HackingHacking&&

CrackingCracking

Understand The differenceUnderstand The difference

hackers build things, hackers build things, crackers break themcrackers break them

HACKERHACKER A person who enjoys exploring the details of A person who enjoys exploring the details of

programmable systems and how to stretch programmable systems and how to stretch their capabilities, as opposed to most users, their capabilities, as opposed to most users, who prefer to learn only the minimum who prefer to learn only the minimum necessary. necessary.

One who programs enthusiastically (even One who programs enthusiastically (even obsessively) or who enjoys programming obsessively) or who enjoys programming rather than simply theorizing about rather than simply theorizing about programming.programming.

PositivePositive

CRACKERCRACKER

A Hacker who use his skill for illegal A Hacker who use his skill for illegal purpose.purpose.

gaining access to your system resources.gaining access to your system resources. checking out the mechanism of attacks checking out the mechanism of attacks

against other systems.against other systems. NegativeNegative

Hacker's MotivationsHacker's Motivations► FunFun► ProfitProfit► ExtortionExtortion► Technical ReputationTechnical Reputation► ScorekeepingScorekeeping► Revenge/Revenge/

maliciousnessmaliciousness► Intellectual Intellectual

ChallengesChallenges

►Desire to embarrassDesire to embarrass► ExperimentationExperimentation► Self GratificationSelf Gratification► Problem SolvingProblem Solving► Exposing System Exposing System

WeaknessWeakness►Want to be Hero of Want to be Hero of

Wild InternetWild Internet

Types of hacker’sTypes of hacker’s Professional hackersProfessional hackers

White Hats – Professional Security ExpertsWhite Hats – Professional Security Experts Gray Hats – Unsuspecting UsersGray Hats – Unsuspecting Users

Script kiddiesScript kiddies Mostly kids/students- User tools created by black hatsMostly kids/students- User tools created by black hats

Underemployed Adult Hackers Underemployed Adult Hackers Former Script KiddiesFormer Script Kiddies

Can’t get employment in the fieldCan’t get employment in the field Want recognition in hacker communityWant recognition in hacker community

Types Of Cracker’sTypes Of Cracker’s Professional hackersProfessional hackers

Black Hats – the Bad GuysBlack Hats – the Bad Guys Criminal HackersCriminal Hackers

Real criminals, are in it for whatever they can get Real criminals, are in it for whatever they can get no matter who it hurtsno matter who it hurts

Corporate SpiesCorporate Spies Are relatively rareAre relatively rare

Disgruntled EmployeesDisgruntled Employees Most dangerous to an enterprise as they are Most dangerous to an enterprise as they are

“insiders”“insiders”

Without Hackers,Without Hackers, Programming languages such as C and Programming languages such as C and

C++ would not existC++ would not exist Operating Systems such as Unix and Operating Systems such as Unix and

Linux would not existLinux would not exist Microsoft might not been developedMicrosoft might not been developed Basically, no one would be designing Basically, no one would be designing

new types of softwarenew types of software Antivirus Companies would not have Antivirus Companies would not have

became billionairebecame billionaire

Without Crackers,Without Crackers, Security is thought of and efforts are put Security is thought of and efforts are put

forward to making information more privateforward to making information more private Free software is made available because of Free software is made available because of

these peoplethese people These crackers create jobs for others to stop These crackers create jobs for others to stop

themthem Since home users are more vulnerable with Since home users are more vulnerable with

less security they are an easy target for less security they are an easy target for people to hack into for funpeople to hack into for fun

Software developers improve their softwareSoftware developers improve their software

Attack MethodologyAttack MethodologyThe Beginning – Goal : Decide why this The Beginning – Goal : Decide why this

system should be attacked.system should be attacked.StepsSteps :-:-

Gather the Information about the victim hostsGather the Information about the victim hosts Locate the victim hosts by some scanning Locate the victim hosts by some scanning

programprogram Identify the victim host vulnerabilityIdentify the victim host vulnerability Attack the victim host via this vulnerabilityAttack the victim host via this vulnerability Establish backdoors for later access Establish backdoors for later access

Some Common AttacksSome Common Attacks

Social engineeringSocial engineering PretextingPretexting PhishingPhishing Dumpster divingDumpster diving

Dos(Denial Of Service)Dos(Denial Of Service) POD(Ping Of Death)POD(Ping Of Death) SQL InjectionSQL Injection

Once inside, the hacker can...Once inside, the hacker can... Modify logsModify logs

To cover their tracksTo cover their tracks To mess with youTo mess with you

Steal filesSteal files Sometimes destroy after stealingSometimes destroy after stealing A pro would steal and cover their tracks so to be A pro would steal and cover their tracks so to be

undetectedundetected Modify filesModify files

To let you know they were thereTo let you know they were there To cause mischiefTo cause mischief

Install back doorsInstall back doors So they can get in againSo they can get in again

Attack other systemsAttack other systems

QuestionQuestion

Is Hacking healthy to the Is Hacking healthy to the computer industry?computer industry?