social engineering si etica hackingului
TRANSCRIPT
![Page 1: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/1.jpg)
![Page 2: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/2.jpg)
salut.
![Page 3: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/3.jpg)
cine sunt eu?
![Page 4: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/4.jpg)
Tudor Damian, MCSAIT Solutions [email protected]
![Page 5: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/5.jpg)
Tudy :)[email protected]
![Page 6: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/6.jpg)
despre ce e vorba?
![Page 7: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/7.jpg)
social engineering
![Page 8: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/8.jpg)
...sau ”hacking people”
![Page 9: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/9.jpg)
etica hackingului
![Page 10: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/10.jpg)
da, există și așa ceva :)
![Page 11: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/11.jpg)
bun, hai să începem
![Page 12: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/12.jpg)
![Page 13: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/13.jpg)
![Page 14: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/14.jpg)
Kevin Mitnick
![Page 15: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/15.jpg)
(probabil) cel mai cunoscut ”hacker” din lume
![Page 16: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/16.jpg)
atât doar că nu e hacker! :)
![Page 17: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/17.jpg)
e ”social engineer”
![Page 18: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/18.jpg)
etica hackingului
![Page 19: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/19.jpg)
caz concret
![Page 20: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/20.jpg)
te plimbi pe stradă...
![Page 21: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/21.jpg)
...și vezi o casă cu ușa de la intrare deschisă...
![Page 22: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/22.jpg)
ce faci?
![Page 23: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/23.jpg)
1. suni la ușă și anunți proprietarii
![Page 24: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/24.jpg)
2. intri, ai grijă să nu te vadă nimeni, scuipi în hol și pleci
![Page 25: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/25.jpg)
3. intri, scuipi în hol, apoi îți suni toți prietenii să vină și să scuipe în hol până nu închide proprietarul ușa
![Page 26: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/26.jpg)
la fel e și cu rețelele
![Page 27: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/27.jpg)
descoperirea rețelelor distribuite nu e o noutate
![Page 28: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/28.jpg)
iar descoperirea vulnerabilităților nici atât
![Page 29: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/29.jpg)
e ca și cum te-ai lăuda că ai descoperit viața la bloc
![Page 30: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/30.jpg)
de fapt, problema e alta:
![Page 31: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/31.jpg)
(presupunând că)ești hacker
![Page 32: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/32.jpg)
odată ce ai descoperit o gaură de securitate, ce faci?
![Page 33: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/33.jpg)
păi, depinde...
![Page 34: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/34.jpg)
![Page 35: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/35.jpg)
să vorbim puțin despresistemele informatice
![Page 36: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/36.jpg)
cum v-ar plăcea să fie unsistem informatic?
![Page 37: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/37.jpg)
funcțional
![Page 38: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/38.jpg)
sigur
![Page 39: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/39.jpg)
ieftin
![Page 40: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/40.jpg)
problema e căputeți alege maxim 2 opțiuni!
![Page 41: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/41.jpg)
Sigur Ieftin
Funcțional
![Page 42: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/42.jpg)
care e situația curentă?
![Page 43: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/43.jpg)
aproape nimeni nu alege un sistem care să fie sigur și
ieftin, dar care nu e funcțional
![Page 44: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/44.jpg)
câțiva ajung să prefere un sistem sigur și funcțional,
chiar dacă e mai scump
![Page 45: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/45.jpg)
și din păcate, majoritatea aleg un sistem funcțional și ieftin, securitatea fiind pe planul doi
![Page 46: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/46.jpg)
astfel apar hackerii
![Page 47: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/47.jpg)
persoane care detecteazăproblemele de securitate
![Page 48: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/48.jpg)
iar unii le și exploatează
![Page 49: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/49.jpg)
fiindcă hackerii se împart în mai multe categorii
![Page 50: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/50.jpg)
și care e diferența?
