Ethical Hacking
Hacking is the process of finding vulnerabilities in a system and using these found vulnerabilities to gain unauthorized access into the system to perform malicious activities ranging from deleting system files to stealing sensitive information. Hacking is illegal and can lead to extreme consequences if you are caught in the act.
Phases of Ethical Hacking
Like every discipline out there in the world, ethical hacking is divided into distinct phases. Ethical hacking has 6 distinct phases. These phases are not strict rules, but more like a guideline to be followed.
1. Reconnaissance — Reconnaissance is the process of information gathering. In this phase, the hacker gathers relevant information regarding the target system. These include detecting services, operating systems, packet-hops to reach the system, IP configuration, etc. Various tools like Nmap, Hping, Google Dorks, etc are used for reconnaissance purposes.
2. Scanning — In the scanning phase, the hacker begins to actively probe the target machine or network for vulnerabilities that can be exploited. Tools like Nessus, Nexpose, and NMAP are widely used by hackers in this process.
3. Gaining Access — In this phase, the vulnerability located during scanning is exploited using various methods and the hacker tries to enter the target system without raising any alarms. The primary tool that is used in this process is Metasploit.
4. Maintaining Access — This is one of the most integral phases. In this phase, the hacker installs various backdoors and payloads onto the target system. Just in case you don’t know, Payload is a term used for activities performed on a system after gaining unauthorized access. Backdoors help the hacker gaining quicker access to the target system in the future.
5. Clearing Tracks — This process is an unethical activity. It has to do with the deletion of logs of all the activities that take place during the hacking process. Nonetheless, Ethical Hackers still have to perform this phase to demonstrate how a Black Hat Hacker would go about his activities.
CONFIDENTIALITY
Confidentiality is the keeping of another person or entity’s information private.
Examples of confidential information
01) Bank account statements
02) Personal information
03) Credit card numbers
04) Trade secrets
05) Government documents
Measures of keep information confidential
01)Encryption
02) Password
03) Two-factor authentication
04) Bio-metric
Measures to Protect Computer Security
There are numerous ways in which computer systems and data can be compromised and many ways to protect computer security.
These measures include:
• Access can be restricted through biometric scanning devices and passwords (secret words or phrases; dictionary attacks use thousands of words to attempt to gain access); security suites, firewalls, and password managers help with security tasks.
- Encrypting is coding information to make it unreadable except to those who have the encryption key. Hypertext transfer protocol secure (https) requires browsers and websites to encrypt all messages. Virtual private networks (VPNs) encrypt connections between company networks and remote users. WPA2 (Wi-Fi Protected Access) is the most widely used wireless network encryption for home wireless networks.
Hope you enjoyed the article.
Thank you!!
