Ethical Hacking and Countermeasures Attack Phases (PDF)

Ethical Hacking book
Publisher: EC-Council Press
ISBN No: 978-1-4354-8360-6
Release at: 2010
Pages: 354
Volume 1
File Size: 17 MB
File Type: pdf
Language: English

Description of Content of Ethical Hacking and Countermeasures Attack Phases Volume 1

Ethical Hacking and Countermeasures Attack Phases written & print by EC Council is a useful book for Hacking studies to get in (PDF) free download. The EC-Council Press Ethical Hacking and Countermeasures series is intended for those studying to become security officers, site administrators, auditors, security professionals, and anyone who is concerned about or responsible for the integrity of the network infrastructure. The series includes a broad base of topics in offensive network security, ethical hacking, as well as countermeasures and network defense. The content of this series is designed to immerse learners into an interactive environment where they will be shown how to test, hack, scan, and secure information systems. A wide variety of malware, tools, and viruses, is presented in these Ethical Hacking and Countermeasures books, providing a complete understanding of the tools and tactics used by hackers. By gaining a thorough understanding of how hackers operate, ethical hackers are able to set up strong defensive and countermeasures systems to protect their organization’s critical infrastructure and information. The series, when used in its entirety, helps prepare readers to take and succeed on the CEH certification exam from EC-Council.

The Ethical Hacking and Countermeasures course mission is to educate, demonstrate and introduce hacking tools for penetration testing purposes only. You will not use the newly acquired skills for malicious and illegal attacks and you will not use such tools in an attempt to compromise any computer system, and you shall indemnify its partners and EC-Council from all liability with respect to the use or misuse of these tools, regardless of intent.

Content of Ethical Hacking and Countermeasures Attack Phases Volume 1

CHAPTER 1 Introduction to Ethical Hacking.  1-1
Objectives. 1-1
Key Terms. 1-1
Case Example. 1-2
Introduction to Ethical Hacking.  1-2
Importance of Security.1-2
Threats and Vulnerabilities. 1-3
Attacks. 1-3
Security Breaches.  1-3
Exposure.  1-4
Elements of Security.  1-4
Accountability. 1-4
Reusability. 1-4
The Functionality, Security, and Ease of Use Triangle. 1-4
Phases of an Attack. 1-5
Phase 1—Reconnaissance.  1-7
Phase 2—Scanning.1-7
Phase 3—Gaining Access. 1-8
Phase 4—Maintaining Access. 1-8
Phase 5—Covering Tracks. 1-8
Types of Hacker Attacks. 1-9
Operating System Attacks. 1-9
Application-Level Attacks. 1-9
Shrink-Wrap Code Attacks. 1-9
Misconfiguration Attacks. 1-9
Hacktivism. 1-10
Hacker Classes.1-10
Ethical Hackers. 1-10
What Do Ethical Hackers Do?. 1-10
Can Hacking Be Ethical?.  1-11
Skills of an Ethical Hacker.  1-11
What Is Vulnerability Research?. 1-12
Why Hackers Need Vulnerability Research. 1-12
Vulnerability Research Web Sites. 1-12
Conducting Ethical Hacking.  1-13
How Do They Go About It?. 1-13
Approaches to Ethical Hacking. 1-14
Ethical Hacking Testing.1-14
Ethical Hacking Deliverables. 1-15
Computer Crimes and Implications. 1-15
Case Example Revisited.1-15
Chapter Summary.1-15
Review Questions.1-16
Hands-On Projects. 1-17

CHAPTER 2 Footprinting. 2-1
Objectives. 2-1
Key Terms. 2-1
Case Example. 2-2
Introduction to Footprinting. 2-2
Why Is Footprinting Necessary?.  2-3
Revisiting Reconnaissance. 2-3
Information-Gathering Methodology. 2-4
Unearthing Initial Information. 2-4
What Is an IP Address?.  2-6
Finding a Company’s URL. 2-6
People Searching.  2-7
Footprinting Through Job Sites.  2-10
Information Gathering Stances.  2-10
Footprinting Tools.  2-13
Sensepost Footprint Tools 3.  2-13
Big Brother.2-14
Advanced Administrative Tools. 2-14
Wiktor. 2-15
WHOIS Tools. 2-15
WHOIS.  2-15
SmartWhois. 2-18
ActiveWhois. 2-18
LanWhoIs. 2-19
CountryWhois. 2-19
CallerIP.  2-19
Web Data Extractor. 2-19
DNS Information Tools.  2-21
DNS Enumerator.2-21
SpiderFoot. 2-21
Nslookup. 2-22 2-23
Expired Domains.2-23
DomainKing. 2-23
Domain Inspect.  2-23
MSR Strider URL Tracer. 2-24
Mozzle Domain Name Pro.  2-24
Locating the Network Range. 2-24
ARIN. 2-25
Traceroute. 2-26
3D Traceroute. 2-27
NeoTrace (now McAfee Visual Trace). 2-27
VisualRoute.  2-27
Path Analyzer Pro.2-28
Maltego.  2-28
TouchGraph.  2-29
E-Mail Spiders. 2-30
1st Email Address Spider. 2-30
Power Email Collector.  2-30
Locating Network Activity.   2-30
GEO Spider.  2-30
Google Earth. 2-31
Meta Search Engines.2-31
Dogpile.  2-31
WebFerret. 2-31
robots.txt. 2-31
WTR – Web The Ripper 2. 2-32
Web Site Watcher.2-32
Faking Web Sites Using Man-In-The-Middle Phishing Kit.  2-32
Case Example Revisited.  2-32
Chapter Summary. 2-33
Review Questions. 2-33
Hands-On Projects.  2-34

