[attachment=1411]
INTRODUCTION
Ethical hacking- also known as penetration testing or intrusion testing or red teaming has become a major concern for businesses and governments.

Companies are worried about the possibility of being hacked and potential customers are worried about maintaining control of personal information.

Necessity of computer security professionals to break into the systems of the organisation.


Ethical hackers employ the same tools and techniques as the intruders.

They neither damage the target systems nor steal information.

The tool is not an automated hacker program rather it is an audit that both identifies the vulnerabilities of a system and provide advice on how to eliminate them.



PLANNING THE TEST

Aspects that should be focused on:

Who should perform penetration testing?
How often the tests have to be conducted?
What are the methods of measuring and communicating the results?
What if something unexpected happens during the test and brings the whole system down?
What are the organization's security policies?


The minimum security policies that an organization should posses
Information policy
Security policy
Computer use
User management
System administration procedures
Incident response procedures
Configuration management
Design methodology
Disaster methodology
Disaster recovery plans.



Ethical hacking- a dynamic process

Running through the penetration test once gives the current set of security issues which subject to change.

Penetration testing must be continuous to ensure that system movements and newly installed applications do not introduce new vulnerabilities into the system.


Conclusions

Never underestimate the attacker or overestimate our existing posture.
A company may be target not just for its information but potentially for its various transactions.
To protect against an attack, understanding where the systems are vulnerable is necessary.
Ethical hacking helps companies first comprehend their risk and then, manage them.

please give full report of the seminars

[attachment=1928]
Abstract
The state of security on the Internet is bad and becoming worse. One reaction to this state of affairs is a behavior termed "Ethical Hacking" which attempts to proactively increase security protection by identifying and patching known security vulnerabilities on systems owned by other parties. Ethical hackers may beta test unreleased software, stress test released software, and scan networks of computers for vulnerabilities.



