Document Sample
Intro Powered By Docstoc

Intro           1
        Counter Hack Chapters
1.      Introduction --- explains why
        emphasis is on tools and techniques
2.      Networking Overview --- we will
        cover most of this
3.      Linux and Unix Overview --- briefly
4.      Windows Overview --- briefly

Intro                                     2
        Counter Hack Chapters
5.      Reconnaissance --- low-tech, Web search
        (or “Google hacking”), Whois database,
        DNS, tools, defenses
6.      Scanning --- War driving, war dialing,
        network mapping, port scanning,
        vulnerability scanning, IDS and IPS
7.      Gaining Access Using Application and OS
        Attacks --- buffer overflow, pwd attacks,
        Web-based attacks, browser flaws

Intro                                         3
        Counter Hack Chapters
8.      Gaining Access via Network Attacks ---
        sniffing, IP address spoofing, session
        hijacking, Netcat, defenses
9.      DoS Attacks --- locally/remotely stop
        services/exhaust resources, DDoS
10.     Maintaining Access --- trojans,
        backdoors, bots, rootkits, defenses

Intro                                            4
        Counter Hack Chapters
11.     Covering Tracks and Hiding --- log
        and accounting attacks, hard-to-find
        files, covert channels, defenses
12.     Putting it All Together: Anatomy of
        an Attack --- gives 3 scenarios
13.     The Future, References, and

Intro                                     5
   Preface for new edition and old
    o First edition --- somebody’s Web pages got
      messed up by a “hacker”
    o New edition --- info on more than 1 million
      credit cards stolen
   Common theme in security today
    o Attacks are now more “sinister”, mafia, etc.
    o In the past attacks were just fun and games
   Aside: Then why did we bothered to worry
    about security in the past???

Intro                                                6
 Attacks    happen
    o Bad guys constantly probing
 Attacks    range from…
    o Simple scanning to
    o Truly sophisticated attacks
 Lots   of anecdotal info of real attacks
    o But “hard” numbers hard to come by

Intro                                      7
        Golden Age of Hacking
 15 years ago, Internet was only of
  academic interest (literally)
 Today, we are highly dependent on
  computers and networks
    o Medical info, guiding aircraft, financial
        transactions, etc., etc.
   This dependence rapidly increasing
    o Cell phones, RFID, toasters, etc., etc.

Intro                                             8
        Golden Age of Hacking
   Networking/computing infrastructure full
    of fundamental security flaws
    o Example: TCP/IP designed for friendly academic
      environment, no thought of security
    o Difficult to retrofit security
   The world is “inherently hackable”
    o New flaws discovered on a daily basis
    o Hackers are reasonably well-organized
    o Any 15 year-old can be a hacker

Intro                                            9
        Golden Age of Hacking
   New technologies  new hacking
    o Personal Video Recorder (PVR)
    o Heart pacemaker
    o Smart cars (download maps, email, online
        troubleshooting, etc.) --- “carhacking”
   New applications are built on top of
    security-flawed architecture

Intro                                             10
        Golden Age of Hacking
 History lesson…
 WWII was Golden Age of Cryptanalysis
    o All major Axis ciphers were broken
    o Several Allied ciphers weak/broken
   This situation eventually changed
    o Soon after WWII classified ciphers stronger
    o More recently commercial ciphers strong
 Many many secure modern ciphers
 Similar (optimistic) future for hacking???

Intro                                           11
        Hacking vs Cryptanalysis
   Crypto
    o   Can be viewed as stand-alone technical problem
    o   Amenable to mathematical techniques
    o   Crypto is scientific/academic discipline
    o   Nevertheless, new crypto attacks do occur
   Hacking
    o   A holistic problem
    o   “Human factor” integral part of the problem
    o   Anti-hacking “science” is in its infancy
    o   Architectural issues can be addressed, but…

Intro                                                 12
           Why this Book?
 Good   guys must know how bad guys
  o Today, this is generally accepted as OK
 Why    these specific tools/techniques?
  o Most common/best/representative tools
  o Analyze relatively few in more detail
  o For example, lots of rootkits --- this book
    looks at a few of them in detail
Intro                                         13
        How this Book Differs
 Encyclopedia,    not a dictionary
    o Doesn’t cover everything, lots of detail
 Phased    view of attacks
    o All steps in the attack process
 How    tools are used together
    o Simple tools combined, creative attacks
 Corny   analogies

