The Technical Foundations of Hacking
This chapter helps you prepare for the EC-Council Certified Ethical Hacker (CEH) Exam by covering the following EC Council objectives:
Understand the Open Systems Interconnect (OSI) Model
- OSI is important as it is the basis for describing and explaining how many network services and attacks work.
Have a basic knowledge of the Transmission Control Protocol/Internet Protocol (TCP/IP) and their functionality
- Many attacks are based on the misuse of the protocols that are part of the TCP/IP suite of protocols.
Describe the TCP packet structure
- Many scanning techniques make use of the TCP packet and its structure.
Know the TCP flags and their meaning
- TCP flags control the flow of traffic and are used to illicit information from servers during enumeration.
Understand how UDP differs from TCP
- UDP is a stateless protocol; understanding how it functions is critical in knowing how it might respond to queries.
Describe application ports and how they are numbered
- Ports identify applications; although you might not need to know all 65,000, you will need to know some common ones.
Describe how Internet Control Message Protocol (ICMP) functions and its purpose
- ICMP plays an important role in detecting logical errors and providing diagnostic information.
- Performance Reconnaissance
- Scanning and Enumeration
- Gaining Access
- Escalation of Privilege
- Maintaining Access
- Covering Tracks and Placing Backdoors
- National Institute of Standards Technology (NIST)
- Threat and Risk Assessment Working Guide (TRAWG)
- Operational Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE)
- Open Source Security Testing Methodology Manual (OSSTMM)
and the Stack
- The OSI Model
- Anatomy of TCP/IP Protocols
- Key Terms
- Exam Questions
- Answers to Exam Questions
- Suggested Reading and Resources
This chapter addresses information about the structure of TCP/IP. Understanding how the TCP/IP protocols function will help you build successful ethical hacking skills. This chapter contains a lot of information, so take the time to read it carefully. Here are a few tips:
- Review the information and make sure that you understand the six steps of the attacker's process.
- Review the different models used for ethical hacking and security assessment, such as NIST, OCTAVE, OSSTMM, and TRAWG.
- Have a friend work with you to make sure that you know all common ports used by TCP and UDP. A list can be found in this chapter.
- Review the OSI and TCP/IP layers. Make sure that you understand what functions occur at each.
- Make sure that you understand the differences between TCP and UDP.
- Verify that you know the steps of the TCP connection establishment and TCP connection teardown.
The Transmission Control Protocol/Internet Protocol (TCP/IP) suite is so dominant and important to ethical hacking that it is given wide coverage in this chapter. Many tools, attacks, and techniques that will be seen throughout this book are based on the use and misuse of TCP/IP protocol suite. Understanding its basic functions will advance your security skills. This chapter also spends time reviewing the attacker’s process and some of the better known methodologies used by ethical hackers.