CHAPTER 3 Scanning.3-1
Objectives. 3-1
Key Terms. 3-1
Introduction to Scanning.  3-2
Scanning Defined. 3-2
Objectives of Scanning.3-2
Scanning Methodology.3-3
Step 1: Check for Live Systems. 3-3
Step 2: Check for Open Ports. 3-4
Step 3: Fingerprint the Operating System.3-10
Step 4: Scan for Vulnerabilities.  3-12
Step 5: Probe the Network. 3-13
Surfing Anonymously.  3-15
Scanning Countermeasures.  3-18
Tools.  3-18
Live System Scanning Tools.  3-18
Port Scanning Tools. 3-20
War Dialing Tools.3-39
Banner Grabbing Tools.   3-41
Tools for Active Stack Fingerprinting. 3-43
File Extension Concealment Tools. 3-46
Vulnerability Scanning.   3-47
Network Mapping Tools. 3-55
Proxy Tools.  3-56
Anonymizer Tools.3-62
Spoofing Tools. 3-70
Chapter Summary. 3-71
Review Questions. 3-71
Hands-On Projects.  3-73

CHAPTER 4 Enumeration. 4-1
Objectives. 4-1
Key Terms. 4-1
Introduction to Enumeration. 4-2
Enumeration Defined.4-2
Enumeration Techniques. 4-2
Null Session Enumeration. 4-2
SNMP Enumeration.4-8
UNIX Enumeration. 4-10
LDAP Enumeration. 4-12
NTP Enumeration.4-13
SMTP Enumeration. 4-13
Web Enumeration.4-14
Web Application Directory Enumeration.4-14
Default Password Enumeration.  4-15
Enumeration Procedure. 4-16
Tools.  4-16
Null Session Tools.4-16
User Account Tools. 4-19
Null Session Countermeasure Tools. 4-20
SNMP Enumeration Tools. 4-30
LDAP Enumeration Tools. 4-32
SMTP Enumeration Tools. 4-34
General Enumeration Tools.  4-35
Chapter Summary. 4-41
Review Questions. 4-41
Hands-On Projects.  4-42