The explosive growth of the Internet has brought many good things: electronic commerce, easy access to vast stores of reference material, collaborative computing, e-mail, and new avenues for advertising and information distribution, to name a few. As with most technological advances, there is also a dark side: criminal hackers. Governments, companies, and private citizens around the world are anxious to be a part of this revolution, but they are afraid that some hacker will break into their Web server and replace their logo with pornography, read their e-mail, steal their credit card number from an on-line shopping site, or implant software that will secretly transmit their organization's secrets to the open Internet. With these concerns and others, the ethical hacker can help. This paper describes ethical hackers: their skills, their attitudes, and how they go about helping their customers find and plug up security holes.
The term "hacker" has a dual usage in the computer industry today. Originally, the term was defined as:
HACKER
1. A person who enjoys learning the details of computer systems and how to stretch their capabilities”as opposed to most users of computers, who prefer to learn only the minimum amount necessary.
2. One who programs enthusiastically or who enjoys programming rather than just theorizing about programming.
This complimentary description was often extended to the verb form "hacking" which was used to describe the rapid crafting of a new program or the making of - changes to existing, usually complicated software.
As computers became increasingly available at universities, user communities began to extend beyond researchers in engineering or computer science to other individuals who viewed the computer as a curiously flexible tool. Whether they programmed the computers to play games, draw pictures, or to help them with the more mundane aspects of their daily work, once computers were available for use, there was never a lack of individuals wanting to use them.
Because of this increasing popularity of computers and their continued high cost, access to them was usually restricted. When refused access to the computers, some users would challenge the access controls that had been put in place. They would steal passwords or account numbers by looking over someone's shoulder, explore the system for bugs that might get them past the rules, or even take control of the whole system. They would do these things in order to be able to run the programs of their choice, or just to change the limitations under which their programs were running.
CATEGORIES OF HACKERS
There are a number of categories of hackers such as Black Hats who are highly skilled, but have malevolent and detrimental intent. White Hats, in contrast, are hackers who use their talent to protect and defend networks. Gray Hats hack for different reasons either ethically or unethically depending on the situation and circumstances at hand.
There are four basic kinds of hacks :
IP Hack: You hire someone to hack a specific IP address, giving them little or no information beforehand (Be careful if the IP address is an overseas server. You don't want hackers hacking the wrong IP address, like a foreign government's computers, causing an international incident.); ¦ Application Hack: A much more sophisticated hack that can delve deep into databases and down production servers. Only experienced hackers, with strict guidelines governing their actions, should be allowed to perform such tests. Never hire a "reformed" black-hat hacker for this type of test;
Physical Infrastructure Hack: This is where people try to get into your facilities to access your systems or go dumpster diving looking for confidential information such as passwords discarded on sticky notes; and Wireless Hack: War-driving is the new term to describe this type of attack where wireless access points are exploited from the back of a van. Ethical hackers do the same thing, but report their findings back to you instead of stealing your passwords. Have them check out your teleworkers as well to see if home offices are a source of entry to your network.
The hacker community (the set of people who would describe themselves as hackers, or who would be described by others as hackers) falls into at least three partially overlapping categories.
Hacker: Intruder and criminal
The most common usage of "hacker" in the popular press is to describe those who subvert computer security without authorization or indeed, anyone who has been accused of using technology (usually a computer or the Internet) for terrorism, vandalism, credit card fraud, identity theft, intellectual property theft, and many other forms of crime. This can mean taking control of a remote computer through a network, or software cracking. This is the pejorative sense of hacker, also called cracker or black-hat hacker or simply "criminal" in order to preserve unambiguity.
Hacker: Brilliant programmer
The positive usage of hacker (the "proper" usage). One who knows a (sometimes specified) set of programming interfaces well enough to write software rapidly and expertly. This type of hacker is well-respected, although the term still carries some of the meaning of hack, developing programs without adequate planning..
At their best, hackers can be very productive. The downside of hacker productivity is often in maintainability, documentation, and completion. Very talented hackers may become bored with a project once they have figured out all of the hard parts, and be unwilling to finish off the "details". This attitude can cause friction in environments where other programmers are expected to pick up the half finished work, decipher the structures and ideas, and bullet-proof the code. In other cases, where a hacker is willing to maintain their own code, a company may be unable to find anyone else who is capable or willing to dig through code to maintain the program if the original programmer moves on to a new job.
Hacker: Security expert
There is a third meaning which is a kind of fusion of the positive and pejorative senses of hacker. The term white hat hacker is often used to describe those who attempt to break into systems or networks in order to help the owners of the system by making them aware of security flaws, or to perform some other altruistic activity. Many such people are employed by computer security companies.
Hacker: Computer Modifier
Another type of a Hacker is one who hacks, or often changes the hardware in his/her computer. These changes often include adding memory, storage or LED's and cathode ray tubes for light effects. These people often show off their talents in contests, and many enjoy LAN Parties.
Initially these computer intrusions were fairly benign, with the most damage being the theft of computer time. Other times, these recreations would take the form of practical jokes. However, these intrusions did not stay benign for long. Occasionally the less talented, or less careful, intruders would accidentally bring down a system or damage its files, and the system administrators would have to restart it or make repairs. Other times, when these intruders were again denied access once their activities were discovered, they would react with purposefully destructive actions. When the number of these destructive computer intrusions became noticeable, due to the visibility of the system or the extent of the damage inflicted, it became "news" and the news media picked up on the story. Instead of using the more accurate term of "computer criminal," the media began using the term "hacker" to describe individuals who break into computers for fun, revenge, or profit. Since calling someone a "hacker" was originally meant as a compliment, computer security professionals prefer to use the term "cracker" or "intruder" for those hackers who turn to the dark side of hacking. For clarity, we will use the explicit terms "ethical hacker" and "criminal hacker" for the rest of this paper.
ETHICAL HACKING CONCEPT
With the growth of the Internet, computer security has become a major concern for businesses and governments. They want to be able to take advantage of the Internet for electronic commerce, advertising, information distribution and access, and other pursuits, but they are worried about the possibility of being "hacked." At the same time, the potential customers of these services are worried about maintaining control of personal information that varies from credit card numbers to social security numbers and home addresses.
In their search for a way to approach the problem, organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to break into their computer systems. This scheme is similar to having independent auditors come into an organization to verify its bookkeeping records. In the case of computer security, these "tiger teams" or "ethical hackers" would employ the same tools and techniques as the intruders, but they would neither damage the target systems nor steal information. Instead, they would evaluate the target systems security and report back to the owners with the vulnerabilities they found and instructions for how to remedy them.
This method of evaluating the security of a system has been in use from the early days of computers. In one early ethical hack, the United States Air Force conducted a "security evaluation" of the Multics operating systems for "potential use as a two-level (secret/top secret) system.'Their evaluation found that while Multics was "significantly better than other conventional systems," it also had "... vulnerabilities in hardware security, software security, and procedural security" that could be uncovered with "a relatively low level of effort." The authors performed their tests under a guideline of realism, so that their results would accurately represent the kinds of access that an intruder could potentially achieve. They performed tests that were simple information-gathering exercises, as well as other tests that were outright attacks upon the system that might damage its integrity. Clearly, their audience wanted to know both results. There are several other now unclassified reports that describe ethical hacking activities within the U.S. military.
With the growth of computer networking, and of the Internet in particular, computer and network vulnerability studies began to appear outside of the military establishment. Most notable of these was the work by Farmer and Venema.which was originally posted to Usenet in December of 1993. They discussed publicly, perhaps for the first time, this idea of using the techniques of the hacker to rssess the security of a system. With the goal of raising the overall level of security on the Internet and intranets, they proceeded to describe how they were able to gather enough information about their targets to have been able to compromise security if they had chosen to do so. They provided several specific examples of how this information could be gathered and exploited to gain control of the target, and how such an attack could be prevented.
Farmer and Venema elected to share their report freely on the Internet in order that everyone could read and learn from it. However, they realized that the testing at which they had become so adept might be too complex, time-consuming, or just too boring for the typical system administrator to perform on a regular basis. For this reason, they gathered up all the tools that they had used during their work, packaged them in a single, easy-to-use application, and gave it away to anyone who chose to download it.Their program, called Security Analysis Tool for Auditing Networks, or SATAN, was met with a great amount of media attention around the world. Most of this early attention was negative, because the tool's capabilities were misunderstood. The tool was not an automated hacker program that would bore into systems and steal their secrets. Rather, the tool performed an audit that both identified the vulnerabilities of a system and provided advice on how to eliminate them. Just as banks have regular audits of their accounts and procedures, computer systems also need regular checking. The SATAN tool provided that auditing capability, but it went one step further: it also advised the user on how to correct the problems it discovered. The tool did not tell the user how the vulnerability might be exploited, because there would be no useful point in doing so.
According to the 2005 Computer Crime and Security Survey, virus attacks continue as the source of greatest financial loss. Unauthorized use increased slightly over the previous year, while unauthorized access to information and theft of proprietary information significantly increased in average dollar loss per respondent. Even more alarming, web site incidents have increased significantly over the previous year (CSI/FBI). Activities focus on the identification and exploitation of security vulnerabilities, and subsequent implementation of corrective measures (Using an Ethical Hacking Technique). Organizations are increasingly evaluating the success or failure of their current security measures through then use of ethical hacking processes. According to some '"ethical hacking' may be one of the most effective ways to proactively plug rampant security holes" (Yurcik & Doss, 2001). Moreover, many security experts encourage organizations to hire ethical hackers to test their networks .
According to those within the security field, more information technology professionals going back to class to learn the "latest hacking techniques/To help government and businesses minimize security risk, colleges and universities are increasingly offering courses and security training programs. At Rochester Institute of Technology, for example, courses in security education has been added to the curriculum. Students are divided into two teams; they set up networks and try to hack each other. As security flaws are found, they patch their systems and continue to secure the networks more and more as the semester progresses.
Ethical hackers believe one can best protect systems by probing them while causing no damage and subsequently facilitating the fixing of the vulnerabilities found. Ethical hackers simulate how an attacker with no inside knowledge of a system might try to penetrate and believe their activities benefit society by exposing system weaknesses -stressing that if they can break these systems so could terrorists. The result is not only enhanced local security for the ethical hacker but also enhanced overall Internet security.
ETHICAL HACKERS
These early efforts provic'e good examples of ethical hackers. Successful ethical hackers possess a variety of skills. First and foremost, they must be completely trustworthy. While testing the security of a client's systems, the ethical hacker may discover information about the client that should remain secret. In many cases, this information, if publicized, could lead to real intruders breaking into the systems, possibly leading to financial losses. During an evaluation, the ethical hacker often holds the "keys to the company," and therefore must be trusted to exercise tight control over any information about a target that could be misused. The sensitivity of the information gathered during an evaluation requires that strong measures be taken to ensure the security of the systems being employed by the ethical hackers themselves: limited-access labs with physical security protection and full ceiling-to-floor walls, multiple secure Internet connections, a safe to hold paper documentation from clients, strong cryptography to protect electronic results, and isolated networks for testing.
Ethical hackers typically have very strong programming and computer networking skills and have been in the computer and networking business for several years. They are also adept at installing and maintaining systems that use the more popular operating systems (e.g., UNIX** or Windows NT**) used on target systems. These base skills are augmented with detailed knowledge of the hardware and software provided by the more popular computer and networking hardware vendors. It should be noted that an additional specialization in security is not always necessary, as strong skills in the other areas imply a very good understanding of how the security on various systems is maintained. These systems management skills are necessary for the actual vulnerability testing, but are equally important when preparing the report for the client after the test..
Finally, good candidates for ethical hacking have more drive and patience than most people. Unlike the way someone breaks into a computer in the movies, the work that ethical hackers do demands a lot of time and persistence. This is a critical trait, since criminal hackers are known to be extremely patient and willing to monitor systems for days or weeks while waiting for an opportunity. A typical evaluation may require several days of tedious work that is difficult to automate. Some portions of the evaluations must be done outside of normal working hours to avoid interfering with production at "live" targets or to simulate the timing of a real attack. When they encounter a system with which they are unfamiliar, ethical hackers will spend the time to learn about the system and try to find its weaknesses. Finally, keeping up with the ever-changing world of computer and network security requires continuous education and review.
One might observe that the skills we have described could just as easily belong to a criminal hacker as to an ethical hacker. Just as in sports or warfare, knowledge of the skills and techniques of your opponent is vital to your success. In the computer security realm, the ethical hacker's task is the harder one. With traditional crime anyone can become a shoplifter, graffiti artist, or a mugger. Their potential targets are usually easy to identify and tend to be localized. The local law enforcement agents must know how the criminals ply their trade and how to stop them. On the Internet anyone can download criminal hacker tools and use them to attempt to break into computers anywhere in the world. Ethical hackers have to know the techniques of the criminal hackers, how their activities might be detected, and how to stop them.
Given these qualifications, how does one go about finding such individuals The best ethical hacker candidates will have successfully published research papers or released popular open-source security software.The computer security community is strongly self-policing, given the importance of its work. Most ethical hackers, and many of the better computer and network security experts, did not set out to focus on these issues. Most of them were computer users from various disciplines, such as astronomy and physics, mathematics, computer science, philosophy, or liberal arts, who took it personally when someone disrupted their work with a hack.
The Ethical Hacker is an individual who is usually employed with the organization and who can be trusted to undertake an attempt to penetrate networks and/or computer systems using the same methods as a Hacker. The most important point is that an Ethical Hacker has authorization to probe the target.The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.
The principles of the Hacker Ethic were:
Access to computers”and anything which might teach you something about the way the world works should be unlimited and total. Always yield to the Hands-on Imperative!
All information should be free.
Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position.
You can create art and beauty on a computer. Computers can change your life for the better.
One rule that IBM's ethical hacking effort had from the very beginning was that we would not hire ex-hackers. While some will argue that only a "real hacker" would have the skill to actually do the work, we feel that the requirement for absolute trust eliminated such candidates. We likened the decision to that of hiring a fire marshal for a school district: while a gifted ex-arsonist might indeed know everything about setting and putting out fires, would the parents of the students really feel comfortable with such a choice This decision was further justified when the service was initially offered: the customers themselves asked that such a restriction be observed. Since IBM's ethical hacking group was formed, there have been numerous ex-hackers who have become security consultants and spokespersons for the news media. While they may very well have turned away from the "dark side," there will always be a doubt.
The goal of the ethical hacker is to help the organization take preemptive measures against malicious attacks by attacking the system himself; all the while staying within legal limits. This philosophy stems from the proven practice of trying to catch a thief, by thinking like a thief. The Ethical Hacker is an individual who is usually employed with the organization and who can be trusted to undertake an attempt to penetrate networks and/or computer systems using the same methods as a Hacker. The most important point is that an Ethical Hacker has authorization to probe the target.The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.
WHITE HATS Vs BLACK HATS
The white hat is also one of Edward de Bono's Six Thinking Hats.
A white hat hacker, also rendered as ethical hacker, is, in the realm of information technology, a person who is ethically opposed to the abuse of computer systems. The term is derived from American western movies, where the good cowboy typically wore a white cowboy hat and the bad cowboy wore a black one. Realizing that the Internet now represents human voices from all around the world makes the defense of its integrity an important pastime for many. A white hat generally focuses on securing IT systems, whereas a black hat (the opposite) would like to break into them ” but this is a simplification. A black hat will wish to secure his own machine, and a white hat might need to break into a black hat's machine in the course of an investigation. What exactly
Department of CommaerScience & Engg:
SNGCE, Kadayiruppu..
differentiates white hats and black hats is open to interpretation, but white hats tend to cite altruistic motivations.
The term white hat hacker is also often used to describe those who attempt to break into systems or networks in order to help the owners of the system by making them aware of security flaws, or to perform some other altruistic activity. Many such people are employed by computer security companies; these professionals are sometimes called sneakers. Groups of these people are often called tiger teams.
The primary difference between white and black hat hackers is that a white hat hacker claims to observe the hacker ethic. Like black hats, white hats are often intimately familiar with the internal details of security systems, and can delve into obscure machine code when needed to find a solution to a tricky problem.
An example of a hack: Microsoft Windows ships with the ability to use cryptographic libraries built into the operating system. When shipped overseas this feature becomes nearly useless as the operating system will refuse to load cryptographic libraries that haven't been signed by Microsoft, and Microsoft will not sign a library unless the U.S. government authorizes it for export. This allows the U.S. government to maintain some perceived level of control over the use of strong cryptography beyond its borders.
While hunting through the symbol table of a beta release of Windows, a couple of overseas hackers managed to find a second signing key in the Microsoft binaries. That is, without disabling the libraries that are included with Windows (even overseas), these individuals learned of a way to trick the operating system into loading a library that hadn't been signed by Microsoft, thus enabling the functionality which had been lost to non-U.S. users.
Whether this is good or bad may depend on whether you respect the letter of the law, but is considered by some in the computing community to be a white hat type of activity. Some use the term grey hat or (very rarely) brown hat to describe someone on the borderline between black and white.
In recent years the terms Whitehat and Blackhat have been applied to the Search Engine Optimization (SEO) industry. Black hat SEO tactics, also called spamdexing, attempt to redirect search results to particular target pages, whereas white hat methods are generally approved by the search engines.
FUNCTIONS OF ETHICAL HACKERS
An ethical hacker's evaluation of a system's security seeks answers to three basic questions:
¢ What can an intruder see on the target systems
¢ What can an intruder do with that information
¢ Does anyone at the target notice the intruder's attempts or successes
While the first and second of these are clearly important, the third is even more important: If the owners or operators of the target systems do not notice when someone is trying to break in, the intruders can, and will, spend weeks or months trying and will usually eventually succeed.
When the client requests an evaluation, there is quite a bit of discussion and paperwork that must be done up front. The discussion begins with the client's answers to questions similar to those posed by Garfinkel and Spafford:
1. What are you trying to protect
2. What are you trying to protect against
3. How much time, effort, and money are you willing to expend to obtain adequate protection
A surprising number of clients have difficulty precisely answering the first question: a medical center might say "our patient information," an engineering firm might answer "our new product designs," and a Web retailer might answer "our customer database."
All of these answers fall short, since they only describe targets in a general way. The client usually has to be guided to succinctly describe all of the critical information assets for which loss could adversely affect the organization or its clients. These assets should also include secondary information sources, such as employee names and addresses (which are privacy and safety risks), computer and network information (which could provide assistance to an intruder), and other organizations with which this organization collaborates (which provide alternate paths into the target systems through a possibly less secure partner's system).
A complete answer to (2) specifies more than just the loss of the things listed in answer to (1). There are also the issues of system availability, wherein a denial-of-service attack could cost the client actual revenue and customer loss because systems were unavailable. The world became quite familiar with denial-of-service attacks in February of 2000 when attacks were launched against eBay, Yahoo, ETRADE, CNN and other popular Web sites. During the attacks, customers were unable to reach these Web sites, resulting in loss of revenue and "mind share." The answers to (1) should contain more than just a list of information assets on the organization's computer. The level of damage to an organization's good image resulting from a successful criminal hack can range from merely embarrassing to a serious threat to revenue. As an example of a hack affecting an organization's image, on January 17, 2000, a U.S. Library of Congress Web site was attacked. The original initial screen is shown in Figure 1, whereas the hacked screen is shown inFigure 2. As is often done, the criminal hacker left his or her nickname, or handle, near the top of the page in order to guarantee credit for the break-in.
Some clients are under the mistaken impression that their Web site would not be a target. They cite numerous reasons, such as "it has nothing interesting on if or "hackers have never heard of my company." What these clients do not realize is that every Web site is a target. The goal of many criminal hackers is simple: Do something spectacular and then make sure that all of your pals know that you did it. Another rebuttal is that many hackers simply do not care who your company or organization is; they hack your Web site because they can. For example, Web administrators at UNICEF (United Nations Children's Fund) might very well have thought that no hacker would attack them. However, in January of 1998, their page was defaced as shown in Figures 3and 4. Many other examples of hacked Web pages can be found at archival sites around the Web.
Answers to the third question are complicated by the fact that computer and network security costs come in three forms. First there are the real monetary costs incurred when obtaining security consulting, hiring personnel, and deploying hardware and software to support security needs. Second, there is the cost of usability: the more secure a system is, the more difficult it can be to make it easy to use. The difficulty can take the form of obscure password selection rules, strict system configuration rules, and limited remote access. Third, there is the cost of computer and network performance. The more time a computer or network spends on security needs, such as strong cryptography and detailed system activity logging, the less time it has to work on user problems. Because of Moore's Law.this may be less of an issue for mainframe, desktop, and laptop machines. Yet, it still remains a concern for mobile computing.
SECURITY TESTING
Once answers to these three questions have been determined, a security evaluation plan is drawn up that identifies the systems to be tested, how they should be tested, and any limitations on that testing. Commonly referred to as a "get out of jail free card," this is the contractual agreement between the client and the ethical hackers, who typically write it together. This agreement also protects the ethical hackers against prosecution, since much of what they do during the course of an evaluation would be illegal in most countries. The agreement provides a precise description, usually in the form of network addresses or modem telephone numbers, of the systems to be evaluated. Precision on this point is of the utmost importance, since a minor mistake could lead to the evaluation of the wrong system at the client's installation or, in the worst case, the evaluation of some other organization's system.
Once the target systems are identified, the agreement must describe how they should be tested. The best evaluation is done under a "no-holds-barred" approach. This means that the ethical hacker can try anything he or she can think of to attempt to gain access to or disrupt the target system. While this is the most realistic and useful, some clients balk at this level of testing. Clients have several reasons for this, the most common of which is that the target systems are "in production" and interference with their operation could be damaging to the organization's interests. However, it should be pointed out to such clients that these very reasons are precisely why a "no-holds-barred" approach should be employed. An intruder will not be playing by the client's rules. If the systems are that important to the organization's well-being, they should be tested as thoroughly as possible. In either case, the client should be made fully aware of the risks inherent to ethical hacker evaluations. These risks include alarmed staff and unintentional system crashes, degraded network or system performance, denial of service, and log-file size explosions.
Some clients insist that as soon as the ethical hackers gain access to their network or to one of their systems, the evaluation should halt and the client be notified. This sort of ruling should be discouraged, because it prevents the client from learning all that the ethical hackers might discover about their systems. It can also lead to the client's having a false sense of security by thinking that the first security hole found is the only one present. The evaluation should be allowed to proceed, since where there is one exposure there are probably others. The timing of the evaluations may also be important to the client. The client may wish to avoid affecting systems and networks during regular working hours. While this restriction is not recommended, it reduces the accuracy of the evaluation only somewhat, since most intruders do their work outside of the local regular working hours. However, attacks done during regular working hours may be more easily hidden. Alerts from intrusion detection systems may even be disabled or less carefully monitored during the day. Whatever timing is agreed to, the client should provide contacts within the organization who can respond to calls from the ethical hackers if a system or network appears to have been adversely affected by the evaluation or if an extremely dangerous vulnerability is found that should be immediately corrected.
It is common for potential clients to delay the evaluation of their systems until only a few weeks or days before the systems need to go on-line. Such last-minute evaluations are of little use, since implementations of corrections for discovered security problems might take more time than is available and may introduce new system problems.
In order for the client to receive a valid evaluation, the client must be cautioned to limit prior knowledge of the test as much as possible. Otherwise, the ethical hackers might encounter the electronic equivalent of the client's employees running ahead of them, locking doors and windows. By limiting the number of people at the target organization who know of the impending evaluation, the likelihood that the evaluation will reflect the organization's actual security posture is increased. A related issue that the client must be prepared to address is the relationship of the ethical hackers to the target organization's employees. Employees may view this "surprise inspection" as a threat to their jobs, so the organization's management team must be prepared to take steps to reassure them.
PENETRATION TESTING
Penetration testing by ethical hackers is among the most thorough methods for finding vulnerabilities and increasing protection for a dynamic network of computers. Correctly performed, a penetration test is a covert test in which a paid consultant or ethical hacker plays the role of a hostile attacker who tries to compromise system security. Since the ultimate goal is penetration, the ethical hacking is ideally performed without warning systems administrators - but upper management must approve the testing.
Incorrectly performed, penetration testing also has a potential for creating damage. While other types of testing are usually performed cooperatively with an organization's staff, damage caused by penetration testing may go unnoticed for some time.
Crackers routinely scan networks of computers for security flaws that can be exploited (exploits) and then post this sensitive information on the Internet for others to take advantage of. This is one reason why ethical hackers regularly browse known cracker websites and mailing lists to monitor cracker activity. Finding security flaws before crackers do lowers the risk exposure of an organization:
¦ Even a single incident could cost significantly
- both financial and reputation damage.
¦ It reduces vulnerabilities and points of intrusion.
¦ A tight system reduces the probability of
attack - the attackers will go to easier and more attractive targets.
¦ An on-going program lowers insurance rates.
Penetration testing using ethical hacking provides both assurance and insurance: assurance that the given environment will resist attack and insurance that the organization is acting in a prudent manner. Because penetration testing invariably ends up discovering security holes on client networks/computers, most clients do not want to talk on record about the results of such tests. However, numerous generic examples exist where penetration testing has saved businesses embarrassment and loss of reputation:
¦ Online services organization always tested prior to new releases.
¦ Financial institutions saved embarrassment prior to release of a new online brokerage offering.
¦ Another financial institution has a policy of testing before any Internet application goes live.
Ethical Hacking services work on the principle of Challenge/Response.The ethical hacking service uses every possible, probable and plausible attack on the security system to expose often hidden vulnerabilities. These can then be comprehensively addressed with GTL Security Solutions. The steps that are included in the Penetration service include: Auditing web applications,Code and design reviews,Vulnerability exploitation (simulation of known attacks),Host Based,Network Based. Our four-step implementation methodology includes:
Information Gathering
¦ Detect services running on the system
¦ Estimate network topology
¦ Determine entry points into the system
¦ Developing the attack process
Penetration testing is an accepted technique. The National Institute for Standards and Technology (NIST) has recently released a document describing a methodology for using network-based tools for testing. Although ethical hacking is an effective measurement tool and a crucial component of any security program, it should only be part of a larger security program. A comprehensive security program incorporating ethical hacking can be used to discover and correct frequent errors early in the design, implementation, and test process which shortens development time and cost. Ethical hackers provide feedback to system designers and discover problems that may otherwise go undetected. The problem is that crackers can do their own penetration testing and do it more frequently. The best a penetration test can do is to provide a snapshot in time. Periodic testing is necessary to ensure compliance against a baseline. Tools are evolving to do continuous monitoring of security configurations.
Department of CommtterScience & Engg:.
SNGCE, Kadayiruppu..
Penetration testing is recommended as a recurring activity so that the system is constantly monitored and field-tested against threats.This is especially useful for companies that add new applications to their system. Given the fact that all applications are expected to work seamlessly - vulnerability in one application can expose the system to malicious attacks.
The various benefits to Clients are
¦ Increased preparedness
Robust security infrastructure that is regularly field-tested.
¦ Enhanced security against new threat perceptions.
¦ Continual uptime of your IT system without any un-wanted outages.
¦ Enhanced ROI as the serviceability of the IT infrastructure is lengthened.
CONFLICTS OF INTEREST
"Ethical Hacking" has been widely marketed as an essential tool in information security but there are obvious conflicts of interest. Security firms have an incentive to hype threats and invent threats. As the market potential has grown,unscrupulous vendors have been quoted overstating dangers to expand customer base and in some cases selling products that may actually introduce more vulnerabilities than they protect against.
Convicted criminals can earn large salaries working on "ethical hacking teams" while simultaneously supporting software tools designed to exploit vulnerabilities in commercial products ostensibly to "illustrate the seriousness of the problem" or to "promote vendors taking security seriously. Some individuals who work at security firms have been known to spend their off-hours creating and distributing the very attack tools their company sells products to protect against. It is important to realize that sensitive data will be exposed during penetration testing creating dangerous insider threats.
Lastly, in actions accentuated by market pressures, businesses have used ethical hackers to:
beta test new products - stress testing and reporting back information about defects in prerelease software in exchange for early access to this new software
¦ hacking contests - Argus, Lucent, and Oracle (to name a recent few) have held "cracking" publicity contests offering prizes for an intrusion into one of their products.
There are large problems with the effectiveness and efficiency of both of these activities but setting that aside for the moment, the basic premise is the use of ethical hackers to harden software that has not been adequately tested. There is conflict-of-interest in that businesses do not want to redevelop software that should have incorporated security testing throughout its entire development so these activities are superficial at best.There is also hypocrisy in that businesses are encouraging cracking behavior that they would prosecute under any other circumstances.
THE ETHICAL HACK PROCESS
Once the contractual agreement is in place, the testing may begin as defined in the agreement. It should be noted that the testing itself poses some risk to the client, since a criminal hacker monitoring the transmissions of the ethical hackers could learn the same information. If the ethical hackers identify a weakness in the client's security, the criminal hacker could potentially attempt to exploit that vulnerability. This is especially vexing since the activities of the ethical hackers might mask those of the criminal hackers. The best approach to this dilemma is to maintain several addresses around the Internet from which the ethical hacker's transmissions will emanate, and to switch origin addresses often. Complete logs of the tests performed by the ethical hackers are always maintained, both for the final report and in the event that something unusual occurs. In extreme cases, additional intrusion monitoring software can be deployed at the target to ensure that all the tests are coming from the ethical hacker's machines. However, this is difficult to do without tipping off the client's staff and may require the cooperation of the client's Internet service provider.
The line between criminal hacking and computer virus writing is becoming increasingly blurred. When requested by the client, the ethical hacker can perform testing to determine the client's vulnerability to e-mail or Web-based virus vectors. However, it is far better for the client to deploy strong antivirus software, keep it up to date, and have a clear and simple policy in place for the reporting of incidents. IBM's Immune System for Cyberspace is another approach that provides the additional capability of recognizing new viruses and reporting them to a central lab that automatically analyzes the virus and provides an immediate vaccine.
There are several kinds of testing. Any combination of the following may be called for:
¢ Remote network. This test simulates the intruder launching an attack across the Internet. The primary defenses that must be defeated here are border firewalls, filtering routers, and Web servers.
¢ Remote dial-up network. This test simulates the intruder launching an attack against the client's modem pools. The primary defenses that must be defeated here are user authentication schemes. These kinds of tests should be coordinated with the local telephone company.
¢ Local network. This test simulates an employee or other authorized person who has a legal connection to the organization's network. The primary defenses that must be defeated here are intranet firewalls, internal Web servers, server security measures, and e-mail systems.
¢ Stolen laptop computer. In this test, the laptop computer of a key employee, such as an upper-level manager or strategist, is taken by the c,;ent without warning and given to the ethical hackers. They examine the comouter for passwords stored in dial-up software, corporate information
o-1''Co^rv'e^Scievce & Engg:. SNGCE,Kadayiruppu..
assets, personnel information, and the like. Since many busy users will store their passwords on their machine, it is common for the ethical hackers to be able to use this laptop computer to dial into the corporate intranet with the owner's full privileges. ¢ Social engineering. This test evaluates the target organization's staff as to whether it would leak information to someone. A typical example of this would be an intruder calling the organization's computer help line and asking for the external telephone numbers of the modem pool. Defending against this kind of attack is the hardest, because people and personalities are involved. Most people are basically helpful, so it seems harmless to tell someone who appears to be lost where the computer room is located, or to let someone into the building who "forgot" his or her badge. The only defense against this is to raise security awareness. Physical entry. This test acts out a physical penetration of the organization's building. Special arrangements must be made for this, since security guards or police could become involved if the ethical hackers fail to avoid detection. Once inside the building, it is important that the tester not be detected. One technique is for the tester to carry a document with the target company's logo on it. Such a document could be found by digging through trash cans before the ethical hack or by casually picking up a document from a trash can or desk once the tester is inside. The primary defenses here are a strong security policy, security guards, access controls and monitoring, and security awareness.
Each of these kinds of testing can be performed from three perspectives: as a total outsider, a "semi-outsider," or a valid user.
A total outsider has very limited knowledge about the target systems. The only information used is available through public sources on the Internet. This test represents the most commonly perceived threat. A well-defended system should not allow this kind of intruder to do anything.
A semi-outsider has limited access to one or more of the organization's computers or networks. This tests scenarios such as a bank allowing its depositors to use special software and a modem to access information about their accounts. A well-defended system should only allow this kind of intruder to access his or her own account information.
A valid user has valid access to at least some of the organization's computers and networks. This tests whether or not insiders with some access can extend that access beyond what has been prescribed. A well-defended system should allow an insider to access only the areas and resources that the system administrator has assigned to the insider.
The actual evaluation of the client's systems proceeds through several phases, as described previously by Boulanger.
The final report is a collection of all of the ethical hacker's discoveries made during the evaluation. Vulnerabilities that were found to exist are explained and avoidance procedures specified. If the ethical hacker's activities were noticed at all, the response of the client's staff is described and suggestions for improvements are made. If social engineering testing exposed problems, advice is offered on how to raise awareness. This is the main point of the whole exercise: it does clients no good just to tell them that they have problems. The report must include specific advice on how to close the vulnerabilities and keep them closed. The actual techniques employed by the testers are never revealed. This is because the person delivering the report can never be sure just who will have access to that report once it is in the client's hands. For example, an employee might want to try out some of the techniques for himself or herself. He or she might choose to test the company's systems, possibly annoying system administrators or even inadvertently hiding a real attack. The employee might also choose to test the systems of another organization, which is a felony in the United States when done without permission.
The actual delivery of the report is also a sensitive issue. If vulnerabilities were found, the report could be extremely dangerous if it fell into the wrong hands. A competitor might use it for corporate espionage, a hacker might use it to break into the client's computers, or a prankster might just post the report's contents on the Web as a joke. The final report is typically delivered directly to an officer of the client organization in hard-copy form. The ethical hackers would have an ongoing responsibility to ensure the safety of any information they retain, so in most cases all information related to the work is destroyed at the end of the contract.
Once the ethical hack is done and the report delivered, the client might ask "So, if I fix these things I'll have perfect security, right" Unfortunately, this is not the case. People operate the client's computers and networks, and people make mistakes. The longer it has been since the testing was performed, the less can be reliably said about the state of a client's security. A portion of the final report includes recommendations for steps the client should continue to follow in order to reduce the impact of these mistakes in the future.
The argument is made that the security justification for ethical hacking is flawed in two ways: (1) exposing security flaws should not be encouraged or rewarded and (2) not every organization has the resources to maintain current versions and patches on their system software. While it may not been as clear in the past, networked systems (especially in communities-ofinterest) are clearly now dependent upon each other for security. Just one insecure machine within a large network can be used as a platform upon which to launch attacks. The distributed denial-of-service attacks of February 2000 using compromised machines to indirectly flood E-commerce sites are a recent example of this interdependence. Thus each computer's security is dependent on the security of other computers within its community-of-interest such that exposing security flaws is a positive action in both self-interest and common good.
With the present poor security on the Internet, ethical hacking may be the most effective way to proactively plug security holes and prevent intrusions.On the other hand, ethical hacking tools (such as scanners) have also been notorious tools for crackers. A fine line exists between hacking for the community interest and public good versus releasing tools that may actually enable attacks and in aggregate make the Internet less secure when taken as a whole .
CONCLUSION
The idea of testing the security of a system by trying to break into it is not new. Whether an automobile company is crash-testing cars, or an individual is testing his or her skill at martial arts by sparring with a partner, evaluation by testing under attack from a real adversary is widely accepted as prudent. It is, however, not sufficient by itself. As Roger Schell observed nearly 30 years ago:
From a practical standpoint the security problem will remain as long as manufacturers remain committed to current system architectures, produced without a firm requirement for security. As long as there is support for ad hoc fixes and security packages for these inadequate designs and as long as the illusory results of penetration teams are accepted as demonstrations of a computer system security, proper security will not be a reality. Regular auditing, vigilant intrusion detection, good system administration practice, and computer security awareness are all essential parts of an organization's security efforts. A single failure in any of these areas could very well expose an organization to cyber-vandalism, embarrassment, loss of revenue or mind share, or worse. Any new technology has its benefits and its risks. While ethical hackers can help clients better understand their security needs, it is up to the clients to keep their guards in place.
Hacking has entered the age of mass production.Current and future Internet attacks are a technologically enabled crime - shifting from manual to automated attacks. Automated scanning tools as a pre-attack tool are a substantial threat to the Internet - a few widely available automated tools endanger the majority of Internet-based computers. Ultimately the solution to automated attacks is more elective defenses based on new technology in some cases and the law for
DeTKrrmenr of CommtterScience & Engg:.
SNGCE, Kadayiruppu..
prosecution in some cases. We cannot eliminate cracking through solely technical or legal means but until the future solution what are we to do in the meantimeSecurity used to be a private matter. Until recently information security had been left largely in the hands of a few specially trained professionals. The paradigm shift of technologically enabled crime has now made security everyone's business. Ethical hackers see this clearly and are responding to actual threats to themselves and in the process also acting in the common good. The consequences of a security breach are so large that this volunteer proactive activity should not only be encouraged but also rewarded and some companies are being paid handsomely for doing this as a business.At present the tactical objective is to stay one step ahead of the crackers. We must think more strategically for the future. Social behavior, as it relates to computers and information technology, goes beyond merely adhering to the law since the law often lags technological advance. The physical activity of ethical hacking is sometimes hard to differentiate from cracking - it is hard to discern intent and predict future action - the main difference is that while an ethical hacker identifies vulnerabilities (often using the same scanning tools as a cracker) the ethical hacker does not exploit the vulnerabilities while a cracker does. Until a social framework is developed to discern the good guys (white hats) from the bad guys (black hats), we should be slow to codify into law or condemn ethical hacking -or we may risk eliminating our last thin line of stabilizing defense and not realize it until it is too late.
REFERENCES
Unofficial guide to ethical hacking by ANKIT FADIA
http://en.wikipediawiki/Hacker Amazon.com hackers.com hackerethics.com

[attachment=1554]

ETHICAL HACKING SEMINAR REPORT
ABSTRACT
Today more and more softwares are developing and people are getting more and more options in their present softwares. But many are not aware that they are being hacked without their knowledge. One reaction to this state of affairs is a behavior termed Ethical Hacking" which attempts to pro-actively increase security protection by identifying and patching known security vulnerabilities on systems owned by other parties. A good ethical hacker should know the methodology chosen by the hacker like reconnaissance, host or target scanning, gaining access, maintaining access and clearing tracks. For ethical hacking we should know about the various tools and methods that can be used by a black hat hacker apart from the methodology used by him. From the point of view of the user one should know at least some of these because some hackers make use of those who are not aware of the various hacking methods to hack into a system. Also when thinking from the point of view of the developer, he also should be aware of these since he should be able to close holes in his software even with the usage of the various tools. With the advent of new tools the hackers may make new tactics. But at least the software will be resistant to some of the tools.

