This document discusses hacking and ethical hacking. It defines different types of hackers such as white hat, grey hat, and black hat hackers. It also outlines types of hacking like website, network, email, and password hacking. The document explains that ethical hacking is legal and done with permission to test security vulnerabilities. It notes the five phases of hacking as reconnaissance, scanning, gaining access, maintaining access, and clearing tracks. Finally, it discusses the skills, advantages, disadvantages and career opportunities in ethical hacking.
2. INTRODUCTION
Hacking is the art of finding solutions in real life
problems.
In 1960 at MIT the first known event of hacking had
taken place, at the same time the term “HACKER” was
originated.
Hacking is usually done to gain unauthorized access to
a system either a network to harm the systems or steal
sensitive informations.
1
3. TYPES OF HACKERS
White Hat Hackers, also known as “ethical hackers”, may help
companies and governments find holes in their networks and security by first
hacking into them. They hack into the systems to discover the liabilities
before the bad guys do.
Grey Hat Hackers, find themselves somewhere in the middle on the
spectrum between helping others and self-gain. Technically, this kind of
hacking is done without permission, so even if there is no malicious intent,
it’s still considered illegal.
Black Hat Hackers, are the criminals of the online world. They are in
it for often selfish reasons, exploiting individuals for money, prestige or
incriminating information.
2
4. TYPES OF HACKING
Website Hacking, means taking unauthorized control over a web server
and it’s associated software such as databases and other interfaces.
Network Hacking, means gathering information about a network tools
like Telnet, NS lookup, Ping, Tracert, Netstat etc. with the intent to harm the
network system and hamper it’s operation.
Email Hacking, means getting unauthorized access on an email account
and using it without taking the consent of it’s owner.
Password Hacking, process of recovering secret passwords from data
that has been stored in or transmitted by a computer system.
Computer Hacking, is the process of stealing computer ID and
password by applying hacking methods and getting unauthorized access to a
system. 3
5. WHAT IS ETHICAL HACKING ?
Apart from testing duties, ethical hackers are associated with other
responsibilities. The main idea is to replicate a malicious hacker at work
and instead of exploiting the vulnerabilities for malicious purposes, seek
countermeasures to shore up the system’s defences.
4
6. WHY IT IS IMPORTANT ?
The Internet is home to seemingly infinite amounts of confidential and
personal information. As a result of this mass storage of information, the
system needs to be constantly updated and enforced to prevent black
hats from retrieving such valuable data. Ethical hacking is used to
identify current weaknesses of a system to ensure that the Internet is
used in a safe and private manner.
5
7. IS IT LEGAL ?
Yes, Ethical Hacking is legal because an Ethical hacker is a computer and
networking expert who systematically attempts to penetrate a computer
system or network on behalf of its owners for the purpose of finding security
vulnerabilities that a malicious hacker could potentially exploit.
Stay Legal !
It's important never to engage in "black hat" hacking--that is, intruding
or attacking anyone's network without their full permission. Engaging in
illegal activities, even if it doesn't lead to a conviction, will likely kill
your ethical hacking career.
6
8. SKILLSET REQUIRED
First and foremost write programmes in many programming
languages like C, C++, Perl, Python, and Ruby.
Knowledge of a variety of operating systems (Microsoft
Windows, various versions of Linux, etc) is critical.
Experience with various network devices, including switches,
routers and firewalls is also important.
An ethical hacker also should have a basic understanding of
TCP/IP protocols such as SMTP, ICMP and HTTP.
For those working with web applications, Microsoft .NET and
PHP are vital.
7
9. FIVE PHASES OF HACKING
1. RECONNAISSANCE, is the primary
phase where the Hacker tries to collect as
much information as possible about the
target. It includes Identifying the Target,
finding out the target's IP Address Range,
Network, DNS records, etc.
2. SCANNING, involves taking the
information found when reconnaissance
and using it to examine the network. Tools
that a hacker may employ during the
scanning phase can include diallers, port
scanners, network mappers, sweepers.
8
10. 3. GAINING ACCESS, is to design the
blueprint of the network of the target with
the help of data collected during phase 1
and 2. Vulnerabilities discovered during the
reconnaissance and scanning phase are
now exploited to gain access.
4. MAINTAINING ACCESS, Once a hacker
has gained access, they want to keep that
access for future exploitation and attacks.
5. CLEARING TRACKS, Once hackers
have been able to gain and maintain
access, they clear their tracks to avoid
detection by security personnel to remove
evidence of hacking.
FIVE PHASES OF HACKING
9
11. ADVANTAGES
To recover lost information, especially in case anyone lost their
password.
To perform penetration testing to strengthen computer and
network security.
To put adequate preventive measures in place to prevent
security breaches.
To have a computer system that prevents malicious hackers
from gaining access.
10
12. DISADVANTAGES
Massive security breach.
Unauthorized system access on private information.
Privacy violation.
Hampering system operation.
Denial or service attacks.
Malicious attack on the system.
11
15. CONCLUSION
Hacking is a good computing skill that can be used for good or bad intention.
Remember if there is reason to do the hack there is also many ways to
prevent it. Always remember to,
Using antivirus, such as Quickheal, Kaspersky, Norton etc.
Proper logout after using any type of online accounts.
Avoid spam.
14