Professional Documents
Culture Documents
Types of Hacking
We can segregate hacking into different categories, based
on what is being hacked. Here is a set of examples −
Advantages of Hacking
Hacking is quite useful in the following scenarios −
Disadvantages of Hacking
Hacking is quite dangerous if it is done with harmful intent.
It can cause −
Purpose of Hacking
There could be various positive and negative intentions
behind performing hacking activities. Here is a list of some
probable reasons why people indulge in hacking activities −
PENTRATION TESTING
The client and the tester jointly define the goals so that both
the parties have the same objectives and understanding.
The common objectives of penetration testing are −
Reconnaissance
Reconnaissance includes an analysis of the preliminary
information. Many times, a tester doesn’t have much
information other than the preliminary information, i.e., an
IP address or IP address block. The tester starts by
analyzing the available information and, if required,
requests for more information such as system descriptions,
network plans, etc. from the client. This step is the passive
penetration test, a sort of. The sole objective is to obtain a
complete and detailed information of the systems.
Discovery
In this step, a penetration tester will most likely use the
automated tools to scan target assets for discovering
vulnerabilities. These tools normally have their own
databases giving the details of the latest vulnerabilities.
However, tester discover
Final Analysis
This step primarily considers all the steps conducted
(discussed above) till that time and an evaluation of the
vulnerabilities present in the form of potential risks. Further,
the tester recommends to eliminate the vulnerabilities and
risks. Above all, the tester must assure the transparency of
the tests and the vulnerabilities that it disclosed.
Report Preparation
Report preparation must start with overall testing
procedures, followed by an analysis of vulnerabilities and
risks. The high risks and critical vulnerabilities must have
priorities and then followed by the lower order.
Expect
Tool
Purpose Portability ed
Name
Cost
Linux,
Port Scanning
NetBSD,
Hping Remote OC Free
FreeBSD,
fingerprinting
OpenBSD,
Linux,
Windows,
FreeBSD, OS
Network X, HP-UX,
Scanning NetBSD,
Nmap Free
Port Scanning Sun,
OS Detection OpenBSD,
Solaris,
IRIX, Mac,
etc.
Runs queries
including ping,
whois,
hostname
lookups, etc.
Detects open Windows
SuperSc
2000/XP/Vis Free
an UDP/TCP
ta/7
ports and
determines
which services
are running on
those ports.
Linux,
FreeBSD,
Os NetBSD,
fingerprinting OpenBSD,
p0f Free
Firewall Mac OS X,
detection Solaris,
Windows,
and AIX
Remote active
OS
fingerprinting
Xprobe Linux Free
Port Scanning
TCP
fingerprinting
Web server
fingerprinting
SSL detection
Detect web Linux, Mac
enabled OS X,
Httprin FreeBSD,
devices (e.g., Free
t Win32
wireless access
(command
points,
line & GUI
switches,
modems,
routers)
Detect
Mac OS X,
vulnerabilit Free
Linux,
ies that to
FreeBSD,
allow remote limite
Nessus Apple,
cracker to d
Oracle
control/acce editio
Solaris,
ss sensitive n
Windows
data
Windows
Server
2003/2008,
Windows 7
Ultimate/
Detect Vista, Only
GFI
network Windows Trial
LANguar
vulnerabilit 2000 Versio
d
ies Professiona n Free
l,
Business/XP
, Sever
2000/2003/2
008
Windows
2000
Professiona
l with SP4,
Detect Only
Windows
Iss network Trial
Server 2003
Scanner vulnerabilit Versio
Standard
ies n Free
with SO1,
Windows XP
Professiona
l with SP1a
Detect Windows but
Shadow network scan Only
Securit vulnerabilit servers Trial
y ies, audit built on Versio
Scanner proxy and any n Free
LDAP servers platform
Develop and
execute exploit
Metaspl code against a All
oit remote target versions of
Free
Framewo Test Unix and
rk vulnerability of Windows
computer
systems
Telnet, ftp,
and http Windows
Brutus Free
password 9x/NT/2000
cracker
The fast growth of the internet has changed the way of life
for everyone. These days, most of the private and public
works are internet dependent. Government’s all secret
working plans, and operations are internet based. All these
things made the life very simple and easily accessible.
But with the good news, there is also a dark face of this
development i.e., the criminal hacker. There is no
geopolitical limitation of these criminal hackers, they can
hack any system from any part of the world. They can
damage confidential data and credit history very badly.
Types of Hackers
Hackers are normally divided into three categories.
Black Hat Hackers