20-minute Intro to Hacking Mike Gagnon, Ethical Hacker .
-
Upload
cody-lynch -
Category
Documents
-
view
218 -
download
0
Transcript of 20-minute Intro to Hacking Mike Gagnon, Ethical Hacker .
20-minute Intro to Hacking
Mike Gagnon, Ethical Hackerhttp://mikegagnon.com
First things first…
Ethical Hacking• Be responsible • Don’t use hacking for
evil • It’s easy to be caught,
and the penalties are very steep
Guideline: Never hack someone’s system without
their permission
Why do ethical hackers hack?
• It’s fun
• “War games.” Companies hire ethical hackers to hack into their systems so that the companies can learn how to improve their defenses
• Ethical hackers develop defensive technology
• Every coder should know how to hack, so that they know how to write “secure code” (which is code that can defend itself from hackers)
How to hack?
• Hacking = manipulating a system to do something it wasn’t designed to do
• Like hot wiring a car
http://commons.wikimedia.org/wiki/File:Dash_Wires.jpg
• Hacking computers is often simple (once you know how computers work)
How do computers work?For example: What happens when you type google.com in your
browser?
• There is a computer on the Internet whose address is google.com
• Your computer sends a “request” to that computer
• The google.com computer computes a “response” and sends it back to your computer
• Your computer shows the response on your screen
Just like requesting a person to compute something for you
request
this responseis a web page:
google.com computes the response
Example DoS attack• DoS = denial of
service
• Send a request for a very difficult computation
• It might crash the computer
• The Air Force once challenged me to hack their radar. That’s how I did it.
http://commons.wikimedia.org/wiki/File:C-band_Radar-dish_Antenna.jpg
http://www.ll.mit.edu/mission/cybersec/publications/publication-files/full_papers/2010_06_25_Gagnon_ISARCS_FP.pdf
Hack my server!• You have my permission to try
to crash: http://hackerpuzzle.herokuapp.com
• But I won’t tell you how
• It’s a puzzle
I repeat:• Be responsible • Don’t use hacking for
evil • It’s easy to be caught,
and the penalties are very steep
Guideline: Never hack someone’s system without
their permission
Teach yourself to hack • It can be a career
• Learn everything you can about how computers work
• Learn to code
• Learn math (algebra, calculus, statistics, and beyond)
• Experiment a lot
• Find hacking challenges on the Web
• Be tenacious
• Be patient
• Be ethical