Ultimate Beginner's Handbook of Computer Hacking Essentials Learn Ethical Hackingm Penetration Testing, and Basic Security pdf pdf


10 months ago
Full text
[ULTIM ATE B EGINNER HANDB OOK TO COM PUTER HACKING ESSENTIALS: LEARN ETHICAL HACKING, PENETRATION TESTING AND B ASIC SECURITY: 50+ FREE RESOURCES TO HELP YOU M ASTER THE ART OF HACKING] BY [NEIL W. CARSON] What is a Hacker? Originally Hackers Were Not Computer Based So What Is a Hacker Now Why are hackers important? Differences: Black, White, Grey, and Red Hacker? Black Hat Hacker : Bad Guy White Hat Hacker: Good Guy Grey Hat Hacker: The I “do it for fun” guy Red Hat Hacker: The “I do it for legal money” guy Neophyte: The Noob Definition and Importance: Ethical Hacker Guidelines of an Ethical Hacker Importance of an Ethical Hacker The Tools: Ethical Hacker Why Un-Ethical Hackers? What’s the Difference? Some People Just like to watch it Burn Another Get-Rich Quick Scheme The Tools: Un-Ethical Hacker Beware the DEEP WEB (and ironically made by the Navy) Developed by the Navy How it works Browser Beware They are Watching Preventive Security and Reactive Security Preventive Security What do we Detect? A lot. When do we Detect it? All the time. Reactive Security SSH, HTTPS, HTTP, SSL and FTP: Web Safety SSH and FTP are Server Side Transfer, While HTTP and HTTPS are Web Side Transfer How Blindingly Simple: Hack Your Windows Password How to Hack Someone Else on Your Group Network A Blunt Guide: Become an Ethical Hacker WHAT IS A HACKER? ORIGINALLY HACKERS WERE NOT COMP UTER BASED Hacker literally means to break to your benefit, which means that when you used something in manner that it was originally not intended to be used; you have become a hacker. Originally, when you decided to optimize or make something better by taking it a part and then putting it back together in a more efficient way, sometimes even adding something to make it better, this in it of itself was what it meant to be a hacker. If you took a toaster and changed the quality of the heating coils so that it would take less power but cook faster, you were a hardware hacker. If you chose to wake up early every morning and brushed your teeth while you took a shower, you were a life hacker. If you decided to make a method that allowed you to do work faster, you were a efficiency hacker. You could have literally been a hacker for anything you decided to improve. SO WHAT IS A HACKER NOW Hackers are now often associated with computers and while terms like Life Hacker are still popular terminology, a term that directly describes an action, the general meaning of a hacker is within a computer. A hacker is a person who programs, navigates, or develops a method that allows them access into an area that they are not normally allowed to have access inside of. This means that a person who can “view source” and then read the language the website is developed in so that they can manually remove the code that pops up those annoying advertisements is a hacker. WHY ARE HACKERS IMP ORTANT? Hackers make the world go around in the cyber world and the main cause for improvements in technology in general. Whenever a person is able to gain access they are not supposed to gain access to, the person who runs security must now come up with a new and improved way to protect the company. The same goes for the advertisement and media industry, because people are blocking advertisements and downloading media all of the time. It is so simplistic to download a YouTube video that the music industry focuses heavily on live events for money instead of the actual music album itself. Artists have to put intricate watermarks on their photos in order to ensure that hackers do not just simply download the pictures from the source and sell them. If it were not for hackers, the development of technology would be a lot slower and the world would not benefit. After all, it’s not just security hackers improve, but technology itself. We will discuss how they do it later, but hackers can download information in mid-process if it is not fast enough and unsecure. This has lead to developing methods that let web browser provide a fast connection to their users and a direct line to not only make it difficult for hackers, but also makes it faster for the consumers of the internet. Not all of the technology improvements are accredited to these hackers, but a good portion of good practices can be and that’s why, as much of a problem hackers are, hackers are actually beneficial to the internet. DIFFERENCES: B LACK, WHITE, GREY, AND RED HACKER? There are several types of hackers in the world and they all have reasons of why they chose to do it like they do. We will put these in a chronological order from when they were first coined to the final color of the Hat Hacker family. The reason why they are given a color is to help people identify which hackers are good and which hackers are bad, and, just like in the world, not everyone is strictly good or bad. The “Hat Hacker” part refers to an old style of changing identity in theatres, which was simply to put on a different hat and this let the audience know that you were in a different character. BLACK HAT HACKER : BAD GUY A black hat hacker is a literal cyber bad person that only wants to make as much trouble as possible just because they can. These hackers normally do this for egotistical reasons and are usually only show themselves where a new security system has come out, and these individuals feel challenged. While they are the “classical bad guy,” they do have their benefits for existing. Without Black Hat Hackers, there would be no need for all of the other hackers to exist, or security for that reason, and they are actually the reason why jobs are generated for Ethical Hackers. WHITE HAT HACKER: GOOD GUY Just because they are a White Hat Hacker, does not mean they are an Ethical Hacker. A White Hat Hacker only hacks when they feel like they need to, but strictly go out of their way to make sure that they do not hurt anyone in the process. This type of hacker is generally associated with the individuals who provide personalized bug fixers for software and generally try to improve upon software issues that the company seems to be ignoring. You can usually find them on forums, helping people solve issues with their code and just being the good guy for the general public. They don’t do anything for profit, they do it because they feel that it is need, and they are almost always happy to help out someone they don’t even know to help improve that person’s life. GREY HAT HACKER: THE I “DO IT FOR FUN” GUY The Grey Hat Hacker is usually the person who hacks video games and tests their skills against varying levels of security because they find it fun. These hackers are problematic because they don’t often care whether they harm someone, but they also don’t really even think about whether they are hurting someone or not. This is similar to a person who wants to hack into a credit card company because they feel like it would be an interesting adventure. RED HAT HACKER: THE “I DO IT FOR LEGAL MONEY” GUY Red Hat Hackers are usually a mix on Ethical and Un-Ethical Hackers. The reason why