Before you can even begin to start hacking your own system, you should
understand the 5 phases of ethical hacking. Ethical hackers aren’t so different
from malicious hackers in the tools and methods that they use to gain entry into
a network or system. The difference lies in their intentions.

Phase 1: Passive and Active Reconnaissance

Passive reconnaissance is the act of gathering up information without your
target knowing what you are doing and most of this is done from your chair in
front of your computer.

When you look for information, you generally run a search on the internet to
start with and it's surprising just how much information you can gather in this
way. Another means of passive reconnaissance is network sniffing and this can
give you quite a bit of information in terms of naming conventions, IP address
ranges, hidden networks, hidden servers and lots of other information about
what is on that network.

Network sniffing is a method by which a hacker watches data flow to see when
specific transactions happen and where the traffic is heading. This is a
common method used by ethical hackers and the tools are dead easy to use.
Later I’ll tell you which tools you can use and provide you with links to get
more information on them. In a nutshell, though, sniffers let you see all data
that is transmitted via a network, and that includes username and password
combos and loads of other sensitive data – all stuff you thought was secure on
your system!

Active reconnaissance is all about network probing and this lets you see IP
addresses, individual hosts, and network services. There is a higher risk of
detection with active reconnaissance, more so than with passive methods and
this is occasionally called “rattling the door knobs”. It can give you a rough
idea of what security measures are in use but there is a high risk that you will
be caught or that, at the very least, suspicion will be raised Many of the tools
that are used for active reconnaissance can easily be tracked back to the
computer they are being run from and this increases the likelihood of detection.
Both active and passive reconnaissance can help you to discover some useful

information and in terms of your own network security, you’ll find out just how
weak your security really is. Think of it this way – you can have as many locks,
deadbolts, and chains on your front door as you like but all of them are useless
if you leave the window wide open!

Phase 2: Scanning

Scanning is the act of taking the information that you found during your
reconnaissance and using it as a way of examining the network. The tools that
you can use to scan include:
Port scanners
1. Dialers
2. ICMP – Internet Control Message Protocol – scanners
3. Network mappers
4. Ping sweeps
5. SNMP – Simple Network Management Protocol – sweepers
6. Vulnerability scanners

The information that you are looking for during the scan is anything that can
help you to carry out an attack on a specific target, although, for the purposes
of this book, you are trying to find the information that another hacker will find
to see where the security gaps are:

1. Operating system
2. Computer name
3. Software that may be installed
4. User accounts
5. IP addresses

If, during your hack on your own system, you find any of these, you will know
where your weaknesses are.

Phase 3: Getting Access

This is where the fun begins, where the proper hacking happens. All the
vulnerabilities that you found in the first two phases can now be exploited,
giving you access to the system you are targeting. There are several ways to
attack:
1. Wired or wireless LAN – Local Area Network
2. Local access to the system
3. Internet
4. Offline

Examples of hacking attacks include Denial of Service, Stack-based buffer
overflows and session hijacking. Getting access is called Owning the System
because, once you are in, you have complete control and can do whatever you
wish.

Phase 4: Maintaining Your Access

Getting in is one thing; staying in is quite another. You want to be able to stay
in the system for as long as you possibly can to maximize the potential for more
exploitation. Sometimes, a hacker will harden the system so that other hackers
and security staff can’t get in – they do this by putting backdoors in, using
Trojans or rootkits. Once that system is yours you can launch other attacks from
it and, in this case, the system would be termed as a “zombie “system.

Phase 5: Covering Your Tracks

The last thing a hacker does is covers their tracks so that they can’t be detected
and can continue using the system. They will also do this to avoid legal action
and to get rid of all traces of hacking. They will remove IDS (Intrusion
Detection Systems) and log files to hide their tracks in a bid to stay there for as
long as they can.

Now you have an idea of the process used by a hacker, you can start to look at
your own system and, in the following chapters, we’ll look in depth at how you
can hack and protect your own network and computer.


Related Search 
7 phases of ethical hacking
reconnaissance in ethical hacking
6 phases of ethical hacking
ethical hacking step by step
7 phases of hacking
clearing tracks in ethical hacking
enumeration is part of what phase of ethical hacking?
types of ethical hacking
7 phases of ethical hacking
7 phases of hacking
5 phases of ethical hacking
phases of hacking
ethical hacking step by step
6 phases of ethical hacking
types of ethical hacking
phases of ethical hacking ppt
ethical hacking course
ethical hacking salary
ethical hacking in hindi
ethical hacking course free
ethical hacking pdf
ethical hacking course online
ethical hacking and cyber security
ethical hacking books