ethical hacking ibm

8/13/2019 Ethical Hacking Ibm

1/20

1

ETHICAL HACKING

Submitted to:-

Prof.Amruta mam

Submitted by:-

Shruti sabnis(09)

Gayathri Shankar(18)

Nidhi bhatt (11)


2/20

2

CONTENTS

I. Introduction

A. What is ethical hacking?

B. Who are Ethical hackers?

II. What are the goals of Ethical hacking?

III. Kinds of testing

IV. Hacker classes

V. Uses of ethical hacking

VI. Drawbacks of ethical hacking

VII. Example of ethical hacking

XI. Bibiliography


3/20

3

I. INTRODUCTION

Organizations of all sizes go through great expense and pain to protecttheir IT systems from attack. They invest in network firewalls, intrusiondetection systems, content filtering, endpoint anti-malware, vulnerabilityand patch management, and many other technologies. Unfortunately itsnot always easy to see how well all of those efforts are paying off whenit comes actually keeping the infrastructure and data secure. Thatswhere ETHICAL HACKING, also known as Penetration testing, proveshelpful

Unlike a vulnerability assessment(process to identify the security holes),

which merely scans the network and applications for potential securityrelated flaws, an ethical hacker will poke and prod the infrastructure,employees, and applications just as an adversarial attacker might.However, unlike an attacker, an ethical hacker does the infiltrating withthe permission of the organization. And theyll employ all of the sametactics an attacker would (depending on the agreed scope of the test)from social engineering passwords from employees to using exploits thattarget vulnerabilities .


4/20

4

A. WHAT IS ETHICAL HACKING?Ethical hacking can be defined as, methodology adopted by ethicalhackers to discover the vulnerabilities existing in information systemsoperating or controlled environments .

Independent computer security professionals breaking into the computersystem.. Neither damage the target systems nor steal information.Evaluate target systems security and report back to owners about thevulnerabilities found.

B. WHO ARE ETHICAL HACKERS?

Traditionally, a Hacker is someone who likes to tinker with software orelectronic systems. Hackers enjoy exploring and learning how computersystems operate. They love discovering new ways to workelectronically.

Ethical hackers are network and computer experts who attack a securitysystem to help the computer system's owners.

Ethical hackers (or good guys) protect computers against illicit entry.


5/20

5

Benefit Of Keeping Ethical Hacker

Testing the efficiency of the existing security defenses

Verify the effectiveness of employee security awareness training

Help determine best areas to invest existing security budget

Build security awareness among all technical staff and employees

Measure success of existing security services providers

Determine whether employees operating within regulatory mandates.

Ethical Hackers but not Criminal Hackers

Completely trustworthy. Strong programming and computer networking skills.

Learn about the system and trying to find its weaknesses.

Techniques of Criminal hackers-Detection-Prevention.

Published research papers or released security software.

No Ex-hackers.


6/20

6

Modes of ethical hacking

Insider attack

Outsider attack

Stolen equipment attack

Physical entry

Bypassed authentication attack(wireless access points)

Social engineering attack

II.

What Are The Goals Of Ethical Hacking?

Identify any and all networks they will test

Detail the testing interval

Detail the testing process

Create their plan and then share it with stakeholders

Get the plan approved


7/20

7

III. KINDS OF TESTING

Local network . This test simulates an employee or

other authorized person who has a legal connection to theorganizations network. The primary defenses that must bedefeated here are intranet rewalls, internal Web servers, serversecurity measures, and e-mail systems.

Stolen laptop computer . In this test, the laptop computer of akey employee, such as an upper-level manager or strategist, is

taken by the client without warning and given to the ethicalhackers. They examine the computer for passwords stored indial-up software, corporate information assets, personnelinformation, and the like. Since many busy users will store their

passwords on their machine, it is common for the ethicalhackers to be able to use this laptop computer to dial into thecorporate intranet with the owners full privileges.