they are called Red Hat Hackers is for the terminology of “Red Tape.” That is right, Red Hat Hackers are usually on the level of hacking government institutions, information hubs, and generally anything that falls underneath the category of sensitive information. The FBI and CIA hold a list of the world’s Red Hat Hackers to keep track of what they do, where they go, and what jobs they are working on as a preventative measure against being hacked themselves. A really big example of this is when the group Anonymous and LulzSec managed to Hack the CIA and cause them a lot of issues for, not only their employees, but also the security companies that place their trust in the CIA. NEOP HYTE: THE NOOB A Neophyte is literally a “New Convert,” which is to say that this is a person who is new to the hacking world and the term came about for hackers to represent the fact that being hacker is similar to a religious practice. DEFINITION AND IM PORTANCE: ETHICAL HACKER An Ethical Hacker only hacks to prevent others from being able to do things that are morally improper to users of the technology. That is essentially their purpose, but they have to follow specific guidelines that normal hackers do not have to follow. GUIDELINES OF AN ETHICAL HACKER An Ethical Hacker has to do a couple of things that a normal hacker does not have to do in order to fulfill their purpose. THEY MUST RECORD EVERYTHING Ethical Hackers must record their screen, their keyboard, their mouse, their emotions, and even their heart rate and sometimes their brain waves. All of this information is used to determine the strength of the security and what it will be like for the person on the other end of the screen that is doing the hacking. HACK VS. HACK Often times, Ethical Hackers must go against each other to determine what a real-time scenario would be like in the case that a hacker is cable of getting far enough to the point where the security person must be able to protect the information by hand. This is done so that the programmers can develop scripts to specifically protect against these types of attacks so that the protection is faster than the hands of a hacker. HACK FROM MORE THAN ONE DEVICE Today, hackers can get in from multiple directions. You can hack into the mobile network and jump from the mobile network to go into the main network. You can hack into a person’s email and gain access from the email service. You can hack a person’s phone SIM card and place a key logger for access from a remote location. There are multiple ways to hack into a network and an Ethical Hacker must be aware of all the different ways a network can be hacked into. HACK PEOPLE Another part of the process of an Ethical Hacker is to determine the social weaknesses of an industry and how easy it can be for a person to be the source of the problem. This may involve having lunch with a person and pickpocketing their phone while they’re no looking, or determining whether that individual spends a lot of time surfing the internet while they are on break. Additionally, they determine how is it is for an individual to break the NDA that nearly everyone signs in the beginning and whether a person could get enough information from an individual to do actual damage to the business. There are specific key parts an Ethical Hacker must look out for in the social network that is behind the physical network. IMP ORTANCE OF AN ETHICAL HACKER The importance of an Ethical Hacker cannot be stressed enough, as they serve as both a security analyst and a technological analyst. They prevent security risks from people, networks, and other third-party players to ensure that there is a very small chance that a hacker is capable of getting into the network. THE TOOLS: ETHICAL HACKER The tools of the Ethical Hacker often reflect the capabilities of the Ethical Hacker. As mentioned before, an Ethical Hacker must be able to have a lot of data in order to ensure that they have a round-about understanding of what security issues they must be dealing with. TRACKING DATA PROGRAMS There are several programs that track data submission and methods, and these allow Ethical Hackers to determine the origin of a hacker, where they came in, and even how they got in. Such programs will track IP addresses, Data Packages, Mac Address Orgins, and even determine the speed at which the information was passed to collect data on the speed of the internet that is being used. This allows the Ethical Hacker to cover up those areas with additional security and also allows them to ensure that scripts that they make to prevent entry are faster than the most likely speed of internet the other hacker will be using. LANGUAGE SPECIFICITY Another large problem in it of itself is the ability to write the language that the security issues are taking place in. If an ethical hacker has been hired to protect a specific program and not just the computers, odds are is that the Ethical Hacker will need to know the language of the program in order to make sure they can write their own scripts in that same language so that their preventative protections can be put into place. A part of this issue are the actual holes within a language. If a hacker knows what language is being used, not only can the program be at risk, but the actual code of the program can be altered. An example of this is a PHP based website, which is vulnerable to the classic GET, DELETE, and POST methods, which are a part of the language. Unless there are specific measures put into place, the hacker on the other end will have a very easy time simple going into a comment box and pulling all of the data from a website on to their hard drive. HIDDEN CAMERAS As mentioned before, an Ethical Hacker also has to look at the people behind the physical network to determine whether they will be a problem or not. The hidden cameras are for when the Ethical Hacker needs to do a Risk Assessment on the person within the video and determine which factors led to a specific success, or which questions, when asked in the right order, would pull out the most information. Additionally, video recordings can be used by the Human Resources Department to determine if the employee is in a stressed state and needs to be taken care of in terms of their working conditions. Ethical Hackers are often mindful that a person’s weaknesses are not their own fault and that an average employee is not expected to be one hundred percent fool proof. Even the janitor may look up something on his phone while being connected to the internet at work and has no idea that someone took his phone, and modified it, while he was on his lunch break. This process is done often to ensure that people are mindful of what they do and how their actions can affect the business. FORENSIC ANALYST PROGRAMS There is a fine line between a Forensic Analyst and an Ethical Hacker because most of what they do are extremely similar. Therefore, what will usually benefit a Forensic Analyst will often benefit an Ethical Hacker, and vice versa. These programs will keep log files of occurrences throughout the day on a network, track unauthorized uses, pinpoint origin points for viruses, and are generally helpful in every