Ethical Hacking for

Educators

Presented By
Regina DeLisse Hartley, Ph.D.
Caldwell Community College &
Technical Institute
 Overview

 Old School Hackers: History of Hacking

 Ec-Council: Certified Ethical Hacker
 Learning Competencies
 Teaching Resources: Ethical Hacking
Textbooks
 Hacking Tools
 Hacker Challenge Websites
 Additional Web Sites
 Questions and Answers
Old School Hackers:
History of Hacking
PREHISTORY  Draper builds a "blue
 1960s: The Dawn of box" used with whistle
Hacking allows phreaks to make
Original meaning of the free calls.
word "hack" started at  Steve Wozniak and
MIT; meant elegant, witty Steve Jobs, future
or inspired way of doing founders of Apple
almost anything; hacks Computer, make and sell
were programming blue boxes.
shortcuts THE GOLDEN AGE
ELDER DAYS (1970-1979) (1980-1991)
 1970s: Phone Phreaks  1980: Hacker Message
and Cap'n Crunch: One Boards and Groups
phreak, John Draper (aka Hacking groups form;
"Cap'n Crunch"), discovers such as Legion of Doom
a toy whistle inside Cap'n (US), Chaos Computer
Crunch cereal gives 2600- Club (Germany).
hertz signal, and can  1983: Kids' Games
access AT&T's long- Movie "War Games"
distance switching system. introduces public to
hacking.
THE GREAT HACKER WAR  1989: The Germans ,
 Legion of Doom vs the KGB and Kevin
Masters of Deception; Mitnick.
online warfare; jamming  German Hackers
phone lines. arrested for breaking
 1984: Hacker 'Zines into U.S. computers;
Hacker magazine 2600 sold information to
publication; online 'zine Soviet KGB.
Phrack.  Hacker "The Mentor“
CRACKDOWN (1986- arrested; publishes
1994) Hacker's Manifesto.
 1986: Congress passes  Kevin Mitnick
Computer Fraud and Abuse convicted; first person
Act; crime to break into convicted under law
computer systems. against gaining access
 1988: The Morris Worm to interstate network
Robert T. Morris, Jr., for criminal purposes.
launches self-replicating
worm on ARPAnet.
 1993: Why Buy a Car  1995: Russian Hackers
When You Can Hack Siphon $10 million from
One? Citibank; Vladimir Levin,
Radio station call-in leader.
contest; hacker-fugitive
Kevin Poulsen and friends
 Oct 1998 teenager hacks
crack phone; they into Bell Atlantic phone
allegedly get two Porsches, system; disabled
$20,000 cash, vacation communication at airport
trips; Poulsen now a disables runway lights.
freelance journalist  1999 hackers attack
covering computer crime. Pentagon, MIT, FBI web
 First Def Con hacking sites.
conference in Las Vegas  1999: E-commerce
company attacked;
ZERO TOLERANCE (1994- blackmail threats followed
1998) by 8 million credit card
 1995: The Mitnick
numbers stolen. (
Takedown: Arrested www.blackhat.info; www.h2k2.net;
www.slais.ubc.ca/; www.sptimes.com;
again; charged with www.tlc.discovery.com)
stealing 20,000 credit card
numbers.
Ec-Council: Certified Ethical
Hacker
 EC-Council has certified IT
professionals from the following
organizations as CEH:
Novell, Canon, Hewlett Packard, US Air Force
Reserve, US Embassy, Verizon, PFIZER, HDFC
Bank, University of Memphis, Microsoft
Corporation, Worldcom, Trusecure, US
Department of Defense, Fedex, Dunlop, British
Telecom, Cisco, Supreme Court of the Philippines,
United Nations, Ministry of Defense, UK, Nortel
Networks, MCI, Check Point Software, KPMG, Fleet
International, Cingular Wireless, Columbia Daily
Tribune, Johnson & Johnson, Marriott Hotel,
Tucson Electric Power Company, Singapore Police
Force
(Cont.)

