Ethical Hacking Week 1: General Look on Hacking

Posted on by

Types of Hackers

-Ethical Hacker: these hackers are employed by companies to perform penetration tests

-Hackers: these are people who access computer systems or networks without permission. This is considered breaking the law and can result in prison time.

-Crackers: these people break into systems to steal or destroy data and make it very obvious that a system has been breached.

-Script Kiddies/Packet Monkeys: young inexperienced hackers who copy codes and techniques from knowledgeable hackers.

The Role of Security and Penetration Testing

Penetration Testing – This is a legal procedure that is intended to break into a company’s network to find it’s vulnerabilities.

Security Testing – This is more valuable than an attempt to break in, it also includes analyzing a company’s security policy and procedures. The tester also offers solutions to protect the network.

Value of Testing – testing is important because it lets companies see where their IT infrastructure is most vulnerable and exposes weaknesses in their security. Penetration testing should inspire companies to fix these issues in security before a bad actor tries to penetrate their system. 

Tigerbox

Tiger box is a collection of OS’s and hacking tools that is usually used on a laptop. This helps penetration testers and security testers conduct vulnerability assessments and attacks.

Penetration Testing Methodologies

White Box Model – The tester is told and everything about the network topology and technology. Additionally the network diagram is given to the tester and is authorized to interview IT personnel and company employees. This makes the tester’s job a little easier.

Black Box Model – Company doesn’t know about the test. The tester isn’t given details about the network. Instead the burden is on the tester to find these missing variables. Lastly tests if security personnel are able to detect an attack.

Gray Box Model – Hybrid of the white and black box model where the tester is given partial information from the company.

Penetration Testing Process

  • Define the Scope of the Test: this is where the tester determines the extent of testing, what will be tested, where the testing will occur, and by whom will it be tested by
  • Performing the Test: Detailing the hacking cycle
  • Reporting and Delivering Results

Penetration Testing Techniques

  • Passive Research – gathering information about the system configuration of the institution.
  • Open Source Monitoring – this is public software that is used to monitor aspects of a institutions IT infrastructure to ensure confidelity and integrity
  • Network Mapping – These are easy to understand graphics to show the devices on a network and how it is structured.
  • OS Fingerprinting – this is the detection of the operating system of an end host by analyzing packets. It is used by security professionals and hackers for mapping remote networks and determining the vulnerabilities to exploit.
  • Spoofing – this is the act of disguising a communication from an unknown and untrusted source as being from a known trusted source. Spoofing applies to emails, phone calls, websites, IP Address, Address Resolution Protocol, or Domain Name System.
  • Network Sniffing – monitors network usage and can be used to track down someone using excessive bandwidth at a university or business. They can also be used to find security holes. Black hat hackers have been using network sniffing tools that allow hackers with little to no hacking skills to monitor traffic over unsecured WIFI networks and steal private information.
  • Trojan Attacks – this is a type of malicious code or software that looks legitimate but can take control of your computer. A trojan is designed to damage, disrupt, steal, or inflict harmful action on your data and network. There are a various amount of trojan attacks.
  • Brute Force Attack – this is a cyberattack that is directly trying to figure out a password and gain authorization via a dictionary of possible password.
  • Vulnerability Scanning – A vulnerability scanner is an application that identifies and creates an inventory of all the systems (including servers, desktops, laptops, virtual machines, containers, firewalls, switches, and printers) connected to a network. For each device that it identifies it also attempts to identify the operating system it runs and the software installed on it, along with other attributes such as open ports and user accounts.

Port Scanning

Port Scanning is a method of determining which ports on a network are open and could be receiving or sending data. This can be also a process for sending packets to specific ports on a host and analyzing the responses to identify vulnerabilities. To initiate Port Scanning you have to identify a list of active hosts and map those hosts to their IP addresses. This is called host discovery and starts by doing a network scan. Ultimately the goal of Port Scanning is to identify the organizations IP addresses, hosts, and ports to properly determine open or vulnerable server locations. (https://www.avast.com/en-us/business/resources/what-is-port-scanning)

Leave a Reply

Your email address will not be published. Required fields are marked *