step of the process. The only problem is that not everything a Forensic Analyst can use, can also be used by an Ethical Hacker. A Forensic Analyst can go into personal emails and sensitive material that Ethical Hackers are told not to touch, and, in some areas, Ethical Hackers are even told not to touch specific areas of the network because the information on that side is too sensitive for an individual to have their hands on. However, the benefit to this is that that section of the network is usually closed off from the rest of the network as much as possible and often requires little to no effort when it comes to providing a solution. Since the network remains untouched, Ethical Hackers only have to track incoming and outgoing data from that network SCRIPTING EFFICIENCY Another part that has been mentioned are scripts. Scripts are simple sets of code that automatically preform preventative security actions faster than a normal human to ensure they shut down the attack as fast as possible. These are written in a similar language to the actual program that naturally protects the computer and some Ethical Hackers end up with so many scripts that they make an entirely different security program to handle them all. This allows them to keep track of all the different scripts, determine if the scripts need to be faster, and to find out when the scripts are conflicting with each other. These scripts are a vital part of the protection program as a script will always be faster than the human hand, so anything that can be written in the form of the script will be ten times better than if the Ethical Hacker would have to do it by hand. DRIVER DOCUMENTATION One of the pet peeves of the entire industry is Driver Documentation and there’s a very good reason. Your computer has hundreds, if not thousands of drivers, that are needed in order to make the computer work effectively. A driver is a binary-level software that allows the computer to communicate with either the hardware or the software. Documentation of those drivers tells security specialists and Ethical Hackers what needs to be done to protect the end user from the security holes that those drivers have. If there isn’t enough or a proper form of documentation, that means the security specialist or Ethical Hacker has to run close to a thousand tests to see all the potential holes that the driver allows for the hackers of the world to get in through. WHY UN-ETHICAL HACKERS? An Un-Ethical Hacker is very similar to a Black Hat Hacker and are often associated with them, but there are specific parts that make them different. Not all Un-Ethical Hackers are bad, which may seem strange at first, but these hackers are equally as important as Ethical Hackers WHAT’S THE DIFFERENCE? Un-Ethical Hackers are like the Hulk version of Ethical Hackers and will relentlessly attack a network to find problems. They will often use tactics that are against the law, such as kidnapping and blackmail, to accomplish their goals. The only problem is that Un-Ethical Hackers sell the information to the highest bidder and only do it because it is profitable. These hackers will often mutli-hack systems as well, just to get the network to the point where they can move pasts the preventative steps that an Ethical Hacker put into place. SOME P EOP LE JUST LIKE TO WATCH IT BURN It’s plain and simple, for the most part. Un-Ethical Hackers often see a big business like a giant juicy steak that needs to be cooked. If a company claims it has the best security in the world, you can be sure that an Un-Ethical Hacker has already started to break that security. People have a tendency to go after the things that will provide them the most challenge and thrill, and this is the biggest way any hacker can truly determine what they are capable of. Not only do these hackers have to get past the system, but also they will often have to cyber fight with another hacker or a team of hackers in a cyber-gladiator type match. It requires an intense amount of skill to do this and Un-Ethical hackers are sought out by security businesses like trophies for hunters. ANOTHER GET-RICH QUICK SCHEME These Red Hat Hackers will often sell the information they steal or the tactics they used to break a network to the highest bidder. The prices go extremely high, with some hackers being millionaires after preforming just one hack. To put into some basic math, let’s say that each Facebook user’s information is worth just $0.50 each. More than a billion people use Facebook, so that’s half a billion dollars for that one hack. However, Facebook is extremely large and has a dedicated security team to ensure that hacking Facebook is near impossible. However, as the Tunisians proved, hacking giant powerful companies like Facebook is not an impossibility and poses a serious threat to the online world. However, the process is often illegal and once the hacker manages to sell the information, they will be put on the list and watched until the day they die. Often times, any type of money they got from the deal will go to just making sure the company can’t get their hands on them and that they live in a place that shields them from the government that they ran away from. THE TOOLS: UN-ETHICAL HACKER The Un-Ethical Hacker has quite a bit more on their plate than the Ethical Hacker and it’s important to know what they have, in order to protect the businesses that they go against. These hackers are often either employed by a competitor or just out there to get information on businesses their local government is interested in. MORE THAN ONE COMPUTER They often have an entire room built with computers all interconnecting in order to ensure that they can handle even the biggest jobs. This is why having efficient scripting is important and why creating scripts to defeat your own scripts will improve your scripts even further, and why you need to do this. Often times, the reason why a place is hacked is that the Ethical Hacker did not get far enough to detect a specific type of script that would protect against the scripts the Un-Ethical Hacker created. Another dynamic tool that Un-Ethical Hackers have under their belts is the ability for sheer processing power, which can run over tens of thousands of scripts at once. An Ethical Hacker is limited to the processing power they are given to work with while the Un-Ethical Hacker is only limited by how much money they have to purchase processors, and how much power they can afford to have. This is why some governments employ Un-Ethical Hackers and give them all the resources they need to attack foreign companies for their information. On top of this, the most important part of the entire process is to not get caught and this is where the importance of more than one computer comes in. Each computer has its own Mac Address, which identifies the hardware similar to the driver’s license that you use. Having more than one Mac Address along with every one of those Mac Addresses coming from a different IP address scrambles the origin of where the hack is coming from. This is the standard step most Un-Ethical Hackers use to hide their location. PRE-RENDERED ADAPTABLE SCRIPTS Another huge part of