[attachment=1908]
[attachment=1973]

The explosive growth of the Internet has brought many good things: electronic commerce, easy access to vast stores of reference material, collaborative computing, e-mail, and new avenues for advertising and information distribution, to name a few. As with most technological advances, there is also a dark side: criminal hackers. Governments, companies, and private citizens around the world are anxious to be a part of this revolution, but they are afraid that some hacker will break into their Web server and replace their logo with pornography, read their e-mail, steal their credit card number from an on-line shopping site, or implant software that will secretly transmit their organization's secrets to the open Internet. With these concerns and others, the ethical hacker can help. This paper describes ethical hackers: their skills, their attitudes, and how they go about helping their customers find and plug up security holes.
The term "hacker" has a dual usage in the computer industry today. Originally, the term was defined as:
HACKER
1. A person who enjoys learning the details of computer systems and how to stretch their capabilities”as opposed to most users of computers, who prefer to learn only the minimum amount necessary.
2. One who programs enthusiastically or who enjoys programming rather than just theorizing about programming.
This complimentary description was often extended to the verb form "hacking" which was used to describe the rapid crafting of a new program or the making of - changes to existing, usually complicated software.
As computers became increasingly available at universities, user communities began to extend beyond researchers in engineering or computer science to other individuals who viewed the computer as a curiously flexible tool. Whether they programmed the computers to play games, draw pictures, or to help them with
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu..
the more mundane aspects of their daily work, once computers were available for use, there was never a lack of individuals wanting to use them.
Because of this increasing popularity of computers and their continued high cost, access to them was usually restricted. When refused access to the computers, some users would challenge the access controls that had been put in place. They would steal passwords or account numbers by looking over someone's shoulder, explore the system for bugs that might get them past the rules, or even take control of the whole system. They would do these things in order to be able to run the programs of their choice, or just to change the limitations under which their programs were running.
CATEGORIES OF HACKERS
There are a number of categories of hackers such as Black Hats who are highly skilled, but have malevolent and detrimental intent White Mats, in contrast, are hackers who use their talent to protect and defend networks. Gray Hats hack for different reasons either ethically or unethically depending on the situation and circumstances at hand.
There are four basic kinds of hacks:
IP Hack: You hire someone to hack a specific IP address, giving them little or no information beforehand (Be careful if the IP address is an overseas server. You don't want hackers hacking the wrong IP address, like a foreign government's computers, causing an international incident); ¦ Application Hack: A much more sophisticated hack that can delve deep into databases and down production servers. Only experienced hackers, with strict guidelines governing their actions, should be allowed to perform such tests. Never hire a "reformed" black-hat hacker for this type of test;
Department of Computer Science & Engg:.
SNGCE, Kadayiruppu..
Physical Infrastructure Hack: This is where people try to get into your facilities to access your systems or go dumpster diving looking for confidential information such as passwords discarded on sticky notes; and Wireless Hack: War-driving is the new term to describe this type of attack where wireless access points are exploited from the back of a van. Ethical hackers do the same thing, but report their findings back to you instead of stealing your passwords. Have them check out your teleworkers as well to see if home offices are a source of entry to your network.
The hacker community (the set of people who would describe themselves as hackers, or who would be described by others as hackers) falls into at least three partially overlapping categories.
Hacker: Intruder and criminal
The most common usage of "hacker" in the popular press is to describe those who subvert computer security without authorization or indeed, anyone who has been accused of using technology (usually a computer or the Internet) for terrorism, vandalism, credit card fraud, identity theft, intellectual property theft, and many other forms of crime. This can mean taking control of a remote computer through a network, or software cracking. This is the pejorative sense of hacker, also called cracker or black-hat hacker or simply "criminal" in order to preserve unambiguity.
Hacker: Brilliant programmer
The positive usage of hacker (the "proper" usage). One who knows a (sometimes specified) set of programming interfaces well enough to write software rapidly and expertly. This type of hacker is well-respected, although the term still carries some of the meaning of hack, developing programs without adequate planning..
Department of ComputerScience & Engg:,
SNGCE, Kadayiruppu.
At their best, hackers can be very productive. The downside of hacker productivity is often in maintainability, documentation, and completion. Very talented hackers may become bored with a project once they have figured out all of the hard parts, and be unwilling to finish off the "details". This attitude can cause friction in environments where other programmers are expected to pick up the half finished work, decipher the structures and ideas, and bullet-proof the code. In other cases, where a hacker is willing to maintain their own code, a company may be unable to find anyone else who is capable or willing to dig through code to maintain the program if the original programmer moves on to a new job.
Hacker: Security expert
There is a third meaning which is a kind of fusion of the positive and pejorative senses of hacker. The term white hat hacker is often used to describe those who attempt to break into systems or networks in order to help the owners of the system by making them aware of security flaws, or to perform some other altruistic activity. Many such people are employed by computer security companies.
Hacker: Computer Modifier
Another type of a Hacker is one who hacks, or often changes the hardware in his/her computer. These changes often include adding memory, storage or LED's and cathode ray tubes for light effects. These people often show off their talents in contes*s, and many enjoy LAN Parties.
Initially these computer intrusions were fairly benign, with the most damage being the theft of computer time. Other times, these recreations would take the form of practical jokes. However, these intrusions did not stay benign for long. Occasionally the less talented, or less careful, intruders would accidentally bring down a system or damage its files, and the system administrators would have to restart it or make repairs. Other times, when these intruders were again dented
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu..
access once their activities were discovered, they would react with purposefully destructive actions. When the number of these destructive computer intrusions became noticeable, due to the visibility of the system or the extent of the damage inflicted, it became "news" and the news media picked up on the story. Instead of using the more accurate term of "computer criminal," the media began using the term "hacker" to describe individuals who break into computers for fun, revenge, or profit. Since calling someone a "hacker" was originally meant as a compliment, computer security professionals prefer to use the term "cracker" or "intruder" for those hackers who turn to the dark side of hacking. For clarity, we will use the explicit terms "ethical hacker" and "criminal hacker" for the rest of this paper.
ETHICAL HACKING CONCEPT
With the growth of the Internet, computer security has become a major concern for businesses and governments. They want to be able to take advantage of the Internet for electronic commerce, advertising, information distribution and access, and other pursuits, but they are worried about the possibility of being "hacked." At the same time, the potential customers of these services are worried about maintaining control of personal information that varies from credit card numbers to social security numbers and home addresses.
In their search for a way to approach the problem, organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to break into their computer systems. This scheme is similar to having independent auditors come into an organization to verify its bookkeeping records. In the case of computer security, these "tiger teams" or "ethical hackers" would employ the same tools and techniques as the intruders, but they would neither damage the target systems nor steal information. Instead, they would evaluate the target
Department of ComputerScience & Engg;,
SNGCE, Kadayiruppu.
systems security and report back to the owners with the vulnerabilities they found and instructions for how to remedy them.
This method of evaluating the security of a system has been in use from the early days of computers. In one early ethical hack, the United States Air Force conducted a "security evaluation" of the Multics operating systems for "potential use as a two-level (secret/top secret) system."Their evaluation found that while Multics was "significantly better than other conventional systems," it also had "... vulnerabilities in hardware security, software security, and procedural security" that could be uncovered with "a relatively low level of effort." The authors performed their tests under a guideline of realism, so that their results would accurately represent the kinds of access that an intruder could potentially achieve. They performed tests that were simple information-gathering exercises, as well as other tests that were outright attacks upon the system that might damage its integrity. Clearly, their audience wanted to know both results. There are several other now unclassified reports that describe ethical hacking activities within the U.S. military.
With the growth of computer networking, and of the Internet in particular, computer and network vulnerability studies began to appear outside of the military establishment. Most notable of these was the work by Farmer and Venema.which was originally posted to Usenet in December of 1993. They discussed publicly, perhaps for the first time, this idea of using the techniques of the hacker to rssess the security of a system. With the goal of raising the overall level of security on the Internet and intranets, they proceeded to describe how they were able to gather enough information about their targets to have been able to compromise security if they had chosen to do so. They provided several specific examples of how this information could be gathered and exploited to gain control of the target, and how such an attack could be prevented.
Farmer and Venema elected to share their report freely on the Internet in order that everyone could read and learn from it. However, they realized that the
Department of ComputerScience & Engg:
SNGCE, Kadayiruppu..
testing at which they had become so adept might be too complex, time-consuming, or just too boring for the typical system administrator to perform on a regular basis. For this reason, they gathered up all the tools that they had used during their work, packaged them in a single, easy-to-use application, and gave it away to anyone who chose to download it.Their program, called Security Analysis Tool for Auditing Networks, or SATAN, was met with a great amount of media attention around the world. Most of this early attention was negative, because the tool's capabilities were misunderstood. The tool was not an automated hacker program that would bore into systems and steal their secrets. Rather, the tool performed an audit that both identified the vulnerabilities of a system and provided advice on how to eliminate them. Just as banks have regular audits of their accounts and procedures, computer systems also need regular checking. The SATAN tool provided that auditing capability, but it went one step further: it also advised the user on how to correct the problems it discovered. The tool did not tell the user how the vulnerability might be exploited, because there would be no useful point in doing so.
According to the 2005 Computer Crime and Security Survey, virus attacks continue as the source of greatest financial loss. Unauthorized use increased slightly over the previous year, while unauthorized access to information and theft of proprietary information significantly increased in average dollar loss per respondent. Even more alarming, web site incidents have increased significantly over the previous year (C SI/FBI). Activities focus on the identification and exploitation of security vulnerabilities, and subsequent implementation of corrective measures (Using an Ethical Hacking Technique). Organizations are increasingly evaluating the success or failure of their current security measures through then use of ethical hacking processes. According to some "'ethical hacking' may be one of the most effective ways to proactively plug rampant security holes" (Yurcik & Doss, 2001). Moreover, many security experts encourage organizations to hire ethical hackers to test their networks .
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu.
According to those within the security field, more information technology professionals going back to class to learn the "latest hacking techniques.'To help government and businesses minimize security risk, colleges and universities are increasingly offering courses and security training programs. At Rochester Institute of Technology, for example, courses in security education has been added to the curriculum. Students are divided into two teams; they set up networks and try to hack each other. As security flaws are found, they patch their systems and continue to secure the networks more and more as the semester progresses.
Ethical hackers believe one can best protect systems by probing them while causing no damage and subsequently facilitating the fixing of the vulnerabilities found. Ethical hackers simulate how an attacker with no inside knowledge of a system might try to penetrate and believe their activities benefit society by exposing system weaknesses -stressing that if they can break these systems so could terrorists. The result is not only enhanced local security for the ethical hacker but also enhanced overall Internet security.
ETHICAL HACKERS
These early efforts provic'e good examples of ethical hackers. Successful ethical hackers possess a variety of skills. First and foremost, they must be completely trustworthy. While testing the security of a client's systems, the ethical hacker may discover information about the client that should remain secret. In many cases, this information, if publicized, could lead to real intruders breaking into the systems, possibly leading to financial losses. During an evaluation, the ethical hacker often holds the "keys to the company," and therefore must be trusted to exercise tight control over any information about a target that could be misused. The sensitivity of the information gathered during an evaluation requires that
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu..
strong measures be taken to ensure the security of the systems being employed by the ethical hackers themselves: limited-access labs with physical security protection and full ceiling-to-floor walls, multiple secure Internet connections, a safe to hold paper documentation from clients, strong cryptography to protect electronic results, and isolated networks for testing.
Ethical hackers typically have very strong programming and computer networking skills and have been in the computer and networking business for several years. They are also adept at installing and maintaining systems that use the more popular operating systems (e.g., UNIX** or Windows NT**) used on target systems. These base skills are augmented with detailed knowledge of the hardware and software provided by the more popular computer and networking hardware vendors. It should be noted that an additional specialization in security is not always necessary, as strong skills in the other areas imply a very good understanding of how the security on various systems is maintained. These systems management skills are necessary for the actual vulnerability testing, but are equally important when preparing the report for the client after the test..
Finally, good candidates for ethical hacking have more drive and patience than most people. Unlike the way someone breaks into a computer in the movies, the work that ethical hackers do demands a lot of time and persistence. This is a critical trait, since criminal hackers are known to be extremely patient and willing to monitor systems for days or weeks while waiting for an opportunity. A typical evaluation may require several days of tedious work that is difficult to automate. Some portions of the evaluations must be done outside of normal working hours to avoid interfering with production at "live" targets or to simulate the timing of a real attack. When they encounter a system with which they are unfamiliar, ethical hackers will spend the time to team about the system and try to find its weaknesses. Finally, keeping up with the ever-changing world of computer and network security requires continuous education and review.
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu,.
One might observe that the skills we have described could just as easily belong to a criminal hacker as to an ethical hacker. Just as in sports or warfare, knowledge of the skills and techniques of your opponent is vital to your success. In the computer security realm, the ethical hacker's task is the harder one. With traditional crime anyone can become a shoplifter, graffiti artist, or a mugger. Their potential targets are usually easy to identify and tend to be localized. The local law enforcement agents must know how the criminals ply their trade and how to stop them. On the Internet anyone can download criminal hacker tools and use them to attempt to break into computers anywhere in the world. Ethical hackers have to know the techniques of the criminal hackers, how their activities might be detected, and how to stop them.
Given these qualifications, how does one go about finding such individuals The best ethical hacker candidates will have successfully published research papers or released popular open-source security soffware.The computer security community is strongly self-policing, given the importance of its work. Most ethical hackers, and many of the better computer and network security experts, did not set out to focus on these issues. Most of them were computer users from various disciplines, such as astronomy arid physics, mathematics, computer science, philosophy, or liberal arts, who took it personally when someone disrupted their work with a hack.
The Ethical Hacker is an individual who is usually employed with the organization and who can be trusted to undertake an attempt to penetrate networks and/or computer systems using the same methods as a Hacker. The most important point is that an Ethical Hacker has authorization to probe the target.The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu..
vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.
The principles of the Hacker Ethic were:
Access to computers”and anything which might teach you something about the way the world works should be unlimited and total. Always yield to the Hands-on Imperative!
All information should be free.
Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position.
You can create art and beauty on a computer. Computers can change your life for the better.
One rule that IBM's ethical hacking effort had from the very beginning was that we would not hire ex-hackers. While some will argue that only a "real hacker" would have the skill to actually do the work, we feel that the requirement for absolute trust eliminated such candidates. We likened the decision to that of hiring a fire marshal for a school district: while a gifted ex-arsonist might indeed know everything about setting and putting out fires, would the parents of the students really feel comfortable with such a choice This decision was further justified when the service was initially offered: the customers themselves asked that such a restriction be observed. Since IBM's ethical hacking group was formed, there have been numerous ex-hackers who have become security consultants and spokespersons for the news media. While they may very well have turned away from the "dark side," there will always be a doubt.
The goal of the ethical hacker is to help the organization take preemptive measures against malicious attacks by attacking the system himself; all the while
Department of ComputerScience & Engg:.
SNG CE, Kadayiruppu..
staying within legal limits. This philosophy stems from the proven practice of trying to catch a thief, by thinking like a thief. The Ethical Hacker is an individual who is usually employed with the organization and who can be trusted to undertake an attempt to penetrate networks and/or computer systems using the same methods as a Hacker. The most important point is that an Ethical Hacker has authorization to probe the target.The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.
WHITE HATS Vs BLACK HATS
The white hat is also one of Edward de Bono's Six Thinking Hats.
A white hat hacker, also rendered as ethical hacker, is, in the realm of information technology, a person who is ethically opposed to the abuse of computer systems. The term is derived from American western movies, where the good cowboy typically wore a white cowboy hat and the bad cowboy wore a black one. Realizing that the Internet now represents human voices from all around the world makes the defense of its integrity an important pastime for many. A white hat generally focuses on securing IT systems, whereas a black hat (the opposite) would like to break into them ” but this is a simplification. A blade hat will wish to secure his own machine, and a white hat might need to break into a black hat's machine in the course of an investigation. What exactly
Department of ComputerScience & Engg:.
SNGCE,Kadayiruppu..
differentiates white hats and black hats is open to interpretation, but white hats tend to cite altruistic motivations.
The term white hat hacker is also often used to describe those who attempt to break into systems or networks in order to help the owners of the system by making them aware of security flaws, or to perform some other altruistic activity. Many such people are employed by computer security companies; these professionals are sometimes called sneakers. Groups of these people are often called tiger teams.
The primary difference between white and black hat hackers is that a white hat hacker claims to observe the hacker ethic. Like black hats, white hats are often intimately familiar with the internal details of security systems, and can delve into obscure machine code when needed to find a solution to a tricky problem.
An example of a hack: Microsoft Windows ships with the ability to use cryptographic libraries built into the operating system. When shipped overseas this feature becomes nearly useless as the operating system will refuse to load cryptographic libraries that haven't been signed by Microsoft, and Microsoft will not sign a library unless the U.S. government authorizes it for export. This allows the U.S. government to maintain some perceived level of control over the use of strong cryptography beyond its borders.
While hunting through the symbol table of a beta release of Windows, a couple of overseas hackers managed to find a second signing key in the Microsoft binaries. That is, without disabling the libraries that are included with Windows (even overseas), these individuals learned of a way to trick the operating system into loading a library that hadn't been signed by Microsoft, thus enabling the functionality which had been lost to non-U.S. users.
Whether this is good or bad may depend on whether you respect the letter of the law, but is considered by some in the computing community to be a white hat
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu..
type of activity. Some use the term grey hat or (very rarely) brown hat to describe someone on the borderline between black and white.
In recent years the terms Whitehat and Blackhat have been applied to the Search Engine Optimization (SEO) industry. Black hat SEO tactics, also called spamdexing, attempt to redirect search results to particular target pages, whereas white hat methods are generally approved by the search engines.
FUNCTIONS OF ETHICAL HACKERS
An ethical hacker's evaluation of a system's security seeks answers to three basic questions:
¢ What can an intruder see on the target systems
¢ What can an intruder do with that information
¢ Does anyone at the target notice the intruder's attempts or successes
While the first and second of these are clearly important, the third is even more important: If the owners or operators of the target systems do not notice when someone is trying to break in, the intruders can, and will, spend weeks or months trying and will usually eventually succeed.
When the client requests an evaluation, there is quite a bit of discussion and paperwork that must be done up front. The discussion begins with the client's answers to questions similar to those posed by Garfinkel and Spafford:
1. What are you trying to protect
2. What are you trying to protect against
Department of ComputerScience & Engg:,
SNGCEKadayiruppu..
3. How much time, effort, and money are you willing to expend to obtain adequate protection
A surprising number of clients have difficulty precisely answering the first question: a medical center might say "our patient information," an engineering firm might answer "our new product designs," and a Web retailer might answer "our customer database."
All of these answers fall short, since they only describe targets in a general way. The client usually has to be guided to succinctly describe all of the critical information assets for which loss could adversely affect the organization or its clients. These assets should also include secondary information sources, such as employee names and addresses (which are privacy and safety risks), computer and network information (which could provide assistance to an intruder), and other organizations with which this organization collaborates (which provide alternate paths into the target systems through a possibly less secure partner's system).
A complete answer to (2) specifies more than just the loss of the things listed in answer to (1). There are also the issues of system availability, wherein a denial-of-service attack could cost the client actual revenue and customer loss because systems were unavailable. The world became quite familiar with denial-of-service attacks in February of 2000 when attacks were launched against eBay, Yahoo, ETRADE, CNN and other popular Web sites. During the attacks, customers were unable to reach these Web sites, resulting in loss of revenue and "mind share." The answers to (1) should contain more than just a list of information assets on the organization's computer. The level of damage to an organization's good image resulting from a successful criminal hack can range from merely embarrassing to a serious threat to revenue. As an example of a hack affecting an organization's image, on January 17, 2000, a U.S. Library of Congress Web site was attacked. The original initial screen is shown in Figure 1, whereas the hacked screen is shown in Figure 2. As is often done, the criminal hacker left his
