Hi, friends.. Today, I am with a article on Ethical Hacking.
Disclaimer : I am not responsible for any harm to your system by this virus. I am, not in any way, asking you to try this on your computer nor on any one else. This is just for educational purpose.
The five phases that hackers generally follow in hacking a computer system.
Phase 1: Passive and Active Reconnaissance
Passive reconnaissance involves gathering information about a potential target without
the targeted individual’s or company’s knowledge. Passive reconnaissance can be as simple as watching a building to identify what time employees enter the building and when they
leave. However, most reconnaissance is done sitting in front of a computer.
When hackers are looking for information on a potential target, they commonly run
an Internet search on an individual or company to gain information. I’m sure many of
you have performed the same search on your own name or a potential employer, or just to
gather information on a topic. This process when used to gather information regarding a
TOE is generally called information gathering. Social engineering and dumpster diving are
also considered passive information-gathering methods.
Sniffing the network is another means of passive reconnaissance and can yield useful
information such as IP address ranges, naming conventions, hidden servers or networks,
and other available services on the system or network. Sniffing network traffic is similar to building monitoring: a hacker watches the flow of data to see what time certain transactions take place and where the traffic is going. Sniffing network traffic is a common hook for many ethical hackers. Once they use some of the hacking tools and are able to see all the data that is transmitted in the clear over the communication networks, they are eager to learn and see more.
Sniffing tools are simple and easy to use and yield a great deal of valuable information.
Many times this includes usernames and passwords and other sensitive data. This is usually quite an eye-opening experience for many network administrators and security professionals and leads to serious security concerns.
Active reconnaissance involves probing the network to discover individual hosts, IP
addresses, and services on the network. This process involves more risk of detection than
passive reconnaissance and is sometimes called rattling the doorknobs.
Active reconnaissance can give a hacker an indication of security measures in place (is the front door locked?), but the process also increases the chance of being caught or at least raising suspicion.
Many software tools that perform active reconnaissance can be traced back to the
computer that is running the tools, thus increasing the chance of detection for the hacker.
Both passive and active reconnaissance can lead to the discovery of useful information
to use in an attack. For example, it’s usually easy to find the type of web server and
the operating system (OS) version number that a company is using. This information may
enable a hacker to find a vulnerability in that OS version and exploit the vulnerability to
gain more access.
Scanning involves taking the information discovered during reconnaissance and using it to
examine the network. Tools that a hacker may employ during the scanning phase include
> Dialers
> Port scanners
> Internet Control Message Protocol (ICMP) scanners
> Ping sweeps
> Network mappers
> Simple Network Management Protocol (SNMP) sweepers
> Vulnerability scanners
Hackers are seeking any information that can help them perpetrate an attack on a target,
such as the following:
> Computer names
> Operating system (OS)
> Installed software
> IP addresses
> User accounts
Phase 3: Gaining Access
Phase 3 is when the real hacking takes place. Vulnerabilities exposed during the reconnaissance and scanning phase are now exploited to gain access to the target system. The hacking attack can be delivered to the target system via a local area network (LAN), either wired or wireless; local access to a PC; the Internet; or offline. Examples include stackbased buffer overflows, denial of service, and session hijacking. Gaining access is known in the hacker world as owning the system because once a system has been hacked, the hacker has control and can use that system as they wish.
Phase 4: Maintaining Access
Once a hacker has gained access to a target system, they want to keep that access for future exploitation and attacks. Sometimes, hackers harden the system from other hackers or
security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system.
Phase 5: Covering Tracks
Once hackers have been able to gain and maintain access, they cover their tracks to avoid
detection by security personnel, to continue to use the owned system, to remove evidence of
hacking, or to avoid legal action. Hackers try to remove all traces of the attack, such as log Defining Ethical Hacking 11 files or intrusion detection system (IDS) alarms.
Examples of activities during this phase of the attack include
> Steganography
> Using a tunneling protocol
> Altering log files
Finally, i will to the end.. Hope you liked my post and will pass on the comments if you have any doubts regarding the above post.
