Ethical Hacking

The terms ethical hacking and hackers are sufficient enough to explain about the hacking done by a company or individual to identify the potential threats on target computer or network of systems. The ethical hacker tries bypassing the system’s security and identify the weak points that can be analysed to prevent exploitation and misuse by malicious hackers.

There are various steps or phases in ethical hacking.

Phase 1. Reconnaissance or Footprinting

The first phase is Information Gathering, which is about getting to know the target systems. This first process in ethical hacking can also be termed as footprinting or reconnaissance.

Phase 2: Scanning

Scanning phase collects the information that is discovered during the phase 1 and later the network is examined. Various tools that can be used by a hacker for the purpose of scanning are dialers, network mappers, port scanners, vulnerability scanners, and sweepers.

Hackers seek any of the information that may help them to enhance the attack and gain maximum results. The information that can be stored may be computer names, IP addresses, VPN’s and user and company or firm’s accounts.

Phase 3: Gaining Access

Actual hacking is performed at this phase. Vulnerabilities that were analysed during the previous phases are now employed to gain access. Either the local access to a PC can be established or LAN’s can be used, the Internet, or offline intrusion. Stack-based buffer overflow, DoS (denial of service) attacks, and session hijacks may be done. Gaining access is equivalent to owning the target system in the terms of hacking.

Phase 4: Maintaining Access

As soon is access on targets is established by the hacker, the access is retained for future. The hackers may use it for further exploitation and they also make changes such that it can’t be hacked by other hackers or even recovered by the firm itself, by applying exclusive access by them with backdoors, rootkits, and Trojans. Additional attacks can also be launched from this hacked base system also known as zombie system.

Phase 5: Covering Tracks

Once hackers own the systems, tracks are covered by the hackers to continue the use of the hacked system, and prevent recovery by security forces. Also, they remove the traces of hacking to avoid the risks of legal action against themselves.

They remove the log files, intrusion detection system (IDS) alarms that may be generated at time of hacking. Steganography, tunneling protocols, and alteration of the log files is done in this phase of attacks.