Ethical Hacking
With the incease in use of computers, smart phones and internet in daily life the need for security in information and systems increased.
Hacking is the activity of identifying weaknesses in a computer system or a network to exploit the security to gain access to personal data or business data and hacker is a person who finds and exploits the weakness in computer systems and/or networks to gain access. Hackers are usually skilled computer programmers with knowledge of computer security.
There 03 main types of hackers, they are:
- Cracker (Black hat): A hacker who gains unauthorized access to computer systems for personal gain. The intent is usually to steal corporate data, violate privacy rights, transfer funds from bank accounts etc.
- Grey hat: A hacker who is in between ethical and black hat hackers. He/she breaks into computer systems without authority with a view to identify weaknesses and reveal them to the system owner.
- Ethical Hacker (White hat): A security hacker who gains access to systems with a view to fix the identified weaknesses. They may also perform penetration Testing and vulnerability assessments.
So Ethical hacking, also known as penetration testing or pen testing, is legally breaking into computers and devices to test an organization’s defenses.
Key concepts of Ethical hacking
- Stay legal. Obtain proper approval before accessing and performing a security assessment.
- Define the scope. Determine the scope of the assessment so that the ethical hacker’s work remains legal and within the organization’s approved boundaries.
- Report vulnerabilities. Notify the organization of all vulnerabilities discovered during the assessment. Provide remediation advice for resolving these vulnerabilities.
- Respect data sensitivity. Depending on the data sensitivity, ethical hackers may have to agree to a non-disclosure agreement, in addition to other terms and conditions required by the assessed organization.
Phases of hacking
There are 05 phases of hacking, they are:
- Reconnaissance
- Scanning
- Gaining Access
- Maintaining Access
- Clearing Tracks
Reconnaissance
The first step of hacking, also called footprinting and information gathering phase. This is the preparatory phase where we collect as much information as possible about the target. Normally information is collected about 03 groups.
- Network
- Host
- People involved
Scanning
Three types of scanning are involved:
Port scanning: This phase involves scanning the target for the information like open ports, Live systems, various services running on the host.
Vulnerability Scanning: Checking the target for weaknesses or vulnerabilities which can be exploited. Usually done with help of automated tools
Network Mapping: Finding the topology of network, routers, firewalls servers if any, and host information and drawing a network diagram with the available information. This map may serve as a valuable piece of information throughout the hacking process.
Gaining Access
In this phase attacker breaks into the system/network using various tools or methods. After entering into a system. he has to increase his privilege to administrator level so he can install an application he need or modify data or hide data.
Maintaining Access
The hacker can maintain access with system by using Trojans, Rootkits or other malicious files. The aim is to maintain the access to the target until he finishes the tasks he planned to accomplish in that target.
Clearing Track
In this phase the hacker clears and traces leading to him. This involves modifying/corrupting/deleting the values of logs, modifying registry values and uninstalling all applications he used adn deleting all the folders he created.
What problems does ethical hacking identify?
Some of the most common vulnerabilities discovered by ethical hacker are:
- Injection attacks
- Broken authenication
- Security misconfigurations
- Use of components with known vulnerabilities
- Sensitive data exposure
Limitations of ethical hacking
- Limited scope. Ethical hackers cannot progress beyond a defined scope to make an attack successful. However, it’s not unreasonable to discuss out of scope attack potential with the organization.
- Resource constraints. Malicious hackers don’t have time constraints that ethical hackers often face. Computing power and budget are additional constraints of ethical hackers.
- Restricted methods. Some organizations ask experts to avoid test cases that lead the servers to crash (e.g., Denial of Service (DoS) attacks).