being an Un-Ethical Hacker is to develop adaptable scripts that will continue to attack the network in a different way even if the initial script fails. This is huge and rare, as only some of the best Red Hat Hackers in the world produce these and these scripts are extremely difficult to beat since the code often adapts faster than the person who is trying to keep the website secure. However, an important part to note is that these scripts are not artificially intelligent and will continue to brute attack unless they are stopped, and they may be flawed and backfire. How you develop an adaptable script is through knowing the Append functions of a language and making a ton of if/else statements that have already been thought of to ensure that the next append will take the most likely path that the Ethical Hacker used in order to block the script. In other words, one script may have over 1,000 if/else statements and only one append function for failures so that it takes note of what fails, and what looks like it worked. Then, behind that, if one of the scripts looks like it worked, another adaptable script begins at that point to start targeting if/else parameters to see if it can go any further. These scripts can take weeks to build, but it essentially makes short handle of almost any network and will break through a network within a few hours. Additionally, these scripts could run over a million if/else statements previously scripted by those within the same line of work and were downloaded off of the Deep Web. SWEAT SHOPS If you have heard anything bad about a foreign country, nine times out of ten the bad was something involving the use of a sweat shop. These also exist for Un-Ethical Hackers and the ones that use them, use them at their full extent. In a slight twist of irony, though, almost any work at an Un-Ethical Hacker Sweat Shop will have enough knowledge about computer by the time the shop is shut down, that the person who work in the sweat shop will have something they can work with in foreign countries for money. But, why? Sweat Shops like these are often used in government funded operations to make the adaptable scripts we were talking about, but in droves. Essentially, the sweat shops are taught how to write the scripts and then told they need to write a certain amount of scripts to beat a specific algorithm. What occurs is a lot of common scripts, but, when compiled, you also have tens, hundreds, and even thousands of if/else statements that are not common. This also for a better versed script and, to go even further, so scripters are then required to beat that list of scripts with another drove of scripts. The entire process takes close to three months or even half a year depending on how much manpower they put into. The result is an extremely large compiled list of if/else statements that will absolutely destroy the network they are going against. However, as mentioned before, these are rare and require a lot of dedication to make it happen. This has only occurred a few times and they have left their mark on history, with notable historical moments of NSA hacks, Pharmaceutical Company hacks, and very similar world-surprising moments. BUGS 101 The last part that Un-Ethical hackers use against Ethical Hackers is the list of bugs that they know will work against certain securities and languages. Most people are unaware that there are thousands, and even millions, of exploitable bugs in software and people spend their free time to figure out where they are. The help button on software is expectant of the average consumer and problematic for software designers, and very exploitable. Knowing how to replace that help button on an employee’s computer from an email, may give you access to the entire network. This would only be possible if there was an exploitable bug in the software that allowed you to alter the help button remotely. B EWARE THE DEEP WEB (AND IRONICALLY M ADE B Y THE NAVY) The Deep Web is referring to the portion of the internet that is not tracked by popular search engines. Think of the search engines you use as the nice parts of the city while the Deep Web is where all the drug deals, murders, and black market deal go down; because that’s basically what it is. The Deep Web is notorious for this and it truly is an amazing tool if used properly. DEVELOP ED BY THE NAVY The Deep Web was actually a project developed by the Navy as a part of the internet. Initially, it was just supposed to be away for special agents to be able to communicate and hold information on the internet without their enemies being able to gain access to it without having search an impossibly high amount of number of internet crack holes in the Deep Web. This worked very effectively and provided a large backbone for the internet to prosper off of, but at the same time, because it was a part of the internet, people began to use it for personal reasons. After a while, the deeply technologically sophisticated people in the world knew of the Deep Web and relied on the Deep Web for a good portion of secretive services. WHO USES IT NOW The Navy still uses the Deep Web, but they are no longer the primary users of this form of internet. Indeed, the primary users of the Deep Web are those within the mercenary industry, slave trade industry, drug industry, and the “don’t want to know” industry, because you’ll have nightmares if you know they exist. It is a place where dirty business can be done in secret, information is the currency, and no one knows anyone on the Deep Web if they do not know them in real life. HOW IT WORKS The most popular method is to access the area of the net with the browser called Tor. Tor basically pings your IP address all over the place while you are browsing so it seems like you are everywhere at once and tracking your location is near impossible. It is only when you decide to download something that it becomes painfully obvious where you are because there is a dedicated line of data going straight to your computer and no matter how much pinging you do, you simply can’t hide it. While on the Deep Web, you will have to know exactly where you are going or you will go nowhere at all. This is because the Deep Web is so large and vast that there are no crawlers, scripts that retrieve links, that can span even its surface. This is the place where governments hide most of their dirty secrets, so do not expect it to be easy to navigate. So long as you are not downloading anything, even cookies, you will not be seen while exploring. If you have another browser up though, it can be crossed referenced with a repetitive IP address ping location. If that happens, they know where you are and will start looking into you, no matter whether you’re there out of curiosity or not. After all, the Deep Web is like a special club that not a lot of people know about. BROWSER BEWARE As mentioned before, unless you know exactly where you are going then you will go nowhere at all. This is because you cannot simply stumble on an address like in Google or Bing, you have to have the actual address. Additionally, if you go to a website, be very careful and make sure you’re going to appropriate websites because