![Page 51: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/51.jpg)
black hat: își folosesc cunoștințele în activități distructive sau malițioase
![Page 52: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/52.jpg)
white hat: își utilizează cunoștințele în scopuri
defensive (security analysts)
![Page 53: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/53.jpg)
gray hat: indivizi care acționează atât ofensiv, cât și defensiv, uneori la limita legii
![Page 54: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/54.jpg)
hacktivists: hacking pentru o cauză, de obicei agendă politică
![Page 55: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/55.jpg)
suicide hackers: pentru ei, îndeplinirea scopurilor e mai importantă decât o pedeapsă de
30 de ani de închisoare
![Page 56: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/56.jpg)
bun, și totuși, ce fac hackerii?
![Page 57: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/57.jpg)
un atac malițios are 5 faze
![Page 58: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/58.jpg)
1. recunoaștere
![Page 59: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/59.jpg)
poate fi activă sau pasivă
![Page 60: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/60.jpg)
implică aflarea de informații despre ținta atacului
![Page 61: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/61.jpg)
risc: notabil
![Page 62: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/62.jpg)
e cam ca și atunci când cineva încearcă ușa de la intrare
![Page 63: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/63.jpg)
2. scanning
![Page 64: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/64.jpg)
faza de dinaintea atacului, în care se scanează rețeaua pentru a obține informații specifice
![Page 65: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/65.jpg)
risc: ridicat
![Page 66: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/66.jpg)
port scanners, network mapping, vulnerability scans, etc.
![Page 67: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/67.jpg)
3. obținerea accesului
![Page 68: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/68.jpg)
sistemul este compromis, s-a găsit o cale de acces
![Page 69: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/69.jpg)
exploit-ul poate fi: în LAN, pe Internet, sau înșelătorie/furt
![Page 70: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/70.jpg)
buffer overflows, DoS, session hijacking, password cracking
![Page 71: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/71.jpg)
risc: maxim
![Page 72: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/72.jpg)
atacatorul poate obține acces la nivel OS/aplicație/rețea
![Page 73: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/73.jpg)
4. menținerea accesului
![Page 74: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/74.jpg)
se încearcă păstrarea controlului asupra sistemului
![Page 75: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/75.jpg)
hacker-ul poate apela la metode suplimentare de ”protecție”
![Page 76: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/76.jpg)
Backdoors, RootKits, Trojans
![Page 77: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/77.jpg)
upload, download, manipularea datelor/aplicațiilor din sistem
![Page 78: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/78.jpg)
5. ascunderea urmelor
![Page 79: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/79.jpg)
încercarea de a înlătura orice urmă de activitate
![Page 80: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/80.jpg)
motive: acces pe termen lung, evitarea aspectelor legale
![Page 81: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/81.jpg)
metode: alterarea log-urilor, tunneling, etc.
![Page 82: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/82.jpg)
tipuri de atacuri
![Page 83: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/83.jpg)
atacuri asupra SO (vulnerabilități, configurări)
![Page 84: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/84.jpg)
atacuri la nivel de aplicație
![Page 85: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/85.jpg)
remote network attacks(atacuri la distanță, Internet)
![Page 86: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/86.jpg)
local network attacks
![Page 87: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/87.jpg)
furtul echipamentelor
![Page 88: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/88.jpg)
social engineering
![Page 89: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/89.jpg)
o regulă importantă:
![Page 90: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/90.jpg)
dacă un hacker vrea să intre în sistemul tău, va intra, iar tu
n-ai cum să-l oprești!
![Page 91: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/91.jpg)
tot ce poți face e să te asiguri că îi îngreunezi (mult) munca :)
![Page 92: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/92.jpg)
și am ajuns în sfârșit lasocial engineering
![Page 93: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/93.jpg)
arta și știința de a-i face pe oameni să facă ce vrei tu
![Page 94: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/94.jpg)
nu, nu e o formă de control al minții!
