Contents
Foreword
About the Author
Chapter 1 : What is Ethical Hacking?
Chapter 2 : Finding Informations
2.2 WHOIS
Access information at www.internic.net/whois.html
Access information at www.whois.net
Installing and Accessing Information from SAM...
2.3 Nslookup
2.4 ARIN
2.5 Neo Trace
2.6 VisualRoute
Chapter 3 : Identifying Weakness
3.2 NMAP
3.3 NetScan
3.4 Webcruiser
3.5 GFI LandGuard
3.6 What is Wireshark and Ethereal?
Chapter 4 : Performing Attacks
4.2 Denial of Service
4.3 Password Cracking
4.4 Perform Phishing Attacks
4.7 Buffer Overflow
Chapter 5 : Ethical Hackers Important Tasks
5.1 Incident Forms
5.2 Computer Security Reports


Foreword

This book is written based on practical usage and research on computer
security and networks. Basically everyone has strong concern about computer
security networks where by it can sabotage the business and operations. It
will be worse if the entire business operations are running on the website or
web hosting company.
This book covers practical approach on software tools for ethical
hacking. Some of the software tools covered are SQL Injection, Password
Cracking, port scanning, packet sniffing and etc. Performing ethical hacking
requires certain steps and procedures to be followed properly. A good ethical
hacker will find information, identify weakness and finally perform some
attacks on the target machine. Then the most crucial part would be to produce
a good security audit report for the clients to understand their computer
network conditions.
This book also explains and demonstrates step by step most of the
software security tools for any beginners in the computer security field. Some
of the software tools have been selected and utilized in computer security
trainings and workshops.


About The Author

Mr Elaiya Iswera Lallan has been in the IT Industry for the past 12
years. He is the Managing Director of Blue Micro Solutions, which is based
in SIRIM Bhd (Governmnet agency) .
Mr Lallan has extensive experience in the IT industry. He has recieved
an award as a Federal Territory Entrepreneur. After obtaining his Bachelor
Degree in Computers and Electronics Engineering from Kolej Bandar Utama
(twinning program with University of Nottingham) in year 2001, he joined
the company called MIR as a Information Technology Consultant .
He was performing computer programming tasks, and then joined as a

software engineer in a new company called Neural Manufacturing Sdn Bhd.
He had his best of experiences here when he was creating software
technologies for the company’s flagship product called e-Jari, which is a
biometric security device. He created an enterprise time attendance system
for this device that can be used by other companies ranging from SMEs to
government offices. Some of the companies using this time attendance
system are PejabatTanah & Galian in Kuala Lumpur, Koperasi Malaysia,
Bernama and ITIS. He also created a Guard Patrol and Intruder Detection
System using the e-Jari, and was involved in the ISO9000:2001 certification
for the company.With his extensive working experience and good track
record of able to handle mega IT projects in government sector, Mr Lallan
managed to join the incubatorship program under SIRIM Bhd in February


2010. With this Mr Lallan moved Blue Micro Solutions’ operations into the
SIRIM building. He obtained certification from Ministry of Finance in
Malaysia in the software fields where he can participate in tenders for
government IT projects. He also started employing staffs to do IT projects
and ventured into IT trainings in private corporations, government
institutions and polytechnics, such as SKALI Bhd, Kolej Komuniti in Klang,
Politeknik Ungku Omar in Ipoh and Politeknik Kuching in Sarawak. He has
made Blue Micro Solutions to be a certified Human Resource Development
Funds (HRDF) training provider to companies in Malaysia. With his proven
track record in both the industrial and education worlds in IT, Mr Lallan has
been awarded collaboration with Open University Malaysia (OUM) to offer
affordable IT degree program to the public recently. Currently Mr Lallan is
pursuing MSC status for his company Blue Micro Solutions.
With his company Blue Micro Solutions growing in the right directions,
Mr Lallan began to explore his opportunities to grow his business in overseas
as well. Venturing into Canada, he successfully opened a branch called Blue

Micro Canada Incorporated. He also successfully registered the company
with the Canadian government in Toronto, whereby he received invitations to
participate in the government tenders for IT projects. He also saw the
opportunity to conduct IT trainings over the internet through webinars. He
obtained license from Adobe USA to use its tool Adobe Connect to conduct
webinars in Canada and United States of America.


