Ethical Hacking Chapter 1-4

Ace your homework & exams now with Quizwiz!

When a sniffer captures data from a network, it stores the data in a(n) ____________________—a dynamic area of RAM that holds specified data.

buffer

The ____ captures the network traffic from the Ethernet connection.

capture driver

The profession of ____ is emerging from a chaotic set of conflicting ethics from both the hobbyist and student communities and those on the information technology career track.

network security

A(n) ____ scan demonstrates whether a remote host is active by sending ICMP echo request packets to that host.

ping

There are two ping utilities available for a Linux or Unix machine: ping and ____________________.

ping6

A(n) ____________________ examines and reports upon the condition (open or closed) of a port as well as the application listening on that port, if possible.

port scanner

A NIC can be set up to retrieve any data packet being transferred throughout the Ethernet network segment. This mode is known as _________________________.

promiscuous mode

A(n) ____________________ is a software tool that examines and reports about vulnerabilities on local and remote hosts.

scanner

A(n) ____________________ is an application that monitors, filters, and captures data packets transferred over a network.

sniffer packet sniffer

A ____ is a script that tells the modem to dial a range of phone numbers defined by the user, and then identifies those numbers that connect to remote computers.

war dialer

____________________ is the act of locating targets and developing the methods necessary to attack those targets successfully.

Reconnaissance

____, the precursor to the Internet, appeared in ____.

ARPANET, 1969

SHORT ANSWER What are some of the most popular scanner tools?

Although the earliest scanners were based on UNIX platforms, they are currently available for Windows and Macintosh platforms. Some popular scanners that can be easily found are: * Nessus * Network Mapper (Nmap) * Security Auditor's Research Assistant (SARA) * Security Administrator's Integrated Network Tool (SAINT) * Strobe * Cheops

T/F: Nessus is a remote security scanner designed to be run on Linux, BSD, Solaris, and other versions of Unix.

TRUE

T/F: Scanners were originally developed to aid security professionals and system administrators in examining networks for security vulnerabilities.

TRUE

T/F: Sniffers look only at the traffic passing through the network interface adapter on the machine where the application is resident.

TRUE

T/F: The three types of sniffer are bundled, commercial, and free.

TRUE

SHORT ANSWER Briefly describe the main characteristics of Cheops.

Cheops, a port scanner for Linux operating systems, was developed for the GNOME interface by using the GTK+ kit. The most important differentiating feature of Cheops is its graphical nature. This application uses a dramatically large percentage of cpu cycles and slows all other applications to a crawl, which probably has something to do with the complexity of its graphical interface. This is a popular application, but Nessus and Nmap do more useful work without this beautiful GUI. This program can be downloaded from ftp://ftp.marko.net/pub/cheops.

T/F: Information traveling across a network is typically in human-readable format.

FALSE

T/F: Snort logs packets only into the American Standard Code for Information Interchange (ASCII) format.

FALSE

T/F: Breaking CD-ROMs is sufficient to destroy their data, as data cannot be recovered from broken disks.

False

T/F: Making money is a rare motive among all classes of hacker.

False

T/F: The strongest link in any security scheme is the user.

False

T/F: Viruses are indiscriminate in their damaging effects, but only expert hackers can set one loose.

False

____ is a method of achieving access to information by actually joining the organization as an employee or a consultant.

Deception

A(n) ____________________ is a security professional who applies his or her hacking skills for defensive purposes.

Ethical Hacker

T/F: A user needs root privileges to perform TCP connect scanning.

FALSE

T/F: In the early 1980s, the majority of servers ran on Windows platforms.

FALSE

____________________ scanning is TCP connection scanning, but it does not complete the connections.

Half-open

T/F: The protection of data provided to organizations or stored on personal computers is a high priority.

True

____________________ was developed by Alexandre Sagala and is a GUI for Nmap, to be used with the KDE desktop environment.

KNmap

In order to identify a particular computer on a network, computers are assigned a unique identifier called a(n) ______________________________ address.

