Ethical Hacking

Niken DwiClick to edit Master subtitle style Wahyu Cahyani ST. Mkom., CCSO., CEH Ian Harisman Moderator: Gandeva Bayu ST., CCNA

6/4/12

6/4/12

CEHv7 Outline
1 2 3 4 5
6/4/12

Footprinting and Reconnaisanc Scanning e Networks Enumeration System Hacking Trojan and Backdoors

6 7 8 9 1 0

Viruses and Worms Sniffers Social Enginineering Denial of Service Session Hijacking

CEHv7 Outline
1 1 1 2 1 3 1 4 1 5 6/4/12
Hacking Webservers Hacking Web Applications SQL Injection Hacking Wireless Networks IDS, Firewalls and Honeypots

1 6 1 7 1 8

Buffer Overflows Cryptography Penetration Testing

EC-Council Certification Program

Security5 Certified E-Business Professional EC-Council Certified Security Specialist (ECSS) EC-Council Network Security Administration Certified(ENSA) Hacker Ethical (CEH) Computer Hacking Forensic Investigator 6/4/12 (CHFI) EC-Council Disaster Recovery Professional (EDRP) EC-Council Certified Security Analyst (ECSA) EC-Council Certified

Secure Programmer (ECSP) Certified Secure Application Developer (CSAD) Licensed Penetration Tester (LPT) Master of Security Science (MSS)

EC-Council Certification Program

6/4/12

Lets Start Hacking!

6/4/12

Website Deface Attack Statistic

The top rank Attack Methods: file 6/4/12 inclusion, sql injection, webdav

Internet Crime Curent Report: IC3

6/4/12

Why Attack Are Increasing

6/4/12

Hacker Classes

6/4/12

What Does a Hacker Do?

6/4/12

Footprinting & Reconnaissance

6/4/12

Footprinting & Reconnaissance

6/4/12

Footprinting &Reconnaissance
Footprinting Methodology

6/4/12

Inter Com net pet Foot itiv Net e WHO pri DNS nti Foot Intell wo IS ng pri ige rk Foot Web nti Goo Foot nt pri E-

Footprinting & Reconnaissance

Example:

Ping EmailTracerPro SmartWhois

6/4/12

Scanning
Types of Scanning

6/4/12

Scanning

Example:

Nmap Advanced IP Scanner Amap CurrPorts Nessus

6/4/12

System Hacking: Goals

Hacking-Stage
Gaining Access

Goal
To collect enough information to gain access

Technique/Explo it Used
Password eavesdropping, brute forcing Password Cracking, known exploits

Escalating Priviliges To create a privileged user account if the user level is obtained Executing Applications Hiding Files Covering Tracks
6/4/12

To create and maintain backdoor access To hide malicious files

Trojans

Rootkits

To hide the presence Clearing logs of compromise

CLOSING

6/4/12

Top 5 IT Security Certifications for 2011

Based by scanning job boards and interviewing IT security recruiters and employers: * Vendor Certifications * CISSP: Certified Information Systems Security Professional * CEH: Certified Ethical Hacker * 6/4/12 CISM: Certified Information

Survey Result
Salaries for IT security professionals are expected to increase by more than 4% in 2011, according to a survey by Robert Half International. Data security analyst is expected to increase by 4.5% Systems security administrator is expected to jump 4.0% 6/4/12 Network security administrator,

IT Security Related Position and Salary Ranges

* Source: 6/4/12 http://www.securityweek.com/it-salary-guide-shows-increase-salaries-

Average CEH Salary Ranges by Country United States ranges from $56,930 to $82,424 Canada ranges from C$62,288 and C$74,000 (approximately $64,387 to $76,400).
6/4/12 U.K., the average salary range is

6/4/12

Daftar Pustaka

Modul CEH EC-Council

6/4/12