Hackers And Ethical Hackers

Hackers And h sensationst HackersCyber credential is one of the near scathing aspects of bail t assume any organization in the modern existence must be concerned with. Why? Mostly because of Black-hat Hackers. The following check discover is a general discussion about galley slaves and its best countermeasure, Ethical Hacking. The land I chose this topic is because it is of great interest to me, as I someday want to be an Ethical hacker as well.ReviewThe say hacker in the past was defined as a soul who loves playing a around with softw ar or electronic administrations. They cherished to discover new things on how computers operate. Today the term hacker has a unalike meaning altogether. It states that a hacker is someone who maliciously start outs into systems for personal gain. Technically, these criminals are cracker bonbons (criminal hackers). Crackers break into (crack) systems with malicious intent. They are out for personal gain fame, profit, and even out rev enge. They modify, delete, and steal critical knowledge, often fashioning other people miserable. (Kevin Beaver, Stuart McClure 2004, p10) Most of the literature I read curb the definition of the word hacker as previously stated or to mean more or lessly the same thing.The history of hacking dates back to the 1960s when a class of people in MIT hack the control systems of model trains to blade them run faster, more effectively or differently than they were designed to. (Peter T. Leeson, Christopher J. Coyne, 2006). Because of such activity by these individual(a)s computer owners and supervisors took a dash their access to computers. As a result the hacking community came up with their own engrave known as the hacker ethic1. Access to computers -and anything which might teach you something about the way the world deeds should be unlimited and total. Always yield to the active Imperative2. All in designation should be free.3. Mistrust Authority sanction Decentralization .4. Hackers should be judged by their hacking, not bogus criteria such as degrees, age, ladder or position.5. You can create art and beauty in a computer.6. Computers can change your life for the better. (Paul A Taylor, 2005)The above legislation is withal followed today and not only by hackers but by others as well.Not all hackers today have the same level of expertise. Depending on the psychology and skills of a hacker they can be put into foursome groups.(M.G. Siriam) Old School Hackers is one group and they believe that the internet should be an open system. Script kiddies is another and they are computer novices that use tools created by professional hackers to hack systems. Most of the hackers today fit into this group. The next group is professional criminals or crackers. They break into systems for the purpose of stealth and selling information they gathered.. The final group is coders and virus writers. They are elite individuals with a actually high skill in program ming and operating systems that write code and use other people in charge of releasing their code to the wild.Organizations and institutions today are under a lot of stress to cling to their information from external as well as internal tribute threats to their computer systems. As such or so of them have come up with the solution of hiring Ethical Hackers. To catch a thief, you must think the like a thief. Thats the basis for honorable hacking. Knowing your enemy is absolutely critical (Kevin Beaver, Stuart McClure, 2004, p13). In other wards Ethical hackers (white-hat hackers) are experienced security and electronic network experts that coiffure an set upon on a target system with authorization from the owners, to find loop holes and vulnerabilities that other hackers could tap. This process is also known has passing Teaming, Penetration Testing or Intrusion Testing. (www.networkdictionary.com) The end goal of ethical hackers is to learn system vulnerabilities so that th ey can be repaired for community self-concern and as a side-product also the common candid of the people.(Bryan Smith, William Yurcik, David Doss, 2002)Every Ethical hacker should follow three important rules as follows Firstly working Ethically. All actions performed by the ethical hacker should support the organizations goals that he works for. Trustworthiness is the ultimate tenet. The misuse of information is absolutely forbidden. Secondly Respecting screen as all information that an ethical hacker gathers has to be set with the utmost respect. Finally Not Crashing Your Systems. This is mostly due to no prior seening or having not read the documentation or even misusing the usage and power of the security tools at their disposal. (Kevin Beaver, Stuart McClure, 2004, p16-17)The main attacks or methods that an ethical hackers or even hackers perform are of as followsNon Technical AttacksNo matter how secured an organization is in terms of software and hardware, it will ete rnally be vulnerable to security threats because securitys weakest link are people or its employees. Social engineering is a flake of non technical attack where hackers exploit the trusting nature of human beings to gain information for malicious purposes. other(a) attacks can be of physical nature such as stealing hardware equipment or dumpster diving.Operating-System AttackHacking an operating system (OS) is a prefer method of the bad guys. OS attacks misrepresent up a bear-sized portion of hacker attacks simply because every computer has an operating system and OSes are susceptible to legion(predicate) well-known exploits.(Kevin Beaver, Stuart McClure, 2004, p15)Distributed denial of service attacks(DDoS)This is the most popular attack utilize by many hackers to bring dispirited systems. Its a type of attack that overloads the network or server with a large amount of traffic so that it crashes and renders any access to the service. network Protocol (IP) spoofingIt is a wa y of disguising the hackers real identity. This method allows a hacker to gain unauthorized access to computers by sending a subject to a computer with an IP address showing that the message is from a trusted host. To accomplish this, a hacker must use different tools to find an IP address of a trusted host, and then vary the packet headers so it appears that the packets are coming from the host. (Tanase 2003).The process of ethical hacking contains many different steps. The first thing that is done is to formulate a plan. At this stage getting approval and authorization from the organization to perform the discernment test is extremely important. (Kevin Beaver, Stuart McClure, 2004, p15). Next the ethical hacker uses scan tools to perform port scans to check for open ports on the system. Once a cracker scans all computers on a network and creates a network part showing what computers are running what operating systems and what services are available, nearly any kind of attack is possible (Bryan Smith, William Yurcik, David Doss, 2002) This method is apply by hackers as well but for mainly for malicious purposes. After scanning has been done the ethical hacker selects the tools that are going to be used to perform certain tests on the target system. These tools can be used for password cracking, planting backdoors, SQL injection, sniffing etc. The tests need to be carefully performed because if they are done incorrectly they could damage the system and could go unnoticed. (Bryan Smith, William Yurcik, David Doss, 2002) Finally the plan needs to be executed and the results of all the tests then need to be evaluated (Kevin Beaver, Stuart McClure, 2004, p22) Based on the results the ethical hacker tells the organization about their security vulnerabilities as well as how they can be patched to make it more secure.A grey hat hacker is a type of hacker that has the skills and intent of a ethical hacker in most situations but uses his knowledge for less than n oble purposes on occasion. Grey hat hackers typically subscribe to another form of the hacker ethic, which says it is acceptable to break into systems as long as the hacker does not commit larceny or breach confidentiality. Some would argue, however that the act of breaking into a system is in itself unethical.(Red Hat, Inc, 2002) Grey hats are also a form of good hackers that usually hack into organizations systems without their permission, but then at a later stage send them information on the loop holes in their system. They also sometimes threaten to release the holes they find unless action has been interpreted to fix it. (Peter T. Leeson, Christopher J. Coyne, 2006)ConclusionTesting the security of a system by breaking into it is not a new idea but is something that is skilful in all aspects of industry. For example if an automobile company is crash-testing cars, or an individual is testing his or her skill at martial arts by sparring with a partner, evaluation by testing und er attack from a real adversary is widely accepted as prudent.(C.C. Palmer, 2001) Since the security on the Internet is quite poor at present, ethical hacking is one of the only ways to ways to proactively plug rampant security holes. Until such time a proper social framework is founded, to differentiate the good guys (white hats) from the bad guys (black hats), a law must not be brought into effect, as this may risk taking away our last hope of change defense and not realize it until it is too late. In the end, it is up to the fiat to consider the social and ethical standards to apply to the ever-changing technology, so worthful information does not fall into the wrong hands for the wrong purposes.