Thanks
Disclaimer : I am not responsible for any harm to your system by this virus. I am, not in any way, asking you to try this on your computer nor on any one else. This is just for educational purpose.
Phase 1: Passive and Active Reconnaissance
Passive reconnaissance involves gathering information about a potential target without
the targeted individual’s or company’s knowledge. Passive reconnaissance can be as simple as watching a building to identify what time employees enter the building and when they
leave. However, most reconnaissance is done sitting in front of a computer.
When hackers are looking for information on a potential target, they commonly run
an Internet search on an individual or company to gain information. I’m sure many of
you have performed the same search on your own name or a potential employer, or just to
gather information on a topic. This process when used to gather information regarding a
TOE is generally called information gathering. Social engineering and dumpster diving are
also considered passive information-gathering methods.
Sniffing the network is another means of passive reconnaissance and can yield useful
information such as IP address ranges, naming conventions, hidden servers or networks,
and other available services on the system or network. Sniffing network traffic is similar to building monitoring: a hacker watches the flow of data to see what time certain transactions take place and where the traffic is going. Sniffing network traffic is a common hook for many ethical hackers. Once they use some of the hacking tools and are able to see all the data that is transmitted in the clear over the communication networks, they are eager to learn and see more.
Sniffing tools are simple and easy to use and yield a great deal of valuable information.
Many times this includes usernames and passwords and other sensitive data. This is usually quite an eye-opening experience for many network administrators and security professionals and leads to serious security concerns.
Active reconnaissance involves probing the network to discover individual hosts, IP
addresses, and services on the network. This process involves more risk of detection than
passive reconnaissance and is sometimes called rattling the doorknobs.
Active reconnaissance can give a hacker an indication of security measures in place (is the front door locked?), but the process also increases the chance of being caught or at least raising suspicion.
Many software tools that perform active reconnaissance can be traced back to the
computer that is running the tools, thus increasing the chance of detection for the hacker.
Both passive and active reconnaissance can lead to the discovery of useful information
to use in an attack. For example, it’s usually easy to find the type of web server and
the operating system (OS) version number that a company is using. This information may
enable a hacker to find a vulnerability in that OS version and exploit the vulnerability to
gain more access.
Phase 2: Scanning
Scanning involves taking the information discovered during reconnaissance and using it to
examine the network. Tools that a hacker may employ during the scanning phase include
> Dialers
> Port scanners
> Internet Control Message Protocol (ICMP) scanners
> Ping sweeps
> Network mappers
> Simple Network Management Protocol (SNMP) sweepers
> Vulnerability scanners
Hackers are seeking any information that can help them perpetrate an attack on a target,
such as the following:
> Computer names
> Operating system (OS)
> Installed software
> IP addresses
> User accounts
Phase 3: Gaining Access
Phase 3 is when the real hacking takes place. Vulnerabilities exposed during the reconnaissance and scanning phase are now exploited to gain access to the target system. The hacking attack can be delivered to the target system via a local area network (LAN), either wired or wireless; local access to a PC; the Internet; or offline. Examples include stackbased buffer overflows, denial of service, and session hijacking. Gaining access is known in the hacker world as owning the system because once a system has been hacked, the hacker has control and can use that system as they wish.
Phase 4: Maintaining Access
Once a hacker has gained access to a target system, they want to keep that access for future exploitation and attacks. Sometimes, hackers harden the system from other hackers or
security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system.
Phase 5: Covering Tracks
Once hackers have been able to gain and maintain access, they cover their tracks to avoid
detection by security personnel, to continue to use the owned system, to remove evidence of
hacking, or to avoid legal action. Hackers try to remove all traces of the attack, such as log Defining Ethical Hacking 11 files or intrusion detection system (IDS) alarms.
Examples of activities during this phase of the attack include
> Steganography
> Using a tunneling protocol
> Altering log files
Finally, i will to the end.. Hope you liked my post and will pass on the comments if you have any doubts regarding the above post.
Thanks
No comments:
Post a Comment
Enter your Comment...