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu..
or her nickname, or handle, near the top of the page in order to guarantee credit for the break-in.
Some clients are under the mistaken impression that their Web site would not be a target. They cite numerous reasons, such as "it has nothing interesting on if or "hackers have never heard of my company." What these clients do not realize is that every Web site is a target. The goal of many criminal hackers is simple: Do something spectacular and then make sure that all of your pals know that you did it. Another rebuttal is that many hackers simply do not care who your company or organization is; they hack your Web site because they can. For example, Web administrators at UNICEF (United Nations Children's Fund) might very well have thought that no hacker would attack them. However, in January of 1998, their page was defaced as shown in Figures 3and 4. Many other examples of hacked Web pages can be found at archival sites around the Web.
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu.,
Answers to the third question are complicated by the fact that computer and network security costs come in three forms. First there are the real monetary costs incurred when obtaining security consulting, hiring personnel, and deploying hardware and software to support security needs. Second, there is the cost of usability: the more secure a system is, the more difficult it can be to make it easy to use. The difficulty can take the form of obscure password selection rules, strict system configuration rules, and limited remote access. Third, there is the cost of computer and network performance. The more time a computer or network spends on security needs, such as strong cryptography and detailed system activity logging, the less time ft has to work on user problems. Because of Moore's Law.this may be less of an issue for mainframe, desktop, and laptop machines. Yet, it still remains a concern for mobile computing.
SECURITY TESTING
Once answers to these three questions have been determined, a security evaluation plan is drawn up that identifies the systems to be tested, how they should be tested, and any limitations on that testing. Commonly referred to as a "get out of jail free card," this is the contractual agreement between the client and the ethical hackers, who typically write it together. This agreement also protects the ethical hackers against prosecution, since much of what they do during the course of an evaluation would be illegal in most countries. The agreement provides a precise description, usually in the form of network addresses or modem telephone numbers, of the systems to be evaluated. Precision on this point is of the utmost importance, since a minor mistake could lead to the evaluation of the wrong system at the client's installation or, in the worst case, the evaluation of some other organization's system.
Department of ComputerScience & Engg:,
SNGCE, Kadayiruppu..
Once the target systems are identified, the agreement must describe how they should be tested. The best evaluation is done under a "no-holds-barred" approach. This means that the ethical hacker can try anything he or she can think of to attempt to gain access to or disrupt the target system. While this is the most realistic and useful, some clients balk at this level of testing. Clients have several reasons for this, the most common of which is that the target systems are "in production" and interference with their operation could be damaging to the organization's interests. However, it should be pointed out to such clients that these very reasons are precisely why a "no-holds-barred" approach should be employed. An intruder will not be playing by the client's rules. If the systems are that important to the organization's well-being, they should be tested as thoroughly as possible. In either case, the client should be made fully aware of the risks inherent to ethical hacker evaluations. These risks include alarmed staff and unintentional system crashes, degraded network or system performance, denial of service, and log-file size explosions.
Some clients insist that as soon as the ethical hackers gain access to their network or to one of their systems, the evaluation should halt and the client be notified. This sort of ruling should be discouraged, because it prevents the client from learning all that the ethical hackers might discover about their systems. It can also lead to the client's having a false sense of security by thinking that the first security hole found is the only one present. The evaluation should be allowed to proceed, since where there is one exposure there are probably others. The timing of the evaluations may also be important to the client. The client may wish to avoid affecting systems and networks during regular working hours. While this restriction is not recommended, it reduces the accuracy of the evaluation only somewhat, since most intruders do their work outside of the local regular working hours. However, attacks done during regular working hours may be more easily hidden. Alerts from intrusion detection systems may even be disabled or less carefully monitored during the day. Whatever timing is agreed to, the client should provide contacts within the organization who can respond to calls from the ethical hackers if a system or network appears to have been
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu..
adversely affected by the evaluation or if an extremely dangerous vulnerability is found that should be immediately corrected.
It is common for potential clients to delay the evaluation of their systems until only a few weeks or days before the systems need to go on-line. Such last-minute evaluations are of little use, since implementations of corrections for discovered security problems might take more time than is available and may introduce new system problems.
In order for the client to receive a valid evaluation, the client must be cautioned to limit prior knowledge of the test as much as possible. Otherwise, the ethical hackers might encounter the electronic equivalent of the client's employees running ahead of them, locking doors and windows. By limiting the number of people at the target organization who know of the impending evaluation, the likelihood that the evaluation will reflect the organization's actual security posture is increased. A related issue that the client must be prepared to address is the relationship of the ethical hackers to the target organization's employees. Employees may view this "surprise inspection" as a threat to their jobs, so the organization's management team must be prepared to take steps to reassure them.
PENETRATION TESTING
Penetration testing by ethical hackers is among the most thorough methods for finding vulnerabilities and increasing protection for a dynamic network of computers. Correctly performed, a penetration test is a covert test in which a paid consultant or ethical hacker plays the role of a hostile attacker who tries to compromise system security. Since the ultimate goal is penetration, the ethical hacking is ideally performed without warning systems administrators - but upper management must approve the testing.
Department of ComputerScience & Engg:
SNGCE, Kadayiruppu..
Incorrectly performed, penetration testing also has a potential for creating damage. While other types of testing are usually performed cooperatively with an organization's staff, damage caused by penetration testing may go unnoticed for some time.
Crackers routinely scan networks of computers for security flaws that can be exploited (exploits) and then post this sensitive information on the Internet for others to take advantage of. This is one reason why ethical hackers regularly browse known cracker websites and mailing lists to monitor cracker activity. Finding security flaws before crackers do lowers the risk exposure of an organization:
¢ Even a single incident could cost significantly - both financial and reputation damage.
» It reduces vulnerabilities and points of intrusion.
¦ A tight system reduces the probability of
attack - the attackers will go to easier and more attractive targets,
¦ An on-going program lowers insurance rates.
Penetration testing using ethical hacking provides both assurance and insurance: assurance that the given environment will resist attack and insurance that the organization is acting in a prudent manner. Because penetration testing invariably ends up discovering security holes on client networks/computers, most clients do not want to talk on record about the results of such tests. However, numerous generic examples exist where penetration testing has saved businesses embarrassment and loss of reputation:
¦ Online services organization always tested prior to new releases.
- Financial institutions saved embarrassment prior to release of a new online brokerage offering.
¦ Another financial institution has a policy of testing before any Internet application goes live.
Department of ComputerScience & Engg:.
SNGCE,Kadayiruppu..
Ethical Hacking services work on the principle of Challenge/Response.The ethical hacking service uses every possible, probable and plausible attack on the security system to expose often hidden vulnerabilities. These can then be comprehensively addressed with GTL Security Solutions. The steps that are included in the Penetration service include: Auditing web applications,Code and design reviews.Vulnerability exploitation (simulation of known attacks),Host Based,Network Based. Our four-step implementation methodology includes:
Information Gathering
¦ Detect services running on the system
¦ Estimate network topology
¦ Determine entry points into the system ¢ Developing the attack process
Penetration testing is an accepted technique. The National Institute for Standards and Technology (NIST) has recently released a document describing a methodology for using network-based tools for testing. Although ethical hacking is an effective measurement tool and a crucial component of any security program, it should only be part of a larger security program. A comprehensive security program incorporating ethical hacking can be used to discover and correct frequent errors early in the design, implementation, and test process which shortens development time and cost. Ethical hackers provide feedback to system designers and discover problems that may otherwise go undetected. The problem is that crackers can do their own penetration testing and do it more frequently. The best a penetration test can do is to provide a snapshot in time. Periodic testing is necessary to ensure compliance against a baseline. Tools are evolving to do continuous monitoring of security configurations.
Department o* Compute rScierice & Engg:.
SNGCE, Kadayiruppu..
Penetration testing is recommended as a recurring activity so that the system is constantly monitored and field-tested against threats.This is especially useful for companies that add new applications to their system. Given the fact that all applications are expected to work seamlessly - vulnerability in one application can expose the system to malicious attacks.
The various benefits to Clients are
¦ Increased preparedness
Robust security infrastructure that is regularly field-tested.
- Enhanced security against new threat perceptions.
- Continual uptime of your IT system without any un-wanted outages.
- Enhanced ROI as the serviceability of the IT infrastructure is lengthened.
CONFLICTS OF INTEREST
"Ethical Hacking" has been widely marketed as an essential tool in information security but there are obvious conflicts of interest. Security firms have an incentive to hype threats and invent threats. As the market potential has grown.unscrupulous vendors have been quoted overstating dangers to expand customer base and in some cases selling products that may actually introduce more vulnerabilities than they protect against.
Convicted criminals can earn large salaries working on "ethical hacking teams" while simultaneously supporting software tools designed to exploit vulnerabilities in commercial products ostensibly to "illustrate the seriousness of the problem" or to "promote vendors taking security seriously. Some individuals who work at security firms have been known to spend their off-hours creating and distributing the very attack tools their company sells products to protect against It is important to realize that sensitive data will be exposed during penetration testing creating dangerous insider threats.
Depurrmem of ComputerScience & Engg:.
SNGCE, Kadayiruppu..
Lastly, in actions accentuated by market pressures, businesses have used ethical hackers to:
beta test new products - stress testing and reporting back information about defects in prerelease software in exchange for early access to this new software
hacking contests - Argus, Lucent, and Oracle (to name a recent few) have held "cracking" publicity contests offering prizes for an intrusion into one of their products.
There are large problems with the effectiveness and efficiency of both of these activities but setting that aside for the moment, the basic premise is the use of ethical hackers to harden software that has not been adequately tested. There is conflict-of-interest in that businesses do not want to redevelop software that should have incorporated security testing throughout its entire development so these activities are superficial at bestThere is also hypocrisy in that businesses are encouraging cracking behavior that they would prosecute under any other circumstances.
THE ETHICAL HACK PROCESS
Once the contractual agreement is in place, the testing may begin as defined in the agreement. It should be noted that the testing itself poses some risk to the client, since a criminal hacker monitoring the transmissions of the ethical hackers could learn the same information. If the ethical hackers identify a weakness in the client's security, the criminal hacker could potentially attempt to exploit that vulnerability. This is especially vexing since the activities of the ethical hackers might mask those of the criminal hackers. The best approach to this dilemma is to maintain several addresses around the Internet from which the ethical hacker's transmissions will emanate, and to switch origin addresses often. Complete logs of the tests performed by the ethical hackers are always maintained, both for the final report and in the event that something unusual occurs. In extreme cases,
Department of ComputerScience & Engg:
SNGCE, Kadayiruppu.
additional intrusion monitoring software can be deployed at the target to ensure that all the tests are coming from the ethical hacker's machines. However, this is difficult to do without tipping off the client's staff and may require the cooperation of the client's Internet sen/ice provider.
The line between criminal hacking and computer virus writing is becoming increasingly blurred. When requested by the client, the ethical hacker can perform testing to determine the client's vulnerability to e-mail or Web-based virus vectors. However, it is far better for the client to deploy strong antivirus software, keep it up to date, and have a clear and simple policy in place for the reporting of incidents. IBM's Immune System for Cyberspace is another approach that provides the additional capability of recognizing new viruses and reporting them to a central lab that automatically analyzes the virus and provides an immediate vaccine.
There are several kinds of testing. Any combination of the following may be called for:
¢ Remote network. This test simulates the intruder launching an attack across the Internet. The primary defenses that must be defeated here are border firewalls, filtering routers, and Web servers.
¢ Remote dial-up network. This test simulates the intruder launching an attack against the client's modem pools. The primary defenses that must be defeated here are user authentication schemes. These kinds of tests should be coordinated with the local telephone company.
¢ Local network. This test simulates an employee or other authorized person who has a legal connection to the organization's network. The primary defenses that must be defeated here are intranet firewalls, internal Web servers, server security measures, and e-mail systems.
¢ Stolen laptop computer. In this test, the laptop computer of a key employee, such as an upper-level manager or strategist, is taken by the c';ent without warning and given to the ethical hackers. They examine the co^Duter for passwords stored in dial-up software, corporate information
c^Co^vure^Sci^ce & Engg:. SNGCE,Kadayiruppu..
assets, personnel information, and the like. Since many busy users will store their passwords on their machine, it is common for the ethical hackers to be able to use this laptop computer to dial into the corporate intranet with the owner's full privileges. ¢ Soda! engineering. This test evaluates the target organization's staff as to whether it would leak information to someone. A typical example of this would be an intruder calling the organization's computer help line and asking for the external telephone numbers of the modem pool. Defending against this kind of attack is the hardest, because people and personalities are involved. Most people are basically helpful, so it seems harmless to tell someone who appears to be lost where the computer room is located, or to let someone into the building who "forgot" his or her badge. The only defense against this is to raise security awareness. Physical entry. This test acts out a physical penetration of the organization's building. Special arrangements must be made for this, since security guards or police could become involved if the ethical hackers fail to avoid detection. Once inside the building, it is important that the tester not be detected. One technique is for the tester to carry a document with the target company's logo on it. Such a document could be found by digging through trash cans before the ethical hack or by casually picking up a document from a trash can or desk once the tester is inside. The primary defenses here are a strong security policy, security guards, access controls and monitoring, and security awareness.
Each of these kinds of testing can be performed from three perspectives: as a total outsider, a "semi-outsider," or a valid user.
A total outsider has very limited knowledge about the target systems. The only information used is available through public sources on the Internet. This test represents the most commonly perceived threat. A well-defended system should not allow this kind of intruder to do anything.
Department of ComputerScience & Engg:
SNGCE, Kadayiruppu.
A semi-outsider has limited access to one or more of the organization's computers or networks. This tests scenarios such as a bank allowing its depositors to use special software and a modem to access information about their accounts. A well-defended system should only allow this kind of intruder to access his or her own account information.
A valid user has valid access to at least some of the organization's computers and networks. This tests whether or not insiders with some access can extend that access beyond what has been prescribed. A well-defended system should allow an insider to access only the areas and resources that the system administrator has assigned to the insider.
The actual evaluation of the client's systems proceeds through several phases, as described previously by Boulanger.
The final report is a collection of all of the ethical hacker's discoveries made during the evaluation. Vulnerabilities that were found to exist are explained and avoidance procedures specified. If the ethical hacker's activities were noticed at all, the response of the client's staff is described and suggestions for improvements are made. If social engineering testing exposed problems, advice is offered on how to raise awareness. This is the main point of the whole exercise: it does clients no good just to tell them that they have problems. The report must include specific advice on how to close the vulnerabilities and keep them closed. The actual techniques employed by the testers are never revealed. This is because the person delivering the report can never be sure just who will have access to that report once it is in the client's hands. For example, an employee might want to try out some of the techniques for himself or herself. He or she might choose to test the company's systems, possibly annoying system administrators or even inadvertently hiding a real attack. The employee might also choose to test the systems of another organization, which is a felony in the United States when done without permission.
The actual delivery of the report is also a sensitive issue. If vulnerabilities were found, the report could be extremely dangerous if it fell into the wrong hands. A competitor might use it for corporate espionage, a hacker might use it to break
Department of ComrrjterScience & Engg:
SNGCE,Kadayiruppu..
into the client's computers, or a prankster might just post the report's contents on the Web as a joke. The final report is typically delivered directly to an officer of the client organization in hard-copy form. The ethical hackers would have an ongoing responsibility to ensure the safety of any information they retain, so in most cases all information related to the work is destroyed at the end of the contract.
Once the ethical hack is done and the report delivered, the client might ask "So, if I fix these things I'll have perfect security, right" Unfortunately, this is not the case. People operate the client's computers and networks, and people make mistakes. The longer it has been since the testing was performed, the less can be reliably said about the state of a client's security. A portion of the final report includes recommendations for steps the client should continue to follow in order to reduce the impact of these mistakes in the future.
The argument is made that the security justification for ethical hacking is flawed in two ways; (1) exposing security flaws should not be encouraged or rewarded and (2) not every organization has the resources to maintain current versions and patches on their system software. While it may not been as clear in the past, networked systems (especially in communities-ofinterest) are clearly now dependent upon each other for security. Just one insecure machine within a large network can be used as a platform upon which to launch attacks. The distributed denial-of-service attacks of February 2000 using compromised machines to indirectly flood E-commerce sites are a recent example of this interdependence. Thus each computer's security is dependent on the security of other computers within its community-of-interest such that exposing security flaws is a positive action in both self-interest and common good.
With the present poor security on the Internet, ethical hacking may be the most effective way to proactively plug security holes and prevent intrusions.On the other hand, ethical hacking tools (such as scanners) have also been notorious tools for crackers. A fine line exists between hacking for the community interest
Deportment of ComputerScience & Engg:,
SNGCE, Kadayiruppu..
and public good versus releasing tools that may actually enable attacks and in aggregate make the Internet less secure when taken as a whole .
CONCLUSION
The idea of testing the security of a system by trying to break into it is not new. Whether an automobile company is crash-testing cars, or an individual is testing his or her skill at martial arts by sparing with a partner, evaluation by testing under attack from a real adversary is widely accepted as prudent. It is, however, not sufficient by itself. As Roger Schell observed nearly 30 years ago:
From a practical standpoint the security problem will remain as long as manufacturers remain committed to current system architectures, produced without a firm requirement for security. As long as there is support for ad hoc fixes and security packages for these inadequate designs and as long as the illusory results of penetration teams are accepted as demonstrations of a computer system security, proper security will not be a reality. Regular auditing, vigilant intrusion detection, good system administration practice, and computer security awareness are all essential parts of an organization's security efforts. A single failure in any of these areas could very well expose an organization to cyber-vandalism, embarrassment, loss of revenue or mind share, or worse. Any new technology has its benefits and its risks. While ethical hackers can help clients better understand their security needs, it is up to the clients to keep their guards in place.
Hacking has entered the age of mass production.Current and future Internet attacks are a technologically enabled crime - shifting from manual to automated attacks. Automated scanning tools as a pre-attack tool are a substantial threat to the Internet - a few widely available automated tools endanger the majority of Internet-based computers. Ultimately the solution to automated attacks is more elective defenses based on new technology in some cases and the law for
Depormeni o* ComputerScience & Engg:.
SNGCE, Kadayiruppu..
prosecution in some cases. We cannot eliminate cracking through solely technical or legal means but until the future solution what are we to do in the meantimeSecurity used to be a private matter. Until recently information security had been left largely in the hands of a few specially trained professionals. The paradigm shift of technologically enabled crime has now made security everyone's business. Ethical hackers see this clearly and are responding to actual threats to themselves and in the process also acting in the common good. The consequences of a security breach are so large that this volunteer proactive activity should not only be encouraged but also rewarded and some companies are being paid handsomely for doing this as a business.At present the tactical objective is to stay one step ahead of the crackers. We must think more strategically for the future. Social behavior, as it relates to computers and information technology, goes beyond merely adhering to the law since the law often lags technological advance. The physical activity of ethical hacking is sometimes hard to differentiate from cracking - it is hard to discern intent and predict future action - the main difference is that while an ethical hacker identifies vulnerabilities (often using the same scanning tools as a cracker) the ethical hacker does not exploit the vulnerabilities while a cracker does. Until a social framework is developed to discern the good guys (white hats) from the bad guys (black hats), we should be slow to codify into law or condemn ethical hacking -or we may risk eliminating our last thin line of stabilizing defense and not realize it until it is too late.
Department of ComputerScience & Engg:.
SNGCE, Kadayiruppu..
REFERENCES
Unofficial guide to ethical hacking by ANKIT FADIA
http: //en, wi k i ped i a. o r g/wi k i / Hacker Amazon.com hackers.com hackerethics.com
CONTENTS
SLNO: TOPIC PAGE NO
Introduction 01
2. Categories of hackers 02
3. Ethical Hacking Concept 05
4. Ethical Hackers 08
5. White Hats Vs Black Hats 12
6. Functions of Ethical Hackers 14
7. System Testing. 17
8. Penetration Testing...; 19
9. Conflicts of Interest 22
10. The Ethical Hack process 23
11. Conclusion 28
12. References.. 30

