Ethical Hacking Overview

Hands-On Ethical Hacking and Network Defense, Edition 4

Page 1

  • Copyright © 2023 Cengage.

Page 2

Icebreaker: Interview Simulation
  • Class will be divided into pairs of students.
  • Each pair interviews one another to discover interesting or unusual facts about each other.
  • Each pair will introduce the other member to the class.
  • Discussion prompts:
    • Share a personal story related to hacking.
    • Discuss whether hacking can be considered ethical.

Page 3

Module Objectives

By the end of this module, you will be able to:

  • Describe the role of an ethical hacker.
  • Explain what you can do legally as an ethical hacker.
  • Explain what you cannot do as an ethical hacker.

Page 4

Introduction to Ethical Hacking
  • Ethical Hackers: Professionals hired by companies to conduct penetration tests.
  • Penetration Test: An attempt to break into a company’s network to find vulnerabilities.
  • Vulnerability Assessment: Enumeration of all vulnerabilities found in an application or on a system.
  • Security Test: Analysis of a company’s security policy and procedures, reporting any vulnerabilities to management.

Page 5

The Role of Security and Penetration Testers (1 of 5)
  • Hackers: Access systems or networks without authorization (considered illegal).
  • Crackers: Hackers who steal or destroy data.
  • U.S. Department of Justice: Views all unauthorized access as hacking.
  • Ethical Hacker: Conducts similar activities as hackers, but with permission from the owner.

Page 6

The Role of Security and Penetration Testers (2 of 5)
  • Script Kiddies or Packet Monkeys: Inexperienced individuals who use code or tools created by others without understanding how they work.
  • Programs/Scripts Used: Experienced penetration testers’ tools for conducting attacks include languages like Python, Ruby, Perl, and C.
  • Script: A set of instructions that runs sequentially to perform tasks on a computer system.

Page 7

The Role of Security and Penetration Testers (3 of 5)
  • Hacktivist: Individuals who hack systems for political or social reasons.
  • Penetration Testers: Typically utilize portable computers with multiple operating systems and hacking tools.

Page 8

The Role of Security and Penetration Testers (4 of 5)
  • Job Responsibilities:
    • Conduct vulnerability, attack, and penetration assessments in various environments (Internet, Intranet, Wireless).
    • Perform discovery and scanning for open ports and services.
    • Execute appropriate exploits to gain and expand access.

Page 9

The Role of Security and Penetration Testers (5 of 5)
  • Activities:
    • Engage in application penetration testing and source code review.
    • Liaise with clients throughout the engagement.
    • Document findings in reports and debrief clients after each engagement.
    • Conduct research and provide recommendations for continuous improvement.
    • Ensure knowledge of current cyber laws at the jurisdiction level.

Page 10

Polling Activity 1-1
  • Question: An ethical hacker is also known as a/an _.
    • Options:
    • Penetration tester
    • Administrative tester
    • Continuity tester
    • High Pot tester

Page 11

Polling Activity 1-1: Answer
  • Correct Answer: a. penetration tester
  • An ethical hacker is referred to as a “security tester” or a “penetration tester.”

Page 12

Knowledge Check Activity 1-1
  • Question: The U.S. Department of Justice defines a hacker as which of the following?
    • a. A person who accesses a computer or network without the owner’s permission.
    • b. A penetration tester.
    • c. A person who uses phone services without payment.
    • d. A person who accesses a computer or network system with the owner's permission.

Page 13

Knowledge Check Activity 1-1: Answer
  • Correct Answer: a. A person who accesses a computer or network without the owner’s permission.
  • The Department of Justice categorizes all unauthorized access as hacking.

Page 14

Penetration-Testing Methodologies (1 of 3)
  • White Box Model:
    • Tester has full knowledge of the network topology and technology.
    • Access to floor plans and interviews with IT personnel allowed.
    • Simplifies the tester’s task.
  • Black Box Model:
    • Testing done without staff awareness.
    • Tester does not receive any detailed diagrams.
    • Challenges the tester to identify details using various techniques.
    • Assesses security personnel's detection capabilities.

Page 15

Penetration-Testing Methodologies (2 of 3)
  • Gray Box Model:
    • Hybrid model providing partial information to the tester by the company.
    • Example: Only operational systems (OSs) are disclosed, no network diagrams provided.

Page 16

Penetration-Testing Methodologies (3 of 3)
  • Figure 1-1: Sample floor plan (visual aid).

Page 17

Certification Programs for Network Security Personnel
  • Certification programs exist across network security areas.
  • Minimum required certification: CompTIA Security+ or equivalent knowledge.
  • Prerequisite: CompTIA Network+ level of understanding is required for Security+ certification.

Page 18

CompTIA PenTest+
  • Advanced certification validating skills to:
    • Plan and scope an assessment.
    • Understand legal and compliance requirements.
    • Perform vulnerability scanning and penetration testing.
    • Analyze data.
    • Effectively report and communicate results.

Page 19

Offensive Security Certified Professional (OSCP)
  • OSCP: Advanced certification requiring hands-on abilities.
  • Covers network and application exploits, including:
    • Developing basic buffer overflows.
    • Scripting for data manipulation.
    • Conducting exploits on vulnerable systems.

Page 20

Certified Ethical Hacker
  • Developed by the International Council of Electronic Commerce Consultants (EC-Council).
  • The Certified Ethical Hacker (CEH) exam consists of 22 domains.
  • Team Composition: Members are often assigned to a Red team for penetration tests, combining varied skills.

Page 21

O S S T M M Professional Security Tester (OPST)
  • Certification designated by the Institute for Security and Open Methodologies (ISECOM).
  • Uses O S S T M M as the standard methodology documentation.
  • Key teachings include professional conduct, enumeration, assessments, application, and verification (written by Peter Herzog).

Page 22

Certified Information Systems Security Professional (C I S S P)
  • Issued by the International Information Systems Security Certification Consortium (ISC2).
  • Focus: managerial skills in security, not overtly technical.
  • Exam includes questions from ten domains related to policies and procedures.

Page 23

SANS Institute
  • Offers training and IT security certifications through Global Information Assurance Certification (GIAC).
  • The Top 25 Software Errors list is a renowned document detailing common network exploits and mitigation strategies.

Page 24

Which Certification Is Best?
  • Essential skills for penetration testers:
    • Technical acumen.
    • Understanding of networking and organizational management roles.
    • Proficiency in communication (written and verbal).
    • Eagerness to keep learning and growing.
  • Certification Risks: Some simply memorize terminology without comprehensive understanding of complex concepts.

Page 25

Knowledge Check Activity 1-2
  • Question: A team composed of varied skills attempting to penetrate a network is called?
    • a. Green team.
    • b. Blue team.
    • c. Black team.
    • d. Red team.

Page 26

Knowledge Check Activity 1-2: Answer
  • Correct Answer: d. Red team.
  • A Red team includes skilled individuals, such as programming experts capable of performing SQL injections and other vulnerability tests.

Page 27

Discussion Activity 1-1
  • Scenario: Dan, a “packet monkey,” uses prewritten scripts for unauthorized access.
  • Discuss the origins of terms such as packet monkeys or script kiddies.

Page 28

Discussion Activity 1-1: Answer
  • Explanation:
    • Script Kiddies/Packet Monkeys: Refers to inexperienced hackers who replicate the work of skilled programmers without true comprehension.

Page 29

What You Can Do Legally
  • Technology laws evolve as quickly as technology.
  • Responsibilities as a security tester include:
    • Staying informed on local laws.
    • Understanding legally permitted actions.
    • Example: Possession of lockpicking tools may be illegal in some areas.

Page 30

Laws of the Land
  • Legality of Hacking Tools:
    • Possessing hacking tools may constitute a crime.
    • Consult local law enforcement before installing hacking tools.
  • Intent is often required for prosecution; for instance, in Hawaii, intent to commit a crime must be proven.

Page 31

Overview of Recent Hacking Cases (1 of 3)
  • Kansas, 2021: Charges against a resident for tampering with public water systems and unauthorized access to protected computers, potentially facing 25 years in prison.
  • California, 2021: An IT worker deleted user accounts from a company's network retaliatory action after termination; sentenced to two years in prison and fined over $560,000.

