Skills & Process
Zip File Password Is - HELP
“To beat a hacker, you need to think like one!”
Certified Ethical Hacker is the one who knows how to identify vulnerabilities in target systems using the same knowledge that of a malicious hacker. An ethical hacker does the job of assessing the security posture of an organization in a lawful and legitimate manner.
Skills required to attend the Certified Ethical Hacking exam successfully
· Strong knowledge of networking, and computer systems.
· Understanding of current security protocols for regularly used operating systems like, Linux, Windows, and Mac.
· Ability to hack into network or systems on permission, to assess vulnerabilities.
· Able to perform preventive, corrective and protective countermeasures against malicious attempts.
· Should be proficient in identifying and cracking multiple types of passwords.
· Know the phases and methodologies of ethical hacking.
· Should know how to erase digital evidence of networks and system intrusions.
· Understand encryption techniques and cryptography.
· Adhere to the code of ethics and perform hack under professional conduct.
· Should be aware of common cyberattacks like phishing, social engineering, trojans, insider attacks, identity thefts, etc., and should know how to undertake appropriate evasion techniques and countermeasures.
As an ethical hacker, you will need to understand various hacking techniques such as −
Password guessing and cracking
· Session hijacking
· Session spoofing
· Network traffic sniffing
· Denial of Service attacks
· Exploiting buffer overflow vulnerabilities
· SQL injection
Process:
Different security training manuals explain the process of ethical hacking in different ways, but for me as a Certified Ethical Hacker, the entire process can be categorized into the following phases.
1. Reconnaissance:
This is the first step of Hacking. It is also called as Footprinting and information gathering Phase. This is the preparatory phase where we collect as much information as possible about the target. We usually collect information about three groups,
· Network
· Host
· People involved
There are two types of Footprinting:
Active: Directly interacting with the target to gather information about the target. Eg Using Nmap tool to scan the target
Passive: Trying to collect the information about the target without directly accessing the target. This involves collecting information from social media, public websites etc.
2. Scanning:
Three types of scanning are involved:
Port scanning: This phase involves scanning the target for the information like open ports, Live systems, various services running on the host.
Vulnerability Scanning: Checking the target for weaknesses or vulnerabilities which can be exploited. Usually done with help of automated tools
Network Mapping: Finding the topology of network, routers, firewalls servers if any, and host information and drawing a network diagram with the available information. This map may serve as a valuable piece of information throughout the haking process.
3. Gaining Access:
This phase is where an attacker breaks into the system/network using various tools or methods. After entering into a system, he has to increase his privilege to administrator level so he can install an application he needs or modify data or hide data.
4. Maintaining Access:
Hacker may just hack the system to show it was vulnerable or he can be so mischievous that he wants to maintain or persist the connection in the background without the knowledge of the user. This can be done using Trojans, Rootkits or other malicious files. The aim is to maintain the access to the target until he finishes the tasks he planned to accomplish in that target.
5. Clearing Track:
No thief wants to get caught. An intelligent hacker always clears all evidence so that in the later point of time, no one will find any traces leading to him. This involves modifying/corrupting/deleting the values of Logs, modifying registry values and uninstalling all applications he used and deleting all folders he created.
KORMO GAMING
0 Comments