Media Access Control (MAC) Media Access Control MAC

With ____, a user is tricked into giving private information about his or her account with a known large organization.

Phishing

SHORT ANSWER What are some of the hackers' motivations?

Regardless of the hacker's profile, knowledge or skills, they are all powerfully motivated by something: * Curiosity * Love of puzzles * Desire for recognition or fame * Revenge * Financial gain * Patriotism or politics

____ is a third-generation network security analysis tool developed by Advanced Research Corporation

SARA

SHORT ANSWER Where are sniffers normally placed?

Sniffers are normally placed on: * Computers * Cable connections * Routers * Network segments connected to the Internet * Network segments connected to servers that receive passwords

SHORT ANSWER What are the most important types of scanning?

The most important types of scanning are the following: * Transmission Control Protocol (TCP) connect scanning * Half-open scanning * User Datagram Protocol (UDP) scanning * IP protocol scanning * Ping scanning * Stealth scanning

______________________________ is based on the principle that distance can be measured by computing the time required for reflected energy to be measured at the source.

Time domain reflectometry (TDR) Time domain reflectometry TDR

____ is an Internet tool that aids in retrieving domain name-specific information from the NSI Registrar database.

WHOIS

The ____ model is derived from old Western genre movies where the "good guys" always wore white hats and the "bad guys" always wore black hats.

White Hat/Black Hat

____________________ is a DNS feature that lets a DNS server update its database with the list of domain names in another DNS server.

Zone transfer

____ is bundled with the Solaris operating systems. It captures packets from the network and displays their contents.

Snoop

____ uses influence and persuasion to deceive people by convincing them that the social engineer is someone he isn't, or by manipulation.

Social Engineering

____________________ are the principles of conduct that govern individuals, groups, and professions.

Ethics

____ hackers act as mentors to new hackers. They write scripts and tools that others use.

Coders

SHORT ANSWER What are the main characteristics of commercial sniffers?

Commercial sniffers observe, monitor, and maintain information on a network. Some companies use sniffer programs to detect network problems. Commercial sniffers can be used for both fault analysis, which detects network problems, and performance analysis, which detects bottlenecks.

The first password hacks were a response to the ___________________________________, developed in the early 1960s and first loaded on an IBM mainframe at MIT.

Compatible Time Sharing System (CTSS) Compatible Time Sharing System CTSS

Computer ____________________ is the term for illegally hacking into a computer system without the permission of the system's owner.

Cracking

NmapFE is an nmap graphic interface for the ____________________ Linux Desktop.

GNOME

"____" hackers are evidence that the dichotomy of good and evil is NOT a very good fit to the real world.

Gray Hat

SHORT ANSWER Explain "love for puzzles" as a motivation for hackers.

Hackers gain great satisfaction in finding the solutions to complicated puzzles.There are many variables that have to be controlled and techniques that have to be mastered to successfully crack systems. These are the same challenges that motivate locksmiths and cat burglars in the physical security realm. Strong passwords, such as "Tr34$>1drU,"(tr) can be devised that block most attack attempts, and locks can be keyed with "024642" pin combinations which are almost unpickable. Think of the fun when you figure out how to solve these difficult puzzles!

SHORT ANSWER How does IP protocol scanning work?

IP protocol scanning examines a target host for supported IP protocols. In this method, the scanner transmits IP packets to each protocol on the target host. If a protocol on the target host replies with an ICMP unreachable message to the scanner, then the target host does not use that protocol. If there is no reply, then the hacker assumes that the target host supports that protocol. Unfortunately for the hacker, firewalls and computers that run operating systems such as Digital UNIX (now replaced with Compaq Tru64 Operating System) and HP-UX do not send any ICMP unreachable messages. Consequently, the IP protocols supported by such hosts cannot be determined by using IP protocol scanning. Fortunately for the script kiddie population, the number of Digital UNIX,Tru64, and HP-UX servers is relatively small.

SHORT ANSWER Describe some legal reconnaissance activities.