there is a lot of bad things on the Deep Web. EXAMPLES Dissection of The Homeless – No one knows who provided the information or even how the website was found. However, this website features several different cultures and provides not only documentation, but actual videos of people abducting the homeless and then dissecting them – just because they can. War Crimes – That is exactly what it provides and users post videos they have of War Crimes they have committed. Many languages are used on its forums and there are a lot of videos of cruel torture and similar… war crimes. The Russian Sleep Experiment – This Deep Web website is truly disturbing and shows the bizarre nature of the human makeup. It’s basically an experiment to see what would happen if the human body was able to deprive itself of sleep and live. The results are truly disturbing. picsofdeadkids – That’s exactly what you think it is. It is a site that is dedicated to pictures of dead children and not just wake pictures. These are just a few of the gruesome and terror-inspiring websites that are on the Deep Web, and a few good reasons why you want to be extremely careful while you’re on it. THEY ARE WATCHING The Deep Web is literally a 24/7 watched area by the authorities of the world and if you don’t follow the protocols, you can be sure that they’re already watching everything that you do. The reason for this is that most people going on the Deep Web are there for reasons that authorities would put them in jail for. Even those putting the Deep Web into their search engines are often put on the watch list as well. WHY IT IS STILL USEFUL While it may seem like a horror show at first, the Deep Web has its uses. Not only is it a place where information can be shared secretly and a person can build the entire backbone of their website on there, but you can also find someone of the really really deep technological fixes/studies. These are areas where you purposely go to find out about malware that’s being passed around and government level spywares that you may need to protect your company from. There are so many uses that many holding secretive or sensitive information use the Deep Web so that it not only becomes near impossible to track or be taken down, but so that the information is guaranteed to get to its target. It is a crucial tool for the hacker community and is only used by those whose hacking goals are above the average person. PREVENTIVE SECURITY AND REACTIVE SECURITY There are two methods of security that every Ethical Hacker is concerned with most of the time, and that’s how to prevent hackers from getting in and what to do on the happenstance that they do manage to get in. P REVENTIVE SECURITY Preventive Security or Proactive security, which are really the same thing only one sounds better to businesses, is the practice of attempting to prevent things from tampering with the network. This involves setting up firewalls, scripts, and similar programs to prevent hackers from getting into the network. Hackers are not the only concern to Ethical Hackers, but they are the primary concern. There are a few other attackers that any person, including an Ethical Hacker, must be aware of to ensure the safety of their system. ENCRYPTIONS AND KEY-FILES The first bit of business to set up an encryption. There are several different types of encryptions, too much to cover here, but it is important that you know what they are and how they work. An encryption is literally a re-distribution of values to ensure that your information cannot be hacked You will often use a program for your encryption and only that program can unlock that encrypted file for you. A popular discontinued program was Truecrypt, which is still popular for basic encryption needs, and it allowed several different types of encryptions, including three-way encryptions. To grab a basic idea of what an encryption is doing, we will take a word and encrypt it. Basic = CiZ@B If you notice, this is a rather bad encryption, but it gets the point across. Another bit that you may need to know is the existence of a “Key-file.” Key files are extremely useful and ensure that no matter what you have that’s encrypted can’t be accessed without the file, as it is the key needed to open the file. Encryption is used to protect sensitive data from not only being stolen but also broken into. Additionally, nearly everything can be encrypted and it all runs on mathematics. The better the encryption, the more difficult it is for others to get into it, but, most often, it can be problematic to encrypt everything. NOTE: Employers tend to not like having to jump through holes to get into their files, which is why encryption is really mostly used in technology businesses where the employers actually understand why encryption is useful. This is not to say that all businesses are like this, but you will find a lot of businesses who think this part is just unnecessary paranoia. PAPER OVER DATA The biggest protection against the average hacker is paper. The problem with this is that this is not seen as good practice inside of a business, as an account program is faster and less likely to make calculation mistake than an actual accountant is just as a machine is less likely to drip coffee on an important blueprint. However, the best way to utilize this protection is to have old important files be put on paper and locked away when they are no longer being used. This will not only save on a lot of data storage, but it will ensure that hackers can only obtain the most recent information from a business if they get in. Some businesses will actually just put the files on a standalone server that can only be accessed from the computer dashboard that has been placed on top. However, this is rare since these types of computers are expensive because they must be customized for the business. WHAT DO WE DETECT? A LOT. WHEN DO WE DETECT IT? ALL THE TIME. There are four different software elements you will need to know how to detect to prevent a compromise within the system. Often times, these software elements only get on the computer when a user unknowingly downloads it through allowing advertisements, going to a specific website, and there’s just a whole manner of ways they can get them. TROJAN A Trojan is usually packaged and hidden from the user along with whatever they have chosen to download. These programs often hide in the registry, collect information, and are programmed to hide themselves away until they are detected by one or several virus programs. Once they have been detected, then they begin to damage and alter the system to prevent its eventual removal. These are ones you will want to be out on the look for because they will contain such things as bitcoin mining and ram collection, which can often destroy the system they are in and are effective at stealing nearly everything in the system. If they are a program intended to collect information, they will often push that information to the outside world and that is where it is the easiest to detect them. However, most virus protecting software will detect them before they do any real damage, but you still have to watch for them in case they are