilled at script programming and web
design. Hackers don't do things by halves if
they invest in a skill at all, they tend to get
very good at it.
28Hacking
28
29Why this knowledge is necessary?
- Internet has grown very fast and security has
lagged behind. - In 1988 a "worm program" written by a college
student shut down about 10 percent of computers
connected to the Internet. This was the
beginning of the era of cyber attacks. - In India there is a demand for about 80,000
security professionals where as only 22,000 are
available and security specialists markets are
expanding unlike other technology professions.
3095 of Web Apps Have Vulnerabilities
- Cross-site scripting (80 percent)
- SQL injection (62 percent)
- Parameter tampering (60 percent)
- Cookie poisoning (37 percent)
- Database server (33 percent)
- Web server (23 percent)
- Buffer overflow (19 percent)
31Cross-site scripting
32SQL injection
- Unvalidated input SQL Injection example
- username admin
- password anything OR xx
- Original Query
- SELECT count() FROM userinfo WHERE
name_at_username and pass_at_password - Database will execute
- SELECT count() FROM userinfo WHERE nameadmin
and passanything OR xx - Got logged in successfully!
33Phases Involved in Ethical Hacking
- Footprinting
- Scanning
- Enumeration
- Gaining Access
- Escalating privilege
- Pilfering
- Covering tracks
- Creating back doors
- Denial of service
34Footprinting
- Objective
- Gathering Target Address range, namespace,
acquisition and other information gathering
essential for attack. - Techniques
- Domain name lookup
- Whois
- Nslookup
- Sam Spade
- ARIN (American Registry of
- Internet Numbers)
35Scanning
- Objective
- Bulk target assessment and identification of
listing services focuses the attackers attention
on the most promising avenues of entry - Techniques
- Ping sweep
- TCP/UDP port scan
- OS Detection
36Enumeration
- Objective
- More intrusive probing now begins as attackers
begin identifying valid user accounts or poorly
protected resource shares - Techniques
- List user accounts
- List file shares
- Identify applications
37Gaining Access
- Objective
- Enough data has been gathered at this point to
make an informed attempt to access the target - Techniques
- Password eavesdropping
- File share brute forcing
- Password file grab
- Buffer overflows
38Pilfering
- Objective
- The information gathering process begins again
to identify mechanisms to gain access to trusted
systems - Techniques
- Elevate trusts
- Search for clearnet passwords
39Covering Tracks
- Objective
- Once total ownership of the target is secured,
hiding this fact from system administrators
becomes paramount, lest they quickly end the romp - Techniques
- Clear logs
- Hide tools
40Creating Back Doors
- Objective
- Trap doors will be laid in various parts of the
system to ensure that privileged access is easily
regained at the whim of the intruder - Techniques
- Create rogue user accounts
- Schedule batch jobs
- Infect startup files
- Plant remote control services
- Install monitoring mechanisms
- Replace apps with Trojans
41Denial of Service
- Objective
- If an attacker is unsuccessful in gaining
access, they may use readily available exploit
code to disable a target as a last resort - Techniques
- SYN flood
- ICMP techniques
- Identical SYN requests
- Overlapping fragment/offset bugs
- Out of bounds TCP options (OOB)
- DDoS
42Finally
- There is always more to learn like Evading IDS,
Firewalls, Honey pots,Buffer Overflows,
Cryptography, Sniffers and protective measures to
be taken to defend against all these. But its
time for me to leave you on your own and take up
the responsibility and learn it up yourself if
your are passionate enough to pursue all this.
43Thank You
43
44Bibliography / Links
- 0A Brief History of Hackerdom -
http//catb.org/esr/writings/hacker-history/hacke
r-history.html - 1 "Spyware" Definition - BlackICE Internet
Security Systems - http//blackice.iss.net/glossar
y.php - 2 "Trojan Horse" Definition
- Texas State Library and Archives Commission -
http//www.tsl.state.tx.us/ld/pubs/compsecurity/gl
ossary.html - 3 Zeinalipour-Yazti, D. Exploiting the
Security Weaknesses of the Gnutella Protocol,
University of California. - 4 Joshi, R. Network Security Applications,
Merchantile Communications, CANIT Conference
2003. - 5 CERT Advisory CA-1999-02 http//www.cert.org/
advisories/CA-1999-02.html - 6 Spyware Guide http//www.spyware-guide.com
- 7 Trojan Horses - http//www.mpsmits.com/highlig
hts/trojan_horses.shtml - 8 Trojan Horse - Back Orifice -
http//www.nwinternet.com/pchelp/bo/bo.html - 9 NetBus - http//www.nwinternet.com/pchelp/nb/
netbus.htm - 10 BBC News - http//news.bbc.co.uk/1/hi/technol
ogy/3153229.stm - 11 Wired News Judge takes bite out of Gator
www.wired.com/news/politics/0,1283,53875,00.html - 12 Tracking Cookies Demonstration at
http//www.irt.org/instant/chapter10/tracker/index
4.htm - 13 BonziBuddy - http//www.bonzi.com/bonzibuddy/
bonzibuddyfreehom.asp - 14 Unwanted Links (Spyware)
http//www.unwantedlinks.com - 15 Andersen, R. "Security Engineering", First
Edition, J. Wiley and Sons, 2001. - 16 Scacchi, W. Privacy and Other Social
Issues, Addison-Wesley, 2003. - http//www.ics.uci.edu/wscacchi/Tech-EC/Security
Privacy/Privacy.ppt