Ethical Hacking

5. Recent Legislation and Computer Crime

More Law!

You can never have too much legal protection, so we're told. So far we've looked at a series of laws. These have included:-

  • The Computer Misuse Act: All about misusing tech that isn't yours. It covers that act of traditional breaking and entering, installing malware, changing settings etc.
  • Copyright and Patents Act: All about stealing software, other people work and ideas.It helps protect against the theft or obtaining access to free music, films and images without the permission of their creators. And it offers protection for inventors and innovators of original work.
  • Data Protection Act 1988 (DPA) soon to be replaced by the General Data Protection Regulation (GDPR): Provides protection for people data. Essentially, if you keep data you have to get permission for it, keep it safe, restrict access, take steps to ensure its accuracy and give people a chance to see it to ensure its accuracy.
GDPR Regulation
Additional Regulation

There are additional laws which help protect both victims and those who might be accused of criminal activity in any of the above areas. These laws are primarily geared towards how what constitutes evidence and how its gathered. These include:

  • Police & Justice bill 2006
  • Police and Crminal Evidence Act(PACE) 1984
  • Criminal Justice Police Act 2001
    • In Scotland the equivalent powers are granted by:-

    • Civic Government Scotland Act 1982
    • Criminal Procedure Scotand Act 1995
    • Common Law

Legal protection now covers hardware, software and data. Owners also have a certain degree of protection from Police with rules governing what can be looked for and conditions about when devices can be seized.

Nothing has been said though, about the protection of messages and communications while they are in transit, moving from device to device. And this brings to the last two major pieces of legislation.

Wiretapping
Communications Act 2003

This act replaced the Telecommunication Act 1984. While the Communications act is primarily orientated towards broadcasters (BBC, Channel 4 etc) it governs:-

  • The content of what's transmitted over the internet. For example it is illegal to send malicious messages and indecent images. Recently, it's also been extended to cover spam messages
  • And how messages are transmitted so it is now illegal to obtain access to the internet without an intention to pay. This covers the offence of 'piggy backing' where people piggy back on someone else's wifi connection using thier intenet access for free.
Investigatory Powers Act 2016

This act, also known as the 'Snoopers Charter' sets out how investigatory powers can be used to interfere with someone's privacy, perhaps by intercepting someone's communications (electronic -'tapping phone lines & emails' and postal) in the course of an investigation. These powers are balanced by the need to obtain warrents and the need to convince judges of the severity of the crime eg the investigation of terrorism.

Apart from setting out what the police can do in the course of their investigation, the Investigatory Powers Act 2016 makes it:-

  • Illegal to intercept the communications of others, and
  • Unlawful to obtain the commmunications data being passed between users i.e be given it or ask for it.

Domain Name System (DNS)


So far extensive use has been made of IP addresses. So let's think about them a bit before continuing.

IP addresess are supposed be unique and therefore can be used to identify particular devices connected to a network. At its simplest, anything being passed through the network from device to device, emails, documents, chat etc has the destination IP address attached to it. The message continues until they arrive at the address designated by the IP number. If the transmission can't find the identifying number, the message whatever it is, is bounced back to the sender with an 'address not found', an error 404 message.

While the IP address is very machine friendly - computers really like number data, it isn't for people, which is where the DNS come in. Users find it much easier to remember and use website names like google.com or jhigh.co.uk rather than a sequence of numbers.

The Domain Name System (DNS) stores the Website name, together with its IP address, so for example when sending a request for a particular page, for example jhigh.co.uk, the request goes to a server which looks up the matching IP address for the 'name'. The IP address is appended and the server passes it onwards to its destination.

This explains why we can use 'proper names' rather than long numbers. It also means that once we understand the role of IP address number, we can as ethical hackers begin to maniuplate the system to our advantage, for example spoofing or pretending to be something that you aren't.

In reality, the Domain Name System (DNS) is a little more sophisticated involving upto 4 different servers, with each one performing a vital role that enables a 'name' to be resolved to the appropriate IP address number.

The video begins with a request passed from a user to their ISP provider server which acts as a gateway to the rest of the internet. This server known as a 'Resolver' or Recursive Name Server tries to match the request to an IP address stored in its cache memory. Only if it doesn't find it there, the Resolver hands it off to the next stage in the process.

The same process continues with each stage in the DNS system until the name request is fully resolved to the IP address when the request is passed on towards its final destination by the ISP server or 'resolver'server.

The video describes what appears a lengthy process. However, the delay is bareley noticeable because the servers are incredibly fast and most common requests are already stored in a server's cache memory.

Tasks

Time for a bit of theory. Add a new page into your notebook with a suitable title and complete the following exercises.

  1. Read The crime that wasn't?. Explain what was being done and identify which law was being broken.
  2. OK, it seems that piggybacking is wrong in law. But what what do you think? Read 'Is stealing wireless wrong?' Write down what your opinion. Discuss it with your neghbour and does your opinion change? If it was your wifi connection being used, would it make any difference? If not why not?
Piggy Back Ride

Meddling with IP addresses to redirect unsuspecting users to sites that can be used to capture credentials, financial details or as precursor to installing other malware is a popular technique. So under an appropriate, title answer the following questions.

  1. What is the problem that the Domain Name System is designed to solve?
  2. Use the internet, to discover what is meant by the term 'cache memory'.
  3. From the video above, name each of the four servers involved in DNS process, begining with the Recursive Name Server.
  4. Describe the role of each server in the System.
  5. DNS poisoning is one method exploited by hackers. Explain how DNS poisoning works.
Cache Memory
SET & DNS Spoofing

This task effectively involves the use of two hacking programmes. First, it involves SET to duplicate or 'spoof' a webpage of an authentic site.

Second, it sets up an MITM (Man In The Middle) attack using Ettercap to sniff the network and redirect users to the spoofed site which can be salted with malware or used to capture account details or financial account information.

Follow the steps in the video to spoof a website of your choice. Just make sure the address doesn't begin with https.

We R in Control

One way of getting malware on another computer is to trick users to click on a link which then delivers a 'payload' which hackers can use to take control.

This exercise uses the website attack vectors from within Social Engineering Toolkit to prepare a payload that takes advantage of the VNC module in a Windows powered PC.

The VNC (Virtual Network Computing) allows technicians to take remote control of Windows machines. This is helpful in situations where users seek assistence from technical support to solve problems.

In the follwing exercise, we again use a combination of programs. SET to set things and the Metasploit to prepare the payload. So:-

  1. Start up the vulnerable copy of Windows in your virtual box. This is going to be the target. Run ipconfig to discover the target's ip address.
  2. Start your Kali Linux and follow the steps in the video. Make sure you paste the payload onto the desktop of the target machine.
  3. Change a few settings in the target machine to prove to your self that you have 'Pwned' the machine

The observant amongst you will have notice, we haven't done anything complicated to place the payload on the target machine. Think of ways, you could get the user to install this program. This is where the 'real' social engineering comes in.

You should be able to:-
  • Explain the Communications Act 2003 and the Investigatory Powers Act 2016
  • Describe the purpose of Domain Name System (DNS) and exaplain how it works
  • Explain what is mean't by the term 'DNS Poisoning' and how hackers can exploit it to take advantage of unsuspecting users.
  • As an ethical hacker demonstrate DNS spoofing and poisoning attacks.

If you don't feel confident in meeting any of these performance criteria, ask your teacher or re-read the information again.

Cyber Security

  • Security Fundamentals
  • Data Security
  • Digital Forensics
  • Ethical Hacking
Supporting courses by the SQA Logo
css badge
html badgee