Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Instructor’s Manual Materials to Accompany
COMPUTER SECURITY FUNDAMENTALS
CHAPTER 6
TECHNIQUES USED BY HACKERS
CHAPTER 6 OBJECTIVES
When students finish reading this chapter, they will be able to
• Understand the basic methodology used by hackers
• Be familiar with some of the basic tools
• Understand the hacking mentality
CHAPTER OVERVIEW
In this chapter we will be exploring the techniques that hackers use to commit computer crimes. The techniques
presented in this chapter are not only presented to give the reader an understanding of how black hat hackers
work, but also provide a method whereby a network administrator can perform a penetration test on his or her
own network. By attempting some of these techniques on your network, you can assess your vulnerability. It
should be pointed out that you should only do this once you are very comfortable with the techniques in this
chapter, and only with permission from senior management.
The major sections in this chapter are
• Basic Terminology
• The Reconnaissance Phase
• Actual Attacks
CHAPTER OUTLINE
I. Chapter 6 Objectives
II. Introduction
III. Basics Terminology
IV. The Reconnaissance Phase
a. Passive Scanning
Active Scanning Techniques
Port Scanning
Vulnerability Assessment
Enumeration
V. Actual Attacks
. SQL Script Injection
. Cross Site scripting
Password Cracking
c. OphCrack
VI. Summary
VII. Test Your Skills
VII. Exercises
X. Projects
.
TEACHING NOTES
III. Basics Terminology
IV. The Reconnaissance Phase
a. Passive Scanning
b. Port Scanning
V. Actual Attacks
a. SQL Injection
b. Cross Site scripting
c. OphCrack
PROJECTS/EXERCISES
Exercises
Exercise 6.1: Using www.Archive.Org
This exercise gives you practice in using the www.archive.org. Go to www.archive.org and pull up at
least two previous versions of your college/universities website. What information can you find that is no
longer on the website?
Exercise 6.2: Using Nmap
This exercise introduces you to the Nmap tool. You should download and install Nmap. Then run at least
three different scans on either your own computer or on a designated lab computer.
Exercise 6.3: Using OphCrack
Download OphCrack to a CD. Then reboot your own machine to OphCrack and attempt to crack your
own local passwords.
Exercise 6.4: Using Netcraft.com
Visit www.netcraft.com and do a search on at least three different websites of your choosing. Note what
information you are able to gather about the website.
Projects
Project 6.1: Passive Reconnaissance
© 2012 Pearson, Inc.
4
Select a local organization, and conduct a passive reconnaissance. This should include searching job
boards, the organizations own website, user groups/bulletin boards, social networking sites,
www.archive.org, etc. Gather as much information about the target network as you can.
Project 6.2: Port Scanners
Use your favorite search engine to locate at least two other port scanners. Download and install them,
then try them on your own machine or a designated lab computer. Compare and contrast these tools to
Nmap. Are they easier to use? More informative?
Project 6.3: MBSA
Download and install MBSA and run a vulnerability scan on your own computer or on a designated lab
computer. What problems did you find? Was the tool easy to use?
WEB RESOURCES
• http://www.youtube.com/watch?v=h-9rHTLHJTY SQL Injection Demo
• http://www.youtube.com/watch?v=r79ozjCL7DA Cross site scripting demo
CHAPTER REVIEW/ANSWERS TO TEST YOUR SKILLS
Multiple Choice Questions
1.
1.
SQL injection is based on what?
2.
Which of the following is a vulnerability scanner specifically for Windows systems?
3.
How can you prevent cross-site scripting?
4.
What is an advantage of using Nessus?
5.
OphCrack depends on the attacker doing what?
6.
If you wish to view items that have been removed from a website, what is the best way to do that?
7.
Which of the following is a popular port scanner?
8.
Blocking incoming ICMP packets will prevent what type of scan?
9.
A person who uses hacking techniques for Illegal activities is referred to as what?
10.
A person who hacks into phone systems is referred to as what?
11.
A person who uses tools to hack without understanding the underlying technology is called what?
12.
Trying to list all the servers on a network is referred to as what?
13.
Which of the following is a popular enumeration tool?
14.
Which of the following is considered the most stealthy port scan?
15.
What is the most stealthy way to find out what type of server a website is running?
.