PriceWaterhouseCoopers, SAP, Coca-Cola

Corporation, Quantum Research, US Military, IBM
Global Services, UPS, American Express, FBI,
Citibank Corporation, Boehringer Ingelheim,
Wipro, New York City Dept Of IT & Telecom –
DoITT, United States Marine Corps, Reserve
Bank of India, US Air Force, EDS, Bell Canada,
SONY, Kodak, Ontario Provincial Police, Harris
Corporation, Xerox, Philips Electronics, U.S.
Army, Schering, Accenture, Bank One, SAIC,
Fujitsu, Deutsche Bank
 Hackers are here. Where are
you?
 The explosive growth of the Internet has
brought many good things…As with most
technological advances, there is also a dark
side: criminal hackers.
 The term “hacker” has a dual usage in the
computer industry today. Originally, the term
was defined as:
 HACKER noun. 1. A person who enjoys
learning the details of computer systems and
how to stretch their capabilities…. 2. One who
programs enthusiastically or who enjoys
programming rather than just theorizing about
programming.
 What is a Hacker?
 Old School Hackers: 1960s style Stanford or MIT
hackers. Do not have malicious intent, but do have
lack of concern for privacy and proprietary
information. They believe the Internet was
designed to be an open system.
 Script Kiddies or Cyber-Punks: Between 12-30;
predominantly white and male; bored in school; get
caught due to bragging online; intent is to
vandalize or disrupt systems.
 Professional Criminals or Crackers: Make a
living by breaking into systems and selling the
information.
 Coders and Virus Writers: See themselves as an
elite; programming background and write code but
won’t use it themselves; have their own networks
called “zoos”; leave it to others to release their
code into “The Wild” or Internet. (www.tlc.discovery.com)
 What is Ethical Hacking?
 Ethical hacking – defined “methodology
adopted by ethical hackers to discover the
vulnerabilities existing in information
systems’ operating environments.”
 With the growth of the Internet, computer
security has become a major concern for
businesses and governments.
 In their search for a way to approach the
problem, organizations came to realize
that one of the best ways to evaluate the
intruder threat to their interests would be
to have independent computer security
professionals attempt to break into their
computer systems.
 Who are Ethical Hackers?
 “One of the best ways to evaluate the intruder
threat is to have an independent computer
security professionals attempt to break their
computer systems”
 Successful ethical hackers possess a variety of
skills. First and foremost, they must be completely
trustworthy.
 Ethical hackers typically have very strong
programming and computer networking skills.
 They are also adept at installing and maintaining
systems that use the more popular operating
systems (e.g., Linux or Windows 2000) used on
target systems.
 These base skills are augmented with detailed
knowledge of the hardware and software provided
by the more popular computer and networking
hardware vendors.
 What do Ethical Hackers do?
 An ethical hacker’s evaluation of a system’s
security seeks answers to these basic questions:
• What can an intruder see on the target
systems?
• What can an intruder do with that information?
• Does anyone at the target notice the intruder’s
at tempts or successes?
• What are you trying to protect?
• What are you trying to protect against?
• How much time, effort, and money are you
willing to expend to obtain adequate
protection?
 How much do Ethical Hackers
get Paid?
 Globally, the hiring of ethical hackers is on
the rise with most of them working with
top consulting firms.
 In the United States, an ethical hacker can
make upwards of $120,000 per annum.
 Freelance ethical hackers can expect to
make $10,000 per assignment.
 Some ranges from $15,000 to
$45,000 for a standalone ethical
hack.
 Certified Ethical Hacker (C|EH)
Training
 InfoSec Academy
 http://www.infosecacademy.com
• Five-day Certified Ethical Hacker (C|EH)
Training Camp Certification Training Program
• (C|EH) examination
• C|EH Certified Ethical
Hacker Training Camp
(5-Day Package)$3,595
($2,580 training only)

(Source: www.eccouncil.org)
Learning Competencies
 Required Skills of an Ethical
Hacker
 Routers: knowledge of routers, routing
protocols, and access control lists
 Microsoft: skills in operation, configuration and
management.
 Linux: knowledge of Linux/Unix; security
setting, configuration, and services.
 Firewalls: configurations, and operation of
intrusion detection systems.
 Mainframes
 Network Protocols: TCP/IP; how they function
and can be manipulated.
 Project Management: knowledge of leading,
planning, organizing, and controlling a
penetration testing team.
(Source: http://www.examcram.com)
 Modes of Ethical Hacking

 Insider attack
 Outsider attack
 Stolen equipment attack
 Physical entry
 Bypassed authentication attack
(wireless access points)
 Social engineering attack
(Source: http://www.examcram.com)
 Anatomy of an attack:
• Reconnaissance – attacker gathers
information; can include social
engineering.
• Scanning – searches for open ports (port
scan) probes target for vulnerabilities.
• Gaining access – attacker exploits
vulnerabilities to get inside system; used
for spoofing IP.
• Maintaining access – creates backdoor
through use of Trojans; once attacker
gains access makes sure he/she can get
back in.
• Covering tracks – deletes files, hides
files, and erases log files. So that attacker
cannot be detected or penalized.
(Source: www.eccouncil.org)
 Hacker classes
• Black hats – highly skilled,
malicious, destructive “crackers”
• White hats – skills used for
defensive security analysts
• Gray hats – offensively and
defensively; will hack for different
reasons, depends on situation.
 Hactivism – hacking for social and
political cause.
 Ethical hackers – determine what
attackers can gain access to, what they
will do with the information, and can they
be detected.
(Source: www.eccouncil.org)
Teaching Resources: Ethical
Hacking Textbooks
 Ec-Council