Intro                                        14
               The Threat
 Who   are the attackers?
 The proverbial antisocial teenager in
  his parent’s basement?
    o Yes, could be
    o May be highly skilled, regardless of age
 Do    not underestimate attackers

Intro                                        15
             Outsider Threats
 The proverbial teenager
 Organized Crime
    o Credit card info, identity theft, etc. (money!)
    o Relatively “safe” type of crime
   Terrorists
    o Perhaps in conjunction with physical attack
   Governments
    o Many governments monitor own citizens
    o Certainly they monitor foreign citizens, other
        governments, organization, businesses, etc.

Intro                                                   16
           Outsider Threats
   The competition
    o May want to learn trade secrets
    o DoS to drive customers to their site, etc.
   Hacktivists
    o Politically motivated attacks
    o Could also be focused on companies
   “Hired guns”
    o Hired by any of the above

Intro                                              17
               Insider Threats
 Estimate: 80% of all attacks are insiders
 Disgruntled employee
    o Maybe biggest threat --- know how things work
   Clueless employee
    o Also a big problem --- disable antivirus, click on
        anything, install rogue access point, etc., etc.
   Customers
    o May want to know “inside” info
   Suppliers
    o E.g., malicious employee at customer site

Intro                                                      18
              Insider Threats
   Vendors
    o May have lots of access
    o Software can do just about anything for you
      (or to you) --- virtually impossible to check
    o Outsourcing only makes this worse…
   Business partners
    o Networks may be closely linked
    o Security is only as strong as weakest link
   Contractors, temps, consultants
    o Often not vetted properly, lots of access, etc.

Intro                                                 19
                 The Threat
 Do not overestimate attackers
 Gold-plated security may not be wise
    o No point to expensive security alarm on my car
    o But I still lock my doors most of the time
 Security should be “commensurate with”
  threat to/value of your system and info
 Easier said than done!
    o Threat is extremely hard to model
    o Security costs notoriously difficult to estimate

Intro                                              20
                 Skill Levels
   “Script kiddies”
    o Low/no skill, unsophisticated attackers (e.g.,
      email attachment sent to millions)
    o Usually pre-packaged/slightly modified attacks
   Example: metamorphic viruses/worms
    o These viruses are hard to detect
    o Many metamorphic “kits” available
    o Very easy to recycle old viruses in a new form

Intro                                                  21
                  Skill Levels
   Moderately skilled attackers
    o   May produce tools for script kiddies
    o   Tools released in public website…
    o   …or may be more secretive
    o   Tools may include nice GUIs
    o   Make sophisticated attacks easy to launch
   “End user” does not need to understand
    anything about the vulnerability

Intro                                               22
                  Skill Levels
   Evil elite attackers
    o   Highly skilled
    o   Secretive, do not share their work
    o   Work long on customized attack
    o   Use specialized tools
    o   Discover new vulnerabilities
   Noble elite “attackers”
    o High skill, but use it for good
    o May become security experts, consultants, etc.

Intro                                             23
 Hacker, cracker, etc., have different
  meaning to different people
 Book uses “good guys” (Alice and Bob) and
  “bad guys” (attacker or Eve)
    o Not necessarily human, e.g., “bad guy” could be
        malicious software
 “White hat” == good guy
 “Black hat” == bad guy

Intro                                              24
   These Tools Can Hurt You!
 Use tools at your own risk
 Most have some malicious capability
 Some could act as trojans
 Use tools in controlled environment
    o Set up a lab (next slide) or
    o VMware (can probably get this for free)

Intro                                      25
        Author’s Suggested Lab

Intro                            26
             More Concerns
 Be careful surfing some of the sites
 Be careful when you download tools
 Don’t do anything stupid
    o You could lose your job, go to jail, etc.
 Legal   disclaimers…

Intro                                             27
   Attacks are prevalent and damaging
    o Increasing in number and scope
 This is the Golden Age of Hacking
 Never underestimate adversary
    o But don’t overestimate them either
 Terminology: attacker, bad guy, good guy,
  white hat, black hat, Alice, Bob, Eve, etc.
 Be careful experimenting with the tools

Intro                                       28

Shared By: