Download - Hacking and Security Project Ppt
![Page 1: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/1.jpg)
A PROJECT ON
Project Guide:- By:-Sariga Raj, Harish kumar Senior Lecturer, Kumar AnuragDivision of Information Akash KalpTechnology
![Page 2: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/2.jpg)
What is HACKING ?
Hacking can be defined as unauthorized use or attempts to circumvent or bypass the security
mechanism of an information system, device or network.
![Page 3: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/3.jpg)
Who is a HACKER ?
A person , who delights in having an intimate understanding of the internal workings of a system , computers and computer networks in particular. It is used to refer to someone skilled in use of computer systems, especially if that skill was obtained in a exploratory way.
![Page 4: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/4.jpg)
TYPES OF HACKER
• WHITE HAT• GREY HAT• BLACK HAT• PHREAKER• SCRIPT KIDDIES • HACTIVISTS
![Page 5: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/5.jpg)
WHITE HAT :-
A WHITE HAT is the hero or good guy, especially in computing slang, where it refers to an ethical hacker or penetration tester who focuses on securing and protecting IT systems.
White Hat hackers are also known as ethical hackers.
![Page 6: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/6.jpg)
GREY HAT :-
A GREY HAT, hacking community ,refers to a skilled hacker who sometimes legally, sometimes in good will, and sometimes not. They are hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions.
![Page 7: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/7.jpg)
BLACK HAT:-
A BLACK HAT is the bad guy or the villain. It refers to a hacker that breaks into networks or computers, or creates computer viruses. They are also called crackers who are specialized in unauthorized penetration of information systems . They may attack systems for profit, fun or even in a part of social cause.
![Page 8: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/8.jpg)
PHREAKER:-
PHREAKING is a slang term coined to describe the activity of a subculture of people who study , experiment with, or explore telecommunication systems, like systems connected to public telephone networks.
![Page 9: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/9.jpg)
SCRIPT KIDDIES:- They are the people who use script and programs
developed by others to attack systems and networks.
HACKTIVISTS:- These are people who hack systems and websites for
political motives. They are hackers who are also activists
![Page 10: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/10.jpg)
MALICIOUS HACKER STRATEGY:-• Reconnaissance• Scanning• Gaining Access • Maintaining Access• Clearing tracks
![Page 11: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/11.jpg)
INFORMATION GATHERING• The initial process in hacking.• Process of profiling any organization ,
system ,server or any individual using methodological procedure.
• Used by attacker as well as investigator to get more information about target.
![Page 12: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/12.jpg)
SCANNING:-• Process of finding out open/close port ,
vulnerabilities, in remote system , server & network.
• The main type of SCANNING is PORT SCANNING.
![Page 13: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/13.jpg)
PORT SCANNING:-• Most popular technique used by attacker• All machines connected to LAN or connected
to internet run at ports• 1 to 65535 ports are available• By port scanning the attacker finds which
ports are available.
![Page 14: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/14.jpg)
TYPES OF PORT SCANNING:-
• Internal port scanning- Port scanning within a computer
• External Port scanning- Port scanning in a network or outside our own system
![Page 15: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/15.jpg)
VIRUS , WORMS , TROJANS:-
• VIRUS is an application that self replicates by injecting its code into data files.
• WORMS copies itself over a network. It is a program that views the infection points on the network and exploits them.
• TROJAN is a program that once executed performs a task other than expected.
![Page 16: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/16.jpg)
SQL INJECTION:-
• An attack in which malicious code is inserted into strings that are later passed to an instance of SQL server for parsing and execution.
• The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.
• It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.
![Page 17: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/17.jpg)
CROSS SITE SCRIPTING (XSS):-• A type of computer security vulnerability typically found in web
applications that enables malicious attackers to inject client-side script into web pages viewed by other users.
• An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.
• Cross-site scripting carried out on websites were roughly 80% of all security vulnerabilities documented by Symantec as of 2007.
• Their impact may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site, and the nature of any security mitigations implemented by the site's owner.
![Page 18: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/18.jpg)
EMAIL FLOODING:-
• Technique used by hackers to bomb an e-mail account with a large number of mails.
• These mails are generally spam and have motives such as marketing or just fun.
• It has grown into a popular technique in online market.
![Page 19: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/19.jpg)
IDN HOMOGRAPH ATTACK:-
• Also called internationalized domain name (IDN) homograph attack
• It is a way a malicious party may deceive computer users about what remote system they are communicating with.
• They exploit the fact that many different characters look alike, (i.e., they are homographs, hence the term for the attack). For example, a person frequenting citibank.com may be lured to click the link [сitibank.com] (punycode: xn--itibank-xjg.com/) where the Latin C is replaced with the Cyrillic С.
![Page 20: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/20.jpg)
GOOGLE HACKS:-
• These are the techniques to implement google tools in their best way
• These are used by novices all over the world as an introduction to small hacking tools.
![Page 21: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/21.jpg)
PHISHING:-• Phishing is a way of attempting to acquire
sensitive information by masquerading as a trustworthy entity in electronic communication.
• Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public
![Page 22: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/22.jpg)
KEYLOGGER:-• It is the action of tracking (or logging) the keys
struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored.
• There are numerous keylogging methods, ranging from hardware and software-based approaches to electromagnetic and acoustic analysis.
![Page 23: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/23.jpg)
CYBER LAWS:-
• Cyber laws are meant to set the definite pattern, some rules and guidelines that defined certain business activities going on through internet legal and certain illegal and hence punishable
![Page 24: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/24.jpg)
CYBER LAWS IN INDIA:-• The IT Act 2000 ,the cyber law of India , gives the
legal framework so that information is not denied legal effect, validity or enforceability, solely on the ground that it is in the form of electronic records.
• One cannot regard government as complete failure in shielding numerous e-commerce activities on the firm basis of which this industry has got to its skies, but then the law cannot be regarded as free from ambiguities.
![Page 25: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/25.jpg)
CYBER LAWS & THE WORLD:-• Cyber law is a generic term, which denotes all
aspects, issues and the legal consequences on the Internet, the World Wide Web and cyber space. India is the 12th nation in the world that has cyber legislation apart from countries like the US, Singapore, France, Malaysia and Japan
![Page 26: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/26.jpg)
INDIA IN CYBER LAWS:-
• India has failed to keep in pace with the world in this respect, and the consequence is not far enough from our sight; most of the big customers of India ’s outsourcing company have started to re-think of carrying out their business in India .
![Page 27: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/27.jpg)
2004 2005 2006 2007 2008 20090
50
100
150
200
250
300
350
400
450
NO. OF CASES UNDER IPC ACT
NO. OF CASES UNDER IPC ACT
![Page 28: Hacking and Security Project Ppt](https://reader033.vdocuments.net/reader033/viewer/2022061303/54f4bf1a4a7959ab318b4ad6/html5/thumbnails/28.jpg)
THE CONCLUSION:-
ONE WHITE HACKER FOR
ONE BLACK HACKER