![Page 1: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/1.jpg)
0
Auditorias de Seguridad Informática:
Herramientas y alcances actuales
www.enhacke.com
![Page 2: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/2.jpg)
www.enHacke.com
Temas a tocar
• Seguridad Informática en Latinoamérica
• Mafias y hacking underground
• Hacking malicioso en Perú
• Auditorías - Metodología del Hacking
• Herramientas
• Aporte enHacke - Demo
Estructura de la exposición:
2
![Page 3: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/3.jpg)
1001110010101010111110111100110100000110001111000011010100111100011100010111000000111111001101100010100111001001110100001111010100100001100111011000111001010000111011111101010011101100000001100101010100010001100000110001110000110011110101001000011101011110000100001010000001010111011100100011111011000111010100101110011011000001100011110000011100101000010000100001011110111011001100101111011110001000010101100010111111111111110101010100011001001101101011100011110000011111001111010001010111000100110111111100011011011111011100111000001001111110101110110001000101000110010010101100101100001000011111111101011100000110000010010110111000000101011110011110110101010000000100011000010100011110010001000000100110100111110011101001011000100100011111101100110100010001011101101111000100100000001100001001001101101110010100111010001000010001000010101001111011000001001110000101000010011111000011101000011111011001011110101101101001000101010000011000001101101111101000111000011111100111101010000100110001101011011000110101011110101111101010011101110011011111111101001100111110100000001011000111001011001010010001000011111011101000110100101100101000101100100110100011010001000011011001000110101111111011001001010111000100010101111111000110010001001010010100100101111100001000111100011011001100110010101001001011101110111011100001001000011001100011110101100011111100101101000001011011100000111011110000010110110101101100000011101110111101111100101010100101111000101011001101011110111111010101011010000101001101110010011000101000101101101011101101001000010010000011011011110011110011001110000011011011111001001010101011011111110010010100101000111111101000110101000101110101001011010110101010011011101000000111111001110010101011100010001101001110110111011101100010010010011100110000010011101001001001100111100000100011000110010101111001101011010000101111011011100100111000100011011000111011010101000101001111000110000100110010101111000111100000100010011100011011111111111000000001000101101110111110100110101010101110001101101000000110010100001100001111100110110010101010001100101111011010101001010001011110110001101100100010000101001110011010100000100001101001101001111110001010001110111111100011110101000111111010101110000101111111000011110001110001101100100111011100100110001001101010000100110100110011010110000101011001100011001010010110111011101101000100010011000010100111101100100111100100001111100010011101000011001001100101101011011000101001001110101111000001110100001110101110111000011010101110010000000101100110100101000010010100110010101111011110110000001100101010100001110010011110100111000001101001000010101011101011000101011101000101001100001001011000111000001110000100001011110111011111001100111101100010000100110100101000010101010010110100001000000011000111001100100010111011100011011100110000000111110011011010100110010111000001100101100001001000011010001000001001010111011110000010010001100101111011011001011100000111110011000110011010110011001000010011000111100000011001011001100111011001100011011101011101111000110000011110011111111111101111000100000110001010100111000100110101000000011101100011110000011100100110010110110100110010001010001100000110001010110110011100111111100110010110110100000001111101001010111001000011001110011110001010010011110110010011010001110111011111101110101111011100100001001110011001111011101111100110110111010110000000101000100101010001000010100000111001111010101110101010110001010111001000000011101100100000110100001110000111100100111001110000001111000010011001001010011101100111001111001001111001110101101000000111010010110011011110101110100011111111011011111001110010011110110010001010001011111011110100100011101001000111111100100101101111000000011111000011101010101110000101100110010011011111000111010110101010111010000000001101101101111000111001110010111101010101110100101001010111000010001100000101110010110010111001010111111010110011010111010101100111011001110100011110011111111001111011001111101011100100000100011101011100100001011100011100110011001100111100100010111111100000101101011001001011110000111011110100100001011010010011010001001101001011101011101000001110111011100000101110111011001111111010000011000110000101111010001100100101100000101001001110110101111110100000011111111000011010010001101110110011111100100010000111000010111101010000010011110111100010101010111000101001101000110001100111011000001111001111101101111101111000111110110010011110010011111100000111010000
Seguridad Informática en Latinoamérica
3
![Page 4: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/4.jpg)
www.enHacke.com
Seguridad en la nube
4
Servidores en la nube serán menos seguros que los equipos físicos
en el 2012
60% de los servidores virtualizados serán menos seguros
Porque?