1.0 What is Ethical Hacking?
Ethical Hacking is an act of performing and testing security on IT
infrastructure with proper authorization from a company or organization. A
person performing ethical hacking is known as ethical hacker or computer
security expert. An ethical hacker will use latest hacking tools and social
engineering techniques to identify vulnerabilities on IT infrastructure.
Overall the ethical hacking provides risk assessment about the security of IT
infrastructure for a company or organization information systems. These risk
assessment information will provide the level of security that can be
exploited by a hacker.
On the other hand, hacker is a person who breaks into IT infrastructure or
computer networks without any authorization. Hackers mostly hack for profit
or motivated by challenge. These exploitation can cause financial lost, legal
impart and trust towards the organization.
1.1 Why IT Security is so Important?
Nowadays all the companies or organizations are using and depending on IT
infrastructure, computer networks and computer systems to operate their core
businesses. Most companies store their client informations in the server in
database systems. A good hacker will easily break into customer database if
weak passwords are utilized on the server.
Definitely this will cause heavy financial losses to the company. Mostly these
hacked incidents will not be reported in the media in detail because it will

spoil the company’s reputation.
Moreover shopping and bill payments are performed online these days.
Therefore client’s credit card information must be protected at all cost. One
of the most famous method to gain client’s credit card information is by
performing spoofing. Objective of spoofing is to fool the user into thinking
that they are connected to the trusted website.


Most attacks are implemented utilizing emails these days. A good example
whould be the LoveLetter worm attacks performed during year 2000.
Millions of computers have been attacked and made changes to the users’
system itself. The LoveLetter worms are received using email attachments.
IT security is crucial to the organization and individual computer users.
Individual computer users must make sure they have installed the latest
antivirus and antispyware in their computers. Whereas companies must
ensure they have engaged a computer security expert or consultant to look
into their computer network security issues.

1.2 Ethical Hacking Procedures and Strategies
The first step in performing ethical hacking is to understand a hacker’s
process. There are basically 5 main steps and processes of hacking:
Step 1 : Gaining targeted information
Step 2 : Probing vulnerabilities for exploitation
Step 3 : Gaining access to the targeted system
Step 4 : Maintaining access on targeted system
Step 5 : Covering the tracks on targeted system.
The targeted system is mostly referring to the machine to be hacked. It can
represent a server or computer or any electronic devices. The hacker will
perform the 5 steps mentioned above to gain control or steal information or
stop the machine services. Each steps above may take a few months to

acheive the desired goal.
An ethical hacker will perform the same steps above to further understand the
weaknesses of the targeted system. Once the weaknesses are identified, the
ethical hacker will take steps for countermeasure to avoid further exploitation
on the targeted system.


2.0 Finding Information
In this process, the hacker will gather as much information about the target
system before launching an attack. This allows the hacker to learn and
strategize his or her attacks on the system. Basically there are 2 ways of
gaining information :
1.
2.

Passive Methods of gaining information on the targeted system
Active Methods of gaining information on the targeted system

Passive methods involve acquiring information without direct interaction
with the targeted system. One of the few ways of passive methods are
acquiring publicly available information, social engineering and dumpster
diving.
Dumpster diving is a process of looking for information in an organization’s
trash for discarded information. Social engineering is a another process by
making friends or smooth talk with staffs in the organization to reveal server
passwords, security codes and etc.
Whereas active methods are utilizing tools to detect open ports, types of
operating systems installed on target system and purpose of applications and
services available on the targeted system.
Social engineering is the most deadly and effective way of gaining

information on targeted system. Most previous employees that dislike the
company management are potential threat for social engineering.

2.1 Software Tools for Gaining Targeted Information
As mentioned previously, using software tools to gain targeted information is
categorized as Active Method. The most common and popular tools used for
gaining targeted informations are as below:


1.
2.
3.
4.
5.
6.