Certified Ethical Hacker

www.eccouncil.org
ISBN 0-9729362-1-1
 Ec-Council Topics Covered
 Introduction to Ethical Hacking
 Footprinting
 Scanning
 Enumeration
 System Hacking
 Trojans and Backdoors
 Sniffers
 Denial of Service
 Social Engineering
 Session Hijacking
 Hacking Web Servers
 Ec-Council (Cont.)

 Web Application Vulnerabilities

 Web Based Password Cracking Techniques
 SQL Injection
 Hacking Wireless Networks
 Viruses
 Novell Hacking
 Linux Hacking
 Evading IDS, Firewalls and Honeypots
 Buffer Overflows
 Cryptography
Certified Ethical Hacker Exam
Prep

http://www.examcram.com
ISBN 0-7897-3531-8
 Certified Ethical Hacker Exam
Prep
 The Business Aspects of Penetration
Testing
 The Technical Foundations of Hacking
 Footprinting and Scanning
 Enumeration and System Hacking
 Linux and automated Security Assessment
Tools
 Trojans and Backdoors
 Sniffers, Session Hyjacking, and Denial of
Service
 Certified Ethical Hacker Exam
Prep (Cont.)
 Web Server Hacking, Web Applications,
and Database Attacks
 Wireless Technologies, Security, and
Attacks
 IDS, Firewalls, and Honeypots
 Buffer Overflows, Viruses, and Worms
 Cryptographic Attacks and Defenses
 Physical Security and Social Engineering
 Hands-On Information Security
Lab Manual, Second Edition
1. Footprinting
2. Scanning and Enumeration
3. Operating System Vulnerabilities
and Resolutions
4. Network Security Tools and
Technologies
5. Security Maintenance
6. Information Security
Management
7. File System Security and
Cryptography
8. Computer Forensics http://www.course.com/
ISBN 0-619-21631-X
Hacking Tools: Footprinting and
Reconnaissance
Whois
Whois (cont.)

http://www.allwhois.com/
Whois (cont.)
Sam Spade
Sam Spade (Cont.)
Nslookup
Nslookup Options
Traceroute
Ping
Ping Options
Hacking Tools: Scanning and
Enumeration
nmap
NMapWin
SuperScan
SuperScan (Cont.)
IP Scanner
Hyena
Retina
LANguard
Hacking Tools: System Hacking
telnet
Snadboy
Password Cracking with
LOphtcrack
Keylogger
Hacking Tools: Trojans and
Backdoors
NetBus
Game Creates Backdoor for
NetBus
SubSeven
Hacking Tools: Sniffers
Spoofing a MAC address
Original Configuration
Spoofed Mac
Ethereal
Iris
Snort
Hacking Tools: Web Based
Password Cracking
Cain and Abel
Cain and Abel (Cont.)
Cain and Abel (Cont.)
Legion
Brutus
Hacking Tools: Covering Tracks
ImageHide
ClearLogs
ClearLogs (Cont.)
Hacking Tools: Google Hacking
and SQL Injection
Google Hacking
Google Cheat Sheet
 SQL Injection
 Allows a remote attacker to
execute arbitrary database
commands
 Relies on poorly formed database queries
and insufficient
input validation
 Often facilitated, but does not rely on
unhandled
exceptions and ODBC error messages
 Impact: MASSIVE. This is one of the most
dangerous
vulnerabilities on the web.
Common Database Query
Problem: Unvalidated Input
Piggybacking Queries with
UNION
Hacker Challenge Websites
http://www.hackr.org/mainpage.php
Hackthissite.org

http://www.hackthissite.org
Answers revealed in code
Hackits

http://www.hackits.de/challenge/
Additional Web Sites
Legion of Ethical Hacking
Legion of Ethical Hacking (Cont.)
Hacker Highschool

http://www.hackerhighschool.org/
Hacker Highschool
johnny.ihackstuff.com/
HappyHacker.org
Foundstone
Insecure.org
SANS Institute
Questions & Answers