No se incluye a un equipo de seguridad informática en la implementación
![Page 5: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/5.jpg)
www.enHacke.com
Que preocupa a los directivos?
5
![Page 6: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/6.jpg)
www.enHacke.com
Presupuesto anual
6
![Page 7: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/7.jpg)
www.enHacke.com
Pymes vs corporate
7
![Page 8: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/8.jpg)
www.enHacke.com
Se quiere evitar…
8
![Page 9: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/9.jpg)
1001110010101010111110111100110100000110001111000011010100111100011100010111000000111111001101100010100111001001110100001111010100100001100111011000111001010000111011111101010011101100000001100101010100010001100000110001110000110011110101001000011101011110000100001010000001010111011100100011111011000111010100101110011011000001100011110000011100101000010000100001011110111011001100101111011110001000010101100010111111111111110101010100011001001101101011100011110000011111001111010001010111000100110111111100011011011111011100111000001001111110101110110001000101000110010010101100101100001000011111111101011100000110000010010110111000000101011110011110110101010000000100011000010100011110010001000000100110100111110011101001011000100100011111101100110100010001011101101111000100100000001100001001001101101110010100111010001000010001000010101001111011000001001110000101000010011111000011101000011111011001011110101101101001000101010000011000001101101111101000111000011111100111101010000100110001101011011000110101011110101111101010011101110011011111111101001100111110100000001011000111001011001010010001000011111011101000110100101100101000101100100110100011010001000011011001000110101111111011001001010111000100010101111111000110010001001010010100100101111100001000111100011011001100110010101001001011101110111011100001001000011001100011110101100011111100101101000001011011100000111011110000010110110101101100000011101110111101111100101010100101111000101011001101011110111111010101011010000101001101110010011000101000101101101011101101001000010010000011011011110011110011001110000011011011111001001010101011011111110010010100101000111111101000110101000101110101001011010110101010011011101000000111111001110010101011100010001101001110110111011101100010010010011100110000010011101001001001100111100000100011000110010101111001101011010000101111011011100100111000100011011000111011010101000101001111000110000100110010101111000111100000100010011100011011111111111000000001000101101110111110100110101010101110001101101000000110010100001100001111100110110010101010001100101111011010101001010001011110110001101100100010000101001110011010100000100001101001101001111110001010001110111111100011110101000111111010101110000101111111000011110001110001101100100111011100100110001001101010000100110100110011010110000101011001100011001010010110111011101101000100010011000010100111101100100111100100001111100010011101000011001001100101101011011000101001001110101111000001110100001110101110111000011010101110010000000101100110100101000010010100110010101111011110110000001100101010100001110010011110100111000001101001000010101011101011000101011101000101001100001001011000111000001110000100001011110111011111001100111101100010000100110100101000010101010010110100001000000011000111001100100010111011100011011100110000000111110011011010100110010111000001100101100001001000011010001000001001010111011110000010010001100101111011011001011100000111110011000110011010110011001000010011000111100000011001011001100111011001100011011101011101111000110000011110011111111111101111000100000110001010100111000100110101000000011101100011110000011100100110010110110100110010001010001100000110001010110110011100111111100110010110110100000001111101001010111001000011001110011110001010010011110110010011010001110111011111101110101111011100100001001110011001111011101111100110110111010110000000101000100101010001000010100000111001111010101110101010110001010111001000000011101100100000110100001110000111100100111001110000001111000010011001001010011101100111001111001001111001110101101000000111010010110011011110101110100011111111011011111001110010011110110010001010001011111011110100100011101001000111111100100101101111000000011111000011101010101110000101100110010011011111000111010110101010111010000000001101101101111000111001110010111101010101110100101001010111000010001100000101110010110010111001010111111010110011010111010101100111011001110100011110011111111001111011001111101011100100000100011101011100100001011100011100110011001100111100100010111111100000101101011001001011110000111011110100100001011010010011010001001101001011101011101000001110111011100000101110111011001111111010000011000110000101111010001100100101100000101001001110110101111110100000011111111000011010010001101110110011111100100010000111000010111101010000010011110111100010101010111000101001101000110001100111011000001111001111101101111101111000111110110010011110010011111100000111010000
Mafias y Hacking Underground
9
![Page 10: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/10.jpg)
www.enHacke.com
Botnets y Botmasters
10
Hackers maliciosos ofrecen
sus botnets con miles de
esclavos para alquiler
Atacan también a pedido
Ofrecen sus servicios
mediante canales de chat en
el internet
El pago es anonimo por
medio de egold, moneygram,
western union.