not in the software’s library yet. MALWARE Literally, it means Bad-Ware, and it does exactly what you think it does. You will notice it immediately because it will try to shut down computers with the blue screen, it will lock you out of the screen, it will make sure you can get on the internet, and it may encrypt all of your files. There’s no end to the havoc that Malware will cause on your computer’s life and they are most common viruses you will ever receive. Beware of cookies and downloads, because Malware is practically everywhere there is a loading screen for your internet on a website that is not run by an organization or the government. SPYWARE Key loggers, Screen Capturers, and Camera Peekers galore. Spyware is extremely difficult to detect and will even throw false flag detections to ensure that you have a difficult time determining where it is. This type of virus is specifically built for spying and the worst ones can hide inside of the RAM, which lets them stay there while you try to figure out how to get them. Worst yet, they will disappear into the computer once it is shut off and some are so horrible that you have to reinstall the entire operating system on a different disk just to get rid of them. PORTALS Very difficult to put on the computer and almost impossible to detect. Portals or Worms literally just sit there and funnel information disguised as a registered connection to wherever they may be sending the connection. The reason why they are difficult to detect is that they are often registered, which means they become Windows Registered and are then inside of the Registry. They are extremely rare because only a building full of people in the world can make them nowadays for the new Operating Systems, but they were extremely popular before Spyware. CHOOSE YOUR SECURITY TOOLS When choosing how you want your system to pick up on these viruses you will need to take a few things into consideration. Can your processors still detect the viruses and clean them while the people are working? Does it run as a background operation or is it strictly foreground? How often do they update their libraries? The answers you want for these are; Yes, Background, and Every couple of Days. The reason for this is that your protections from these viruses are often dependent on how fast it can operate, how uncumbersome it is to the business, and whether the viruses are known in its databases. REACTIVE SECURITY Reactive Security is when you get attacked, none of your preventive measures worked, and now you are trying to react to it. WHEN IN DOUBT When you think that they have already one, it’s time to unplug the internet and shut down. This has happened before, especially within popular websites or programs that get hacked. An example of this is the recent Sony Network hack, which was shut down in mid-process to stop the hack from fully getting in. So long as the device is off and not connected to the internet, it’s almost impossible to get back into it. However, this is only if the hackers are not part of the NSA, who have a back door into almost every processor. DATA BACK UP It is always important to have what’s called a RAW data back up, which is to say that all of the raw information about projects are held on a drive that isn’t connected to the internet and is only updated in intervals. The most popular set up is USB Storage filing, which allows the separation of information into separate USB flash drives so that even if one of the flash drives is corrupt, not all of the flash drives will be corrupted. Another popular consumer option s RAID, but RAID is not an Enterprise option. This falls underneath what is known as Redundancy Back Up, which is to say that you have another file size matching the original size that holds ghost files of the original files. This is not an enterprise option because it’s twice as expensive and can take days for just 500 GB to recover depending on how cheaply your computers are built, which they will be the minimum unless you are working for a technical company. The last option is Web or Wireless Back Up, which is not an Enterprise option either. This is because it primarily relies on your internet connection and how fast it can deposit the file into the storage area. When working on the Enterprise level, having over a hundred files being uploaded at the same time can take up a lot of the internet. DATA RECOVERY Data Recovery is frighteningly easy and this is because of how hard drives are designed. There are several ways to recover the information that has been lost from an attack, as it will often still be on your computer. However, when the data that is recovered from the drive looks as though it was tampered with, it is important to notify everyone that the company has been hacked so that they can change their information and affirm that their lives are in order. Most of the time you will be dealing with stolen account details like standard credit card theft, but occasionally you may have to deal with identity theft. It is important to notify the authorities when this is discovered because a Forensic Technician will need to come in and gather all the details. Either way, you will need to determine the source of the attack by finding the very first file that was transferred and every file after that to see which one is the common IP address. STUDY THE DATA If you have the Forensic Tools from before on the computer, you will want to see what went wrong, what simply didn’t work, how long it took them to get in, and what can you do to improve the security of the network. This is the most important part of Reactive Security, since Preventative Security is where you will ensure that this cannot take place again and you can only gather that information as part of your reaction. Skipping this step could mean the entire shut down of an enterprise, so it is extremely important to make sure that you utilize every bit of data to prevent it from happening again. It is rare that a hacker is able to shut down an entire business and it usually deals with the topology of the network. The topology of the network refers to how the network interacts with itself on the hardware lines that they are provided. The most common topologies are a ring topology and a mesh topology, which simply mean that they are connected to each other so that when one line fails another line can still carry the information. You will always want to have a ring or mesh topology for workstations, but have a single entry point for your internet. This is the ideal setup but you will not get it most of the time. SSH, HTTPS, HTTP, SSL AND FTP: WEB SAFETY As an Ethical Hacker, most of the issues that you will be solving will be dealing with the internet. This means that you not only have to know the software issues and how to protect from the computer, but you will also want to know how to safely transfer information across the internet. There are four primary methods of transferring information and each one has its restriction. Additionally, the more secure it is the more selective the freedom of range the transfer module will allow you. SSH SSH literally stands for Secure Shell and it is extremely useful for