Security: Introduction to Ethical Hacking

Ethical Hacker who are companies employ to exploit vulnerabilities. Ethical Hacking go by the names of security testers or penetration testers. Let identify 5 phases of ethical hacking is about.

Phases of An Attack

1. Security breaches exploit and take advantage of vulnerability.
2. Once exposed, the attacker collects confidential information and covers their tracks.
3. Here is the list of phases of an attack

Reconnaissance

1. In the reconnaissance phase, which is the planning phase, an attacker gather as much information as possible about the target.
2. Plain old research may be first activity in this phase.
3. The attacker can then move on to other reconnaissance methods such as dumpster diving or scanning.
4. Consider the types of reconnaissance methods:
   • Passive (where attacker does not interact with the system directly such as social engineering or dumpster diving).
   • Active (which involves the attacker using tools to directly interact with system).
5. The latter could include using tools detect open ports, router locations, network mapping and operating system details.

Scanning

1. During the scanning phase, the attacker tries to identify specific vulnerabilities.
2. Vulnerability scanners are the most widely used tools.
3. Port scanners are used to recognize listening ports that provide clues to the typles of services that are running.
4. Scanning is logical extension of the reconnaissance phase, but it involves more in-depth probing, which is considered an extension of active reconnaissance.

Gaining Access

1. Gaining access is usually the goal of an attacker.
2. However, keep in mind this is not always the case.
3. A denial-of-service attack, for example, causes a resource to be unavailable, not necessary for an attacker to gain access to that resource in order to be successful.
4. There are several factors affecting whether or not an attacker can successfully gain access, such as target system architecture and configuration, skill level or level of access gained.

Maintaining Access

1. Once an attacker has successfully gained access, they need to maintain access through installing a backdoor or a rootkit.
2. If not detected, attacker also removes any evidence of their breech by chaining the log files.
3. An organization may employ an intrusion detection system (IDS) or a honeypot to detect potential intruders.

Covering Tracks

1. Be ware that an attacker will erase all evidence of their presence.
2. Tools such as Netcat or other trojans can be used to erase the evidence from log files.
3. Other options include steganography, hiding data in other data, and tunneling (which carries one protocol in another).

In summary, an attack is a deliberate action taken against a target to affect the confidentially, integrity, availability or authenticity of the system. Attacks can be active or passive and can be initiated from within or outside the organization.

1. Active attacks
   • Alter a target system to affect privacy, credibility and accessibility.
2. Passive attacks
   • Breach the confidentiality of data of a system without impacting the system’s data

Thanks for reading and enjoy your day!!