![Page 11: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/11.jpg)
www.enHacke.com
Venta y distrib. de TARJETAS DE CREDITO
11
![Page 12: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/12.jpg)
1001110010101010111110111100110100000110001111000011010100111100011100010111000000111111001101100010100111001001110100001111010100100001100111011000111001010000111011111101010011101100000001100101010100010001100000110001110000110011110101001000011101011110000100001010000001010111011100100011111011000111010100101110011011000001100011110000011100101000010000100001011110111011001100101111011110001000010101100010111111111111110101010100011001001101101011100011110000011111001111010001010111000100110111111100011011011111011100111000001001111110101110110001000101000110010010101100101100001000011111111101011100000110000010010110111000000101011110011110110101010000000100011000010100011110010001000000100110100111110011101001011000100100011111101100110100010001011101101111000100100000001100001001001101101110010100111010001000010001000010101001111011000001001110000101000010011111000011101000011111011001011110101101101001000101010000011000001101101111101000111000011111100111101010000100110001101011011000110101011110101111101010011101110011011111111101001100111110100000001011000111001011001010010001000011111011101000110100101100101000101100100110100011010001000011011001000110101111111011001001010111000100010101111111000110010001001010010100100101111100001000111100011011001100110010101001001011101110111011100001001000011001100011110101100011111100101101000001011011100000111011110000010110110101101100000011101110111101111100101010100101111000101011001101011110111111010101011010000101001101110010011000101000101101101011101101001000010010000011011011110011110011001110000011011011111001001010101011011111110010010100101000111111101000110101000101110101001011010110101010011011101000000111111001110010101011100010001101001110110111011101100010010010011100110000010011101001001001100111100000100011000110010101111001101011010000101111011011100100111000100011011000111011010101000101001111000110000100110010101111000111100000100010011100011011111111111000000001000101101110111110100110101010101110001101101000000110010100001100001111100110110010101010001100101111011010101001010001011110110001101100100010000101001110011010100000100001101001101001111110001010001110111111100011110101000111111010101110000101111111000011110001110001101100100111011100100110001001101010000100110100110011010110000101011001100011001010010110111011101101000100010011000010100111101100100111100100001111100010011101000011001001100101101011011000101001001110101111000001110100001110101110111000011010101110010000000101100110100101000010010100110010101111011110110000001100101010100001110010011110100111000001101001000010101011101011000101011101000101001100001001011000111000001110000100001011110111011111001100111101100010000100110100101000010101010010110100001000000011000111001100100010111011100011011100110000000111110011011010100110010111000001100101100001001000011010001000001001010111011110000010010001100101111011011001011100000111110011000110011010110011001000010011000111100000011001011001100111011001100011011101011101111000110000011110011111111111101111000100000110001010100111000100110101000000011101100011110000011100100110010110110100110010001010001100000110001010110110011100111111100110010110110100000001111101001010111001000011001110011110001010010011110110010011010001110111011111101110101111011100100001001110011001111011101111100110110111010110000000101000100101010001000010100000111001111010101110101010110001010111001000000011101100100000110100001110000111100100111001110000001111000010011001001010011101100111001111001001111001110101101000000111010010110011011110101110100011111111011011111001110010011110110010001010001011111011110100100011101001000111111100100101101111000000011111000011101010101110000101100110010011011111000111010110101010111010000000001101101101111000111001110010111101010101110100101001010111000010001100000101110010110010111001010111111010110011010111010101100111011001110100011110011111111001111011001111101011100100000100011101011100100001011100011100110011001100111100100010111111100000101101011001001011110000111011110100100001011010010011010001001101001011101011101000001110111011100000101110111011001111111010000011000110000101111010001100100101100000101001001110110101111110100000011111111000011010010001101110110011111100100010000111000010111101010000010011110111100010101010111000101001101000110001100111011000001111001111101101111101111000111110110010011110010011111100000111010000
Perú y Latinoamerica
12
![Page 13: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/13.jpg)
www.enHacke.com
Perú? Hackers? Aquí?