logging into another computer over the network, move files, and generally have control of the computer. This comes in replacement of a lot of technology that did similar things and is almost unbreakable. It is the current standard of web development and is expected whenever a website is developed. It protects against DNS spoofing, which is a way that a hacker can gain even further access into your system by creating a computer that your network recognizes. It also prevents IP source routing so that the hacker can’t use the Tracert command to get into your website, and we’ll show you an example of this later on so you know how this is used. HTTPS HTTPS literally means Hyper Text Transfer Protocol Secure, which is similar to SSH but with less restrictions. SSH is primarily used to transfer data over a local network while HTTPS is used to transfer information over the web browser for consumers. This allows for a secure connection to take place over the world wide web. HTTP HTTP is similar to HTTPS and has many of the same functions of the newer version, but it is considered to be not really secure. The difference between the two really just has to do with where the website is located and the type of server that it’s located on. If an HTTP websites is located on an HTTPS server, you can just put the S in front of the address like this; “HTTPS://www.website.com” It will work just as it would with the HTTP. However, HTTP has been around a long time is still rather popular among businesses since upgrading their website to HTTPS is not really a requirement at this time. The only benefit between the two is that HTTP is actually faster and less problematic that HTTPS since it does not have to go through as many protocols. SSL SSL literally means Secure Socket Layer and is a little bit different, mainly dealing with transactions, but it is important to note that SSL is a standards-based method that enables HTTPS and allows the connection to be encrypted. This is the software that makes HTTPS a viable option for security and protects its users from outside attacks that can come through the website. FTP FTP literally means File Transfer Protocol and it is the older method to SSH. FTP and SSH are both ways to transfer files over the internet to the server. FTP is similar to HTTP and is rather old technology, but it still fairly common among businesses. SSH AND FTP ARE SERVER SIDE TRANSFER, WHILE HTTP AND HTTP S ARE WEB SIDE TRANSFER They all use the internet to do what they are supposed to do, but one involves transferring files to the server over the internet and the other deals with transfer files from the server over the internet for the consumer to see. The difference between the effective uses of these technologies will determine how easy it is for a hacker to come in to your network and do what they want. An open connection on an FTP server hosting an HTTP service is the easiest way to lose control of an entire website. As an Ethical Hacker, these choices may actually be out of your control for the company that decides to hire you, but it is important to be aware of these to ensure that you can display your skills at their fullest potential. HOW B LINDINGLY SIM PLE: HACK YOUR WINDOWS PASSWORD Your Windows is a lot less secure than you think and using encryption to protect your files can be really important. First, you need to understand what the Safe Mode is. If you do not know what the Safe Mode is, this will be a good guide for you. In technical terms, this is called a Safe Boot and Safe Mode was not originally on the computer. In fact, almost nothing was actually on the computer back in the time when people used gold toothbrushes to clean motherboards. Initially, you had a boot file on a Floppy and when your computer messed up, you simply restarted and pushed the Floppy back in to the computer. Once we started having a bigger local space, Operating System manufacturers thought it would be easier to just have a Safe Mode on the computer. The Safe Mode is a version of the software that was the last working configuration of the computer, which is why many of your programs will still be there when you boot up the computer. There are several modes in Safe Mode and, generally, you will want to use just the regular Safe Mode. However, for this exercise, we want to only have the command prompt and not boot up the actual Operating System. This is called; Safe Mode with Command Prompt On Windows, when you started up the computer, it is set up by default so that when you press F8 on your keyboard a DOS menu will show up on your computer to let you choose the type of Safe Mode you want to use. When you select Safe Mode with Command Prompt, you will only be booting the Command Prompt. So, what is the Command Prompt? The Command Prompt is actually Windows’ version of a CLI, or command line interpreter, that lets you alter data within your system without using the Windows GUI, graphical user interface. It’s very important to note that the Command Prompt is not DOS, the menu before it was a DOS menu, but the Command Prompt is just an interpreter to tell your computer what it is that you want it to do. We will be using too bits of data within this, one is called a command and the other is called an identifier. A command is just that; a word that tells your computer what you want to do. In this case, the command will be; net Net is a command that is literally referring to a network that you will want to access. You have Net file, Net Config, and a lot of other “net’s”. In this case, you will want to type net user User is an identifier that literally means a “User of this Computer.” So far, we have told the computer that we want to “Access the Network of Users on this Computer.” Next, you will want to access an actual account. This is where the user-name comes in to play, as this will identify which user you want to access and change. Our user will be called Bob; net user Bob Therefore, what we have told the computer is that we want to “Access the Network of Users on this Computer so that we can alter the Data of Bob.” Now that we have gone this far, the next part is the password of Bob. We will change this to “Y” like so; net user Bob Y This will mean that when we boot up the computer next time, Bob will have a new password, which we changed to Y. HOW TO HACK SOM EONE ELSE ON YOUR GROUP NETWORK If you plan on becoming an Ethical Hacker, It's important never to engage in "black hat" hacking, so be sure that you ask for that person’s permission. Time to head back on to that wonderful Command Prompt for this one. The Command Prompt is where most basic hacking takes place and will often be the primary place where one where practice their skills on unsuspecting victims. Do note that this is only showing how to access a computer on your own network provided you don’t already have access to it. To see if they are even on your network you have to type; net view This will tell you who is on the same network as you are. Do note that if you are on a hardline connection and if they are on a wireless connection, you will not be on the same network unless you are specifically connected through the Group Network. If you are