Ethical Hacking | An Introduction
________________________________________
Whenever term hacker comes before many people consider it as
a guy sitting inside a room or garage with a bottle or beer and a Laptop or
Desktop doing wonders on click of buttons. But the reality check is hacking is
not that easy as portrayed in movies and television and term hacker doesn't
mean a computer criminal.
So here first of all we'll clear all our misconceptions
related to words hackers and hacking.
From Where This Word Came:
The word hacking has history in late 1960's, the time when
computers were nothing but mighty pieces of machines and a computer just meant
a machine that can compute. Electrical and Electronics geeks used to optimize
circuits to make any system/circuit work faster, better and reliably. The job
they used to do on circuits was known as hack. With time computer geeks also
started finding way out to optimize their system to work better so in fact
hacking was nothing but always a kind of reverse engineering. With time in
professional world a word hacker got meaning, a person who is highly skilled in
hardware, software and networking components. Then movies started portraying
hackers do only dirty works and hence today the word hacker has a negative face
according to people. No matter how the word met to a dreadful end a hacker always
had all qualities that was first put forward in its definition may the be
criminal or ethical. Criminal hackers are also known as Crackers.
Types Of Hackers:
White Hats: White hat hackers are good guys who use their
hacking skills for defensive purposes. Organizations and industries pay them
high salaries to protect their systems and networks from intrusion.
Black Hats: Black hats are actually bad guys in filed. Their
main job is to breach security and make money. They make money by using their
hacking skills for offensive purposes.
Grey Hats: Gray hats are hackers who work for offensive and
defensive purposes depending on situations. They are hired by people to intrude
and protect systems.
Hactivist: A hacktivist is kinda hacker who thinks hacking
can bring out some social changes and hacks government and organizations to
show his discomfort over some trivial issues.
Suicide Hackers: Suicide hackers are those who hack for some
purpose and even don't bother to suffer long term jail due to their activities.
They can be bad as well as good.
Script Kiddie: A script kiddie is a person who boasts
breaking system using scripts and codes written by others though he hardly
knows what the code does.
Phreak: It is a person who tries to intrude systems for fun
or malicious personal activities. Mostly they are children of age 12-15 who
don't even know wrong consequences of hacking.
Types Of Hacking:
Local Hacking: This type of hacking is done when a hacker
has full access to the system to implant a virus, keylogger and RATs
Remote Hacking: Remote hacking is done on a remote system
using Internet.
Social Engineering: Social Engineering is kinda interacting
skill that a hacker uses to manipulate people giving out sensitive information.
Its kinda trick done using good verbal, social skills and understanding.
Terminologies Used Under Hacking:
Threat: A threat is an environment or situation that could
lead to a potential breach of security. Ethical hackers look for and prioritize
threats when performing a security analysis.
An Exploit: An exploit is a piece of software that takes
advantage of a bug, glitch, or vulnerability, leading to unauthorized access,
privilege escalation, or denial of service on a computer system.
Vulnerability: A vulnerability is an existence of a software
flaw, logic design, or implementation error that can lead to an unexpected and
undesirable event executing bad or damaging instructions to the system. In easy
word vulnerability is weakness in system.
Payload: Payload is agent that helps in taking advantage of
vulnerability in remote hacking.
Attack: An attack occurs when a system is compromised based
on a vulnerability.
Types Of Attack:
1.Operating System Attack
2.Application level Attack
3.Shrink Wrap Code Attack
4.Misconfiguration Attack
Operating system attack is attack done on specific type of
OS. Such attack is done using flaws in programs and services shipped with OS.
Application level attack is done over faulty coding practices done over
software during its development. Shrink Wrap Code attack are attacks done over
UN-refined scripts used for making task simpler. Last is misconfiguration
attack, it is kinda attack which is done over mis-configured system or a system
with default settings.
Work Of An Ethical Hacker:
Job of an ethical hacker is to use all his skills and tools
used by malicious hackers to find vulnerabilities in system and then provide it
security against those vulnerabilities.
Conclusion: At last what I want to tell, nothing happens in
clicks of buttons. A hacker is highly skilled person in field of computing who
usually have ample knowledge about software, hardware, OS, networking and
programming. A hacker may it be criminal or ethical has immense patience,
determination, organization, discipline and persistence. An attacker may spend
months of time planning, analyzing and executing an attack. This shows his
level of dedication to achieve whatever goal he/she has set. A person can never
become a good hacker unless he have all above qualities.
Note: Now onwards we will cover hacking as our main stream
topic on this blog. Real hacking is never done over lamers who hardly knows
about security, it is done over a person who is highly skilled as you are. You
can never learn hacking until you do some practical and gain knowledge about
field so now onwards I urge you to perform practicals that will be now posted
on this blog on your own system. Next no tutorial will be taken as a lamer so
they will be in possible higher details, so this may happen that you may not
understand something. Rather than keeping yourself mum I plea you to please ask
whenever you encounter a problem or get bothered by topic. Whenever I 'll post
on hacking I 'll try to keep a theoretical and one practical tutorial, you are
requested to read both and grasp matter completely. Thanks for visiting and
please tell are you clear with all points discussed or need some explanation on
your difficulty.
No comments:
Post a Comment