ETHICAL HACKING (PART -1)
INTRODUCTION TO ETHICAL HACKING :
- Ethical hackers are usually security professionals or network penetration testers who use their hacking skills and toolsets for defensive and protective purposes.
- Test their network and systems security for vulnerabilities using the same tools that a hacker might use to compromise the network.
- Any computer professional can learn the skills of ethical hacking.
TYPES OF HACKERS :
WHITE HAT HACKER :
hacking skills for defensive purposes. locate weaknesses and implement
countermeasures. White hats are those who hack with permission from the data
owner. It is critical to get permission prior to beginning any hacking activity. This is what
makes a security professional a white hat versus a malicious hacker who cannot be
trusted .
BLACK HAT HACKER : Having gained unauthorized access, black-hat hackers
destroy vital data, deny legitimate users service, and just cause problems for their targets.
Black-hat hackers and crackers can easily be differentiated from white-hat hackers because
their actions are malicious.
work offensively or defensively, depending on the situation.
may just be interested in hacking tools and technologies and are not malicious black hats.
Gray hats are self-proclaimed ethical hackers, who are interested in hacker tools mostly
from a curiosity standpoint. They may want to highlight security problems in a system or
educate victims so they secure their systems properly. difference between white hats and
gray hats is that permission word .
WHAT DOES HAKERS DO :
They do the same as cracker. they’re trying to determine what an intruder can see on a targeted network and what the
hacker can do with that information. Pen Test: This process of testing the security of a system or network is known as a
penetration test. doing this doesn’t usually involve a mysterious leap of hacker brilliance, but rather persistence
and the dogged repetition of a handful of fairly well-known tricks that exploit common
weaknesses in the security of target systems. A pen test is no more than just performing those same steps with the same tools used by a
malicious hacker to see what data could be exposed using hacking tools and techniques. When hired, an ethical hacker asks the organization what is to be protected, from whom,
and what resources the company is willing to expend in order to gain protection. A penetration test plan can then be built around the data that needs to be protected and
potential risks. Documenting the results of various tests is critical in producing the end
product of the pen test: pen test report. Taking screenshots of potentially valuable information or saving log files is critical to
presenting the findings to a client in a pen test report. The pen test report is a compilation of all the potential risks in a computer or system.
Comments
Post a Comment