![Page 95: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/95.jpg)
e cam ca și în vânzări
![Page 96: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/96.jpg)
trebuie să creezi ”scânteia”
![Page 97: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/97.jpg)
cea mai avansată metodă de vânzare: cea în care clientul nu
știe că i se vinde ceva
![Page 98: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/98.jpg)
e nevoie de muncă ”de teren”
![Page 99: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/99.jpg)
adunarea informațiilor
![Page 100: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/100.jpg)
marea parte a efortului stă în pregătire
![Page 101: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/101.jpg)
iar divagăm un pic...modelul OSI
![Page 102: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/102.jpg)
Open Systems Interconnection
![Page 103: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/103.jpg)
descriere abstractă a comunicării și protocoalelor
![Page 104: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/104.jpg)
fiecare ”layer” funcționează bazat pe layer-ul inferior
![Page 105: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/105.jpg)
7 – Application layer
6 – Presentation layer
5 – Session layer
4 – Transport layer
3 – Network layer
2 – Link layer
1 – Physical layer
![Page 106: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/106.jpg)
lipsește ceva?
![Page 107: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/107.jpg)
8 – Human layer
7 – Application layer
6 – Presentation layer
5 – Session layer
4 – Transport layer
3 – Network layer
2 – Link layer
1 – Physical layer
![Page 108: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/108.jpg)
nu există nici un sistem în lume care să nu se bazeze pe oameni
![Page 109: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/109.jpg)
S.E. trece de toate controalele din layer-ele OSI 1-7, mergând direct la veriga cea mai slabă
![Page 110: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/110.jpg)
layer 8, oamenii
![Page 111: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/111.jpg)
câteva statistici
![Page 112: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/112.jpg)
câte persoane și-ar da parola de la firmă unei necunoscute care
îi abordează pe stradă?
![Page 113: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/113.jpg)
![Page 114: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/114.jpg)
![Page 115: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/115.jpg)
...pentru o ciocolată?
![Page 116: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/116.jpg)
![Page 117: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/117.jpg)
studiu, Londra, 2003
![Page 118: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/118.jpg)
și-au dat parola în schimbul unui pix ieftin
![Page 119: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/119.jpg)
au divulgat informații despre parolă (date de naștere, nume,
echipe preferate, etc.)
![Page 120: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/120.jpg)
iau cu ei informații sensibile când își schimbă locul de muncă
![Page 121: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/121.jpg)
și-au dat parola lor colegilor de servici
![Page 122: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/122.jpg)
știau parolele colegilor
![Page 123: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/123.jpg)
aveau aceeași parolă peste tot
![Page 124: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/124.jpg)
psihologia în social engineering
![Page 125: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/125.jpg)
transferul de responsabilitate
![Page 126: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/126.jpg)
”directorul tehnic mi-a spus să-ți transmit că n-o să fie vina ta dacă sunt probleme”
![Page 127: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/127.jpg)
șansa de a primi o recompensă
![Page 128: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/128.jpg)
”uite ce ai putea obține tu din treaba asta!”
![Page 129: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/129.jpg)
relație de încredere
![Page 130: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/130.jpg)
”ah, Pamfil e băiat de treabă, pot avea încredere în el...”
![Page 131: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/131.jpg)
datorie morală
![Page 132: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/132.jpg)
”trebuie să mă ajuți! pe tine nu te enervează treaba asta?”
![Page 133: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/133.jpg)
sentimentul de vină
![Page 134: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/134.jpg)
”cum, nu vrei să mă ajuți?...”
![Page 135: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/135.jpg)
dorința de ajutor
![Page 136: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/136.jpg)
”îmi deschizi ușa asta, te rog?”
![Page 137: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/137.jpg)
cooperare
![Page 138: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/138.jpg)
”hai să lucrăm împreună, putem obține mult mai mult!”
