Scribd
Upload
107 views

Chapter 1

1. Ethical hacking is the authorized practice of hacking computer systems to identify security vulnerabilities and threats. It helps organizations strengthen their security. 2. An ethical hacker, also known as a white hat hacker, is a security expert who attempts to hack systems with the permission of their owners to find and fix vulnerabilities before criminals can exploit them. 3. Ethical hackers must follow rules like only hacking systems with authorization, and not misusing their skills by hacking without permission which could result in legal penalties.

Uploaded by

Jeff Maynard
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
107 views

Chapter 1

1. Ethical hacking is the authorized practice of hacking computer systems to identify security vulnerabilities and threats. It helps organizations strengthen their security. 2. An ethical hacker, also known as a white hat hacker, is a security expert who attempts to hack systems with the permission of their owners to find and fix vulnerabilities before criminals can exploit them. 3. Ethical hackers must follow rules like only hacking systems with authorization, and not misusing their skills by hacking without permission which could result in legal penalties.

Uploaded by

Jeff Maynard
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 23

CHAPTER 1

Introduction
To Ethical
Hacking
TOPICS

1.1 Follow ethical hacking


TOPICS
1.2 Display type of hacker
1.3 Explain the rules of ethical
hacking
1.1 ETHICAL HACKING
AN INTRODUCTION

Ethical Hacking is an authorized


practice of bypassing system
security to identify potential data
breaches and threats in a network.
Government agencies and business organizations
today are in constant need of ethical hackers to
combat the growing threat to IT security. A lot of
government agencies, professionals and
corporations now understand that if you want to
protect a system, you cannot do it by just locking
your doors

- Jay Bavisi, CEO of EC-Council.


ETHICAL HACKER
An ethical hacker, also referred to as
a white hat hacker, is an information
security expert who systematically
attempts to penetrate a computer
system, network, application or other
computing resource on behalf of its
owners and with their permission to find
security vulnerabilities that a malicious
hacker could potentially exploit.
ETHICAL HACKER
RESPONSIBILITY
Discovering vulnerabilities from an attacker’s POV so
that weak points can be fixed.
Implementing a secure network that prevents security
breaches.
Defending national security by protecting data from
terrorists.
Gaining the trust of customers and investors by
ensuring the security of their products and data.
Helping protect networks with real-world assessments.
Ethical Hacking Terminologies

Target of Exploit
Hack Value Evaluation Attack
an attack on a
(TOE)
Notion used by an action that is computer system,
hackers to express done on a system especially one that
A system, program,
that something is to get its access takes advantage of
 or network that is t
worth doing or is and extract a particular
he subject of a sec
interesting. sensitive data. vulnerability that
urity analysis or att
the system offers
ack.
to intruders.
Ethical Hacking Terminologies

Security
Vulnerability
Zero Day it involves gaining Threat
The existence of a software 
access to a network
Is an attack that Anything that has t flaw, logic design, or
and /or computer and
exploits the he potential to caus implementation error that 
then using the same
computer e serious harm to a  can lead to an
information to gain
vulnerability before computer system. unexpected and 
access to multiple
software engineer undesirable event 
networks and
releases a patch. executing bad or 
computers that
damaging instructions to 
contains desirable
the system.
information.
Ethical Hacking Terminologies

Daisy Chaining

Involves gaining access to a network and /or


computer and then using the same
information to gain access to multiple
networks and computers that contains
desirable information.
HACKING METHODOLOGIES
HACKING METHODOLOGIES

RECONNAISSANCE SCANNING
Also called as Footprinting and where hacker dive deeper into the
information gathering Phase system to look for valuable data
and services in a specific IP address
range.

GAINING ACCESS
MAINTAINING ACCESS
Attacker breaks into the
system/network using various The aim is to maintain the access to
tools or methods. the target until he finishes the tasks
he planned to accomplish in that
target.
HACKING METHODOLOGIES

CLEARING TRACK
This involves modifying/corrupting/deleting
the values of Logs, modifying registry values
and uninstalling all applications he used and
deleting all folders created.
1.2
DISPLAY TYPE OF
HACKER
‘BLACK HAT’
HACKERS ‘WHITE HAT’
HACKERS
An individual who
attempts to gain The good guys, working
unauthorized entry into with organizations to
a system or network to strengthen the security
exploit them for of a system.
malicious reasons.
‘GREY HAT’ HACKERS
Grey hats exploit networks and
computer systems in the way that black
hats do, but do so without any
malicious intent, disclosing all
loopholes and vulnerabilities to law
enforcement agencies or intelligence
agencies.
Testing Types

Black-Box Testing Gray-Box Testing White-Box Testing


Penetration tester is placed Has the access and Penetration testers are
in the role of the average knowledge levels of a user, given full access to source
hacker, with no internal potentially with elevated code, architecture
knowledge of the target privileges on a system. documentation and so forth.
system.
SKILLS REQUIRED TO BE AN
ETHICAL HACKER
Experts who are very knowledgeable about computer
programming, networking, and computer system.
In-depth knowledge about highly targeted platforms
(such as Windows, Unix, and Linux)
Networking, web programming, and database skills are
all useful in performing ethical hacking and vulnerability
testing.
SKILLS REQUIRED TO BE AN
ETHICAL HACKER
Patience, persistence, and immense
perseverance are important qualities for ethical
hackers
Knowledge of penetration testing
Prepares for a real-time attack
Uses real hacking tools carry out the attack
WAYS TO CONDUCT
ETHICAL HACKING
FROM START TO FINISH

Week 1 Week 2 Week 3 Week 4


Presentations are Presentations are Presentations are Presentations are
communication communication communication communication
tools. tools. tools. tools.
WAYS TO CONDUCT ETHICAL HACKING
LEGAL IMPLICATIONS OF
HACKING
No ethical hacking activities associated with a
network-penetration test or security audit should
begin until a signed legal document giving the ethical
hacker express permission to perform the hacking
activities is received from the target organization.
Ethical hackers need to be judicious with their hacking
skills and recognize the consequences of misusing
those skills.
1.3 EXPLAIN THE RULES OF
ETHICAL HACKING
An ethical hacker should know the penalties of
unauthorized hacking into a system.
No ethical hacking activities associated with a
network-penetration test or security audit should
begin until a signed legal document giving the ethical
hacker express permission to perform the hacking
activities is received from the target organization.
Ethical hackers need to be judicious with their hacking
skills and recognize the consequences of misusing
those skills.

You might also like