ISO 9001:2015 CERTIFIED INSTITUTE

Mon-Sat 7:00-20:00 naveen.mishra886@gmail.com 0161-3552854 +91 99 880 18243

Ethical Hacking Introduction

  1. Category : Hacking, Cyber Law, Ethical Hacking | by NCC
  2. 23 Mar 2018 - Friday, 11:03 AM
Introduction to Ethical Hacking

When it comes to CyberSecurity, Hacking comes in many colors: white, grey, black, and shades in between. I wil focus on white hacker only in this article. White hat hackers use their skills for good. They practice ethical hacking by testing to see if an organization's network is vulnerable to outside attacks or not. Ethical hacking is the key to strengthen network security, it is one of the most desired skills for any IT security professional who is looking to grow big in IT World. If someone is interested in becoming an ethical hacker, or getting started securing your own network, this introduction is for you.

Hacking means having a detailed and advance knowledge about something. Hacking is a term used with the reference of the detailed knowledge about a particular topic. This term is totally independent of computers and can be used for the various fields. For example, a cook knows how to correct a dish having extra salt in it by just making it correct as if nothing was wrong with that dish, a cook who was working and was having great experience in cooking that makes him a dish saver and this is something which is hacking the food comes into action. In other words: hacking means someone has better knowledge about some topic than others.

Ethical Hacking: A term related to the computer world equals to a hacker in computers. An ethical hacker is a person who exploits the network of an organization in the urge of discover vulnerabilities not to exploit them as a malicious hacker does but instead he list down all the vulnerabilities in order to patch them and make the networks more secure or less vulnerable. They work to secure the system of the organization from the Black Hat Hacker whose main intention is to harm the organization in any way that is financially or data wise. Ethical Hackers work with Police, Army, Security Agencies in detecting the frauds like Credit card fraud, email fraud done by the Black Hackers and making it easy for the organizations to punish Black Hackers for their crimes. There are various organizations who provide courses related to ethical hacking like SANS, EC-Council, McAfee Foundstone, and CREST.

I will cover the following issues in the given article:

  • Ethical Hacking
  • Penetration Testing
  • Cyber Security and its Rumors

Ethical Hacking: An overview of ethical hacking and the role of the ethical hacker is to protect the network from cyber-attacks like ARP (Address Resolution protocol) poisoning, DNS Snooping, DHCP Snooping and so on. In Ethical Hacking, the kinds of threats, a network face can be decomposed into 5 phases, which are:

  1. Reconnaissance -> Detecting the IP addresses allotted to all the computer connected within the network. i.e. Network Mapping.
  2. Foot-printing -> After finding out the IP address which is most vulnerable in the network, then we start getting the information of the network to which it is connected.
  3. Enumeration-> Combining all the information received from reconnaissance and foot-printing and enumerating the valuable information which can be used for the exploitation of the network.
  4. Scanning->Attackers use a method called scanning before they attack a network. Scanning can be considered a logical extension (and overlap) of active reconnaissance since the attacker uses details gathered during reconnaissance to identify specific vulnerabilities. Often attackers use automated tools such as network/host scanners and war dialers to locate systems and attempt to discover vulnerabilities.
  5. System Hacking->System hacking is the way hackers get access to individual computers on a network. Ethical hackers learn system hacking to detect, prevent, and counter these types of attacks.

 

Penetration Testing

Penetration testing is a type of security testing that is used to test the insecurity of an application. It is conducted to find the security risk which might be present in the system.

If a system is not secured, then any attacker can disrupt or take authorized access to that system. Security risk is normally an accidental error that occurs while developing and implementing the software. For example, configuration errors, design errors, and software bugs, etc. Penetration testing normally evaluates a system’s ability to protect its networks, applications, endpoints and users from external or internal threats. It also attempts to protect the security controls and ensures only authorized access.

Nmap turned 20 years old on September 1, 2017. Since it was first released, Nmap has been the go-to tool for network discovery and attack surface mapping. From host discovery and port scanning, to OS detection and IDS evasion / spoofing, Nmap is an essential tool for gigs both large and small.

 

 

Cyber Security and its Rumors

There are lots of Misconception between Hacking and Cyber Crime. Hackers are the people which are insanely more than an expert in computers. Lots of people think that Hacking is a crime that took place just like a magic trick by a notorious magician most often considered to be so called Hacker. In Reality if you explore the real part of hacking, it is just nothing but exploiting the security weaknesses found in a Computer System / Network / Internet of Things / Web Application / Mobile Application/ Server Side Computing Etc and Hardening the Security Level. But most of the people who don’t know the real meaning of Hacking do cyber crimes, such as Cracking a Facebook / Twitter / Account, Looting the Bank Accounts, Extorting people for money through internet by spreading Ransomware to their system leading to damage of data etc.

The disastrous part is, most of the Media personnel are not properly aware of the differences between a Hacker and a Cyber Criminal.

If you explore the Hacking in depth, you will get to know how much hard it is. That’s easy to exploit a System with the help of Metasploit. But when you work with a Debugger and developing exploit for a Software, you will get to know how much hard it is. Thinking 

Note: Hacking is nothing but advanced information...ohh.. sorry knowledge not information of any thing it could be in real life or virtual life.

 

 

Written For NCC(Naveen Coaching Classes)

By Vikram Jindal

Email me @ vikramjindal970@gmail.com

Article by Naveen Coaching Classes

Welcome To NCC

NaveenCoachingClasses

An institute for web site and software solutions as well as for industrial training in PHP, Java, C/C++ development. For assistance in coaching classes for BCA, MCA, PGDCA, M Sc IT, B Tech CS and IT. Feel Free to contact us.

Contact Info

More Links