Virtualisasi Hacking

Novizul Evendi

FO Techno-OS/T’Lab

a branch of computer technology known as information security as applied to computers and networks

Security by design

Security architecture

Hardware mechanisms that protect computers and data

Secure operating systems

Secure coding

Capabilities and access control lists

computing

Hacker (computer security) or cracker, who accesses a computer system by circumventing its security system

Hacker (programmer subculture), who shares an anti-authoritarian approach to software development now associated with the free software movemen

Hacker (hobbyist), who makes innovative customizations or combinations of retail electronic and computer equipment

Skills

Style

Attitude

Status

Ethics

Learn how to program

Get one of the open-source Unixes and learn to use and run it

Learn how to use the World Wide Web

If you don't have functional English, learn it!!

The world is full of fascinating problems waiting to be solved.

No problem should ever have to be solved twice.

Boredom and drudgery are evil.

Freedom is good.

Attitude is no substitute for competence.

Write open-source software

Help test and debug open-source software

Publish useful information

Help keep the infrastructure working

Serve the hacker culture itself

Reconnaissance

hackers first perform routine and detailed reconnaissance.

Methods of reconnaissance include Dumpster Diving, Social Engineering, Google Searching & Google Hacking, and work their way up to more insidious methods such as infiltrating your employees environments from coffee shops to simply walking in and setting up in a cubicle and asking a lot of questions.

Scanning

can reveal vulnerabilities that create a hit list, or triage

list, for hackers to work through.

Typically, hackers perform port scans and port mapping, while attempting to discover what services and versions of services are actively available on any open or available ports.

Gaining Access

Open ports can lead to a hacker gaining direct access to

services and possibly to internal network connections.

Whether the hacker is successful attacking an internal system has much to do with how vulnerable the specific system is, which is related to system configurations and architecture.

Maintain Access

Hackers may choose to continue attacking and exploiting

the target system, or to explore deeper into the target network and look for more systems and services

Hackers can continue to sniff your network looking for more information to use against you.

Covering Tracks

Most hackers will attempt to cover their footprints and tracks as carefully as possible.

Gaining root level access and administrative access is a big part of covering one’s tracks as the hacker can remove log entries and do so as a privileged administrator as opposed to an unknown hacker.

Attacking

Sniffing

Arp Spoofing

DNS Spoofing

Man In The Middle Attack

Defend

Tunelling

Arp StaticPacket sniffer comes in two categories:

Active sniffersPassive sniffers.

Alice sends a message to Bob, which is intercepted by Mallory:

Alice "Hi Bob, it's Alice. Give me your key"--> Mallory Bob

Mallory relays this message to Bob; Bob cannot tell it is not really from Alice:

Alice Mallory "Hi Bob, it's Alice. Give me your key"--> Bob

Bob responds with his encryption key:Alice Mallory <--[Bob's_key] Bob

Mallory replaces Bob's key with her own, and relays this to Alice, claiming that it is Bob's key:

Alice <--[Mallory's_key] Mallory Bob

Alice encrypts a message with what she believes to be Bob's key, thinking that only Bob can read it:

Alice "Meet me at the bus stop!"[encrypted with Mallory's key]--> Mallory Bob

Alive Bob

Mallory

Attacking

DDOS (Distributed Denial of Service Attacks)

Defend

Firewall/IDS

Disable services by default.

LOGICAL VIEW OF ATTACK NET

Attacker

Master

Victim

Slave SlaveSlave SlaveSlave

Control Traffic

Attack Traffic

Attacking

Vulnerability

Exploit

Defend

Firewall

Path Software

Close Service/Port If Not Use

Attacking

ByPass Pasword login

Defend

Lock Bios

Disable other Bootable

Attacking

Session Hijacking

Session Sidejacking

Defend

Don’t Use “Remeber me” While Login

Tunelling (https/ssh)

TCP session hijacking is when a hacker takes over a TCPsession between two machines

VirtualBOX

Virtual Network

Only 2 Method for Configuration Netwroking Virtual

Bridge

Host-Only Adapter

N

Na

b

b

a

b

b

A = RealB = VirtualN = LAN

Virtual OS for Attacker

Attack From Linux OS

Attack From Windows OS

Web : www.tlab.co.idMail : [email protected]

Web : www.techno-os.netMail : [email protected]

Company

Community

[email protected]