13
Crecimiento económico en el Perú
Perú en la mira del mundo
Pero no solo de inversionistas
Sino también de ciberdelincuentes
Las grandes inversiones vienen de la mano de grandes implementaciones IT
Cibercrimen en Perú
Alquiler de botnets para sabotear empresas
Phishing y carding
Paginas defaceadas (modificadas)
Secuestro de información
Skimming
Extorsion
Por videos
Por información sensible
![Page 14: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/14.jpg)
www.enHacke.com
Botnets latinas
14
En latinoamerica
Hasta 12 dólares por mails
corporativos con contraseña
400 dolares por botnets de más
de 200 máquinas
Incriminación a pedido
Secuestro de información
Venta de BD de tarjetas de
crédito
![Page 15: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/15.jpg)
www.enHacke.com
Y en el Perú pasa algo??
15
![Page 16: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/16.jpg)
www.enHacke.com16
![Page 17: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/17.jpg)
www.enHacke.com17
![Page 18: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/18.jpg)
www.enHacke.com18
![Page 19: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/19.jpg)
www.enHacke.com19
![Page 20: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/20.jpg)
www.enHacke.com
TQM ;) Te conectas mañana :-*
20
Personas sin moral y con
fines delictivos
Extorsion
Secuestros
Medios por donde actuan?
Hi5
Redes sociales
![Page 21: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/21.jpg)
www.enHacke.com
Uy! Una chica me esta agregando!!!
21
![Page 22: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/22.jpg)
1001110010101010111110111100110100000110001111000011010100111100011100010111000000111111001101100010100111001001110100001111010100100001100111011000111001010000111011111101010011101100000001100101010100010001100000110001110000110011110101001000011101011110000100001010000001010111011100100011111011000111010100101110011011000001100011110000011100101000010000100001011110111011001100101111011110001000010101100010111111111111110101010100011001001101101011100011110000011111001111010001010111000100110111111100011011011111011100111000001001111110101110110001000101000110010010101100101100001000011111111101011100000110000010010110111000000101011110011110110101010000000100011000010100011110010001000000100110100111110011101001011000100100011111101100110100010001011101101111000100100000001100001001001101101110010100111010001000010001000010101001111011000001001110000101000010011111000011101000011111011001011110101101101001000101010000011000001101101111101000111000011111100111101010000100110001101011011000110101011110101111101010011101110011011111111101001100111110100000001011000111001011001010010001000011111011101000110100101100101000101100100110100011010001000011011001000110101111111011001001010111000100010101111111000110010001001010010100100101111100001000111100011011001100110010101001001011101110111011100001001000011001100011110101100011111100101101000001011011100000111011110000010110110101101100000011101110111101111100101010100101111000101011001101011110111111010101011010000101001101110010011000101000101101101011101101001000010010000011011011110011110011001110000011011011111001001010101011011111110010010100101000111111101000110101000101110101001011010110101010011011101000000111111001110010101011100010001101001110110111011101100010010010011100110000010011101001001001100111100000100011000110010101111001101011010000101111011011100100111000100011011000111011010101000101001111000110000100110010101111000111100000100010011100011011111111111000000001000101101110111110100110101010101110001101101000000110010100001100001111100110110010101010001100101111011010101001010001011110110001101100100010000101001110011010100000100001101001101001111110001010001110111111100011110101000111111010101110000101111111000011110001110001101100100111011100100110001001101010000100110100110011010110000101011001100011001010010110111011101101000100010011000010100111101100100111100100001111100010011101000011001001100101101011011000101001001110101111000001110100001110101110111000011010101110010000000101100110100101000010010100110010101111011110110000001100101010100001110010011110100111000001101001000010101011101011000101011101000101001100001001011000111000001110000100001011110111011111001100111101100010000100110100101000010101010010110100001