![Page 139: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/139.jpg)
pași spre a fi un bunsocial engineer
![Page 140: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/140.jpg)
1. fii profesionist
![Page 141: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/141.jpg)
2. fii calm
![Page 142: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/142.jpg)
3. cunoaște-ți ținta
![Page 143: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/143.jpg)
4. nu încerca să fraierești pe cineva mai inteligent ca tine
![Page 144: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/144.jpg)
5. fă-ți un plan de scăpare
![Page 145: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/145.jpg)
6. fii femeie
![Page 146: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/146.jpg)
7. folosește însemne ”oficiale”
![Page 147: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/147.jpg)
8. folosește cărți de vizităcu nume fals
![Page 148: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/148.jpg)
9. manipulează-i doar pe cei neglijenți, neatenți și proști
![Page 149: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/149.jpg)
10. dacă e nevoie, folosește o echipă
![Page 150: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/150.jpg)
categorii de ”atacuri”în social engineering
![Page 151: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/151.jpg)
cerere directă
![Page 152: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/152.jpg)
de obicei are cele mai mari șanse să eșueze
![Page 153: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/153.jpg)
situație controversată
![Page 154: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/154.jpg)
fă ca ținta să aibă mai mulți factori de luat în considerare
![Page 155: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/155.jpg)
deghizare
![Page 156: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/156.jpg)
om de serviciu, angajat, etc.
![Page 157: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/157.jpg)
putere de convingere
![Page 158: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/158.jpg)
fă ținta să creadă că are controlul asupra situației
![Page 159: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/159.jpg)
pe cine poți ”ataca”?
![Page 160: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/160.jpg)
victimele se disting prin gradul de implicare, precum și factorii de influență la care răspund
![Page 161: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/161.jpg)
implicare vs. influențabilitate
grad de implicare sunt influențați de nu sunt influențați de
ridicat• administratori de sistem• persoane din conducere• tehnicieni
argumente solide• motive reale pentru a avea nevoie de acea informație
argumente slabe• cer contraargumente• scad posibilitatea de conformare
scăzut• recepționiste• îngrijitori• agenți de pază
alte informații• urgență• număr de motive• statutul persoanei
motivele reale• nu sunt relevante, nu le pasă• vor ignora ironiile insistente
![Page 162: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/162.jpg)
cine are nevoie de acces fizic?
![Page 163: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/163.jpg)
![Page 164: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/164.jpg)
”cool pics attached!”
![Page 165: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/165.jpg)
![Page 166: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/166.jpg)
instrumente și tehnici
![Page 167: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/167.jpg)
în cele mai multe cazuri, ai nevoie doar de două lucruri:
![Page 168: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/168.jpg)
un telefon
![Page 169: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/169.jpg)
o țintă(poate un fost bun prieten)
![Page 170: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/170.jpg)
odată ce ai ales ținta, începi să aduni informații
![Page 171: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/171.jpg)
asta va da un sens de autenticitate dialogurilor
![Page 172: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/172.jpg)
poți să obții o listă a angajatilor, și a sistemelor
![Page 173: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/173.jpg)
cum? whois, finger, domain tools, site-ul firmei, motorul
de căutare preferat
![Page 174: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/174.jpg)
faci o vizită la sediu
![Page 175: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/175.jpg)
te îmbraci corespunzător, ca să poți trece neobservat
![Page 176: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/176.jpg)
ID badge fals
![Page 177: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/177.jpg)
observă cum se intră/iese
![Page 178: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/178.jpg)
fii încrezător, ca și cum ai fi ”de-al casei”
![Page 179: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/179.jpg)
vezi cum sunt legate calculatoarele
![Page 180: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/180.jpg)
uită-te după anunțuri, notițe, liste afișate
![Page 181: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/181.jpg)
vorbește cu angajații ”de jos”
![Page 182: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/182.jpg)
”dumpster diving”
![Page 183: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/183.jpg)
după ce mă uit? memo-uri, cărți de telefon, politici interne, calendare, manuale, CD-uri,
organigrame, listări de username/parole, cod sursă,
hardware vechi, ...
![Page 184: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/184.jpg)
îți construiești o abordare
![Page 185: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/185.jpg)
începi atacul în scris
![Page 186: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/186.jpg)
”poți fi unul din câștigători!”
![Page 187: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/187.jpg)
”opinia dvs. contează!”
![Page 188: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/188.jpg)
sau prin email ”oficial”
![Page 189: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/189.jpg)
”vom avea nevoie de parola dvs. pentru a confirma/verifica...”
