Ethical Hacking Is another aspect of hacking. Like every coin has 2 sides, Ethical Hacking is good one. As Hacker is someone who seeks and exploits weaknesses in a computer system or computer network, but Ethical Hacking is against the bad or black hat Hackers. Ethical Hacker can also known as White Hat Hacker. Ethical Hacking is Legal, its Permission is obtained from the target, its Part of an overall security program. By Techwila http://www.techwila.com
2. What Hackers Do?
Hacker is someone who seeks and exploits weaknesses in a computer
system or computer network. Hackers may be motivated by a multitude
of reasons, such as profit, protest, or challenge.
Hackers were mainly of 2 types:
White Hat Hacker
Grey Hat Hacker
Black Hat Hacker
4. Hacking in this case:
You make a system do what it doesn’t do out of the
box.
You built upon structures that are already in place.
5. What is Ethical Hacking
It is Legal
Permission is obtained from the target
Part of an overall security program
Identify vulnerabilities visible from Internet at particular point of time
Ethical hackers possesses same skills, mindset and tools of a hacker but
the attacks are done in a non-destructive manner
6. White Hat Hackers
Also Known as Ethical Hacker. A Ethical Hacker breaks security for non-
malicious reasons, perhaps to test their own security system or while
working for a Intelligence agencies and cyber warfare operatives of nation
states, security company which makes security software.
This classification also includes individuals who perform penetration
tests and vulnerability assessments within a contractual agreement.
The EC-Council, also known as the International Council of Electronic
Commerce Consultants, is one of those organisations that have developed
certifications, courseware, classes, and online training covering the
diverse arena of Ethical Hacking.
7. Ethical Hacking - Process
1. Preparation
2. Foot printing
3. Enumeration & Fingerprinting
4. Identification of Vulnerabilities
5. Attack – Exploit the Vulnerabilities
8. Ethical Hacking - Commandments
Working Ethically
Trustworthiness
Misuse for personal gain
Respecting Privacy
Not Crashing the Systems
9. Why – Ethical Hacking
Viruses, Trojan
Horses,
and Worms
Social
Engineering
Automated
Attacks
Accidental
Breaches in
Security Denial of
Service (DoS)
Organizational
Attacks
Restricted
Data
Protection from possible External Attacks
11. Some Cases of Hacking
Sony - Around 77 million users of Sony’s Play station network could have
had their information stolen by hackers in April 2011.
RSA Security - In March 2011, RSA Security was hacked when a spoof
email containing an infected Excel spread sheet tricked employees into
allowing hackers to access the system.
InfraGard Atlanta - As an FBI partner, you would imagine InfraGard
Atlanta to have the most up-to-date Internet security available.
However, in June 2011 the company was hacked and 180 usernames and
passwords were stolen.
Gmail - The Gmail accounts of Chinese human activists were
hacked, suggesting that the Chinese government masterminded this
attack, especially because of the widespread restrictions within the
country.
12. Skills of an ethical hacker
Routers- knowledge of routers, routing protocols and access control lists.
Microsoft- skills in operation , configuration and management.
Linux- knowledge of Linux/Unix; security setting, configuration, and
services.
Firewalls- configuration, & operation of intrusion detection systems.
13. Skills of an ethical hacker
Network protocols- TCP/IP ; how they function and can be manipulated.
Project management- knowledge of leading, planning, organizing, and
controlling a penetration tests systems.