Introduction to Ethical Hacking
Most of the people think that hacking is just stealing of data and information illegally but this perception is totally wrong. Hacking is not always illegal & not all Hackers are criminals. Hacking also includes finding vulnerabilities, finding bugs & exploring the things that are being hidden from the general usage. So, one thing is clear that not all hacking is illegal. In this post we will discuss about legal hacking i.e Ethical Hacking.
What is Ethical Hacking
Ethical Hacking is an authorized attempt to gain access into a computer system for the purpose to identify the security vulnerabilities or to report any technical issue. So, unlike malicious hacking (blackhat hacking) Ethical Hacking is based on moral values. It can also be defined as the process of taking active security measures to defend systems from Blackhat hackers.
Ethical Hackers also crack the security measures implemented by a system but for the purpose to find out vulnerabilities with the users permission. Most of the organizations hire Ethical Hackers to check their systems & if they find any loop holes they fix it. In short Ethical Hackers hack target systems before any harmful hacker & fix all lopes holes that prevents the risk of hacking.
Phases of Ethical Hacking
There are 5 phases of Ethical Hacking i.e
- Reconnaissance (footprinting)
- Gaining Access
- Maintaining Access &
- Clearing Tracks
Reconnaissance:- Reconnaissance also known as Footprinting. Footprinting is the first step of Ethical Hacking. Here the attacker gathers basic information about the target. Eg lets say we wanna hack a website so we can simply look for developer tools in our browser where the source code, file extensions & URLs clearly tell us what type of platform the website is built on, if it’s a PHP website the plan will be different or if it’s a Python website the plan will be differtent.
There are two types of Footprinting
. Active:- Where we directly interact with the target to gather information about the target. Eg using tools like Nmap to scan the target.
. Passive:- Where we collect information about the target without directly interacting with the target. Eg collecting information from social media, websites etc.
Scanning:- In this phase of Ethical Hacking, the hacker identifies a quick way to gain access to the network & look for the information. There are three types of Scanning : Port Scanning, Vulnerability Scanning & Network mapping.
. Port Scanning:- Port Scanning means scanning the target for the information like open ports, live systems, various services running on the host.
. Vulnerability Scanning:- Vulnerability Scanning means checking the weakness in the target device which can be exploited. It is usually done with the help of some automated tools like nmap & hping.
. Network Mapping:- In this type of hacking an attacker gets the valuable information throughout the hacking process. Here the hacker find the topology of a network, routers, firewalls and host information then drawing a network diagram with the information that he has.
Gaining Access:- This is where the hacker does the actual hacking. He uses all the information that he gathered by doing Footprinting & Scanning and launch an attack on the target system/network. He exploits all the vulnerabilities and gains full access to the target system. Now if he wills he can steal all the data, delete all the information, install viruses or uses the system for his own benefit.
Maintaining Access:- Hacker have already hacked the system in the previous phase. Now what did he do! Usually when hackers hack any system they want to keep that access for future attacks so hackers install backdoors in the hacked system which will help him to do more attacks in future.
Clearing Tracks:- No theif wants to get caught. An intelligent hacker always clear his Footprints & all other evidences so that in future no one will find any traces leading to him.
So these are five phases of Ethical Hacking. Now let’s see the importance of Ethical Hacking.
Importance of Ethical Hacking
So far we have discussed about what is Ethical Hacking, What Ethical Hackers do & Phases of Ethical Hacking. Now lets understand the importance of Ethical Hacking in our daily life.
In today’s modern world everything is connected to the internet, From our personal information to our business information & our financial everything is connected to the internet and it’s true that internet had make our life easier We can buy everything online, we can get information about everything just in one click, we can sell our goods online or even we can find our life partner online.
But everything has a bad side. Similarly on internet there is threat of hacking. Yes it is true all your information on the internet can be leaked within few minutes. To stop that many organizations are hired Ethical Hackers whether it is a private organization or govt organization. So here the job of an Ethical Hacker is to find vulnerabilities & fix all bugs before any bad hacker exploits them.
If there is no Ethical Hacking then may be Malicious Hackers hack all important data which is present on the internet which includes our personal information, business information & financial information which results in huge crises. Ethical Hacking is not only legal but it is very necessary in today’s modern world where every single thing is connected to the internet. That’s why we should learn Ethical Hacking and make our self & our organization safe from malicious hackers.