CEH 1-Introduction to Ethical Hacking
What is Hacking?
- Hacking is the process of gaining unauthorized access to the system resources.
- It involves modifying system or application features to achieve a goal outside of the creator’s original purpose.
What is Ethical Hacking?
- Ethical Hacking is the process to identify vulnerabilities to assure system security by use of hacking tools, tricks, and techniques.
- It focuses on simulating methods used by attackers to verify the existence of exploitable vulnerabilities(Weakness or loophole) in the system's security.
Who is Hacker?
- Hackers are intelligent individuals who spend enormous amounts of time exploring computing resources like networks, websites, mobile devices, etc.
Who is Ethical Hacker?
- Ethical Hacker is an expert in computer internals and networking concepts, who tries to find out potential vulnerabilities on the target systems before a hacker could use, without actually doing any harm to the information systems on behalf of the owners of the IT Assets.
Types of Hackers:
- Black Hat: A person utilize computing skills for malicious or destructive activities.
- White Hat: A person utilizing hacking skills for the defensive purpose.
- Gray Hat: A person who work both offensively and defensively.
- Script Kiddies: An unskilled hacker who compromises the system by running scripts, tools, and software developed by real hackers.
Why Hacking?
- An existing Industry.
- Lots of job opportunities.
- Be able to secure systems from the hackers.
- Large demand for Ethical Hacking now-a-days.
Steps to Perform Ethical Hacking:
- Reconnaissance: In this stage, we will gather information about target like organization's clients, employees, operations, network, and systems.
- Scanning: In this stage, we gather even more information about target by scanning the target directly.
- Gaining Access: In this stage, we gain access to the targets system with the help of vulnerabilities found in scanning stage.
- Maintaining Access: This is post exploit stage, in this stage we are going to change or manipulate the system configuration to gain access to the target anytime.
- Clearing Tracks: Each and every system store logs information. This logs stores each and every information from boot to shutdown. In this stage, we are going to clear all these logs.
Terminology in Hacking:
- Vulnerability: Vulnerability is a loophole or weakness, it is a source for an attacker to enter into the system.
- Exploit: It is a software tool designed to take advantage of vulnerability in a system for malicious purposes.
- Payload: A payload(piece of code) is an action, or set of operations has to be done on the target.
- Hack value: Hack value is a notion among the hackers that something is worth while doing hacking.
- Zero-day attack: In a 0-day attack, the attacker exploits the vulnerability before the software developer releases the Patch for them.
What is Information Security?
- Information Security means protecting the confidentiality, integrity, and availability of data and focuses on efficient policy implementation, organization productivity.
Elements of Information Security:
- Confidentiality
- Non-Repudiation
- Authenticity
- Authorization
- Integrity
- Availability
Comments
Post a Comment