Sunday, 15 January 2012

Introduction to Ethical Hacking


Hello Friends, In my post about commencement of Advanced Online Ethical Hacking class , i have shared with you the list of Topics that we will discuss in Isoftdl Hacking Classes. So Today's class Topic is Introduction to Ethical Hacking where we will discuss basic and advanced terms involved in Hacking and security, steps for conducting ethical hacking, limitations as ethical hackers, computer crimes and cyber laws to taken into consideration.

Before Going to This Class First Read Basic Hacking class article:

What you will learn in Isoftdl Ethical Hacking class?
Hacking is has similar to coin which has two sides head and Tail that means Network Security (White-Hat or Ethical Hackers) and Cracking or Phreaking(Bad Guys or Black-Hat Hackers). I will teach you both sides because you will be expert only if you know both sides of Hacking. To stop something you must know everything...Note the above line.. If you limit your thinking and approach then you cannot become a security specialist as you don't know what is going in attacker's mind. So to become a security specialist, you have to think like attackers, also attackers are more than thousands in count but security experts are very less. So you need to be smart enough to cope with them and prevent your system and network.

Below snapshot will tell you what will i teach to you in future hacking classes:
Introduction to Ethical Hacking Class 1

What is Hacktivism?
Hacktivism basically means hacking for a cause. When Hackers has to publicize some agenda or send some message to users, they use this technique to get visibility. The hacktivism consists or several attacks like Website Defacement. They hack website and display a message or agenda on it.

Steps of Conducting Hacking Attacks:
Any hacking attack consists of 5 basic steps. Note: attempt should be systematic if you wish to achieve success otherwise its of no use as you will be detected and victim will come to know that his system has been hacked and if he reported it to authorized you can be tracked down and consequences are really bad.
Stepwise description How an hacking attempt is made:
Step1 : Reconnaissance
Refers to a preparatory phase where an attacker seeks to gather as much information as possible about the target of evaluation prior to launching an attack.
  • Passive reconnaissance involves monitoring network data for patterns and clues.
  • Active reconnaissance involves probing the network for
  • Accessible hosts
  • Open ports
  • Location of routers
  • Operating system details (if possible services)
  • Foot-printing – is a blueprinting of the security profile of an organization, undertaken in a methodological manner.
  • Scanning – refers to a pre-attack phase when the hacker scans the network with a specific information gathered during foot-printing.
  • Enumeration – involves active connections to systems and directed queries.

Step2: Scanning Targets
This stage of a hack can be considered to be a logical extension of active reconnaissance
  • Get a single point of entry to launch an attack and could be point of exploit whevulnerability of the system is detected.
  • Objectives of port scanning.
  • Open ports
  • Host operating system
  • Software or service versions
  • Vulnerable software versions

Step3 : Gaining Access
Gaining access refers to the true attack phase. The exploit can occur over a LAN, locally, Internet, offline, as deception or theft.
  • System Hacking
  • Sniffers
  • Social Engineering
  • Denial of Service
  • Session Hijacking
  • Buffer Overflows
  • Rootkits
  • Hacking Web servers
  • Web application vulnerabilities
  • Web based password cracking
  • SQL injection
  • HackinWireless networks
  • Virus and Worms
  • Evading IDS, firewalls, Honeypots
  • Cryptography

Step 4: Maintaining access
Maintaining access refers to the phase when the attacker tries to retain his ‘ownership’ of the system. Install tools such as
  • Rootkits.
  • Trojans and its backdoors.
  • Backdoors.

Step 5: Covering Tracks or Clearing Traces
Covering tracks refers to remove the evidence of his presence and activities. Different Techniques include:
  • Tunnelling.
  • Altering/Clearing log files.
  • Disabling auditing
That's the overall procedure how an successful hacking attempt is made. I will discuss all these steps in details in future classes..

Different Types of Hacker Attacks
There are several techniques or methods through which a hacker can gain access to system. The attackers try to exploit the vulnerability or loop hole in the system. 
Different attack types:
1. Operating System Attacks
2. Code based Attacks also called Wrapped Code attacks
3. Misconfiguration attacks
4. Application Level Attacks
5. Web Based Attacks


PDF Ebook of Today's Tutorial: DOWNLOAD
Password:  www.isoftdl.com

No comments:

Post a Comment