Social engineering . This test evaluates the targetorganizations staff as to whether it would leak information tosomeone. A typical example of this would be an intruder callingthe organizations computer help line and asking for the externaltelephone numbers of the modem pool. Defending against thiskind of attack is the hardest, because people and personalitiesare involved. Most people are basically helpful, so it seemsharmless to tell someone who appears to be lost where thecomputer room is located, or to let someone into the buildingwho forgot his or her badge. Theonly defense against this is toraise security awareness.


8/20

8

Physical entry . This test acts out a physical penetration of theorganizations buildin g. Special arrangements must be made for this,since security guards or police could become involved if the ethicalhackers fail to avoid detection. Once inside the building, it is importantthat the tester not be detected. One technique is for the tester to carry adocument with the target companys logo on it. Such a document could

be found by digging through trash cans before the ethical hack or bycasually picking up a document from a trash can or desk once the tester isinside. A well defended system should allow an insider to access only theareas and resources that the system administrator has assigned to theinsider.TOTAL OUTSIDER

SEMI OUTSIDERVALID USERS


9/20


10/20

10

V. USES OF ETHICAL HACKING.

Ethical hacking has a variety of uses on the primary and secondarylevels.

Primary and secondary uses are basically the questions that ethicalhacking answers. These include:-

Do the technical measures put into place in the company adhere tolegal requirements?

Are any necessary patches up to date, and/or is the firewall correctlyconfigured?

Are all promises delivered by the external service provider?

Have all necessary and possible security measures been put intoplace?

Is home office access to the company's network adequately secure?

Is protection against malicious code, such as denial-of-service tools,Trojans, and viruses, adequate?

Are there any illegal installations or are all of the company'ssystems set up in conformance with the standards?


11/20

11

VI. BENEFITS OF ETHICAL HACKING

1. Fighting against terrorism and national security breaches.

2. Having a computer system that prevents malicious hackersfrom gaining access.

3. Having adequate preventative measures in place to preventsecurity breaches.

VII. DISADVANTAGES

1. The ethical hacker using the knowledge they gain to domalicious hacking activities

2. Allowing the company's financial and banking details to be seen3. The possibility that the ethical hacker will send and/or place

malicious code, viruses, malware and other destructive andharmful things on a computer system

4. Massive security breach


12/20

12

ETHICAL HACKING


13/20

13

IBM believes that TO FIND A THIEF SHOULD THINK LIKE A THIEF

In the world of technology, breaking things, or at least attempting to do so, is also anintegral part of getting them to work. Many contracts IBM inks with large clients require asecurity audit, involving an authorized visit to the firm by a team of hackers using agreed-upon "rules of engagement." For what Lackey calls a "premium hack," an IBM team mighttake two weeks to do the job.

In the last few years, the surge in use of wireless computer networks has been a particularfocus for Lackey and some of his IBM colleagues. Traditional wired local area networks, ofthe kind probably used in your office, are essentially limited to the computers hooked up tothe network. Local wireless networks revolve around access points computers can detect ontheir own. But since wireless network capabilities are now frequently built into computers,even machines sitting in offices may seek out access points. Lackey and his colleagues willoften take access points -- which can be bought in stores -- and set up shop in the parkinglot outside a client's headquarters to see how quickly they can penetrate a company's

information system.

Employees who telecommute or use a laptop computer at a public wireless access point -- inan airport, coffee shop or another location -- can also put valuable company information atrisk. Given the existence of an access point, skilled hackers can monitor the flow of packetsof information being sent over wireless networks, and, if a computer is not using encryptiontechnology, potentially view the actual data being sent as well.

"When you're on a wireless network," says Lackey, "you should just sort of assume that

everyone around you, given the will and the technical ability, could look at your packets."


14/20

14

The Importance of Encryption Software

Lackey suggests wireless network users can help prevent hackers from looking at theiractual data by using layers of encryption and beefing up the security on their individual

machines -- something many of them take for granted. Lackey and his IBM colleagues havestories of executives who are unaware their computers can seek wireless networks or ofemployees who do not even bother to change the default computer password assigned bythe manufacturer.

In fact, computer security extends beyond the machine itself. Some ethical hackers, ifauthorized, will also try distinctly low-tech methods of obtaining the same information --like "social engineering," the effort to see if they can obtain valuable data through contact

with unwitting employees, and old-fashioned pilfering.