thanx a lot..

[attachment=2735]


ETHICAL HACKING
SEMINAR REPORT

---

Presented By:
PRESENTED BY: SHYAM S.V.
SEMINAR GUIDE: Mrs. SHIJI

---

ABSTRACT
Today more and more softwares are developing and people are getting more and more options in their present softwares. But many are not aware that they are being hacked without their knowledge. One reaction to this state of affairs is a behavior termed Ethical Hacking" which attempts to pro-actively increase security protection by identifying and patching known security vulnerabilities on systems owned by other parties.
A good ethical hacker should know the methodology chosen by the hacker like reconnaissance, host or target scanning, gaining access, maintaining access and clearing tracks. For ethical hacking we should know about the various tools and methods that can be used by a black hat hacker apart from the methodology used by him.
From the point of view of the user one should know at least some of these because some hackers make use of those who are not aware of the various hacking methods to hack into a system. Also when thinking from the point of view of the developer, he also should be aware of these since he should be able to close holes in his software even with the usage of the various tools. With the advent of new tools the hackers may make new tactics. But at least the software will be resistant to some of the tools.
INTRODUCTION

Ethical hacking also known as penetration testing or white-hat hacking, involves the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is legal. Ethical hacking is performed with the targetâ„¢s permission. The intent of ethical hacking is to discover vulnerabilities from a hackerâ„¢s
viewpoint so systems can be better secured. Itâ„¢s part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendorsâ„¢ claims about the security of their products are legitimate.
Security:
Security is the condition of being protected against danger or loss. In the general sense, security is a concept similar to safety. In the case of networks the security is also called the information security. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction
Need for Security:
Computer security is required because most organizations can be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated which are produced by the intruders. These include:
lose of confidential data
Damage or destruction of data
Damage or destruction of computer system
Loss of reputation of a company
Hacking
Eric Raymond, compiler of The New Hacker's Dictionary, defines a hacker as a clever programmer. A "good hack" is a clever solution to a programming problem and "hacking" is the act of doing it. Raymond lists five possible characteristics that qualify one as a hacker, which we paraphrase here:
A person who enjoys learning details of a programming language or system
A person who enjoys actually doing the programming rather than just theorizing about it
A person capable of appreciating someone else's hacking
A person who picks up programming quickly
A person who is an expert at a particular programming language or system
Types of Hackers:
Hackers can be broadly classified on the basis of why they are hacking system or why the are indulging hacking. There are mainly three types of hacker on this basis
Black-Hat Hacker
A black hat hackers or crackers are individuals with extraordinary computing skills, resorting to malicious or destructive activities. That is black hat hackers use their knowledge and skill for their own personal gains probably by hurting others.
White-Hat Hacker
White hat hackers are those individuals professing hacker skills and using them for defensive purposes. This means that the white hat hackers use their knowledge and skill for the good of others and for the common good.
Grey-Hat Hackers
These are individuals who work both offensively and defensively at
various times. We cannot predict their behaviour. Sometimes they use their skills for the common good while in some other times he uses them for their personal gains.
Different kinds of system attacks
General hacking
ETHICAL HACKING
n Ethical hacking “ defined as a methodology adopted by ethical hackers to discover the vulnerabilities existing in information systems™ operating environments.
n With the growth of the Internet, computer security has become a major concern for businesses and governments.
n In their search for a way to approach the problem, organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to break into their computer systems.
What do an Ethical Hacker do
An ethical hacker is a person doing ethical hacking that is he is a security personal who tries to penetrate in to a network to find if there is some vulnerability in the system. An ethical hacker will always have the permission to enter into the target network. An ethical hacker will first think with a mindset of a hacker who tries to get in to the system.
He will first find out what an intruder can see or what others can see. Finding these an ethical hacker will try to get into the system with that information in whatever method he can. If he succeeds in penetrating into the system then he will report to the company with a detailed report about the particular vulnerability exploiting which he got in to the system. He may also sometimes make patches for that particular vulnerability or he may suggest some methods to prevent the vulnerability.
Required Skills of an Ethical Hacker:
¢ Microsoft: skills in operation, configuration and management.
¢ Linux: knowledge of Linux/Unix; security setting, configuration, and services.
¢ Firewalls: configurations, and operation of intrusion detection systems.
¢ Routers: knowledge of routers, routing protocols, and access control lists
¢ Mainframes
¢ Network Protocols: TCP/IP; how they function and can be manipulated.
¢ Project Management: leading, planning, organizing, and controlling a penetration testing team.
HISTORY HIGHLIGHTS:
In one early ethical hack, the United States Air Force conducted a security evaluation of the Multics operating systems for potential use as a two-level (secret/top secret) system. With the growth of computer networking, and of the Internet in particular, computer and network vulnerability studies began to appear outside of the military establishment. Most notable of these was the work by Farmer and Venema, which was originally posted to Usenet in December of 1993.
ETHICAL HACKING COMMANDMENTS:
Every ethical hacker must abide by a few basic commandments. If not, bad things can happen. The commandments are as follows:
¢ Working ethically:
The word ethical in this context can be defined as working with high profes-sional morals and principles. Everything you do as an ethical hacker must be aboveboard and must support the companyâ„¢s goals. No hidden agendas are allowed! Trustworthiness is the ultimate tenet. The misuse of information is absolutely forbidden.
¢ Respecting privacy:
Treat the information gathered with the utmost respect. All information you obtain during your testing ” from Web-application log files to clear-text passwords ” must be kept private. If you sense that someone should know there™s a problem, consider sharing that information with the appropriate manager.
¢ Not crashing your systems:
One of the biggest mistakes hackers try to hack their own sys- tems is inadvertently crashing their systems. The main reason for this is poor planning. These testers have not read the documentation or misunderstand the usage and power of the security tools and techniques.
Methodology of Hacking:
As described above there are mainly five steps in hacking like reconnaissance, scanning, gaining access, maintaining access and clearing tracks. But it is not the end of the process. The actual hacking will be a circular one. Once the hacker completed the five steps then the hacker will start reconnaissance in that stage and the preceding stages to get in to the next level.The various stages in the hacking methodology are
Reconnaissance
Scanning & Enumeration
Gaining access
Maintaining access
Clearing tracks
Reconnaissance:
The literal meaning of the word reconnaissance means a preliminary survey to gain information. This is also known as foot-printing. This is the first stage in the methodology of hacking. As given in the analogy, this is the stage in which the hacker collects information about the company which the personal is going to hack. This is one of the pre-attacking phases. Reconnaissance refers to the preparatory phase where an attacker learns about all of the possible attack vectors that can be used in their plan.
Scanning & Enumeration:
Scanning is the second phase in the hacking methodology in which the hacker tries to make a blue print of the target network. It is similar to a thief going through your neighborhood and checking every door and window on each house to see which ones are open and which ones are locked. The blue print includes the ip addresses of the target network which are live, the services which are running on those system and so on. Usually the services run on predetermined ports.There are different tools used for scanning war dialing and pingers were used earlier but now a days both could be detected easily and hence are not in much use. Modern port scanning uses TCP protocol to do scanning and they could even detect the operating systems running on the particular hosts.
Enumeration:
Enumeration is the ability of a hacker to convince some servers to give them information that is vital to them to make an attack. By doing this the hacker aims to find what resources and shares can be found in the system, what valid user account and user groups are there in the network, what applications will be there etc. Hackers may use this also to find other hosts in the entire network.
Gaining access:
This is the actual hacking phase in which the hacker gains access to the system. The hacker will make use of all the information he collected in the pre-attacking phases. Usually the main hindrance to gaining access to a system is the passwords. System hacking can be considered as many steps. First the hacker will try to get in to the system. Once he get in to the system the next thing he want will be to increase his privileges so that he can have more control over the system. As a normal user the hacker may not be able to see the confidential details or cannot upload or run the different hack tools for his own personal interest. Another way to crack in to a system is by the attacks like man in the middle attack.
¢ Password Cracking:
There are many methods for cracking the password and then get in to the system. The simplest method is to guess the password. But this is a tedious work. But in order to make this work easier there are many automated tools for password guessing like legion. Legion actually has an inbuilt dictionary in it and the software will automatically. That is the software it self generates the password using the dictionary and will check the responses.
Techniques used in password cracking are:
¢ Dictionary cracking
¢ Brute force cracking
¢ Hybrid cracking
¢ Social engineering
¢ Privilege escalation:
Privilege escalation is the process of raising the privileges once the hacker gets in to the system. That is the hacker may get in as an ordinary user. And now he tries to increase his privileges to that of an administrator who can do many things. There are many types of tools available for this. There are some tools like getadmin attaches the user to some kernel routine so that the services run by the user look like a system routine rather than user initiated program. The privilege escalation process usually uses the vulnerabilities present in the host operating system or the software. There are many tools like hk.exe, metasploit etc. One such community of hackers is the metasploit.
Maintaining Access:
Now the hacker is inside the system by some means by password guessing or exploiting some of itâ„¢s vulnerabilities. This means that he is now in a position to upload some files and download some of them. The next aim will be to make an easier path to get in when he comes the next time. This is analogous to making a small hidden door in the building so that he can directly enter in to the building through the door easily. In the network scenario the hacker will do it by uploading some softwares like Trojan horses, sniffers , key stroke loggers etc.
Clearing Tracks :
Now we come to the final step in the hacking. There is a saying that everybody knows a good hacker but nobody knows a great hacker. This means that a good hacker can always clear tracks or any record that they may be present in the network to prove that he was here. Whenever a hacker downloads some file or installs some software, its log will be stored in the server logs. So in order to erase those the hacker uses man tools. One such tool is windows resource kitâ„¢s auditpol.exe. This is a command line tool with which the intruder can easily disable auditing. Another tool which eliminates any physical evidence is the evidence eliminator. Sometimes apart from the server logs some other in formations may be stored temporarily. The Evidence Eliminator deletes all such evidences.
Ethical hacking tools:
Ethical hackers utilize and have developed variety of tools to intrude into different kinds of systems and to evaluate the security levels. The nature of these tools differ widely. Here we describe some of the widely used tools in ethical hacking.
¢ Samspade:
Samspade is a simple tool which provides us information about a particular host. This tool is very much helpful in finding the addresses, phone numbers etc
The above fig 2.1 represents the GUI of the samspade tool. In the text field in the top left corner of the window we just need to put the address of the particular host. Then we can find out various information available. The information given may be phone numbers, contact names, IP addresses, email ids, address range etc. We may think that what is the benefit of getting the phone numbers, email ids, addresses etc.
But one of the best ways to get information about a company is to just pick up the phone and ask the details. Thus we can get much information in just one click.
¢ Email Tracker and Visual Route:
We often used to receive many spam messages in our mail box. We donâ„¢t know where it comes from. Email tracker is a software which helps us to find from which server does the mail actually came from. Every message we receive will have a header associated with it. The email tracker uses this header information for find the location.
The above fig 2.2 shows the GUI of the email tracker software. One of the options in the email tracker is to import the mail header. In this software we just need to import the mails header to it. Then the software finds from which area that mail comes from. That is we will get information like from which region does the message come from like Asia pacific, Europe etc. To be more specific we can use another tool visual route to pinpoint the actual location of the server. The option of connecting to visual route is available in the email tracker. Visual route is a tool which displays the location a particular server with the help of IP addresses. When we connect this with the email tracker we can find the server which actually sends the mail. We can use this for finding the location of servers of targets also visually in a map

The above fig 2.3 depicts the GUI of the visual route tool. The visual route GUI have a world map drawn to it. The software will locate the position of the server in that world map. It will also depict the path though which the message came to our system. This software will actually provide us with information about the routers through which the message or the path traced by the mail from the source to the
Destination.
Some other important tools used are:
¢ War Dialing
¢ Pingers
¢ Super Scan
¢ Nmap etc¦
Reporting:
Assess your results to see what you uncovered, assuming that the vulnerabilities havenâ„¢t been made obvious before now. This is where knowledge counts. Evaluating the results and correlating the specific vulnerabilities discovered is a skill that gets better with experience. Youâ„¢ll end up knowing your systems as well as anyone else. This makes the evaluation process much simpler moving forward. Submit a formal report to upper management or to your customer, outlining your results
Advantages and disadvantages:
Ethical hacking nowadays is the backbone of network security. Each day its relevance is increasing,the major pros & cons of ethical hacking are given below:
Advantages
¢ To catch a thief you have to think like a thief
¢ Helps in closing the open holes in the system network
¢ Provides security to banking and financial establishments
¢ Prevents website defacements
¢ An evolving technique
Disadvantages
¢ All depends upon the trustworthiness of the ethical hacker
¢ Hiring professionals is expensive.
Future enhancements:
q As it an evolving branch the scope of enhancement in technology is immense. No ethical hacker can ensure the system security by using the same technique repeatedly. He would have to improve, develop and explore new avenues repeatedly.
q More enhanced softwares should be used for optimum protection. Tools used, need to be updated regularly and more efficient ones need to be developed
Conclusion
One of the main aims of the seminar is to make others understand that there are so many tools through which a hacker can get in to a system. Letâ„¢s check its various needs from various perspectives.
Student
A student should understand that no software is made with zero
Vulnerabilities. So while they are studying they should study the various possibilities and should study how to prevent that because they are the professionals of tomorrow.
Professionals
Professionals should understand that business is directly related to
Security. So they should make new software with vulnerabilities as less as possible. If they are not aware of these then they wonâ„¢t be cautious enough in security matters.
In the preceding sections we saw the methodology of hacking, why should we aware of hacking and some tools which a hacker may use. Now we can see what we can do against hacking or to protect ourselves from hacking.
The first thing we should do is to keep ourselves updated about those softwares we and using for official and reliable sources.
Educate the employees and the users against black hat hacking.
Use every possible security measures like Honey pots, Intrusion Detection Systems, Firewalls etc.
every time make our password strong by making it harder and longer to be cracked.

