What is Ethical Hacking? And How It Differentiates from Unethical Hacking?
Harvesting information and data for a particular organization can be done through active and passive methodologies (Atiquzzaman et al. 2006). Controversies have been existing in the market about the ethicality of hacking systems which have been provided by the computer experts. Any information accessed from the internet has its own risk factor in exposing the organizations to vulnerabilities of unethical conducts. Most of the institutions have put in place succinct measures to secure their cyber security to protect their assets (Friedman 1997). Until recently, ethical hacking was considered improper because second parties could consume confidential information concerning a particular company.
However, this trend is accepted in the current times to investigate security measures of an institution. Every system that has connection in the internet enables leakage of information to the potential attackers. The information could details the asset base of an organization or even give direction of the physical location (Gupta and Anand 2017, p.42). This leakage is very crucial to the hackers if they want to access the information of their interest.
Moreover, the topology of the organization can be identified which cascades more sophisticated attacks. Consequently, it should be noted that ethical hacking is allowed and accepted (Harris and Jordan 2002). Security departments are much known for this. They place a complex analysis of an organization if they discover probable dangerous activity being carried out by an institution. As it was alluded earlier, they can perfom this activity in background checks or even inform the organization itself. However, active hacking might fail to give the real picture of what happens from within the organization (Kleiman 2007). To avoid concealing of certain information, passive is much more used. The only problem which arise is the person conducting the hacking does it for other reasons to harm the targeted company. Ideally, it should be performed with caution of a certain degree. One, it is important to ensure no information leaks to another party. After the information gotten is used to achieve the targeted purpose, storing it in a safer mode is encouraged.
Differences between Active and Passive Information Gathering Methodologies
When using passive data collection technique, a third party is normally used to actualize the task. There is no direct connection between then hacker and the target host. In most instances, the information available in the third party is consumed to the benefit of the hacker (Kleiman 2007). For example, data presented in the Google accounts can be secretly accessed and used to perform the intended task. The beauty of this information gathering methodology is that the target does not recognize information is actually being gathered. Then ability to intrude without notice makes it superior in intelligence collection. The target host does not detect the profiling in their servers because no packets are relayed on their side. In other words, this methodology is described as time intensive (Leibowitz and Emrich 2009). This is because considerable amount of time is spent in learning about the host while ensuring no leakage of any information. On the other hand, active method involves connecting the target with a tool to get access to the website of an organization. This can be achieved through running port scans.
The challenge with this method is ability to be recognized when the hacking process is being executed. The target is able to identify any activity taking place and hence can decide to block the user. Interaction of the servers between the two parties make the exchange of data more transparent (Mischel 2009). Furthermore, active is vulnerable to scan since the hacker has to be in touch with the device or one of the employee. It is therefore a coordinated system which cannot happen without an internal liaison with one of the person in the target place. Contrary, passive do not touch the target.
Passive Information Gathering Methodology
There are a number of process which are involved before an intruder penetrates into the servers of an organization. Hacking the system of an institution does not happen within one day, but it involves a well-organized procedure by the interested party (Oshana and Kraeling 2013). The design and architecture of a business dictates how well the organization is protected against external attacks. Important information can be extracted and used to reinforce an attack if the data is not well secured. Insight of data security is core in the current age. The following procedure is normally followed to arrive at hacking (Prasad 2016). The first one is gathering information. It serves as the uttermost part of any activity. There exist a lot of information on the websites concerning the organization which is used as a lead. An amazing content is found in the respective websites which is used to the favor of the client. Second, determination of network range is also analyzed (Prasad 2016). Information such as contacts, phone number can be identified by the use of Registrar Query. For example, the following information was obtained.
Registrant:
Pearson Technology Centre
Kenneth Simmons
200 Old Tappan Rd .
Old Tappan, NJ 07675 USA
Email: billing@superlibrary.com
Phone: 001-201-7846187
Registrar Name….: REGISTER.COM, INC.
Registrar Whois…: whois.register.com Registrar Homepage: www.register.comDNS Servers: usrxdns1.pearsontc.com oldtxdns2.pearsontc.com
The information above shows the details regarding the contact person, address, the telephone number and the server. A person who is good in hacking systems can pretend to call the organization requesting for a certain product or service, with an aim of accessing certain information.