WHOIS
Nslookup
ARIN
Neo Trace
VisualRoute Trace
Email Tracker Pro


2.2 WHOIS
WHOIS is a query and response protocol for querying databases that store the
registered users or assignees of an Internet resource. Information that can be
acquired are domain name, IP address block, autonomous system, and etc.
The WHOIS protocol stores and provides database content in a human
readable format.


The websites and software tool providing WHOIS informations are :
1.
2.
3.

/>
SAM SPADE 1.14


Access information at www.internic.net/whois.html
Just type www.internic.net/whois.html at your internet browser.

Type the desired domain name and type whether it is .com, .edu, .biz, .org
and etc.

Then click the button ‘Submit’ and finally the information about the domain
name will be displayed as below.



Access information at www.whois.net

Just type www.whois.net at your internet browser.

Type the desired domain name and choose whether it is .com, .edu, .biz, .org
and etc.

Then click the button ‘go’ and finally the information about the domain name



will displayed as below.


Installing and Accessing Information from SAM SPADE 1.14
Double click on the file name spade114 to install the software.

Just click ‘Next’ until the installation is completed.

Double click on the desktop icon Sam Spade 1.14 and a screen will appear as
shown below.


Type the desire domain name as highlighted below.

Click on the pink arrow button to produce the results.


Overall the WHOIS tools will display the hosting company that has
registered the domain name. It will also display the creation date and
expiration date and will update the name server of the domain name. These
are the key information provided by WHOIS tool :
1.
2.
3.
4.
5.
6.
7.
8.


Hosting Company that registered the domain
Creation date of domain
Expiration date of domain
Name server hosted
Hosting Company hosting the website
Administrative contact details
Technical contact details
Registrant Details


2.3 Nslookup
Nslookup is a network command-line tool for many computer operating
systems for querying the Domain Name System (DNS) to get information
about domain name and IP address mapping for a particular specific DNS
record. The nslookup command is available in LINUX operating system by
shell command and windows operating system by command prompt. Below
are the options associated with nslookup command:


Just type nslookup –d www.bluemicrosolutions.com or any desired domain
name at windows operating system command prompt. The option –d will
display all the records of the domain name. It will provide the sample results
shown below:


2.4 ARIN
ARIN (American Registry for Internet Numbers) founded in the year 1997. It
is a non-profit organization that registers and administers IP numbers for
North America, some regions of the Caribbean and sub-Saharan Africa.

ARIN is one of four regional Internet registries. ARIN also provides services
to the technical coordination and management of Internet numbers.
Just type on the internet browser.

Enter the desired domain name highlighted below. Only choose domain
names from North America, some regions of the Caribbean and sub-Saharan
Africa.


Click on the arrow button next to the search box highlighted above and
results will be shown as below. Select any of the 2 list highlighted below.

Upon clicking on the selected list shown from the previous page, the
information about the domain will be display as shown below.


2.5 Neo Trace
NeoTrace is an investigative tool which traces the network path across the
Internet from the host system to a target system from the Internet. The
software provides good information about registration details for the owner
of each computer and the network of each node IP that is registered. It
provides a world map displaying the locations of nodes of the route.
Double click on the file name NeoTraceProTrial325 to perform the
installation.

Click ‘Next’ button until installation is completed successfully.


Once the installation is completed, Neo Trace screen will pop-up as shown
below.


Just type the desired domain name on the highlighted area below. In these
situation, www.google.com is type at the type box highlighted.

Click the ‘go’ button to produce the results as shown below. These results are
in ‘Map View’ format where by it shows the geographical locations of the
network node.


Select the ‘Node View’ option in the highlighted area.

These results shows all the servers and routers responded to communicate
with google.com.


2.6 VisualRoute
VisualRoute is a tool that integrates Traceroute, Ping, and Whois into an
interface that investigates Internet connections to identify whether there is
slowdown in the network.
Moreover, VisualRoute can display the geographical location of IP addresses
and on a global map. VisualRoute provides key information to help identify
Internet abusers and network intruders.
Just click on file name vrc to perform visualroute software installation.

It is required to install java runtime first before installing visualroute
software. Just proceed with the java runtime installation until it is completed.

Click ‘Install’ button to continue java runtime installation until successful.