Training Report On IT SECURITY ETHICAL HACKING

---

Submitted to: Submitted By:
Dr. Sanjeev Jain Mayank Banwari
Prof. & HOD 0103CS061058
(Department of CSE)
COURSE TITLE
Information Security & Ethical Hacking:
Why Information Security
After the boom in Networking and Software jobs, the past two years have seen a sharp rise in the field of Information Security. Information Security and Ethical hacking is the latest buzzword in the industry. In the past five years, the percentage of hacking crimes, data thefts, data losses, viruses and other cyber crimes have increased exponentially. NASSCOM predicts requirement of 1, 88,000 professionals by the year 2008. Currently the number of security professionals in India is around 22,000. The current demand for Information Security jobs continue to grow. With information security increasingly becoming a boardroom level concern, training and certification are becoming increasingly important for candidates and companies like. Need for Information Security in the Indian Market Security Compliance is must for all companies with IT backbone. The requirement is high with organizations in IT / ITES segment. Information workers lack of basic security knowledge. Information Security Industry is going through an exponential growth rate, current worldwide growth rate is billed at 21 %.
INDEX
1. Cover Page 1
2. Certificate 2
3. Institute Name 3
4. Course title 4
5. Index 5
6. Introduction to IT Security and E-Hacking. 6
7. What are virus,worms,Backdoor Trojans. 8
8. What is Firewall and Ports. 12
9. What is Registry 14
10. What is Group Policy Editor. 15
11. Proxy Servers 17
12. GFI LAN guard Scanner 19
13. Phishing 21
14. Email-Tracker 22
15. Net Tools 25
16. Cryptography 26
17. Art of Googling 27
18. Data Recovery 28
19. Virtualization 30
Introduction to IT Security & Ethical Hacking
Ethical hackers
Employed by companies to perform penetration tests
Penetration test
Legal attempt to break into a companyâ„¢s network to find its weakest link
Tester only reports findings, does not harm the company
Ethical hackers
Employed by companies to perform penetration tests
Penetration test
Legal attempt to break into a companyâ„¢s network to find its weakest link
Tester only reports findings, does not harm the company
What is a Hacker
Eric Raymond, compiler of The New Hacker's Dictionary, defines a hacker as a clever programmer. A "good hack" is a clever solution to a programming problem and "hacking" is the act of doing it. Raymond lists five possible characteristics that qualify one as a hacker, which we paraphrase here:
¢ A person who enjoys learning details of a programming language or system
¢ A person who enjoys actually doing the programming rather than just theorizing about it
¢ A person capable of appreciating someone else's hacking
¢ A person who picks up programming quickly
¢ A person who is an expert at a particular programming language or system, as in "Unix hacker"
Hacker classes
Black hats “ highly skilled, malicious, destructive crackers
White hats “ skills used for defensive security analysts
Gray hats “ offensively and defensively; will hack for different
reasons, depends on situation.
Hactivism “ hacking for social and political cause.
Ethical hackers “ determine what attackers can gain access to, what they will do with the information, and can they be detected.
Anatomy of an attack:
Gathering Data “ attacker gathers information; can include social engineering.
Scanning “ searches for open ports (port scan) probes target for vulnerabilities.
Gaining access “ attacker exploits vulnerabilities to get inside system; used for spoofing IP.
Maintaining access “ creates backdoor through use of Trojans; once attacker gains access makes sure he/she can get back in.
Covering tracks “ deletes files, hides files, and erases log files. So that attacker cannot be detected or penalized
Raymond deprecates the use of this term for someone who attempts to crack someone else's system or otherwise uses programming or expert knowledge to act maliciously. He prefers the term cracker for this meaning.
The term hacker is used in popular media to describe someone who attempts to break into computer systems. Typically, this kind of hacker would be a proficient programmer or engineer with sufficient technical knowledge to understand the weak points in a security system
A cracker is someone who breaks into someone else's computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security. A cracker can be doing this for profit, maliciously, for some altruistic purpose or cause, or because the challenge is there. Some breaking-and-entering has been done ostensibly to point out weaknesses in a site's security system.
A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.
Since 1987, when a virus infected ARPANET, a large network used by the Defense Department and many universities, many antivirus programs have become available. These programs periodically check your computer system for the best-known types of viruses.
Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs.
What Is a Virus
A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Like a human virus, a computer virus can range in severity: some may cause only mildly annoying effects while others can damage your hardware, software or files.
Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without a human action, (such as running an infected program) to keep it going.
People continue the spread of a computer virus, mostly unknowingly, by sharing infecting files or sending e-mails with viruses as attachments in the e-mail.
What Is a Worm
A worm is similar to a virus by design and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action. A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided
The biggest danger with a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect. One example would be for a worm to send a copy of itself to everyone listed in your e-mail address book. Then, the worm replicates and sends itself out to everyone listed in each of the receiver's address book, and the manifest continues on down the line.
Due to the copying nature of a worm and its capability to travel across networks the end result in most cases is that the worm consumes too much system memory
(or network bandwidth), causing Web servers, network servers and individual computers to stop responding. In recent worm attacks such as the much-talked-about Blaster Worm, the worm has been designed to tunnel into your system and allow malicious users to control your computer remotely
What Is a Trojan horse
A Trojan Horse is full of as much trickery as the mythological Trojan Horse it was named after. The Trojan Horse, at first glance will appear to be useful software but will actually do damage once installed or run on your computer. Those on the receiving end of a Trojan Horse are usually tricked into opening them because they appear to be receiving legitimate software or files from a legitimate source. When a Trojan is activated on your computer, the results can vary. Some Trojans are designed to be more annoying than malicious (like changing your desktop, adding silly active desktop icons) or they can cause serious damage by deleting files and destroying information on your system. Trojans are also known to create a backdoor on your computer that gives malicious users access to your system, possibly allowing confidential or personal information to be compromised. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate.
What Are Blended Threats
Added into the mix, we also have what is called a blended threat. A blended threat is a more sophisticated attack that bundles some of the worst aspects of viruses, worms, Trojan horses and malicious code into one single threat. Blended threats can use server and Internet vulnerabilities to initiate, then transmit and also spread an attack. Characteristics of blended threats are that they cause harm to the infected system or network, they propagates using multiple methods, the attack can come from multiple points, and blended threats also exploit
vulnerabilities
To be considered a blended thread, the attack would normally serve to transport multiple attacks in one payload. For example it wouldn't just launch a DoS attack ” it would also, for example, install a backdoor and maybe even damage a local system in one shot. Additionally, blended threats are designed to use multiple modes of transport. So, while a worm may travel and spread through e-mail, a single blended threat could use multiple routes including e-mail, IRC and file-sharing sharing networks.
Lastly, rather than a specific attack on predetermined .exe files, a blended thread could do multiple malicious acts, like modify your exe files, HTML files and registry keys at the same time ” basically it can cause damage within several areas of your network at one time.
Blended threats are considered to be the worst risk to security since the inception of viruses, as most blended threats also require no human intervention to propagate.
Combating Viruses, Worms and Trojan Horses
The first step in protecting your computer from any malicious there is to ensure that your operating system (OS) is up-to-date. This is essential if you are running a Microsoft Windows OS. Secondly, you need to have anti-virus software installed on your system and ensure you download updates frequently to ensure your software has the latest fixes for new viruses, worms, and Trojan horses. Additionally, you want to make sure your anti-virus program has the capability to scan e-mail and files as they are downloaded from the Internet, and you also need to run full disk scans periodically. This will help prevent malicious programs from even reaching your computer. You should also install a firewall as well.
A firewall is a system that prevents unauthorized use and access to your computer. A firewall can be either hardware or software. Hardware firewalls
provide a strong degree of protection from most forms of attack coming from the outside world and can be purchased as a stand-alone product or in broadband routers. Unfortunately, when battling viruses, worms and Trojans, a hardware firewall may be less effective than a software firewall, as it could possibly ignore embedded worms in out going e-mails and see this as regular network traffic.
For individual home users, the most popular firewall choice is a software firewall. A good software firewall will protect your computer from outside attempts to control or gain access your computer, and usually provides additional protection against the most common Trojan programs or e-mail worms. The downside to software firewalls is that they will only protect the computer they are installed on, not a network.
It is important to remember that on its own a firewall is not going to rid you of your computer virus problems, but when used in conjunction with regular operating system updates and a good anti-virus scanning software, it will add some extra security and protection for your computer or network
Backdoor Trojans
Background Information
Examples of backdoor trojans are Netbus or Back Orifice. They allow other people to control your computer over the Internet. When you run a program that contains the Backdoor trojan, it will copy itself to the Windows or Windows\System directory and add itself to the system's registry. Trojans are usually claimed to be some sort of desirable program. For example, one popular trojan wrapper is a game called "Whack a Mole". Another is a game call "Pie Bill Gates". Once the program is in memory, it tries to hide itself on the task list. It doesn't show any icon or indication that it is running. It listens on a port until someone connects. The person who is controlling your computer uses a program that lets them record keystrokes, view files, move the mouse, open and close the CD-ROM, etc. Sometimes, the trojan is customized so that the person who planted it gets an e-mail when you run it.
Removal
The trojan tries to make itself hard to remove. For Back Orifice, it uses a file with a name that shows usually shows up as " .EXE" Sometimes it uses a name like "MSGSRV32.DRV". Windows prevents deleting the trojan file while it is active. Some of the regular antivirus software can find these trojans and delete them while Windows is not running. The antivirus program should find at least one EXE or DRV file containing the trojan. If it finds a .DLL file, then it is just an add-on to the trojan that provides extra features. If you decide to use a single purpose trojan remover, then be cautious. Sometimes trojans are disguised as trojan removers. For example, SynTax Back Orifice Remover and BOSniffer are all Back Orifice. A program imitating Antigen named Trojan.Win32.Antigen claims to remove Back Orifice but is actually a program that steals passwords. There are legitimate Anti-Trojan programs, but make sure you get recommendations from people who have tried them and download them directly from the author's site. You can also remove it from the registry manually. Click Start, then Run, then type regedit in the text box, then click OK. Click HKEY_LOCAL_MACHINE, then Software, then Microsoft, then Windows, then CurrentVersion. Check under Run and RunServices for any suspicious-looking files. Some files are Normally under this part of the registry. They are Rundll32.exe, systray.exe, scanregw.exe, taskmon.exe, mstask.exe. There are also some other files that are legitimate parts of the registry.
Why is it called "Spyware"
While this may be a great concept, the downside is that the advertising companies also install additional tracking software on your system, which is continuously "calling home", using your Internet connection and reports statistical data to the "mothership". While according to the privacy policies of the companies, there will be no sensitive or identifying data collected from your system and you shall remain anonymous, it still remains the fact, that you have a "live" server sitting on your PC that is sending information about you and your surfing habits to a remote location.....
Are all Adware products "Spyware"
No, but the majority are. There are also products that do display advertising but do not install any tracking mechanism on your system. These products are not indexed in our database.
Is Spyware illegal
Even though the name may indicate so, Spyware is not an illegal type of software in any way. However there are certain issues that a privacy oriented user may object to and therefore prefer not to use the product. This usually involves the tracking and sending of data and statistics via a server installed on the user's PC and the use of your Internet connection in the background.
What's the hype about
While legitimate adware companies will disclose the nature of data that is collected and transmitted in their privacy statement (linked from our database), there is almost no way for the user to actually control what data is being sent. The fact is that the technology is in theory capable of sending much more than just banner statistics - and this is why many people feel uncomfortable with the idea. On the other hand millions of people are using advertising supported "spyware" products and could not care less about the privacy hype..., in fact some "Spyware" programs are among the most popular downloads on the Internet.
Real spyware
There are also many PC surveillance tools that allow a user to monitor all kinds of activity on a computer, ranging from keystroke capture, snapshots, email logging, chat logging and just about everything else. These tools are perfectly legal in mostplaces,but, just like an ordinary tape recorder, if they are abused, they can seriously violate your privacy.
FIREWALL
A firewall is a secure and trusted machine that sits between a private network and a public network.[1] The firewall machine is configured with a set of rules that determine which network traffic will be allowed to pass and which will be blocked or refused. In some large organizations, you may even find a firewall located inside their corporate network to segregate sensitive areas of the organization from other employees. Many cases of computer crime occur from within an organization, not just from outside.
Firewalls can be constructed in quite a variety of ways. The most sophisticated arrangement involves a number of separate machines and is known as a perimeter network. Two machines act as "filters" called chokes to allow only certain types of network traffic to pass, and between these chokes reside network servers such as a mail gateway or a World Wide Web proxy server. This configuration can be very safe and easily allows quite a great range of control over who can connect both from the inside to the outside, and from the outside to the inside. This sort of configuration might be used by large organizations.
Typically though, firewalls are single machines that serve all of these functions. These are a little less secure, because if there is some weakness in the firewall machine itself that allows people to gain access to it, the whole network security
has been breached. Nevertheless, these types of firewalls are cheaper and easier to manage than the more sophisticated arrangement just described. Figure 9-1 illustrates the two most common firewall configurations.
The Linux kernel provides a range of built-in features that allow it to function quite nicely as an IP firewall. The network implementation includes code to do IP filtering in a number of different ways, and provides a mechanism to quite accurately configure what sort of rules you'd like to put in place. The Linux firewall is flexible enough to make it very useful in either of the configurations
PORT
(1) An interface on a computer to which you can connect a device. Personal computers have various types of ports. Internally, there are several ports for connecting disk drives, display screens, and keyboards. Externally, personal computers have ports for connecting modems, printers, mice, and other peripheral devices.
Almost all personal computers come with a serial RS-232C port or RS-422 port for connecting a modem or mouse and a parallel port for connecting a printer. On PCs, the parallel port is a Centronics interface that uses a 25-pin connector. SCSI (Small Computer System Interface) ports support higher transmission speeds than do conventional ports and enable you to attach up to seven devices to the same port.
(2) In TCP/IP and UDP networks, an endpoint to a logical connection. The port number identifies what type of port it is. For example, port 80 is used for HTTP traffic. Also see Well-Known TCP Port Numbers in the Quick Reference section of Webopedia.
(3) To move a program from one type of computer to another. To port an application, you need to rewrite sections that are machine dependent, and then recompile the program on the new computer. Programs that can be ported easily are said to be portable.
REGISTARY
This is a database used by Microsoft Windows to store configuration information about the software installed on a computer. This information includes things like the desktop background, program settings, and file extension.
The windows registry consist of six part:
HKEY_User - contains the user information for each user of the system.
HKEY_Current_User - has all the preferences for the current user.
HKEY_Current_Configuration - stores settings for the display and printers.
HKEY_Classes_Root - includes file associations and OLE information.
HKEY_Local_Machine - has the settings for the hardware, operating system, and
Installed applications.
How to Hide Run (all users):
1) open regedit (start menu > run, and type in regedit)
2) go to: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies/Explorer
3) Right Click on the Right Pane Select New-> DWORD -> change the String to "NoRun"
4) Select Properties and Change the Value to 1
5) Logoff the Windows, Login again, Run is Hidden.
How to Hide Search (all users):
1) open regedit (start menu > run, and type in regedit)
2) go to: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies/Explorer
3) Right Click on the Right Pane Select New-> DWORD -> change the String to "NoFind"
4) Select Properties and Change the Value to 1
5) Logoff the Windows, Login again, Run is Hidden.
How to Hide Desktop (all users):
1) open regedit (start menu > run, and type in regedit)
2) go to: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies/Explorer
3) Right Click on the Right Pane Select New-> DWORD -> change the String to "NoDesktop"
4) Select Properties and Change the Value to 1
5) Logoff the Windows, Login again, Run is Hidden.
About the Group Policy Editor- How it works
Although the Group Policy Editor console (gpedit.msc) is mostly used by administrators of networks and domains, it also has uses for a stand-alone home computer. One application is to allow convenient and easy editing of the Registry so that a variety of tweaks or changes to the system can be made. These settings are known as policies and are stored in a special hidden folder %SystemRoot%\System32\GroupPolicy\ (For most home systems the environment variable %SystemRoot% is C:\Windows.) Policies that apply to the machine are stored in a sub-folder "Machine" and policies that apply to a user are stored in a sub-folder "User". In each case the settings are in a file named "Registry.pol". Thus the settings for the machine are in %SystemRoot%\System32\GroupPolicy\Machine\Registry.pol and in similar fashion user settings are in User\Registry.pol. Policies are used to write to a special key of the Registry and override any settings elsewhere in the Registry. Since only the administrator account can access the policy settings, limited account users can be prevented from making unwanted system changes.
Another useful application of the Group Policy Editor (GPE) is to provide for the automatic running of scripts or programs whenever the computer is started up or shut down or when a user logs on or off. This may be the application of most practical use to a typical home PC user.
Using the Group Policy Editor
Like many other management consoles, the GPE is not listed in Start-All Programs. To open it, go to Start-Run and enter "gpedit.msc" (without quotes). Figure 1 shows one view of the console. Note that there are entries for the
computer configuration and for the user configuration. Selecting either one then gives the entries shown in the right panel of the figure. Clicking plus signs in the left panel will expand the selections
Proxy Servers
A proxy server is a kind of buffer between your computer and the Internet resources you are accessing. They accumulate and save files that are most often requested by thousands of Internet users in a special database, called cache. Therefore, proxy servers are able to increase the speed of your connection to the Internet. The cache of a proxy server may already contain information you need by the time of your request, making it possible for the proxy to deliver it immediately. The overall increase in performance may be very high. Also, proxy servers can help in cases when some owners of the Internet resources impose some restrictions on users from certain countries or geographical regions. In addition to that, among proxy servers there are so called anonymous proxy servers that hide your IP address thereby saving you from vulnerabilities concerned with it.
Anonymous Proxy Servers
Anonymous proxy servers hide your IP address and thereby prevent unauthorized access to your computer through the Internet. They do not provide anyone with your IP address and effectively hide any information about you and your reading interests. Besides that, they donâ„¢t even let anyone know that you are surfing through a proxy server. Anonymous proxy servers can be used for all kinds of Web-services, such as Web-Mail (MSN Hot Mail, Yahoo mail), web-chat rooms, FTP archives, etc.
Why Should You Use Anonymous Proxy Servers
Any web resource you access can gather personal information about you through your unique IP address “ your ID in the Internet. They can monitor your reading interests, spy upon you and, according to some policies of the Internet resources, deny accessing any information you might need. You might become a target for many marketers and advertising agencies who, having information about your interests and knowing your IP address as well as your e-mail, will be able to send you regularly their spam and junk e-mails.A web site can automatically exploit security holes in your system using not-very-complex, ready-made, free hacking programs. Some of such programs may just hang your machine, making you reboot it, but other, more powerful ones, can get access to the content of your hard drive or RAM. Everything a web site may need for that is only your IP address and some information about your operating system. Using an anonymous proxy server you don't give anybody any chance to find out your IP address and any information about you and use them in their own interests.
The Solution
Using an anonymous proxy server you donâ„¢t give anybody chance to find out your IP address to use it in their own interests. We can offer you three ways to solve your IP problem:
1. Secure Tunnel - pay proxy server with plenty of features. Effective for personal use, when your Internet activities are not involved in web site development, mass form submitting, etc. The best solution for most of Internet users. Ultimate protection of privacy - nobody can find out where you are engaged in surfing. Blocks all methods of tracking. Provides an encrypted connection for all forms of web browsing, including http, news, mail, and the especially vulnerable IRC and ICQ. Comes with special totally preconfigured software.
2. ProxyWay Pro - multifunctional anonymous proxy surfing software which you can use together with a wide variety of web applications (web browsers, Instant Messengers, Internet Relay Chat (IRC), etc.) to ensure your anonymity. ProxyWay Pro provides an extended proxy management system that enables you to search for, check proxy (multithreaded proxies checking), analyze, validate proxy servers for speed, anonymity, type (HTTP/HTTPS/SOCKS), geographical location, create proxy chains. Allows update proxy list automatically using scheduler. ProxyWay Pro lets you clear history, block ads and popups, change User-Agent and Referrer fields, block harm code and much more. Also it can be used as a simple local proxy server.
3. Our own small proxy list is also a good place to start with if you are a noviceThere are MANY methods to change your IP address. Some methods will work for you but may not work for someone else and vice versa. If your IP is static, then you CANâ„¢T change your IP address without contacting your ISP. If you have a long lease time on your IP then you wonâ„¢t be able to change your IP without cloning your MAC address, which Iâ„¢ll explain later in this article.
The #1 Network Security Scanner and Vulnerability Management Solution (GIF LAN GURARD SCANNER)
GFI LANguard„¢ is the award-winning network and security scanner used by over 20,000 customers. GFI LANguard scans your network and ports to detect, assess and correct security vulnerabilities with minimal administrative effort. As an administrator, you have to deal separately with problems related to vulnerability issues, patch management and network auditing, at times using multiple products. However, with GFI LANguard these three cornerstones of vulnerability management are addressed in one package. We give you a complete picture of your network set-up and help you to maintain a secure network state faster and more effectively.
Freeware Version Available
To add further value, GFI has now released a freeware version of GFI LANguard, in line with our ˜We Care™ initiative to offer a helping hand in these hard economic times. Using the freeware version, companies can scan up to five IPs for free using the product™s full feature set “ with no restrictions whatsoever. Click here for more information.
Vulnerability Management
GFI LANguard performs network scans using vulnerability check databases based on OVAL and SANS Top 20, providing over 15,000 vulnerability assessments when your network, including any virtual environment, is scanned. GFI LANguard allows you to analyze the state of your network security and take action before it is compromised. The latest version detects machines that are vulnerable to infection by the Conficker worm as well as identifying machines that have been infected.
Patch Management
When a network scan is complete, GFI LANguardâ„¢s Patch Management gives you what you need to effectively deploy and manage patches on all machines across different Microsoft operating systems and products in 38 languages. Not only can you automatically download missing Microsoft security updates, but you can also automatically deploy the missing Microsoft patches or service-packs throughout your network at the end of scheduled scans.
Network Auditing
GFI LANguardâ„¢s Network Auditing tells you all you need to know about your network by retrieving hardware information on memory, processors, display adapters, storage devices, motherboard details, printers, and ports in use. Using baseline comparisons you can check whether any hardware was added or removed since the last scan. GFI LANguard will identify and report unauthorized software installations and provide alerts or even automatically uninstall unauthorized applications.
Why use GFI LANguard
¢ Powerful network, security and port scanner with network auditing capabilities
¢ Over 15,000 vulnerability assessments carried out across your network, including virtual environment
¢ Reduces the total cost of ownership by centralizing vulnerability scanning, Patch Management and Network Auditing
¢ Automated options help to retain a secure network state with minimal administrative effort
¢ Network-wide auditing functions provides a complete picture of network and port security set-up
¢ #1 Windows commercial security scanner and Best of TechEd 2007
PHISHING
Just like a lure might be dangled in front of a fish to trick it into thinking thereâ„¢s a real worm at the end of the hook, phishing is e-mail or instant messages that look like theyâ„¢re from a reputable company to get you to click a link. These messages can look like the real thing, right down to a spoofed e-mail address (faking someone elseâ„¢s e-mail address is known as spoofing). When unsuspecting users click the link, theyâ„¢re taken to an equally convincing (and equally fake) Web page or pop-up window thatâ„¢s been set up to imitate a legitimate business. The phishing site will ask for the userâ„¢s personal information, which the phisher then uses to buy things, apply for a new credit card, or otherwise steal a personâ„¢s identity.
What are the signs of phishing
Spotting the imposters can be tricky since phishers go to great lengths to look like the real thing:
Unsolicited requests for personal information. Most businesses aren™t going to ask you for your personal information out of the blue”especially not an organization such as your bank or credit card company, which should already have this information on file. If you do get a request for personal information, call the company first and make sure the request is legitimate.
Alarmist warnings. Phishers often attempt to get people to respond without thinking, and a message that conveys a sense of urgency, perhaps by saying that an account will be closed in 48 hours if you donâ„¢t take immediate action, may cause you to do just that.
Mistakes. The little things can often reveal the biggest clues. Phishers often slip up on the finer details and overlook typos, mistakes in grammar, and so on.
Addressed as Customer. If your bank, for example, regularly addresses you by name in its correspondence and you get an e-mail addressed to Dear Customer, this may be a phishing attempt.
The words verify your account. A legitimate business will not ask you to send passwords, logon names, Social Security numbers, or other personally identifiable information through e-mail. Be suspicious of a message that asks for personal information no matter how authentic it looks.
The phrase Click the page link below to gain access to your account. HTML-formatted messages can contain links or forms that you can fill out just as youâ„¢d fill out a form on a Web site. The links that you are urged to click may contain all or part of a real company's name, but the page link you see is actually taking you to a phony Web site.Trust your instincts. If an e-mail message looks suspicious, it probably is.Another common technique that phishers use is a Uniform Resource Locator (URL) that at first glance appears to be the name of a well-known company but is slightly altered by intentionally adding, omitting, or transposing letters. For example, the URL "microsoft.com" could appear instead as:
micosoft.com
verify-microsoft.com
MAIL TRACKER
Each email you receive comes with headers. The headers contain information about the routing of the email and the originating IP of the email. Not all emails you receive can be traced back to the originating point and depending on how you send emails etermines whether or not they can trace the email back to you. The headers don't contain any personal information. At most, you can get the originating IP and the computer name that sent the email. The originating IP can be looked up to determine from where the email was sent. .
eMailTrackerPro can trace email back to it's true geographical location. You can also use the spam filter in eMailTrackerPro to wipe out 90% of your daily spam in one go!
eMailTrackerPro is the only tool you will need to fight off SPAM. Not only can you track email you have received to find the location, and more importantly, the relevant ISP in order to report the SPAM but you can set up your eMail account with eMailTrackerPro to filter out the SPAM before it even gets to your machine.
How does eMailTrackerPro trace email
Using advanced header analysis and a world renown IP database eMailTrackerPro can pin point the real IP address of the sender and track it down to the town/city the email came from.
How can eMailTrackerPro filter my SPAM
eMailTrackerPro Advanced has a mail filtering feature. This is available to any user with a POP account (SSL is supported). Once set up eMailTrackerPro will trace your emails whilst they are still on your POP server, this alone can spot emails that have been misdirected and then mark them as SPAM. Pre defined filters are already set up to check your email against DNS Blacklists and foreign language filters to further wipe out SPAM.
You can cut your SPAM load by 90%
without having to do anything! (for this feature the advanced edition is needed)
Can I take further action against spammers
eMailTrackerPro has an abuse reporting feature which automatically generates a report to be sent to the ISP responsible for a particular SPAM email. We also provide the abuse address for it to be sent to. All of this in just a couple of clicks.
Step A: Sender creates and sends an email
The originating sender creates an email in their Mail User Agent (MUA) and clicks 'Send'. The MUA is the application the originating sender uses to compose and read email, such as Eudora, Outlook, etc.
Step B: Sender's MDA/MTA routes the email
The sender's MUA transfers the email to a Mail Delivery Agent (MDA). Frequently, the sender's MTA also handles the responsibilities of an MDA. Several of the most common MTAs do this, including sendmail and qmail (which Kavi uses).
The MDA/MTA accepts the email, then routes it to local mailboxes or forwards it if it isn't locally addressed.
In our diagram, an MDA forwards the email to an MTA and it enters the first of a series of "network clouds," labeled as a "Company Network" cloud.
Step C: Network Cloud
An email can encounter a network cloud within a large company or ISP, or the largest network cloud in existence: the Internet. The network cloud may encompass a multitude of mail servers, DNS servers, routers, lions, tigers, bears (wolves!) and other devices and services too numerous to mention. These are prone to be slow when processing an unusually heavy load, temporarily unable to receive an email when taken down for maintenance, and sometimes may not have identified themselves properly to the Internet through the Domain Name System (DNS) so that other MTAs in the network cloud are unable to deliver mail as addressed. These devices may be protected by firewalls, spam filters and malware detection software that may bounce or even delete an email. When an email is deleted by this kind of software, it tends to fail silently, so the sender is given no information about where or when the delivery failure occurred.
Email service providers and other companies that process a large volume of email often have their own, private network clouds. These organizations commonly have multiple mail servers, and route all email through a central gateway server (i.e., mail hub) that redistributes mail to whichever MTA is available. Email on these secondary MTAs must usually wait for the primary MTA (i.e., the designated host for that domain) to become available, at which time the secondary mail server will transfer its messages to the primary MTA.
Step D: Email Queue
The email in the diagram is addressed to someone at another company, so it enters an email queue with other outgoing email messages. If there is a high volume of mail in the queue”either because there are many messages or the messages are unusually large, or both”the message will be delayed in the queue until the MTA processes the messages ahead of it.
Step E: MTA to MTA Transfer
When transferring an email, the sending MTA handles all aspects of mail delivery until the message has been either accepted or rejected by the receiving MTA.
As the email clears the queue, it enters the Internet network cloud, where it is routed along a host-to-host chain of servers. Each MTA in the Internet network cloud needs to "stop and ask directions" from the Domain Name System (DNS) in order to identify the next MTA in the delivery chain. The exact route depends
partly on server availability and mostly on which MTA can be found to accept email for the domain specified in the address. Most email takes a path that is dependent on server availability, so a pair of messages originating from the same host and addressed to the same receiving host could take different paths. These days, it's mostly spammers that specify any part of the path, deliberately routing their message through a series of relay servers in an attempt to obscure the true origin of the message.
To find the recipient's IP address and mailbox, the MTA must drill down through the Domain Name System (DNS), which consists of a set of servers distributed across the Internet. Beginning with the root nameservers at the top-level domain (.tld), then domain nameservers that handle requests for domains within that .tld, and eventually to nameservers that know about the local domain.
DNS resolution and transfer process
There are 13 root servers serving the top-level domains (e.g., .org, .com, .edu, .gov, .net, etc.). These root servers refer requests for a given domain to the root name servers that handle requests for that tld. In practice, this step is seldom necessary.
The MTA can bypass this step because it has already knows which domain name servers handle requests for these .tlds. It asks the appropriate DNS server which Mail Exchange (MX) servers have knowledge of the subdomain or local host in the email address. The DNS server responds with an MX record: a prioritized list of MX servers for this domain.
An MX server is really an MTA wearing a different hat, just like a person who holds two jobs with different job titles (or three, if the MTA also handles the responsibilities of an MDA). To the DNS server, the server that accepts messages is an MX server. When is transferring messages, it is called an MTA.
The MTA contacts the MX servers on the MX record in order of priority until it finds the designated host for that address domain.
The sending MTA asks if the host accepts messages for the recipient's username at that domain (i.e., username[at]domain.tld) and transfers the message.
Step F: Firewalls, Spam and Virus Filters
The transfer process described in the last step is somewhat simplified. An email may be transferred to more than one MTA within a network cloud and is likely to be passed to at least one firewall before it reaches it's destination.
An email encountering a firewall may be tested by spam and virus filters before it is allowed to pass inside the firewall. These filters test to see if the message qualifies as spam or malware. If the message contains malware, the file is usually quarantined and the sender is notified. If the message is identified as spam, it will probably be deleted without notifying the sender.
Spam is difficult to detect because it can assume so many different forms, so spam filters test on a broad set of criteria and tend to misclassify a significant number of messages as spam, particularly messages from mailing lists. When an email from a list or other automated source seems to have vanished somewhere in the network cloud, the culprit is usually a spam filter at the receiver's ISP or company.
NET TOOLS
Net Tools is cutting-edge security and network monitoring software for the Internet and Local Area Networks, providing clients with the ability and confidence to meet the challenges of tomorrow's technology. Keeping pace with the industry trends, we offer professional tools that support the latest standards, protocols, software, and hardware for both wired and wireless networks. The main goal is the creation of high quality software. Net Tools is a very strong combination of network scanning, security, file, system, and administrator tools useful in diagnosing networks and monitoring your PC and
computer's network connections for system administrators. Next to the essential core tools it includes a lot of extra valuable features. Itâ„¢s a Swiss Army knife for everyone interested in a set of powerful network tools for everyday use. This all-in-one toolkit includes also a lot of handy file and system utilities next to the huge amount of network tools. The menus are fully configurable, so in this way you wonâ„¢t get lost in the extremely large amount of essential tools. All the additional features will make this application a must have for all system administrators. There are numerous constructive and valuable applications included in Net Tools that can be used for a great amount of purposes. The latest version of Net Tools is hybrid; it means that itâ„¢s capable of working together with applications that are made and designed for Net Tools, so in this way more flexibility and user-friendliness is obtained. This software is designed for the Microsoft Windows OS (Windows 98, NT, 2000, 2003, XP, Vista). Itâ„¢s entirely compatible and has thoroughly been tested on Windows XP. With the 175+ tools it is a great collection of useful tools for network users. The size of Net Tools 5.0.70 is approximately 25 Mb.
CRYPTOGRAPHY
Public-key cryptography is a cryptographic approach, employed by many cryptographic algorithms and cryptosystems, whose distinguishing characteristic is the use of asymmetric key algorithms instead of or in addition to symmetric key algorithms. Using the techniques of public key-private key cryptography, many methods of protecting communications or authenticating messages formerly unknown have become practical. They do not require a secure initial exchange of one or more secret keys as is required when using symmetric key algorithms. It can also be used to create digital signatures.
Public key cryptography is a fundamental and widely used technology around the world, and is the approach which underlies such Internet standards as Transport Layer Security (TLS) (successor to SSL), PGP and GPG.
The distinguishing technique used in public key-private key cryptography is use of asymmetric key algorithms because the key used to encrypt a message is not the same as the key used to decrypt it. Each user has a pair of cryptographic keys ” a public key and a private key. The private key is kept secret, whilst the public key may be widely distributed. Messages are encrypted with the recipient's public key and can only be decrypted with the corresponding private key. The keys are related mathematically, but the private key cannot be feasibly (ie, in actual or projected practice) derived from the public key. It was the discovery of such algorithms which revolutionized the practice of cryptography beginning in the middle 1970s.
In contrast, Symmetric-key algorithms, variations of which have been used for some thousands of years, use a single secret key shared by sender and receiver (which must also be kept private, thus accounting for the ambiguity of the common terminology) for both encryption and decryption. To use a symmetric encryption scheme, the sender and receiver must securely share a key in advance.
Because symmetric key algorithms are nearly always much less computationally intensive, it is common to exchange a key using a key-exchange algorithm and transmit data using that key and a symmetric key algorithm. PGP, and the SSL/TLS family of schemes do this, for instance, and are called hybrid cryptosystems in consequence