Second, locating the range of network is determined. Having established the contacts and addresses of the target, taking the IP address and pasting in Whois lookup will help determine the range of the network (Singh 2012). For example;
OrgName: target network
OrgID: Target-2
Address: 1313 Mockingbird Road
City: Any town
StateProv: TX
PostalCode: 72341
Country: US
Referral Server: rwhois://rwhois.exodus.net:4321/
Net Range: 192.17.12.0 – 192.17.12.255
CIDR: 192.17.0.0/24
Net Name: SAVVIS
Net Handle: NET-192-17-12-0-1
Parent: NET-192-0-0-0-0
The results depicts that the network has 254 addresses. The attackers can focus his or her strength on this range.
The third step is identification of the live machines. Attackers would want to know if the computers are on or off (Peter et al. 2005). One basic method they use is conducting a pin sweep. This involves sending an echo to the target with the intention of a reply. If a reply is initiated, then the hacker knows the machine targeted is alive (Singh 2012). However, if the echo is not sent back, a time out reply is also sent. To ping a wide number of machines, a ping sweep program is used to identify the active ones. However, organizations have been able to design ways to prevent this step. The figure below shows a ping picture.
After the hacker is aware of alive machines, the next step is to locate the open access points (Tiller 2005). These are areas where information can be accessed easily. Finding way through the organization’s firewall is used to find the best point to hit the server. For example;
C:nmap-3.93>nmap -sT 192.168.1.108
Starting nmap 3.93 at 2005-10-05 23:42 Central
Daylight Time
Interesting ports on Server (192.168.1.108):
(The 1653 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE
80/tcpopen http
139/tcpopen netbios-ssn
515/tcpopen printer
548/tcp open afpovertcp
Nmap run completed — 1 IP address (1 host up) scanned in 420.475 seconds
Close study of the above display identifies several interesting ports located in this computer which includes 80 as well as 139. They could be utilized by the hacker to penetrate and access pertinent information of interest.
Consequently OS fingerprinting is the next step which is embraced (Treurniet 2004). The hacker will have made real headway to this point having identified important contacts and also identification of the open ports as well as active machines. Passive fingerprinting is sniffing as it is able to detect exchange of packet as they move across. The final stage is mapping the network. The hacker has enough information and a blueprint of the target organization (Wilhelm 2013). The entire information concerning the institution can easily be identified with ease and hence execution of the intended plan. Automated mapping by use of NeoTrace can be utilized to identify the servers. Moreover, manual operations can also be embraced.
The critical investigations revolve around the following phases. The first one is Internet service Registration (Herrel and Jordan 2002). This is a requirement for every organization which consumes internet. A registration of IP addresses is required to allow location of geographic positioning of the organization. This is the very first step which the hackers aims to identify. Having the exact geographical location, they are able to plan on how to access the facility. The second part is domain of the facility (Prasad 2016). Every organization has a domain through which it operates. Understanding the host naming is key at this process since it enables the hackers to single out the right modality to achieve their task. Additionally, search engines are used to retrieve the documents and material which are distributed within the organization (Singh 2012). The type of transactions can be identified after close check of content of exchanged materials. Moreover, email systems is also a target.
Conclusion
Hacking process is a coordinated procedure which does not happen in one time instant. From the above paragraphs, it can be seen that for the ethical penetration to take place, every step is crucial. Each stage has its own importance in enabling to achieve the final objective. Passive information gathering has been viewed as the most secure and extracts as much information as possible. This is attributed to the secrecy it upholds. A third party is used to connect to target as opposed to active, which directly communicate to the host. There exist considerable amount of information from the third party such as Google, which the attackers can safely use without the knowledge of an organization. Data protection through beefing up of cyber security has not performed extremely well in safeguarding the information for an organization. Additionally, the exposed websites are vulnerable to hacking because they contain core information which act as lead to attack. Passive information gathering is the best to investigate the host and get true information.
If you are looking for custom writing services provided by Peachy Essay writing team, make sure you check out our wide range of essay services:
– Custom Essays
– Order Essay Services
– Essay Writing Help Online
– Write My Essay
– Essay Writers for Hire
– Academic Essay Writing
– Best Essay Writing Services
– Essay Writing Services UK