"One time, we were auditing this place in Canada, and we literally took these monitors offthis desk and walked out the building with them, just to see if anybody would try to stop us,"recalls Lackey. "And they didn't."

Still, Lackey suggests users of wireless networks should be reassured that wireless hackingcan only take place within limited physical boundaries. "In one sense, [wireless] might bemore secure, since the only people you're worried about are your neighbors, or peoplearound you at the airport."

That matters, because the phenomenon of hacking has changed over the years, from a localhobby to an international business. Nowadays, teenage computer whizzes are less the issuethan illegal syndicates.

"What we're finding is that it's less of the interested kid who's just sort of poking aroundanymore, and it's really more organized crime figures, who just want steady income, andthey actually go out and hire unethical hackers to do things for them," Lackey says.


15/20

15

No Security Is Perfect

The recent use of "phishing," for instance, in which thieves seek bank-account verificationdata by sending e-mails to unsuspecting victims, is a wired phenomenon. Similarly, the

installation of spyware on computers is done remotely, over wired networks. Securityconsultants recommend consistent upgrades of anti-virus and anti-spyware programs, as

well as education about scams, to reduce vulnerability to hacking -- although the threatcannot really be eliminated for good.

Indeed, computer security experts do not promise to make any network, wired or wireless,absolutely impenetrable. "There is no 100 percent," asserts Lackey.

Instead, the best approach for most computer users is to put up barriers that deter hackers

and reduce their financial incentives. In the meantime, illicit hackers, ethical hackers andsecurity researchers will keep battling to gain the upper hand in security.

"In one sense it really is just an arms race," says Lackey. "A vulnerability is discovered, wefix it. Then something different comes out. That's just how it all works. Things break, we fixthem. Everything gets a little bit better as time goes on."


16/20

16

THE HACKING PROCESS

1. How to Discover New VulnerabilitiesExamination of Source Code

IBM have teams testing their products for security flaws. In thesecircumstances, the analyst has access to the source code.The company chooses the program like:-

IBM AIX "swcons" Command Privilege Escalation Vulnerability

IBM AIX Privilege Escalation and Remote Code Execution Vulnerabilities

IBM AIX "cfgmgr" Privilege Escalation Vulnerability

IBM AIX 'errpt' Local Buffer Overflow Vulnerability

IBM AIX Multiple Utility Buffer Overflow and Insecure Permissions Vulnerabilities

IBM AIX rm_mlcache_file Local Race Condition

Disassemblers and Decompilers

The greatest opportunity for hackers and crackers to find ways to break intocomputers is with software written by organizations using hazardous programminglanguages, organizations that do not train their programmers how to write securecode, and organizations that do not test their software for security flaws. Evencompanies that make efforts to produce secure software can end up shipping

products that hide what appears to be an almost infinite number of break-in -

vulnerabilities.

Debuggers

For larger programs and for additional analysis of programs for which one hasthe source code or those that have been disassembled, professional teams may find


17/20


18/20

18

attacker nearly as much good information as a port scanner such as Nessus does.Regardless of the quality of information, what is important to a cracker is thatwhen run in certain modes, a port scanner is less likely to be detected by an IDS.

Some attackers will do some "social engineering" reconnaissance of their own byusing techniques of the spy trade, such as pretending to be an employee of thetarget organization or by going through trash bins looking for documentation onthe network.

Yet others who break into computers do not do any reconnaissance. Instead, theywill get an exploit and use it at random, hoping to find vulnerable computers. Thelogs of almost every IDS show that the overwhelming majority of attacks actuallyhad no possibility of succeeding because the attackers must have done noreconnaissance. The individuals who carelessly attack blindly are known as "script

kiddies." Their means of attack is to blindly run programs. Many know next tonothing about how to break into computers and not be detected.

4.. The Attack

After the cracker has detected vulnerabilities in the system he or she has decided to attack , the next step is to carry out the attack. In some cases, the exploititself is easy. What follows is an example of an exploit to break into aWindows 2000 Web server and deface its Website. This exploit willwork on Windows 2000 Server or Windows Professional, but only if ithas not been patched beyond Service Pack 2, and only if it is running IISor a Personal Web Server that is not patched.