both using the same connection, you should be on the same network unless you have one of the very unique modems that prevent this. However, most likely this is not one of your modems and you will be able to do this. You will see something similar to; \\Bob-PC \\Nancy-PC These are the actual names of the computers on your network. Next you will use the Tracert command and this command allows you to track the data to the point of destination, which is where their IP address is. So, let’s target Bob again (poor Bob); tracert bob-pc The command line will run this and let’s say we find his IP address, which looks like this; Tracing route to bob-pc.lan [] With that IP address, we now begin to hack into his computer. Now, odds are we’ll need to Change our Directory, so then we type; cd.. \.. This will bring us all the way to the C: drive and then we type; cd Windows This will allow you to access the Windows directory. Then you will want to grab so Network Binary Statistics on the Attributes from his ip address, so you type; nbtstat -a This will bring you the LAN and the WAN of your network to find that individual. So now that we have that, let’s go ahead and view his stuff to see what we want to use. net view \\ What will come up are the current “disks” on his computer and these are folders that are open to the internet by default. So, let’s go ahead and start going through their stuff, let’s say his “Documents” are there. net use x: \\ \documents The disk will now show up in your My Computer area along with your other disks, like C:. The only way to prevent this from happening is to make sure that all the folders are private and to disable a few ports that are not necessary for you to be on the internet, but are there in case you ever determine you want to share information. A B LUNT GUIDE: B ECOM E AN ETHICAL HACKER There are a few steps to becoming an employed Ethical Hacker and you want to begin with learning the basics of how a computer works. You’ll want to see how to can hack into other computers and learn the basics of networking. Once you have a good grasp on the technology, you’ll want to head over and grab some certificates, but it does depend on where you get your certificates as to what business will want to employ you. CERTIFICATES Both Windows and Cisco provide Security Certificates for their hardware/software components. Both of these places are where you’re going to want to grab your certificates because Windows is the most popular Operating System and Cisco is the most popular hardware industry. Both of these certificates are equally as important, but be sure to start at the very bottom and work towards a basic security certificate. There are companies that look to hire people with the bare minimum of certificates, so don’t feel pressured like you have to be above and beyond, but ideally you’ll want to work towards those certificates as time passes. PRACTICE Practice, practice, and practice to get far in the industry, because the more you practice the better you become. Learn a programming language, learn how to develop websites, or just try and solve issues in your own community. There are a lot of way to put your skills to use. The best part is that you learn something extra every time you practice because no two-software configurations are ever the same, and no two computers will have the same issue for the same reason; until you are in a massive organization and then you’ll see it a lot. CODING Coding is not 100% crucial to being an Ethical Hacker, but you will go a lot further if you know a single computer language compared to if you know nothing. One of the most common to learn is C++, and its newest cousin C#, which is one of the most widely used languages out there. The more languages you know the better off you are. However, before you start learning code there is one crucial lesson you need to learn; ObjectOriented Languages, Functional-Oriented Languages, and Procedural-Oriented Languages OOL focuses on objects and will have code that is very readable by most anyone that understands a little bit of code. Objects are simply data that has data inside of it. FOL is a language based entirely around functions and how they interact with each other. Procedural must be coded line-by-line so that the computer compiles the instructions order, which the previous two could have been all over the place. Each language is simply a style of how you interact with the computer. Test one of each out to see what you prefer most and learn that one language. This will open a lot of doors, even if you don’t decide to become an Ethical Hacker, and the more languages to learn the more doors you will open. EXTRA FREE RESOURCES FOR HACKERS Looking to secure your job as an ethical hacker? Here are highly recommended books and resources on hacking for beginnings or advanced hackers. This list will help you save time in looking for additional free resources to help you further your studies. We will update this book with more resources shortly. Books 1. The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (Syngress Basics Series) 2. CEH Certified Ethical Hacker All-in-One Exam Guide 3. Metasploit: The Penetration Tester's Guide 4. Hacking: The Art of Exploitation, 2nd Edition 5. BackTrack 5 Wireless Penetration Testing Beginner's Guide 6. CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide Beginners Tutorials 1. 2. 3. 4. 5. 6. 7. 8. How to learn Ethical hacking - Astalavista.com Introduction to Penetration Testing Penetration Testing Tutorial - Guru99.com Cybrary – This platform provides free online IT and Security training videos that are super easy to follow. Hacking Tutorials for Beginners - BreakTheSecurity.com Simple How To Articles By Open Web Application Security Information Gathering with Nmap The Six Dumbest Ideas in Computer Security Security-Related Articles http://www.blackhat.com/ http://www.astalavista.com/ http://www.2600.com http://packetstormsecurity.com/ http://www.hacking-tutorial.com/ http://hackaday.com/ http://www.hackthissite.org/ http://www.hitb.org/ http://pentestmag.com https://www.ssllabs.com/ http://www.evilzone.org/ http://www.securitytube.net/ http://www.metasploit.com/ http://sectools.org/ http://www.breakthesecurity.com/ Videos Defcon: How I Met your Girlfriend – Defcon, a most popular hacker conference Open Security Training- Youtube 90 hour Playlist Cryptography Course By Dan Boneh of Stanford University OWASP AppSec USA 2011: compilation highlights of OWASP conference . Vulnerability Databases And Resources http://www.exploit-db.com/ http://cvedetails.com http://www.securiteam.com/ http://secunia.com/advisories/ http://1337day.com/ http://securityvulns.com/ http://www.securityfocus.com/ http://www.vupen.com/english/security-advisories/ http://www.vupen.com/blog/ http://oval.mitre.org/ http://www.osvdb.org/ http://insecure.org/sploits_all.html http://zerodayinitiative.com/advisories/published/ Forums For Hackers And Security Professionals Stackoverflow for security professionals http://www.hackforums.net/forumdisplay.php?fid=47 http://forums.securityinfowatch.com/ http://darksat.x47.net/ http://forums.cnet.com/spyware-viruses-security-forum/

Dokumen baru