000000011000111001100100010111011100011011100110000000111110011011010100110010111000001100101100001001000011010001000001001010111011110000010010001100101111011011001011100000111110011000110011010110011001000010011000111100000011001011001100111011001100011011101011101111000110000011110011111111111101111000100000110001010100111000100110101000000011101100011110000011100100110010110110100110010001010001100000110001010110110011100111111100110010110110100000001111101001010111001000011001110011110001010010011110110010011010001110111011111101110101111011100100001001110011001111011101111100110110111010110000000101000100101010001000010100000111001111010101110101010110001010111001000000011101100100000110100001110000111100100111001110000001111000010011001001010011101100111001111001001111001110101101000000111010010110011011110101110100011111111011011111001110010011110110010001010001011111011110100100011101001000111111100100101101111000000011111000011101010101110000101100110010011011111000111010110101010111010000000001101101101111000111001110010111101010101110100101001010111000010001100000101110010110010111001010111111010110011010111010101100111011001110100011110011111111001111011001111101011100100000100011101011100100001011100011100110011001100111100100010111111100000101101011001001011110000111011110100100001011010010011010001001101001011101011101000001110111011100000101110111011001111111010000011000110000101111010001100100101100000101001001110110101111110100000011111111000011010010001101110110011111100100010000111000010111101010000010011110111100010101010111000101001101000110001100111011000001111001111101101111101111000111110110010011110010011111100000111010000
Metodología del Hacking
22
![Page 23: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/23.jpg)
www.enHacke.com
Metodologia del Hacking
1. Reconocimiento
2. Escaneo
3. Obtener Acceso
4. Mantener el acceso
5. Limpiar huellas
1. Reconocimiento
• Activo
• Pasivo
2. Escaneo
3. Obtener acceso
• A nivel de Sistema
Operativo / a nivel de
aplicación
• A nivel de red
• Denegación de servicio
4. Mantener el acceso
• Subir / alterar / bajar
programas o data
5. Limpiar huellas
![Page 24: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/24.jpg)
1001110010101010111110111100110100000110001111000011010100111100011100010111000000111111001101100010100111001001110100001111010100100001100111011000111001010000111011111101010011101100000001100101010100010001100000110001110000110011110101001000011101011110000100001010000001010111011100100011111011000111010100101110011011000001100011110000011100101000010000100001011110111011001100101111011110001000010101100010111111111111110101010100011001001101101011100011110000011111001111010001010111000100110111111100011011011111011100111000001001111110101110110001000101000110010010101100101100001000011111111101011100000110000010010110111000000101011110011110110101010000000100011000010100011110010001000000100110100111110011101001011000100100011111101100110100010001011101101111000100100000001100001001001101101110010100111010001000010001000010101001111011000001001110000101000010011111000011101000011111011001011110101101101001000101010000011000001101101111101000111000011111100111101010000100110001101011011000110101011110101111101010011101110011011111111101001100111110100000001011000111001011001010010001000011111011101000110100101100101000101100100110100011010001000011011001000110101111111011001001010111000100010101111111000110010001001010010100100101111100001000111100011011001100110010101001001011101110111011100001001000011001100011110101100011111100101101000001011011100000111011110000010110110101101100000011101110111101111100101010100101111000101011001101011110111111010101011010000101001101110010011000101000101101101011101101001000010010000011011011110011110011001110000011011011111001001010101011011111110010010100101000111111101000110101000101110101001011010110101010011011101000000111111001110010101011100010001101001110110111011101100010010010011100110000010011101001001001100111100000100011000110010101111001101011010000101111011011100100111000100011011000111011010101000101001111000110000100110010101111000111100000100010011100011011111111111000000001000101101110111110100110101010101110001101101000000110010100001100001111100110110010101010001100101111011010101001010001011110110001101100100010000101001110011010