![Page 190: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/190.jpg)
după aceea dai un telefon
![Page 191: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/191.jpg)
ceri parola, sau alte date
![Page 192: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/192.jpg)
fii atent la modul de comunicare
![Page 193: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/193.jpg)
atacul propriu-zis
![Page 194: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/194.jpg)
ai toate datele despre țintă, sistemul informatic, etc.
![Page 195: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/195.jpg)
suni la help-desk, spui că nu poți face logon
![Page 196: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/196.jpg)
verificarea o ”treci” folosind informațiile adunate
![Page 197: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/197.jpg)
și te rogi pentru o lipsă de ”social skills” :)
![Page 198: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/198.jpg)
important: nu cere prea mult
![Page 199: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/199.jpg)
reverse social engineering
![Page 200: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/200.jpg)
reclamă
![Page 201: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/201.jpg)
lași o carte de vizită
![Page 202: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/202.jpg)
incluzi informații de contact în cazul unei probleme
![Page 203: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/203.jpg)
sabotaj
![Page 204: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/204.jpg)
creezi o problemă în rețeaua țintă
![Page 205: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/205.jpg)
asistență
![Page 206: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/206.jpg)
”repari” problema, timp în care obții acces la datele dorite
![Page 207: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/207.jpg)
nu uita de un Backdoor(sau două)
![Page 208: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/208.jpg)
cum să te protejezi de atacuri de tip social engineering?
![Page 209: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/209.jpg)
de obicei, social engineering-ul e ignorat
![Page 210: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/210.jpg)
e văzut ca un atac asupra inteligenței
![Page 211: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/211.jpg)
și nimeni nu vrea să admită că a fost fraierit
![Page 212: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/212.jpg)
persoanele tehnice își etalează ostentativ cunoștințele
![Page 213: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/213.jpg)
de multe ori sunt dispuși să le împărtășească
![Page 214: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/214.jpg)
oricine poate fi o victimă, dacă atacatorul e suficient de
insistent și de bine pregătit
![Page 215: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/215.jpg)
bun, și ce facem?
![Page 216: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/216.jpg)
nu încurajați comportamentul necorespunzător
![Page 217: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/217.jpg)
![Page 218: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/218.jpg)
![Page 219: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/219.jpg)
o apărare pe mai multe nivele
![Page 220: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/220.jpg)
fundația: politici de securitate
![Page 221: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/221.jpg)
educare: security ”awareness”
![Page 222: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/222.jpg)
reamintiri periodice
![Page 223: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/223.jpg)
”capcane” de social engineering
![Page 224: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/224.jpg)
incident response
![Page 225: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/225.jpg)
strategii de prevenire
![Page 226: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/226.jpg)
help-desk: parolele și alte informații confidențiale nu se
transmit telefonic
![Page 227: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/227.jpg)
intrarea în clădire: securitate, verificarea legitimațiilor
![Page 228: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/228.jpg)
birou: nu se scriu parole când altcineva e prin zonă
![Page 229: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/229.jpg)
birou: persoanele care se plimbă pe holuri sunt duse la ieșire
![Page 230: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/230.jpg)
birou: documentele marcate ”confidențial” ținute sub cheie
![Page 231: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/231.jpg)
zona cu echipamente: elemente de securitate fizică, anti-furt
![Page 232: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/232.jpg)
telefon, PBX: controlul apelurilor la distanță, call trace, refuzul transferului
![Page 233: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/233.jpg)
gunoi: mediile de stocare se aruncă doar după ce au fost
făcute inutilizabile
![Page 234: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/234.jpg)
internet/intranet: awareness, politici de securitate, training
![Page 235: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/235.jpg)
link-uri?
![Page 236: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/236.jpg)
puteți să vă faceți propria colecție :)
![Page 237: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/237.jpg)
www.google.com/search?q=social+engineering
![Page 238: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/238.jpg)
întrebări
![Page 239: Social Engineering si etica hackingului](https://reader030.vdocuments.pub/reader030/viewer/2022020116/5560b7d7d8b42afe3b8b4bb3/html5/thumbnails/239.jpg)
mulțumesc.