2. CONTENTS
• Introduction
• History
• What is Ethical hacking?
• Phases of Ethical hacking
• Certified Ethical hacker
• Advantages and Disadvantages
3. Introduction
• Hacking is an activity in which, a person exploits the
weakness in a system for self profit or gratification.
Types of Hacking :
1. White hat hacking (Ethical hacking)
2. Black hat hacking
3. Grey hat hacking
4. What is ethical hacking ?
• Ethical hacking is an identical activity which aims to find
and rectify the weakness in a system. Today ethical
hacking is a job in Networking.
• It is also known as white hat hacking or penetration
testing.
• Ethical hacking is legal.
• Ethical hackers possesses same skills, mindset and tools
of a hacker but the attacks are done in a non-destructive
manner.
5. History of Ethical Hacking
In 1939, the “bombe” becomes the world’s first ethical
hacking machine.it was used by the British to help decipher
encrypted German message during world war 2.
• In 1974, the US Air force conduct one of the first ethical
hacks to test the security of multics operating system.
• The term “ethical hacking” was first used by IBM’s John
Patrick in 1995.
8. Reconnaissance
Enumeration is the ability of a hacker to convince some servers to give
them information that is vital to them to make an attack. By doing this
the hacker aims to find what resources and shares can be found in the
system, what valid user account and user groups are there in the
network, what applications will be there etc.
Scanning
Port scanning is a common technique used by a penetration tester to
find out the open doors, In technical terminology port scanning is used
to find out the vulnerabilities in the services listing on a port. During this
process you have to find out the alive host, operating systems involved,
firewalls, intrusion detection systems, servers/services, perimeter
devices, routing and general network topology (physical layout of
network), that are part of the target Organisation.
9. Enumeration
Enumeration is the ability of a hacker to convince some servers to give
them information that is vital to them to make an attack. By doing this
the hacker aims to find what resources and shares can be found in the
system, what valid user account and user groups are there in the
network, what applications will be there etc.
Attack and Gaining Access
This is the actual hacking phase in which the hacker gains access to the
system. The hacker will make use of all the information he collected in
the pre-attacking phases. Usually the main hindrance to gaining access
to a system is the passwords. In the System hacking first the hacker will
try to get in to the system.
10. Maintaining Access
Now the hacker is inside the system . This means that he is now in a
position to upload some files and download some of them. The next aim
will be to make an easier path to get in when he comes the next time.
This is analogous to making a small hidden door in the building so that
he can directly enter in to the building through the door easily
Clearing tracks
Whenever a hacker downloads some file or installs some software, its
log will be stored in the server logs. So in order to erase the hacker uses
man tools. One such tool is windows resource kit’s auditpol.exe.
Another tool which eliminates any physical evidence is the evidence
eliminator.. The Evidence Eliminator deletes all such evidences.
11. Certified Ethical hacker
• Certified Ethical Hacker (CEH) is a qualification
obtained in assessing the security of computer systems,
using penetration testing techniques. The code for the
CEH exam is 312-50, the certification is in Version 8 as of
late 2013.
• The EC-Council offers another certification, known as
Certified Network Defense Architect (CNDA). This
certification is designed for United States Government
agencies and is available only to members of selected
agencies. Other than the name, the content of the course
is exactly the same. The exam code for CNDA is 312-99.
12. • Advantages of Ethical hacking
Most of the benefits of ethical hacking are obvious, but many are
overlooked. The benefits range from simply preventing malicious
hacking to preventing national security breaches. The benefits
include:
• Fighting against terrorism and national security breaches
• Having a computer system that prevents malicious hackers from
gaining access
• Having adequate preventative measures in place to prevent
security breaches
13. • Disadvantages of Ethical Hacking
• All depend upon the trustworthiness of the ethical hacker
• Allowing the company’s financial and banking details to
be seen
• The possibility that the ethical hacker will send and/or
place malicious code, viruses, malware and other
destructive and harmful things on computer system