ART OF GOOGLING
Here's a quick list of some of our most popular tools to help refine and improve your search. For additional help with Google Web Search or any other Google product.
OPERATOR EXAMPLE FINDS PAGES CONTAINING...
Vacation hawaii the words vacation and Hawaii .
Maui OR Hawaii either the word Maui or the word Hawaii
"To each his own" the exact phrase to each his own
virus “computer the word virus but NOT the word computer
+sock Only the word sock, and not the plural or any tenses or synonyms
~auto loan loan info for both the word auto and its synonyms: truck, car, etc.
define:computer definitions of the word computer from around the Web.
red * blue the words red and blue separated by one or more words.
I'm Feeling Lucky Takes you directly to first web page returned for your query.

CALCULATOR OPERATORS MEANING TYPE INTO SEARCH BOX
+ addition 45 + 39
- subtraction 45 “ 39
* multiplication 45 * 39
/ division 45 / 39
% of percentage of 45% of 39
^ raise to a power 2^5
(2 to the 5th power)

ADVANCED OPERATORS MEANING WHAT TO TYPE INTO SEARCH BOX (& DESCRIPTION OF RESULTS)
site: Search only one website admission sitetanford.edu
(Search Stanford Univ. site for admissions info.)
[#]¦[#] Search within a
range of numbers DVD player $100..150
(Search for DVD players between $100 and $150)
link: linked pages linktanford.edu
(Find pages that page link to the Stanford University website.)
info: Info about a page infotanford.edu
(Find information about the Stanford University website.)
related: Related pages relatedtanford.edu
(Find websites related to the Stanford University website.)
DATA RECOVERY
Data recovery is the retrieval of inaccessible or contaminated data from media that has been damaged in some way. Data recovery is being increasingly used and is an important process nowadays.
There has been a lot of progress in increasing the memory capacity of data storage devices. Therefore data loss from any one incident also tends to be very high. The relevance of lost data can vary greatly. Maybe you have had the experience of storing a homework assignment on a floppy disk only to have it missing on the day the assignment in due.
Consider the fact that a large amount of businesses nowadays have vital organizational related data stored on machines. Also hospitals store data on patients on computers. Large amounts of websites nowadays use databases technology to enhance their websites and make them more dynamic. Php and MySql use has been on the rise on the Internet. Database failure is not uncommon and so it is not a fail proof method of storing information.
Companies have high reliance on computer technology to write and store data relevant to their business operations. Thus the data being stored can have a great deal of impact on personal lives and operations of companies.
There can be several causes of data loss.
Data loss can occur from unexpected incidences including national tragedies such as floods and earthquakes.
Often power failure can cause loss of data from hard drives. Sudden power surges can also cause a lot of damage to a computerâ„¢s hard drive.
Accidentally deleting a file or formatting a hard drive or floppy disk is a common reason for data loss.
If you have accidentally lost any important documents there are several steps you can take. Remember that if you have accidentally erased a file, it may not have vanished from your computer. It may have left an imprint in a different format on the computerâ„¢s hard drive or other storage devices. Recovering the data involves locating it and transforming it into human readable form.
Not all data may be recoverable.
You can either hire professional service to help you solve your problem or attempt a recovery on your own.
You can carry out data recovery operations on your own computer if you know what you are doing. There is data recovery software widely available that can assist you in the process.
Data recovery can become complicated if you overwrite on the storage device that has the lost data. Therefore if you do not know what you are doing, it is advisable to contact a professional service firm.
Data recovery professionals are experts in recovering data from all sorts of media and from a variety of damages done. There are many specialists out there who have years of experience in the IT field. The kind of data recovery operation to use will depend a great deal on the storage device and other variables such as the amount of damage done or the operation system used such as Macintosh, Windows or Linux.
There are some cases where it may be impossible to recover any data. However do not fret as the odds lie in your favor since a high percentage of data recovery operations are successful.
Preventing data loss
Of course the best way is to prevent data loss in the first place.
Data backup allows for restoring data if data loss occurs. Even ordinary pc users can set up their computer to carry out regularly scheduled backup operations. In the event of a hard drive crash or an unwise change in settings by an uninformed user, the restore tool can be used to retrieve deleted data or to restore the computerâ„¢s settings from an earlier time.
For the back up process to be useful it should involve several reliable backup systems and performing drills to make sure the data is being stored correctly. Additional protection methods from data loss include making sure that the hard drive is protected from damages from the external environment. This includes protection from sunlight and temperature extremes.
Also plugging in your pc into a surge protector rather than an ordinary outlet can give your computer a protection layer from electricity fluctuations. Keep your virus protection up to date. Also remember to keep your backup data separate from your computer.
Nevertheless a lot of companies will go through a disaster and experience data loss. The best thing to do is not to panic and also not to ignore the situation. The quicker you rectify the situation the better. Counting on data loss will help you be prepared for any such event
VIRTUALIZATION
What is Virtualization
Virtualization allows multiple operating system instances to run concurrently on a single computer; it is a means of separating hardware from a single operating system. Each guest OS is managed by a Virtual Machine Monitor (VMM), also known as a hypervisor. Because the virtualization system sits between the guest and the hardware, it can control the guestsâ„¢ use of CPU, memory, and storage, even allowing a guest OS to migrate from one machine to another.

plzzzzzzzz sir send me the full report of smart note taker i have seminar on tuesday.i had sent you post u havent send any reply,plzzzzzzz send the post as soon as possible

---

plz send me the ppt of smart note taker

[attachment=4275]
Ethical Hackers

---

Pratheeba Murugesan

---

abstract


Independent computer security Professionals breaking into the computer systems.
Neither damage the target systems nor steal information.
Evaluate target systems security and report back to owners about the vulnerabilities found.

[attachment=4280]

hacking

---

RAHUL TYAGI

---

abstract

Hacking is fetching the details of programmable systems

Exploding the capabilities of computer systems

Can also mean breaking into computer systems(cracking)

[attachment=5264]

HACKING A NEW PERSPECTIVE


Advisor
Mr. Indraneel Mukhopadhyay

---

INTRODUCTION

Hacking is the method of breaking into information system without proper authentication and permission.Hacking community is basically divided into four groups :-

1. Hackers
2. Crackers
3. Phreaks
4. Script Kiddies

I CANT FIND WHERE THE REPORT IS.

[attachment=5596]

---

This article is presented by:
Saroj Nayak
KEC

Ethical Hacking:A new perspective

What is Hacking?

Username: system Password: manager Welcome to ABL Computer Research Lab. You have five new messages. $ That is how easy it was to hack into a computer network. The most prominent definition of hacking is the act of gaining access without legal authorization to a computer or computer network. A hacker first attacks an easy target, and then uses it to hide his or her traces for launching attacks at more secure sites. The goal of an attack is to gain complete control of the system (so you can edit, delete, install, or execute any file in any user’s directory), often by gaining access to a "super-user" account. This will allow both maximum access and the ability to hide your presence.

Hackers are here. Where are you?


The explosive growth of the Internet has brought many good things…As with most technological advances, there is also a dark side: criminal hackers.
The term “hacker” has a dual usage in the computer industry today. Originally, the term was defined as:
HACKER noun. 1. A person who enjoys learning the details of computer systems and how to stretch their capabilities…. 2. One who programs enthusiastically or who enjoys programming rather than just theorizing about programming.

[attachment=6438]

---

This article is presented by:Rajesh Kumar. M
M.C.A III semester

HACKING

HACKING




Introduction to Hacking
The Internet, like any other new media historically, provides new methods of engaging in illegal activities. That is not to say that the Internet is intrinsically 'bad', as many tabloid journalists would have us to believe, it is simply a means for human beings to express themselves and share common interests. Unfortunately, many of these common interests include pornography, trading Warez (pirated software), trading illegal MP3 files, and engaging in all kinds of fraud such as credit card fraud.

Hacking on the other hand is a greatly misrepresented activity as portrayed by the wider media and Hollywood movies. Although many hackers go on from being computer enthusiasts to Warez pirates, many also become system administrators, security consultants or website managers.
A Definition of Hacking
•Hacking generally refers to the act of a person abusing computer access, breaking into computers, or using computers without authorization.
•An Attack is the attempt of an individual or group to violate a system through some series of events. The attack can originate from someone inside or outside the network.
•An Intruder or Attacker is a person who carries out an attack. •

A Definition of Hacker

Hacker is a term used to describe different types of computer experts. It is also sometimes extended to mean any kind of expert, especially with the connotation of having particularly detailed knowledge or of cleverly circumventing limits. The meaning of the term, when used in a computer context, has changed somewhat over the decades since it first came into use, as it has been given additional and clashing meanings by new users of the word.
Currently, "hacker" is used in two main ways, one positive and one pejorative. It can be used in the computing community to describe a particularly brilliant programmer or technical expert (for example: "Linus Torvalds, the creator of Linux, is a genius hacker."). This is said by some to be the "correct" usage of the word (see the Jargon File definition below). In popular usage and in the media, however, it generally describes computer intruders or criminals. "Hacker" can be seen as a shibboleth, identifying those who use it in its positive sense as members of the computing community.
As a result of this conflict, the term is the subject of some controversy. The pejorative usage is disliked by many who identify themselves as hackers, and who do not like their label used negatively. Many users of the positive form say the "intruder" meaning should be deprecated, and advocate terms such as "cracker" or "black-hat" to replace it. Others prefer to follow common popular usage, arguing that the positive form is confusing and never likely to become widespread
Crackers are people who try to gain unauthorized access to computers. This is normally done through the use of a 'backdoor' program installed on your machine. A lot of crackers also try to gain access to resources through the use of password cracking software, which tries billions of passwords to find the correct one for accessing a computer.
2)History
Here is a timeline of the noun "hack" and etymologically related terms as they evolved in historical English:
• In French, haquenée means an ambling horse.
• In Old English, tohaccian meant hack to pieces.
• At some point in the 14th century, the word haquenée became hackney, meaning a horse of medium size or fair quality.
• Shortly after, hackney was shortened to hack, and in riding culture the act of "hacking" (as opposed to fox-hunting) meant riding about informally, to no particular purpose.
• 1393 (at the latest): the word had also acquired the meaning of a horse for hire and also "prostitute."
• 1596: hackney was being used as an adjective meaning tired or worn out. Shakespeare also used the word to mean "to make common and overly familiar" in Henry IV, Part I.
• 1700: a hack is a "person hired to do routine work".
• 1704: hack now also means a "carriage for hire".
• 1749: hack means "one who writes anything for hire" (still in use today among writers)
• 1802: hack is used to mean a "short, dry cough" (still in use)
• 1826: the expression "a hack writer" is first recorded though hackney writer appeared at least 50 years earlier
• 1898: hack is given the figurative sense of "a try, an attempt".
• 1950s: ham radio fans borrowed the term hacking from riding and defined it as creatively tinkering to improve performance.
• 1955: American English gives it the slang sense of "cope with" (as in "can't hack it"). On the U.S. East Coast, cars were substituted for horses, and hacking was a precursor to cruising.
• 1989: The Cuckoo's Egg by Clifford Stoll is published. It uses the term hacker in the sense of a computer criminal.
The modern, computer-related form of the term is likely rooted in the goings on at MIT in the 1960s, long before computers became common; a "hack" meant a simple, but often inelegant, solution. The term hack came to refer to any clever prank (http://hacks.mit.edu/) perpetrated by MIT students; logically the perpetrator is a hacker. To this day the terms hack and hacker are used in that way at MIT, without necessarily referring to computers. When MIT students surreptitiously put a police car atop the dome on MIT's Building 10, that was a hack, and the students involved were therefore hackers. This type of hacker is now sometimes called a Reality Hacker or Urban spelunker.
The term was fused with computers when members of the Tech Model Railroad Club started working with a Digital Equipment Corporation PDP-1 computer and applied local model railroad slang to computers.

---

[attachment=6596]
ETHICAL HACKING

Submitted by:

A.V. Vijaya Saradhi
08B61A0502
III B.Tech cse-B


Submitted to:

Dr. M. Ravichand M.A., M.Phil., Ph.D.
Assistant Professor of English (S.L)
Department of GEBH

---

Abstract


The explosive growth of the Internet has brought many good things: electronic commerce, easy access to vast stores of reference material, collaborative computing, e-mail, and new avenues for advertising and information distribution, to name a few. As with most technological advances, there is also a dark side: criminal hackers.

Governments, companies, and private citizens around the world are anxious to be a part of this revolution, but they are afraid that some hacker will break into their Web server and replace their logo with pornography, read their e-mail, steal their credit card number from an on-line shopping site, or implant software that will secretly transmit their organization's secrets to the open Internet.

With these concerns and others, the ethical hacker can help. This paper describes ethical hackers: their skills, their attitudes, and how they go about helping their customers find and plug up security holes. The ethical hacking process is explained, along with many of the problems that the Global Security Analysis Lab has seen during its early years of ethical hacking for IBM clients.

