The Concept of Ethical Hacking
The following are the basic concepts of ethical hacking:
1. Phase of Pen testing
Pen Test, like forensics, is almost as much an art as it is a science – you can only be taught so far, technical techniques and tools are all very well, but you really need a mind that can think sideways and approach a task from as many angles as possible.
2. Foot printing
Tools and tricks to get the information about the computer, IP and mac address, related user and system.
3. Scanning
Before starting the pen testing, pen tester must have some information about network and system. So pen tester scans the entire network with some tool like Nmap, Zenmap, ping and hping etc.
4. Enumeration
During the enumeration phase, possible entry points into the tested systems are identified. The information collected during the reconnaissance phase is put to use.
5. System Hacking
System hacking is login to system without credentials not only by pass the credentials but also you can work in system as root user by privilege escalation.
6. Trojans
It is a generally non-self-replicating type of malware program containing malicious code. A Trojan often acts as a backdoor, contacting a controller which can then have unauthorized access to the affected computer. While Trojans and backdoors are not easily detectable by themselves, computers may appear to run slower due to heavy processor or network usage.
7. Viruses and Worms
A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections a worm is its capability to replicate itself on your system, so rather than your computer sending out a single worm, it could send out hundreds or thousands of copies of itself, creating a huge devastating effect.
8. Sniffing
Traffic It is a program that monitors and analyzes network traffic, detecting and finding problems. Various technique and tool is used for sniffing like kali linux MITM attack, tshark, urlsnarf etc.
9. Social engineering
In this technique, ethical hacker creates the phishing page of website to obtain credential of users.
10. Denial of service
A DoS attack generally consists of efforts to temporarily interrupt or suspend or down the services of a host connected to the Internet.
Potential Security Threats to Your Computer Systems
A computer system threat is anything that leads to loss or corruption of data or physical damage to the hardware and/or infrastructure. Knowing how to identify computer security threats is the first step in protecting computer systems. The threats could be intentional, accidental or caused by natural disasters.
0 Comments