Microsoft Summer Internship | Training 2018

Why Ethical Hacking is important in 2018?

Hacking is a very important part of the Computer Security. Hacking has been a part of computing for almost five decades and it is a very broad discipline and it covers a wide range of topics. To gain an unauthorized access to a computer system, hacking is used.

Hacking is usually legal as long as it is being done to find weaknesses in a computer or network system for testing purpose. This sort of hacking is what is called as Ethical Hacking. “Hacker” is a computer expert who does the hacking.

  • White Hat hackers:The ethical hackers that hack the system to assess the security of an organization are called White Hat Hackers. They hack into the system to check for any vulnerability that might be present in the system before the malicious hackers exploit them. White hat hackers hack into the system more or less the same way as the malicious hackers do but they do it to check the security of the system and fix those vulnerabilities. Red teams, tiger teams, or “sneakers” are the name of the teams in which White Hat Hackers work as a team.
  • Black Hat hackers:The unethical hackers that hack into the system with malicious intent and to exploit the vulnerability of the organization for their personal gains are called Black Hat Hackers. The term was coined by hacker culture theorist Richard Stallman.
  • Grey Hat hackers:The combination of White Hat Hackers and the Black Hat Hackers are called Grey Hat Hackers. The sole purpose of a grey hat hacker is to surf the Internet and hack into a computer system for notifying the administrator that their system has a security defect. Unauthorized access to a system can be considered illegal and unethical even though grey hat hackers may not necessarily perform hacking for their personal gain.

Methods to carry out Hacking:

  • DoS Attacks
  • Social Engineering tactics
  • Security Scanners

  • W3af
  • Nessus
  • Nexpose
  • Frameworks:

  • Metasploit

Such methods identify and exploit known vulnerabilities, and attempt to evade security to gain entry into secured areas.

Attacks:

    A typical approach in an attack on Internet-connected system is:

  1. Network enumeration:Information about the intended target is found.
  2. Vulnerability analysis:Potential ways to attack is identified.

  3. Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.

Techniques:

  • Vulnerability Scanner: To find vulnerabilities in a system a tool called vulnerability scanner is used. It checks the system for on a network for known weaknesses. Firewalls defend the system from the exploits by restricting the access on the network but they can still be circumvented.

  • Brute Force Attack: Password Guessing. This method is very fast when used to check short passwords.

  • Password Cracking: Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. Common approaches include repeatedly trying guesses for the password, trying the most common passwords by hand, and repeatedly trying passwords from a "dictionary", or a text file with many passwords.

  • Password Cracking: Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. Common approaches include repeatedly trying guesses for the password, trying the most common passwords by hand, and repeatedly trying passwords from a "dictionary", or a text file with many passwords.

  • Spoofing attack (phishing): A spoofing attack involves one system, program or website that successfully masquerades as another by falsifying data and is thereby treated as a trusted system by a user or another program — usually to fool programs, systems or users into revealing confidential information, such as user names and passwords.

  • Trojan Horses: A Trojan horse is a program that gives the impression to be doing one thing but is actually doing another. It can be used to set up a back door in a computer system, enabling the intruder to gain access later.

Conclusion:

The word "hacker" carries weight. People misunderstand as to what a hacker is. Hacking can be legal or illegal, ethical or unethical. Hacking is a good computing skill that can be used for good or bad intention though it should only be used for good purposes.

MTAIND provides ‘Summer Training in Ethical Hacking’ where you can enroll yourself and learn Ethical Hacking from the best instructors. Registration Link:https://www.mtaind.com/register.php