100000100001101001101001111110001010001110111111100011110101000111111010101110000101111111000011110001110001101100100111011100100110001001101010000100110100110011010110000101011001100011001010010110111011101101000100010011000010100111101100100111100100001111100010011101000011001001100101101011011000101001001110101111000001110100001110101110111000011010101110010000000101100110100101000010010100110010101111011110110000001100101010100001110010011110100111000001101001000010101011101011000101011101000101001100001001011000111000001110000100001011110111011111001100111101100010000100110100101000010101010010110100001000000011000111001100100010111011100011011100110000000111110011011010100110010111000001100101100001001000011010001000001001010111011110000010010001100101111011011001011100000111110011000110011010110011001000010011000111100000011001011001100111011001100011011101011101111000110000011110011111111111101111000100000110001010100111000100110101000000011101100011110000011100100110010110110100110010001010001100000110001010110110011100111111100110010110110100000001111101001010111001000011001110011110001010010011110110010011010001110111011111101110101111011100100001001110011001111011101111100110110111010110000000101000100101010001000010100000111001111010101110101010110001010111001000000011101100100000110100001110000111100100111001110000001111000010011001001010011101100111001111001001111001110101101000000111010010110011011110101110100011111111011011111001110010011110110010001010001011111011110100100011101001000111111100100101101111000000011111000011101010101110000101100110010011011111000111010110101010111010000000001101101101111000111001110010111101010101110100101001010111000010001100000101110010110010111001010111111010110011010111010101100111011001110100011110011111111001111011001111101011100100000100011101011100100001011100011100110011001100111100100010111111100000101101011001001011110000111011110100100001011010010011010001001101001011101011101000001110111011100000101110111011001111111010000011000110000101111010001100100101100000101001001110110101111110100000011111111000011010010001101110110011111100100010000111000010111101010000010011110111100010101010111000101001101000110001100111011000001111001111101101111101111000111110110010011110010011111100000111010000
Herramientas Open Source en la Metodología del
Hacking
24
![Page 25: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/25.jpg)
www.enHacke.com
• Dig
• Nslookup
• Maltego
• google hacking
Reconocimiento
• Red
• angryIP
• autoScan
• Puertos
• Nmap
• Hping
• Amap
• Vulnerabilidades
• Nikto
• Nessus
• openVas
Escaneo
• Hydra
• Metasploit
Obteniendo acceso
• Cryptcat
• Rootkit (evaluar)
Manteniendo acceso
Algunas herramientas usadas
25
![Page 26: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/26.jpg)
1001110010101010111110111100110100000110001111000011010100111100011100010111000000111111001101100010100111001001110100001111010100100001100111011000111001010000111011111101010011101100000001100101010100010001100000110001110000110011110101001000011101011110000100001010000001010111011100100011111011000111010100101110011011000001100011110000011100101000010000100001011110111011001100101111011110001000010101100010111111111111110101010100011001001101101011100011110000011111001111010001010111000100110111111100011011011111011100111000001001111110101110110001000101000110010010101100101100001000011111111101011100000110000010010110111000000101011110011110110101010000000100011000010100011110010001000000100110100111110011101001011000100100011111101100110100010001011101101111000100100000001100001001001101101110010100111010001000010001000010101001111011000001001110000101000010011111000011101000011111011001011110101101101001000101010000011000001101101111101000111000011111100111101010000100110001101011011000110101011110101111101010011101110011011111111101001100111110100000001011000111001011001010010001000011111011101000110100101100101000101100100110100011010001000011011001000110101111111011001001010111000100010101111111000110010001001010010100100101111100001000111100011011001100110010101001001011101110111011100001001000011001100011110101100011111100101101000001011011100000111011110000010110110101101100000011101110111101111100101010100101111000101011001101011110111111010101011010000101001101110010011000101000101101101011101101001000010010