Page 32

Overview of Recent Hacking Cases (2 of 3)
  • Nevada, 2021: A Russian national bribed a Tesla employee with $1 million to install malware for data extraction.
  • Atlanta, 2021: A Cypriot teenager hacked websites and demanded ransom; he was extradited and sentenced federally.

Page 33

Overview of Recent Hacking Cases (3 of 3)
  • New Jersey, 2021: An employee of a data analytics firm stole confidential information to sell; sentenced to three years of supervision.
  • Florida, 2021: An assistant principal manipulated student voting via unauthorized access; both the principal and her daughter faced legal consequences.

Page 34

Is Port Scanning Legal? (1 of 3)
  • Varies by state; some view it as noninvasive and legal.
  • Caution advised when employing penetration-testing tools.
  • Federal government sees infringements like port scanning constitutionally permissible; states regulate differently.
  • Research local laws before using penetration-testing techniques.

Page 35

Is Port Scanning Legal? (2 of 3)
  • Figure 1-3: Sample acceptable use policy (visual aid).

Page 36

Is Port Scanning Legal? (3 of 3)
  • IRC Bot: Automates responses to users to mimic a human presence in communication.
  • VPN Considerations: Assess if connected through a VPN when conducting scans; this could inadvertently affect corporate networks.

Page 37

Federal Computer Crime Laws (1 of 4)
  • No Electronic Theft Act: Extends criminal copyright law to include digital means of crime (17 U.S.C. § 501(a)(1)).
  • Economic Espionage Act (EEA): Protects trade secrets, essential for societal operations.
  • Computer Fraud and Abuse Act (CFAA): Makes unauthorized access to classified information a federal crime (Title 18, Chapter 47).

Page 38

Federal Computer Crime Laws (2 of 4)
  • Identity Theft and Assumption Deterrence Act (ITADA): Criminalizes identity theft and helps assess victims' losses.
  • Electronic Communication Privacy Act: Prohibits interception of communications (Title 18, Chapter 119).
  • U.S. PATRIOT Act, Sec. 217: Amends privacy laws and allows monitoring of cyber trespassers by victims.

Page 39

Federal Computer Crime Laws (3 of 4)
  • Homeland Security Act of 2002: Specifies sentencing guidelines for computer crimes.
  • CFAA: Criminalizes unauthorized use of telecommunications devices or services (Title 18, Sec. 1029).

Page 40

Federal Computer Crime Laws (4 of 4)
  • Stored Communications Act: Defines unlawful access and disclosure relating to stored communications (Title 18, Chapter 121).

Page 41

Polling Activity 1-2
  • Question: What part of your ISP contract affects your ability to perform web-based penetration tests?
    • Options:
    • Scanning policy
    • Port access policy
    • Acceptable use policy
    • Warranty policy

Page 42

Polling Activity 1-2: Answer
  • Correct Answer: c. Acceptable use policy.
  • It is crucial to familiarize yourself with state laws and ISP contracts before deploying penetration-testing tools.

Page 43

What You Cannot Do Legally
  • Illegal Actions:
    • Accessing a computer without permission.
    • Destroying data without permission.
    • Copying information without permission.
    • Installing viruses on networks.
    • Denying users access to network resources.
  • Ethical conduct must be prioritized to avoid disrupting clients' operations.

Page 44

Get It in Writing
  • Contracts offer legal protection and clarity in business engagements.
  • Consider literature on consulting for insight into effective contract practices.
  • Online resources may provide free contract templates.
  • Seek legal advice before signing any contracts.

Page 45

Ethical Hacking in a Nutshell
  • Critical Skills for Security Testers:
    • Proficiency in network and computer technology.
    • Ability to communicate effectively with management and IT personnel.
    • Understanding applicable laws and regulations.
    • Capacity to use necessary tools to accomplish tasks.

Page 46

Self-Assessment
  • Review the varied state and federal laws regarding computer crimes.
  • Analyze the legal and ethical issues associated with hacktivism.

Page 47

Summary

At the end of the lesson, you should be able to:

  • Describe the responsibilities and role of an ethical hacker.
  • Understand legal permissions and restrictions applicable to ethical hacking.