Looking up all of the information about a company available on the Internet, including published phone numbers, office hours, and addresses, is completely legal. Calling with a problem requiring customer service assistance is completely legal (even if it is a made-up problem). Interviewing a member of the staff for a school project is legal. Physical entry of a facility, including attending a tour of the facility, is entirely legal. Making friends with somebody who works there or used to work there is also legal. It would be exceptionally paranoid for company representatives to refuse to answer the phone"just in case it is a hacker performing recon."All of these methods and many others are completely legal and done for various reasons all the time.

SHORT ANSWER What are the issues with copying, downloading, and using proprietary software and other copyrighted works?

Many hackers find it tempting to copy, download, and use proprietary software and other copyrighted works. While hackers typically consider this a harmless activity, it is often illegal (based upon the license with which the software is distributed). There is a philosophical discourse as to whether free access to information is more or less important than a creator's right to protect his or her creations. This is the same sort of debate as that over copyright law, the regulations which govern the distribution and modification of written works.Many feel that proprietary software is a form of elitism that inhibits progress. The argument is that every person has the right to hear, read, see, or learn anything that is available. Proponents of strong intellectual property rights argue that there would be no creation at all if there was not some method of ensuring remuneration or royalty for reproduction of that intellectual property.

____ comes bundled with Windows. Network Monitor, a component of Microsoft Systems Management Server (SMS), enables you to detect and troubleshoot problems on LANs,WANs, and serial links running the Microsoft Remote Access Server (RAS).

Network Monitor

____________________ is the process of identifying domain names as well as other resources on the target network.

Network enumeration

____ hackers have limited computer and programming skills, and rely on toolkits to conduct their attacks.

Novice

In the 1970s, phone phreaks, a new sort of hacker, appeared. They used various methods, collectively called ____________________, to access telephone networks to make free calls from payphones.

Phreaking

SHORT ANSWER What are the components of a sniffer?

Sniffers use the following components to capture data from a network: * Hardware * Capture driver * Buffer * Decoder * Packet Analysis

SHORT ANSWER How do scanners work?

Scanners automate the process of examining network weaknesses. Scanners are not heuristic; they do not discover new vulnerabilities but check for known vulnerabilities and open ports. A scanner performs these functions: * Connects to a target host(s) * Examines the target host for the services running on it * Examines each service for any known vulnerability Scanners can be set to target either a single IP address,and search for vulnerabilities on the target host, or a range of IP addresses. In either mode, the scanner attempts to connect with the target (or targets) to find open ports and possible vulnerabilities present on the target host(s).

In ____, the target host transmits connection-succeeded messages for active ports and host-unreachable messages for inactive ports.

TCP connect scanning

SHORT ANSWER What are the network interfaces supported by TCP/IP?

TCP/IP supports the following types of network interfaces: * Standard Ethernet Version 2 * IEEE 802.3 * Token-ring * Serial Line Internet Protocol (SLIP) * Loopback * FDDI * Serial Optical * ATM * Point-to-Point Protocol (PPP)

T/F: SARA was designed to complement and interface with other security tools, such as Nmap.

TRUE

T/F: When you transmit information in a data packet to a computer on a network, the request is sent to every computer on that network that uses the same Ethernet cable or wireless LAN.

TRUE

____, the most commonly bundled sniffer with Linux distros, is also widely used as a free network diagnostic and analytic tool for UNIX and UNIX-like operating systems.

Tcpdump

SHORT ANSWER Describe physical intrusion as a social engineering technique.

The foremost traditional technique of social engineering is physical intrusion, whereby social engineers physically enter the premises of an organization or the workstations of employees for the sole purpose of collecting information. Any unauthorized entry plan uses the same kinds of research and reconnaissance. "Casing the joint" before a physical intrusion usually includes: * Learning the schedules of the organization * Knowing the floor plan of the building or buildings * "Baselining" the security procedures

SHORT ANSWER What is the importance of proper discarding of refuse?