000011011011110011110011001110000011011011111001001010101011011111110010010100101000111111101000110101000101110101001011010110101010011011101000000111111001110010101011100010001101001110110111011101100010010010011100110000010011101001001001100111100000100011000110010101111001101011010000101111011011100100111000100011011000111011010101000101001111000110000100110010101111000111100000100010011100011011111111111000000001000101101110111110100110101010101110001101101000000110010100001100001111100110110010101010001100101111011010101001010001011110110001101100100010000101001110011010100000100001101001101001111110001010001110111111100011110101000111111010101110000101111111000011110001110001101100100111011100100110001001101010000100110100110011010110000101011001100011001010010110111011101101000100010011000010100111101100100111100100001111100010011101000011001001100101101011011000101001001110101111000001110100001110101110111000011010101110010000000101100110100101000010010100110010101111011110110000001100101010100001110010011110100111000001101001000010101011101011000101011101000101001100001001011000111000001110000100001011110111011111001100111101100010000100110100101000010101010010110100001000000011000111001100100010111011100011011100110000000111110011011010100110010111000001100101100001001000011010001000001001010111011110000010010001100101111011011001011100000111110011000110011010110011001000010011000111100000011001011001100111011001100011011101011101111000110000011110011111111111101111000100000110001010100111000100110101000000011101100011110000011100100110010110110100110010001010001100000110001010110110011100111111100110010110110100000001111101001010111001000011001110011110001010010011110110010011010001110111011111101110101111011100100001001110011001111011101111100110110111010110000000101000100101010001000010100000111001111010101110101010110001010111001000000011101100100000110100001110000111100100111001110000001111000010011001001010011101100111001111001001111001110101101000000111010010110011011110101110100011111111011011111001110010011110110010001010001011111011110100100011101001000111111100100101101111000000011111000011101010101110000101100110010011011111000111010110101010111010000000001101101101111000111001110010111101010101110100101001010111000010001100000101110010110010111001010111111010110011010111010101100111011001110100011110011111111001111011001111101011100100000100011101011100100001011100011100110011001100111100100010111111100000101101011001001011110000111011110100100001011010010011010001001101001011101011101000001110111011100000101110111011001111111010000011000110000101111010001100100101100000101001001110110101111110100000011111111000011010010001101110110011111100100010000111000010111101010000010011110111100010101010111000101001101000110001100111011000001111001111101101111101111000111110110010011110010011111100000111010000
Aporte enHacke
26
![Page 27: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/27.jpg)
www.enHacke.com
Condiciones determinantes
27
Escena de la seguridad informática en el Perú
Gente muy capaz
Falta de motivación y perseverancia
Barreras de lenguaje
Universidades no incorporan cursos de seguridad informática en su
currícula
Falsa percepción de seguridad
Existe material en español pero la mayoría esta en ingles y otros idiomas
Ganas de hacer crecer la comunidad de seguridad informática
…….
![Page 28: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/28.jpg)
www.enHacke.com28
![Page 29: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/29.jpg)
www.enHacke.com
Que se puede hacer con NinjaSec
Reconocimiento Escaneo
AccesoMantener el
acceso
29
![Page 30: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/30.jpg)
www.enHacke.com
Que haremos?
Reconocimiento
• Dig
• Nslookup
• Maltego
• googleHacking
Escaneo
• Red angryIp
• Puertos nmap
• Vuln. metasploit
Acceso
• Hydra
• Metasploit
Mantener Acceso
• Cryptcat
30
![Page 31: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/31.jpg)
www.enHacke.com31
ATAQUE!!!
![Page 32: 0 - downloads.tuxpuc.pucp.edu.pedownloads.tuxpuc.pucp.edu.pe/linuxweek2010/jueves/GabrielLazoRa… · Herramientas y alcances actuales . Temas a tocar •Seguridad Informática en](https://reader033.vdocumento.com/reader033/viewer/2022050518/5fa2353d70ae747a713b6e8f/html5/thumbnails/32.jpg)
0
#>echo MUCH4S GR4C14S !!!
www.enhacke.com