02-04-2012, 02:31 PM
ethicalhacking
ethicalhacking.doc (Size: 407 KB / Downloads: 50)
ABSTRACT
Today more and more softwares are developing and people are getting more and more options in their present softwares. But many are not aware that they are being hacked without their knowledge. One reaction to this state of affairs is a behavior termed “Ethical Hacking" which attempts to pro-actively increase security protection by identifying and patching known security vulnerabilities on systems owned by other parties.
A good ethical hacker should know the methodology chosen by the hacker like reconnaissance, host or target scanning, gaining access, maintaining access and clearing tracks. For ethical hacking we should know about the various tools and methods that can be used by a black hat hacker apart from the methodology used by him.
From the point of view of the user one should know at least some of these because some hackers make use of those who are not aware of the various hacking methods to hack into a system. Also when thinking from the point of view of the developer, he also should be aware of these since he should be able to close holes in his software even with the usage of the various tools. With the advent of new tools the hackers may make new tactics. But at least the software will be resistant to some of the tools.
CHAPTER 2
INTRODUCTION
Ethical hacking also known as penetration testing or white hat hacking, involves the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is legal. Ethical hacking is performed with the target’s permission. The intent of ethical hacking is to discover vulnerabilities from a hacker’s
Viewpoint so systems can be better secured. It’s part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.
SECURITY
Security is the condition of being protected against danger or loss. In the general sense, security is a concept similar to safety. In the case of networks the security is also called the information security. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction
NEED FOR SECURITY
Computer security is required because most organizations can be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated which are produced by the intruders. These include:
1. lose of confidential data
2. Damage or destruction of data
3. Damage or destruction of computer system
4. Loss of reputation of a company
CHAPTER 3
HACKING
Eric Raymond, compiler of “The New Hacker's Dictionary”, defines a hacker as a clever programmer. A "good hack” is a clever solution to a programming problem and "hacking” is the act of doing it. Raymond lists five possible characteristics that qualify one as a hacker, which we paraphrase here:
● A person who enjoys learning details of a programming language or system
● A person who enjoys actually doing the programming rather than just theorizing about it
● A person capable of appreciating someone else's hacking
● A person who picks up programming quickly
● A person who is an expert at a particular programming language or system
TYPES OF HACKERS
Hackers can be broadly classified on the basis of why they are hacking system or why the are indulging hacking. There are mainly three types of hacker on this basis
1. BLACK HAT HACKER
A black hat hackers or crackers are individuals with extraordinary computing skills, resorting to malicious or destructive activities. That is black hat hackers use their knowledge and skill for their own personal gains probably by hurting others.
2. WHITE HAT HACKER
White hat hackers are those individuals professing hacker skills and using them for defensive purposes. This means that the white hat hackers use their knowledge and skill for the good of others and for the common good.
3. GREY HAT HACKERS
These are individuals who work both offensively and defensively at
Various times. We cannot predict their behavior. Sometimes they use their skills for the common good while in some other times he uses them for their personal gains.