The security policy must carefully address what is sensitive information and what isn't, and decide how to treat refuse. Some documents may not be considered sensitive, like employee handbooks and company policy statements. But these can often tell hackers what physical and network security to expect when doing intrusion. The best solution to theft of trash paper is to crosscut-shred it and keep it in locked trash receptacles. Old hardware cannot be shredded and takes up space; thus, these items are frequently thrown out, or given to employees to take home.Hackers search for outdated hardware, such as tapes, CD-ROMs, and hard disks. There are various tools available to hackers, such as forensics programs, that can restore data from damaged data-storage devices.

SHORT ANSWER What are the major differences between commercial sniffers and free sniffers?

The two major differences between commercial and free sniffers are: * Commercial sniffers generally cost money, but typically come with support. * Support on free sniffers has the reputation of being scant, meaning it is difficult to find anyone who will offer support; incomplete, meaning that the information was never recorded; or fiendishly expensive, compared to support for commercial products. This reputation is not always deserved.

SHORT ANSWER Describe some illegal reconnaissance activities.

There are a number of plainly illegal reconnaissance techniques. Developing a "front" company and acting as a representative of that company, specifically for the purpose of robbing or defrauding the target company, is probably illegal. Furthermore, being expensive and time consuming, this is probably reserved for the professional intel agencies. Stealing garbage is illegal in many locales. Entering a home or office to look for information is also illegal, but this often goes undetected as no valuables are being removed. Dropping a keylogger—a tool that records users' keystrokes—on a vulnerable machine is illegal. Leaving a sniffer, which can intercept and read data packets, on a network is illegal.

SHORT ANSWER How are hackers commonly categorized?

There are distinct groups of hackers; however, the membership between groups is fluid. There are two ways commonly used to categorize them: * The first is the simplest —White Hat good hackers vs. Black Hat bad hackers. * The second is based loosely on psychological profiling and is a more complicated and more useful way to understand the motivations of hackers.

SHORT ANSWER Describe conformity as a social engineering technique.

This method hinges on the general tendency of people to believe that an apparent similarity between themselves and another (unknown) person is an actual similarity. The hacker convinces the victim that they have a lot in common and that they share the same values. The hacker becomes the victim's good friend by appearing honest,trustworthy,and friendly. This is a person in whom one may truly confide. Once the information is garnered, the "good friend" just disengages.

T/F: Hacking requires that the practitioner be intimately familiar with the techniques of the perpetrator or opponent.

True

T/F: Internet footprinting is a technical method of reconnaissance, which interests budding hackers and network security specialists alike.

True

T/F: Most social engineering attacks are opportunistic: the hacker uses whatever technique he or she thinks fits the situation.

True

T/F: Reconnaissance is not by definition illegal, and many reconnaissance techniques are completely legal.

True

T/F: The reading and techniques used by both ethical and malicious hackers are identical.

True

Newsgroups are part of an online bulletin board system called ____, which contains groups covering a huge variety of subjects.

USENET

SHORT ANSWER What is the problem with using bandwidth without permission?

Using bandwidth without permission may seem harmless, but what if accidental damage happens to a system or if alteration to processing information and codes occurs? If the network has been hacked, it doesn't much matter whether the hacker directly caused the error or mischief, they will be blamed for any loss or damage. In many states, unauthorized use of a computer system is a crime, in addition to being unethical.

Previously known as Ethereal, ____ is probably the best-known and most powerful free network protocol analyzer for UNIX/Linux and Windows.

Wireshark

The Linux command ____________________ shows you where the files appear in your PATH.

whereis


Related study sets

Quiz #1 - Chapter 14 Intro to Stage Lighting

View Set

Adult Health Exam 6 PrepU 30, 31, 32

View Set

Marketing (Multiple Choice Portion) Exam 2

View Set

ARC 308 Final Architects and Buildings

View Set

Religion 10 - Chapter 24 - The Birth of the Church (Peter's Authority and the Martyrdom of Stephen)

View Set

Nursing management during labor and birth: chapter 14

View Set