Exploring the World of Ethical Hacking: Tools, Techniques, and Ethics
Dive into the realm of ethical hacking with a comprehensive overview covering the definition, types, rules, skills, and tools involved. Discover the responsibilities, boundaries, and expertise required to navigate this field while maintaining legality and ethical conduct.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
ETHICAL HACKING MODULE 1
OVERVIEW What is ethical hacking? Types of ethical hacking What can Ethical hackers do? Tools for Ethical hacking Certification Example of laws
WHAT IS ETHICAL HACKING An ethical hacker is like a malicious hacker They know how to: Find vulnerabilities Exploit existing weaknesses Use commonly available tools The primary difference between ethical hackers and real hackers is the legality!
WHAT IS ETHICAL HACKING The hacker must obey the following rules: Expressed (often written) permission Respect privacy. Clean up after yourself Communicate any security vulnerabilities ONLY to the developer
WHAT IS ETHICAL HACKING An Ethical Hacker Answers the Following Questions: What kind of vulnerabilities does an attacker see? What information or system would a hacker most want to access? What can an attacker do with the information? How many people notice the attempted hack? What is the best way to fix the vulnerability?
TYPES OF ETHICAL HACKING 3 basic models: White Box Black Box Gray Box. White Box Penetration Testing- having full access, knowledge, permission and disclosure of network(s) and computer system(s). Black Box Penetration Testing- having no starting knowledge Grey Box Penetration Testing- No specific definition, between white and black box
WHAT AN ETHICAL HACKER CAN/CANNOT DO Conduct testing without (explicit) permission Use illegal tools Make vulnerabilities public (arguable)
TOOLS Nmap- Network scanner Wireshark- Traffic monitor John the Ripper- Password cracker Kali Linux- Not a tool, but a collection of open source tools
SKILLS TO KNOW C- low/mid level Programming language PERL- High level programming language Python- High level programming language Unix/Linux Shell (BASH, SH, KSH)- Scripting languages Windows PowerShell- Scripting languages Commands for processing files, probing networks, etc.
PROGRAMMING LANGUAGE CHAUVINISM The selection of a programming language is not a religious experience Just like cars, laundry detergents, or woodworking tools: There is more than one good choice of programming language Some do certain jobs better than others Sometimes you use what you ve got
CERTIFICATIONS EC Council: Certified Ethical Hacker Network security CISCO Systems: CCNA Installation, troubleshooting and monitoring Maintain integrity, confidentiality, and availability COMPTIA Security+ Cryptography and access control Disaster recovery and risk management.
CERTIFICATIONS CISSP Security and Risk Management Asset Security Security Engineering Communications and Network Security Identity and Access Management Security Assessment and Testing Security Operations Software Development Security
LAWS TO ADDRESS SECURITY BREACHES Computer Fraud and Abuse Act (CFAA) Computer Network Protection Act of 1989 Georgia Computer Systems Protection Act
SOMETHING TO CONSIDER In IT we are concerned with security What does this mean?
