Cybersecurity Talk to IS 302 (Information Security & Trust) Students

By Ankit FADIA
February 01, 2006 (Wednesday)
1:30 – 3:30 pm
SMU Conference Hall 2

HACKED!
Key Topics:

• Computer Hacking (Network Reconnaissance Techniques)

• Mobile Phone Hacking
• ATM Machine Hacking

Duration: 2 hours.

Format:

• PowerPoint Presentation.
• LIVE Demonstrations.
• Interactive Question & Answer session.

Description:

What would you do if somebody broke into your mobile phone and stole all your
sensitive emails, photographs and videos? What would you do if a criminal withdrew
money from your account using an ATM Machine? What would you do if somebody
cloned your phone and made unlimited long distance phone calls? What would you do if
your address book got stolen and your loved ones started receiving malicious threats?
What would you do if someone broke into your computer and transferred funds out of
your bank account? What would you do if your competitor spies on your company
operations? What would you do if your employees leak company secrets to your
competitors? Want to know how criminals break into mobile phones, ATM Machines and
computers? Join us to change your perspective on technology.

Technology has considerably enhanced various critical business operations of

companies in different industry sectors across the globe. However, as more and more
business houses become partially or completely dependent on technology, the threat of
privacy invasion, identity impersonation, intellectual property violation and corporate
espionage comes to the foreground. A single hacking attack is capable of causing losses
amounting to millions of dollars. Unfortunately, most individuals and organizations
across the globe continue to remain oblivious to the threat posed by computer criminals.
This talk dismisses this incompetent approach adopted by many individuals and
companies and throws light on some of the most horrific cyber crime cases to have taken
place in the last decade.

With the correct mix of technical explanations and subsequent business

implications, this talk draws a direct correlation between computer security and business
profitability. Plenty of real life case studies, a hands on approach and live demonstrations
have also been included to unravel the fascinating world of computer hacking.
Informative. Interactive. Exciting. This talk has been a favorite amongst delegates in
Asia, Australia and North America. Join us at this session and find out why!

Table of Contents
1. Computer Hacking

Network Reconnaissance
• Ping Sweeping
• Introduction
• Working
• cping
• fping
• SuperScan
• Ping Sweep
• nmap
• WS_Ping_ProPack
• Detection
• Countermeasures
• pingd
• scanlogd
• Protolog
• Ippl
• Traceroute
• Introduction
• Working
• Types of Traceroute Tools
• Text Based Traceroute Tools
• Visual Traceroute Tools
• 3D Traceroute Tools
• Network Reconnaissance with Traceroute
• Determining Geographic Information
• Determining Network Topography
• Detecting Firewalls
• Operating System (OS) Detection
• Countermeasures
Port Scanning
• Introduction
• Scanning TCP Ports
• TCP Connect Scanning
• TCP SYN Scanning
• SYN/ACK Scanning
• TCP FIN Scanning
• TCP NULL Scanning
• TCP XMAS Scanning
• Detection
• Countermeasures
• Scanning UDP Ports
• FTP Bounce Port Scanning
• Nmap
• Strobe
• Netcat
• SuperScan
• tcp_scan and udp_scan
• hping
• ipEye
• Countermeasures
• Scanlogd
• BlaceIce
• Abacus PortSentry
• NukeNabber

Daemon Banner Grabbing and Port Enumeration

• Probing the FTP Service, Port 21
• Probing the SMTP Service, Port 25
• Probing the Finger Service, Port 79
• Probing the HTTP Service, Port 80
• Probing the Identification Protocol, Port 113
• Probing the Microsoft RPC Endpoint Mapper, Port 135
• SamSpade Crawler

ICMP Scanning
• Introduction
• Different Types of Scanning Techniques
• Ping Probes
• Timestamp Scanning
• Subnet Address Scanning
• OS Detection
• ICMP Error Message Quoting
• ICMP Error Message Quenching
• ICMP Error Message Echo Integrity
• Advanced OS Detection
• Missing Fragments
• Invalid Header Lengths
• Invalid values in IP protocol field

Firewall Enumeration
• Introduction
• Detecting Filtering Devices
• Detecting Firewalls

OS Detection
• Active Fingerprinting OS Detection
• ICMP Error Message Quoting
• ICMP Error Message Quenching
• ICMP Error Message Echo Integrity
• Initial Window Size
• Flag Probe
• ACK Values
• Initial Sequence Number (ISN) Values
• FIN Packets
• Don’t Fragment Bit
• Overlapping Fragments
• Nmap
• Queso
• Hping
• Countermeasures
• Passive Fingerprinting OS Detection
• TTL Value
• Window Size
• Don’t Fragment Bit
• Type of Service
• Countermeasures
• Email Header Fingerprinting

Sniffing
• Introduction
• Tcpdump
• Snort
• Ethereal
• DSniff
• Sniffit
• Countermeasures
2. ATM Machine Hacking

3. Mobile Phone Hacking