[attachment=6655]

[attachment=6654]
[attachment=6656]

ethical hacking full report

Dilip Kumar Jha “Deepak”
Roll no: 870056

MCA 2nd year(4th sem.)
Kalinga institute of industrial technology
School of Computer Application

and

Pratheeba Murugesan

---

INTRODUCTION

Ethical hacking- also known as penetration testing or intrusion testing or red teaming has become a major concern for businesses and governments.

Ethical hackers employ the same tools and techniques as the intruders.

They neither damage the target systems nor steal information.

The tool is not an automated hacker program rather it is an audit that both identifies the vulnerabilities of a system and provide advice on how to eliminate them.



Ethical Hacking

Pratheeba Murugesan

---

Independent computer security Professionals breaking into the computer systems.
Neither damage the target systems nor steal information.
Evaluate target systems security and report back to owners about the vulnerabilities found.

get me full report on ethikal hacking

---

kindy send me me full report of ethickal hacking

---

[attachment=7962]

Submitted to:Miss.Mani (Lect. In CSE Dept.)

Submitted by:Savita
CSE-1(G-2)

OVERVIEW
What is a Ethical Hacking?
Defining hacker.
Ethical Hacking 101.
Understanding the Need to Hack Your Own Systems.
Some attacks.
Obeying the Ethical Hacking Commandmentes.
Sources.
What is a Ethical Hacking?
An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners.

An ethical hacker is sometimes called a white hat, a term that comes from old Western movies, where the "good guy" wore a white hat and the "bad guy" wore a black hat.

Defining hacker
Hacker is a word that has two meanings:

Traditionally, a hacker is someone who likes to tinker with software or electronic systems. Hackers enjoy exploring and learning how computer systems operate. They love discovering new ways to work electronically.

Recently, hacker has taken on a new meaning — someone who maliciously breaks into systems for personal gain. Technically, these criminals are crackers (criminal hackers). Crackers break into (crack) systems with malicious intent. They are out for personal gain: fame, profit, and even revenge. They modify, delete, and steal critical information, often making other people miserable.

One of the first examples of ethical hackers at work was in the 1970s, when the United States government used groups of experts called red teams to hack its own computer systems.
The good-guy (white-hat) hackers don’t like being in the same category as the bad-guy (black-hat) hackers. (These terms come from Western movies where the good guys wore white cowboy hats and the bad guys wore black cowboy hats.)

Hackers (or bad guys) try to compromise computers.
Ethical hackers (or good guys) protect computers against illicit entry.
Ethical Hacking 101
Ethical hacking — also known as penetration testing or white-hat hacking —involves the same tools, tricks, and techniques that hackers use, but with one major difference: Ethical hacking is legal. Ethical hacking is performed with the target’s permission. The intent of ethical hacking is to discover vulnerabilities of an overall information risk management program that allows for ongoing security improvements.

To hack your own systems like the bad guys, you must think like they think
Understanding the Need to Hack Your Own Systems
To catch a thief, think like a thief. That’s the basis for ethical hacking.

Protecting your systems from the bad guys — and not just the generic vulnerabilities that everyone knows about — is absolutely critical. When you know hacker tricks, you can see how vulnerable your systems are.
Attacking your own systems to discover vulnerabilities is a step to making them more secure. This is the only proven method of greatly hardening your systems from attack. If you don’t identify weaknesses, it’s a matter of time before the vulnerabilities are exploited.

As hackers expand their knowledge, so should you. You must think like them to protect your systems from them. You, as the ethical hacker, must know activities hackers carry out and how to stop their efforts. You should know what to look for and how to use that information to thwart hackers’ efforts.

It’s impossible to buttress all possible vulnerabilities on all your systems. You can’t plan for all possible attacks — especially the ones that are currently unknown. However, the more combinations you try — the more you test whole systems instead of individual units — the better your chances of discovering vulnerabilities that affect everything as a whole.

Your overall goals as an ethical hacker should be as follows:

Hack your systems in a nondestructive fashion.

Enumerate vulnerabilities and, if necessary, prove to upper management that vulnerabilities exist.

Apply results to remove vulnerabilities and better secure your systems.
Some attacks
Nontechnical attacks
Exploits that involve manipulating people — end users and even yourself —are the greatest vulnerability within any computer or network infrastructure. Humans are trusting by nature, which can lead to social-engineering exploits. Social engineering is defined as the exploitation of the trusting nature of human beings to gain information for malicious purposes.

Other common and effective attacks against information systems are physical. Hackers break into buildings, computer rooms, or other areas containing critical information or property.
Network-infrastructure attacks
Hacker attacks against network infrastructures can be easy, because many networks can be reached from anywhere in the world via the Internet. Here are some examples of network-infrastructure attacks:
Connecting into a network through a rogue modem attached to a computer behind a firewall
Exploiting weaknesses in network transport mechanisms, such as TCP/IP and NetBIOS
Flooding a network with too many requests, creating a denial of service(DoS) for legitimate requests
Installing a network analyzer on a network and capturing every packet that travels across it, revealing confidential information in clear text
Operating-system attacks
Hacking operating systems (OSs) is a preferred method of the bad guys. Oss comprise a large portion of hacker attacks simply because every computer has one and so many well-known exploits can be used against them.

Occasionally, some operating systems that are more secure out of the box —such as Novell NetWare and the flavors of BSD UNIX — are attacked, and vulnerabilities turn up. But hackers prefer attacking operating systems like Windows and Linux because they are widely used and better known for their vulnerabilities.

Here are some examples of attacks on operating systems:

Exploiting specific protocol implementations
Attacking built-in authentication systems
Breaking file-system security
Cracking passwords and encryption mechanisms
Application attacks
Applications take a lot of hits by hackers. Programs such as e-mail server software and Web applications often are beaten down:
Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) applications are frequently attacked because most firewalls and other security mechanisms are configured to allow full access to these programs from the Internet.
Malicious software (malware) includes viruses, worms, Trojan horses, and spyware. Malware clogs networks and takes down systems.
Spam (junk e-mail) is wreaking havoc on system availability and storage space. And it can carry malware.
Obeying the Ethical HackingCommandments
Every ethical hacker must abide by a few basic commandments. If not, bad things can happen.

Working ethically:-

The word ethical in this context can be defined as working with high professional morals and principles. Whether you’re performing ethical hacking tests against your own systems or for someone who has hired you, everything you do as an ethical hacker must be aboveboard and must support the company’s goals. No hidden agendas are allowed!
Respecting privacy
Treat the information you gather with the utmost respect. All information you obtain during your testing — from Web-application log files to clear-text passwords — must be kept private. Don’t use this information to snoop into confidential corporate information or private lives. If you sense that someone should know there’s a problem, consider sharing that information with the appropriate manager.

Involve others in your process. This is a “watch the watcher” system that can build trust and support your ethical hacking projects.
Not crashing your systems
One of the biggest mistakes seen when people try to hack their own systems is inadvertently crashing their systems. The main reason for this is poor planning. These testers have not read the documentation or misunderstand the usage and power of the security tools and techniques.
Many security-assessment tools can control how many tests are performed on a system at the same time. These tools are especially handy if you need to run the tests on production systems during regular business hours.

---

presented by:
K.Sandeep Reddy

---

[attachment=10269]
ABSTRACT:
The explosive growth of the Internet has brought many good things: electronic commerce, easy access to vast stores of reference material, collaborative computing, e-mail, and new avenues for advertising and information distribution, to name a few. As with most technological advances, there is also a dark side: criminal hackers.
Governments, companies, and private citizens around the world are anxious to be a part of this revolution, but they are afraid that some hacker will break into their Web server and replace their logo with pornography, read their e-mail, steal their credit card number from an on-line shopping site, or implant software that will secretly transmit their organization's secrets to the open Internet.
With these concerns and others, the ethical hacker can help. This paper describes ethical hackers: their skills, their attitudes, and how they go about helping their customers find and plug up security holes. The ethical hacking process is explained, along with many of the problems that the Global Security Analysis Lab has seen during its early years of ethical hacking for IBM clients.
I.INTRODUCTION
The term “hacker” has a dual usage in the computer industry today. Originally, the term was defined as:
“A person who enjoys learning the details of computer systems and how to stretch their capabilities-as opposed to most users of computers, who prefer to learn only the minimum amount necessary. One who programs enthusiastically or who enjoys programming rather than just theorizing about programming”.
This complimentary description was often extended to the verb form “hacking,” which was used to describe the rapid crafting of a new program or the making of changes to existing, usually complicated software.
Because of the increasing popularity of computers and their continued high cost, access to them was usually restricted. When refused access to the computers, some users would challenge the access controls that had been put in place. They would steal passwords or account numbers by looking over someone's shoulder, explore the system for bugs that might get them past the rules, or even take control of the whole system. They would do these things in order to be able to run the programs of their choice, or just to change the limitations under which their programs were running.
Initially these computer intrusions were fairly benign, with the most damage being the theft of computer time. Other times, these recreations would take the form of practical jokes. However, these intrusions did not stay benign for long. Occasionally the less talented, or less careful, intruders would accidentally bring down a system or damage its files, and the system administrators would have to restart it or make repairs. Other times, when these intruders were again denied access once their activities were discovered, they would react with purposefully destructive actions. When the number of these destructive computer intrusions became noticeable, due to the visibility of the system or the extent of the damage inflicted, it became “news” and the news media picked up on the story. Instead of using the more accurate term of “computer criminal,” the media began using the term “hacker” to describe individuals who break into computers for fun, revenge, or profit. Since calling someone a “hacker” was originally meant as a compliment, computer security professionals prefer to use the term “cracker” or “intruder” for those hackers who turn to the dark side of hacking. For clarity, we will use the explicit terms “ethical hacker” and “criminal hacker” for the rest of this paper.
II.WHAT IS ETHICAL HACKING?
With the growth of the Internet, computer security has become a major concern for businesses and governments. They want to be able to take advantage of the Internet for electronic commerce, advertising, information distribution and access, and other pursuits, but they are worried about the possibility of being “hacked.” At the same time, the potential customers of these services are worried about maintaining control of personal information that varies from credit card numbers to social security numbers and home addresses.
In their search for a way to approach the problem, organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to break into their computer systems. This scheme is similar to having independent auditors come into an organization to verify its bookkeeping records. In the case of computer security, these “tiger teams” or “ethical hackers” would employ the same tools and techniques as the intruders, but they would neither damage the target systems nor steal information. Instead, they would evaluate the target systems' security and report back to the owners with the vulnerabilities they found and instructions for how to remedy them.
This method of evaluating the security of a system has been in use from the early days of computers. In one early ethical hack, the United States Air Force conducted a “security evaluation” of the Multics operating systems for “potential use as a two-level (secret/top secret) system.” Their evaluation found that while Multics was “significantly better than other conventional systems,” it also had “ … vulnerabilities in hardware security, software security, and procedural security” that could be uncovered with “a relatively low level of effort.” The authors performed their tests under a guideline of realism, so that their results would accurately represent the kinds of access that an intruder could potentially achieve. They performed tests that were simple information-gathering exercises, as well as other tests that were outright attacks upon the system that might damage its integrity. Clearly, their audience wanted to know both results. There are several other now unclassified reports that describe ethical hacking activities within the U.S. military.
With the growth of computer networking, and of the Internet in particular, computer and network vulnerability studies began to appear outside of the military establishment. Most notable of these was the work by Farmer and Venema, which was originally posted to Usenet in December of 1993. They discussed publicly, perhaps for the first time, this idea of using the techniques of the hacker to assess the security of a system. With the goal of raising the overall level of security on the Internet and intranets, they proceeded to describe how they were able to gather enough information about their targets to have been able to compromise security if they had chosen to do so. They provided several specific examples of how this information could be gathered and exploited to gain control of the target, and how such an attack could be prevented.
Farmer and Venema elected to share their report freely on the Internet in order that everyone could read and learn from it. However, they realized that the testing at which they had become so adept might be too complex, time-consuming, or just too boring for the typical system administrator to perform on a regular basis. For this reason, they gathered up all the tools that they had used during their work, packaged them in a single, easy-to-use application, and gave it away to anyone who chose to download it. Their program, called Security Analysis Tool for Auditing Networks, or SATAN, was met with a great amount of media attention around the world. Most of this early attention was negative, because the tool's capabilities were misunderstood. The tool was not an automated hacker program that would bore into systems and steal their secrets. Rather, the tool performed an audit that both identified the vulnerabilities of a system and provided advice on how to eliminate them. Just as banks have regular audits of their accounts and procedures, computer systems also need regular checking. The SATAN tool provided that auditing capability, but it went one step further: it also advised the user on how to correct the problems it discovered. The tool did not tell the user how the vulnerability might be exploited, because there would be no useful point in doing so.
Who are ethical hackers?
Successful ethical hackers possess a variety of skills. First and foremost, they must be completely trustworthy. While testing the security of a client's systems, the ethical hacker may discover information about the client that should remain secret. In many cases, this information, if publicized, could lead to real intruders breaking into the systems, possibly leading to financial losses. During an evaluation, the ethical hacker often holds the “keys to the company,” and therefore must be trusted to exercise tight control over any information about a target that could be misused. The sensitivity of the information gathered during an evaluation requires that strong measures be taken to ensure the security of the systems being employed by the ethical hackers themselves: limited-access labs with physical security protection and full ceiling-to-floor walls, multiple secure Internet connections, a safe to hold paper documentation from clients, strong cryptography to protect electronic results, and isolated networks for testing.
Ethical hackers typically have very strong programming and computer networking skills and have been in the computer and networking business for several years. They are also adept at installing and maintaining systems that use the more popular operating systems (e.g., UNIX or Windows NT) used on target systems. These base skills are augmented with detailed knowledge of the hardware and software provided by the more popular computer and networking hardware vendors. It should be noted that an additional specialization in security is not always necessary, as strong skills in the other areas imply a very good understanding of how the security on various systems is maintained. These systems management skills are necessary for the actual vulnerability testing, but are equally important when preparing the report for the client after the test.
Finally, good candidates for ethical hacking have more drive and patience than most people. Unlike the way someone breaks into a computer in the movies, the work that ethical hackers do demands a lot of time and persistence. This is a critical trait, since criminal hackers are known to be extremely patient and willing to monitor systems for days or weeks while waiting for an opportunity. A typical evaluation may require several days of tedious work that is difficult to automate. Some portions of the evaluations must be done outside of normal working hours to avoid interfering with production at “live” targets or to simulate the timing of a real attack. When they encounter a system with which they are unfamiliar, ethical hackers will spend the time to learn about the system and try to find its weaknesses. Finally, keeping up with the ever-changing world of computer and network security requires continuous education and review.

[attachment=11228]
Securing Laptops & Pc’s
• Laptop Threats
• Laptop Theft Statistics
• Tools
• Software tools
• Hardware tools
• Protecting the SENSITIVE data
• Protecting Laptop communication from Wireless Threats
• Protecting Stolen Laptops from being used
Laptop theft statistics
Hardware tools
• Steel lock cables
• Laptop Tie-down Brackets
• Laptop lockers
• Portable Laptop Carts
Software Tools
Laptop Alarm
Securing Personal Data
• TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume
• No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys.
• Encrypts an entire partition or storage device such as USB flash drive or hard drive.
XTool Laptop Tracker
• XTool Laptop Tracker is a service designed to locate and recover lost or stolen laptops.
• What makes XTool Laptop Tracker unique is the camera function
• Laptop Camera Information, snap a pic of the theft
• GPS location detection
• Price: $70
Xtool Pro
Cryptex
• Cryptex, is a laptop and desktop security tool designed to provide unbreakable, 448-bit encryption, for the data stored on laptops and desktops.
• Cryptex keeps your data safe by creating an encrypted vault on your hard drive that you can directly work out of, by simply dragging and dropping files in and out of it, like you would with any normal hard drive.

thank you for this information........

Presented By:
Sivarchana

---

[attachment=11390]
Ethical Hacking
Who is a HACKER…?
 In common usage, a hacker is a stereotypical person who breaks into computers and computer networks, either for profit or motivated by the challenge.
What is Ethical Hacking…?
 Ethical hacking, often performed by white hats or skilled computer experts, is the use of programming skills to determine vulnerabilities in computer systems.
 Ethical hacking is also known as penetration testing, intrusion testing and red teaming.
Who are Ethical Hacker…??
 An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit.
 To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them.
What do Ethical Hackers do?
 What can an intruder see on the target systems?
 What can an intruder do with that information?
 Does anyone at the target notice the intruder's attempts or successes?
Hacking Defined
Introduction
 computer as a curiously flexible tool.
 When refused access to the computers, some users would challenge the access controls that had been put in place.
 Initially these computer intrusions were fairly benign.
Who is a HACKER..??
 White Hat Hacker
 Black Hat Hacker
What is White Hat Hacking..?
White hat describes a hacker (or, if you prefer, cracker) who identifies a security weakness in a computer system or network.
What is Black Hat Hacker..?
The black hat hacker takes advantage of the break-in, perhaps destroying files or stealing data for some future purpose. The black hat hacker may also make the exploit known to other hackers and/or the public without notifying the victim.
 Original Initial Screen
 Hacked Screen
Kinds of Testing
 Perimeter testing.
 Internal security test.
 External penetration test.
 Social engineering.
Conclusion
 Ethical Hacking may be defined as legal or illegal, ethical or unethical.
 Ethical Hacking is used to find the hackers in a easy way.

Presented By-
Nikhil Singh(54)
Anshu Gupta(16)
Julee Dutta(59)

---

Ethical Hacking
PHASES OF HACKING
Reconnaissance- preparatory phase ,gather information
Scanning-scan target system
Gaining Access-vulnerability discovered ,real hacking
Maintaining Access-active access for future attack
Covering Tracks-remove all traces of attack
Using free Sites
WEB SERVER
WAYS OF DOS ATTACK
PING OF DEATH
TEARDROP
SYN ATTACK
LAND ATTACK
PING OF DEATH
In this attack, the target system is pinged with a data packet that exceeds the maximum bytes allowed by TCP/IP, which is 65 536. This would have almost always caused the remote system to hang, reboot or crash.

The following Ping command creates a giant datagram of the size 65540 for Ping. It might hang the victim's computer:
C:\windows>ping -l 65540
TEARDROP ATTACK
The Teardrop attack exploits the vulnerability present in the reassembling of data packets.
Consider the following scenario-: (Note: _ _ _ = 1 Data Packet)
Normally a system receives data packets in the following form, with no overlapping Offset values.
_ _ _ _ _ _ _ _ _
(1 to 1500 bytes) (1501 to 3000 bytes) (3001 to 4500 bytes)
 
Now in a Teardrop attack, the data packets are sent to the target computer in the following format:
_ _ _ _ _ _ _ _ _
(1 to 1500 bytes) (1500 to 3000 bytes) (1001 to 3600 bytes)
When the target system receives something like the above, it simply cannot handle it and will crash or hang or reboot.
SYN ATTACK
The SYN attack exploits TCP/IP's three-way handshake. Thus in order to understand as to how SYN Attacks work, you need to first knows how TCP/IP establishes a connection between two systems.
1. Client --------SYN Packet--------------à Host
2. Host -------------SYN/ACK Packet----------à Client
3. Client --------------ACK-----------------------à Host
In a SYN attack, several SYN packets are sent to the server but all these SYN packets have a bad source IP Address.
They queue up, use up resources and memory or the target system and eventually crash, hang or reboot the system.
Land Attacks
A Land attack is similar to a SYN attack, the only difference being that instead of a bad IP Address, the IP address of the target system itself is used. This creates an infinite loop between the target system and the target system itself.
CALL FORGING
SMS FORGING
Technology Involved
Routing the sms through international gateways.
Message id is spoofed at international gateway.
Finally SMS is routed to destination SMs centre number.
As there is no authentication involved ,it is sent to destination number with spoofed id
your credit card number to any site that is not secured, to guard against frauds.
It is better to use a security program that gives control over the cookies and send information back to the sites as leaving the cookies unguarded might prove fatal
Website owners should watch traffic and check any irregularity on the site.Putting host-based intrusion detection devices on the server may do this.
Use of firewalls may be beneficial.

i want full report of Ethical Hacking please send