CHAPTER 5 System Hacking.5-1
Objectives. 5-1
Key Terms. 5-1
Introduction to System Hacking.  5-2
Cracking Passwords.  5-2
Password Types. 5-2
Four Types of Password Attacks.  5-2
Password Cracking Web Sites. 5-5 5-5 5-6 5-6
Abcom PDF Password Cracker. 5-6
Password Guessing. 5-6
Administrator Password Guessing. 5-6
Manual Password Cracking Algorithm. 5-7
Automatic Password Cracking Algorithm.5-7
Performing Automated Password Guessing.5-8
Tool: NAT. 5-8
Tool: SMB Passive Brute Force Tool(Smbbf). 5-9
Tool: SMBCrack.  5-9
Hacking Tool: L0phtCrack. 5-9
Microsoft Authentication. 5-11
PWdump2 and PWdump3. 5-13
Tool: RainbowCrack.  5-13
Hacking Tool: KerbCrack. 5-14
Hacking Tool: John the Ripper. 5-14
Password Sniffing.5-15
Password Cracking Tools.  5-15
Tool: LCP. 5-15
Tool: ophcrack. 5-15
Tool: Crack. 5-17
Tool: Access PassView.5-17
Tool: Asterisk Logger.5-17
Password Cracking Countermeasures.5-17
Do Not Store Local Area Network Manager Hashes in the SAM Database. 5-18
Disabling LM Hashes.5-18
Syskey Utility. 5-18
AccountAudit. 5-19
Escalating Privileges.5-19
Cracking NT/2000 Passwords. 5-19
Active@ Password Changer.  5-20
Privilege Escalation Tool: X.exe. 5-20
Login Hack: Example.  5-20
Executing Applications. 5-23
Tool: PsExec.  5-23
Tool: Alchemy Remote Executor. 5-23
Tool: Emsa FlexInfo Pro. 5-23
Keyloggers and Spyware.  5-25
Keystroke Loggers.5-25
Tool: SC-KeyLog.5-25
Tool: Revealer Keylogger. 5-26
Tool: Handy Keylogger.   5-26
Tool: Ardamax Keylogger. 5-26
Tool: Powered Keylogger. 5-26
Tool: Elite Keylogger.  5-26
Tool: Quick Keylogger.  5-28
Tool: Spy Keylogger. 5-28
Tool: Perfect Keylogger.   5-30
Tool: Invisible Keylogger. 5-30
Tool: Actual Spy.5-30
Tool: Spytector. 5-30
Tool: Invisible KeyLogger Stealth. 5-32
Tool: Ghost Keylogger.  5-34
Tool: KeyGhost Hardware Keylogger. 5-34
Tool: 007 Spy Software.   5-34
Tool: Spector Pro.5-34
Tool: RemoteSpy.5-36
Tool: Spytech SpyAgent.   5-37
Tool: SpyBuddy.  5-37
Tool: Stealth KeyLogger.  5-37
Tool: AceSpy. 5-39
Tool: Keystroke Spy. 5-39
Tool: Desktop Spy.5-39
Tool: Activity Monitor.  5-39
Tool: Wiretap Professional.  5-41
Tool: eBlaster. 5-42
Tool: Stealth Recorder.  5-42
Tool: Stealth Website Logger. 5-42
Tool: Digi-Watcher Video Surveillance.  5-42
Tool: Phone Spy.  5-45
Tool: Print Monitor Pro.   5-45
Tool: Stealth Email Redirector.  5-45
Tool: FlexiSpy. 5-45
Tool: PC PhoneHome.5-45
Keylogger and Spyware Countermeasures.  5-47
Tool: PrivacyKeyboard. 5-47
Tool: Advanced Anti Keylogger.  5-47
Tool: SpyHunter.  5-49
Tool: Spy Sweeper.5-49
Tool: Spyware Terminator. 5-49
Tool: WinCleaner AntiSpyware.  5-51
Hiding Files. 5-51
Rootkits.  5-52
Why Rootkits?. 5-52
Hacking Tool: NT/2000 Rootkit. 5-52
Rootkit: Fu. 5-54
Rootkit: AFX Rootkit.  5-54
Rootkit: Nuclear.5-54
Rootkit: Vanquish.5-54
Steps for Detecting Rootkits. 5-54
Rootkit Detection Tools. 5-55
Rootkit Countermeasures. 5-55
Creating Alternate Data Streams. 5-56
How to Create NTFS Streams. 5-56
NTFS Stream Manipulation. 5-56
NTFS Stream Countermeasures. 5-57
NTFS Stream Detectors.   5-57
Tool: USBDumper.5-57
Steganography. 5-59
Process of Hiding Information in Image Files.  5-60
Least-Significant-Bit Insertion in Image Files.  5-60
Masking and Filtering in Image Files. 5-60
Algorithms and Transformation. 5-61
Steganography Tools.  5-61
Steganography Detection. 5-77
Steganalysis Tools.5-78
Covering Tracks. 5-80
Disabling Auditing.5-80
Clearing the Event Log.   5-80
Tool: ELSave. 5-81
Tool: WinZapper.5-81
Tool: Evidence Eliminator. 5-82
Tool: Traceless. 5-82
Tool: Tracks Eraser Pro.   5-82
Tool: Armor Tools.5-82
Tool: ZeroTracks.5-82
Chapter Summary. 5-85
Review Questions. 5-86
Hands-On Projects.  5-87

CHAPTER 6 Penetration Testing.  6-1
Objectives. 6-1
Key Terms. 6-1
Introduction to Penetration Testing.  6-2
Security Assessments. 6-2
Types of Penetration Testing.  6-4
Phases of Penetration Testing. 6-5
Best Practices.  6-5
Planning Phase. 6-6
Pre attack Phase. 6-6
Attack Phase.  6-6
Postattack Phase.  6-6
Planning Phase. 6-6
Enumerating Devices. 6-8
Pre attack Phase.  6-10
Attack Phase. 6-13
Postattack Phase.6-14
Tools. 6-16
Choosing Different Types of Pen-Test Tools.  6-16
Penetration-Testing Tools. 6-16
Other Tools Useful in a Pen-Test.   6-27
Chapter Summary. 6-58
Review Questions. 6-59
Hands-On Projects.  6-60


Similar Books