Whether the attack on a computer has been carried out in a research lab,in a war game, or as a computer crime, the attacker typically wants to


19/20

19

know whether he, she, or it (in the case of a worm) succeeded. In mostcases of attack, the verification analysis is obvious. In the case of worm-induced cases of attack, those who unleash the worms often program

them to report to an Internet Relay Chat channel or a Web server. Moreoften, the creator of a worm either does not care which computers it broke into, or he or she uses a scanner to detect whether the worm hastaken over a computer. Usually this is a Trojan "back door," named afterthe Trojan horse used by the Greeks to invade the ancient city of Troy.These back doors invite attackers to remotely to take over control of thevictimized computer. Many computer break-ins are simply caused bycrackers scanning computers for these back doors.

5. CONCLUSION

The ethical hackers generate their conclusion on the basis of the exercisecarried on. They provide the company of how much safe and secured thecompanys assests are secured and the chances of being hacked by

extranet or intranet. Collection of all discoveries made during evaluation.

Specific advice on how to close the vulnerabilities.

Testers techniques never revealed.


20/20

20

Delivered directly to an officer of the client organization in hard-copy form.

Steps to be followed by clients in future.

BIBILIOGRAPHY

http://www.network-security-magazine.com/articles/ethical-hacking.html

http://www.guidancesoftware.com/Introduction-to-Ethical-Hacking.htm?blogid=2523

http://www.brighthub.com/internet/security-privacy/articles/77412.aspx

http://www.military.com/veteran-jobs/content/career-advice/job-hunting/job-as-a-certified-ethical-hacker.html

http://www.eweek.com/c/a/Windows/Microsoft-Consults-Ethical-Hackers-at-Blue-Hat/

ftp://ftp.software.ibm.com/software/rational/web/brochures/r_appscan_lifecycle.pdf
http://www.network-security-magazine.com/articles/ethical-hacking.htmlhttp://www.network-security-magazine.com/articles/ethical-hacking.htmlhttp://www.guidancesoftware.com/Introduction-to-Ethical-Hacking.htm?blogid=2523http://www.guidancesoftware.com/Introduction-to-Ethical-Hacking.htm?blogid=2523http://www.brighthub.com/internet/security-privacy/articles/77412.aspxhttp://www.brighthub.com/internet/security-privacy/articles/77412.aspxhttp://www.military.com/veteran-jobs/content/career-advice/job-hunting/job-as-a-certified-ethical-hacker.htmlhttp://www.military.com/veteran-jobs/content/career-advice/job-hunting/job-as-a-certified-ethical-hacker.htmlhttp://www.military.com/veteran-jobs/content/career-advice/job-hunting/job-as-a-certified-ethical-hacker.htmlhttp://www.eweek.com/c/a/Windows/Microsoft-Consults-Ethical-Hackers-at-Blue-Hat/http://www.eweek.com/c/a/Windows/Microsoft-Consults-Ethical-Hackers-at-Blue-Hat/ftp://ftp.software.ibm.com/software/rational/web/brochures/r_appscan_lifecycle.pdfftp://ftp.software.ibm.com/software/rational/web/brochures/r_appscan_lifecycle.pdfftp://ftp.software.ibm.com/software/rational/web/brochures/r_appscan_lifecycle.pdfhttp://www.eweek.com/c/a/Windows/Microsoft-Consults-Ethical-Hackers-at-Blue-Hat/http://www.military.com/veteran-jobs/content/career-advice/job-hunting/job-as-a-certified-ethical-hacker.htmlhttp://www.military.com/veteran-jobs/content/career-advice/job-hunting/job-as-a-certified-ethical-hacker.htmlhttp://www.brighthub.com/internet/security-privacy/articles/77412.aspxhttp://www.guidancesoftware.com/Introduction-to-Ethical-Hacking.htm?blogid=2523http://www.network-security-magazine.com/articles/ethical-hacking.html

ethical hacking ibm

Documents