Skip to main content

Steps of Ethical Hacking

Steps of Ethical hacking



  • Foot printing
  • Scanning
  • Enumeration
  • System hacking


NB: This will only be an introduction. I shall discuss the steps in details, bit by bit.

Footprinting: This is the first step in hacking. This involves gathering information about the target network, firm or organization. The information collected will help the attack successful. This step is the foundation of hacking. If data collected is inaccurate the attack is likely to fail. This happens during the  passive state of the system.

This steps target information that are carelessly handled or stored. Attack is as good as how accurate the information collected at this stage.

Information that can be collected or extracted include


  • IP addressing range
  • Phone Numbers
  • Email addressing
  • Name spaces
  • Employee information
  • facility information
  • Job information



Scanning: This stage deals with studying the system during it active time. It focuses on gathering more useful information which will help in achieving a successful outcome. Scanning give the attacker information about active hosts and how data flowed within the system.

Since this stage is about gathering information when the system is on or active, some tools or utilities have to be use.

Below are the tools used


  • Ping
  • Traceroute (in windows is called tracert)
  • Ping sweeps
  • port scanning


Enumeration: This is the second to the last step, but can be seen as the last step of gathering information. During this step, you need to go inside the system or network to get the remaining of information needed for successful hacking. Using step one and two this step will be a bit simple and easy.

Information gathered in this step include


  • Usernames
  • Passwords
  • Group information
  • Applications used
  • Hidden shares
  • Protocol information
  • Server data
  • Service information
  • Network topology


System Hacking: this is where the work is been done. Its the implementation stage of all data collected.  This step involves cracking the system, overriding of privileges,  covering of tracks, concealing of evidence and much more.
Tobe continued


Reference: Sybex CEH

Join us on Facebook: ICTmagazine BBM chanel: ICTmagazine



Labels:

Comments

Post a Comment

Popular posts from this blog

Microsoft Office for Tablet now on Google Play store

Back in November, Microsoft opened up early previews builds for its new mobile Office applications for Android tablets to those willing to sign up and wait for an invitation. After taking on feedback over the past couple of months, Microsoft has announced that it is expanding its preview scheme by releasing its Office applications to everyone directly through the Google Play Store. The new Office software for mobile unifies Android, IOS, and Windows platforms. Previously each platform had to make do with its own apps, meaning that feature sets differed depending on your operating system and updates were often slow and intermittent. By unifying the Office platform, Microsoft hopes to bring updates and new features to users in a timelier manner. There are still a couple of conditions attached to the preview builds though. Firstly, Office is still limited to ARM-based Android tablets with a screen size between 7 and 10.1 inches. Your tablet will also need to be running Ki...
Post a Comment
Read more

Ethical Hacking Simplified. Applications of Cryptography

Pretty good Privacy PGP This type of cryptographic Application uses Public key encryption system and  is one of the most popular means of encryption in the world. It is used in securing data, data storage, email, Instant Messaging (instant messaging are messaging system that happens in real time, just like whatsApp, Facebook messenger etc.) and other forms of communication. The early version of this cryptographic application was written by Philip Zimmerman and has it public appearance in 1991. it is part of an open-source project with many version where user can choose the best that suit them. This cryptographic application comes with privacy and security measure that are found in many online systems. The data will travel in an encrypted form (chipertext), upon arriving at the receiving end, the receiving will use PGP to decrypt the data back to plaintext. PGP uses the Public/Private key encryption. Where the sender uses his public key to encrypt data, and the receiver ...
Post a Comment
Read more

Tips for strong password

As we have already discussed that passwords are strong and at the same time weak! If user create password from his name, date of birth or any other combination that is related to him, cracking down his account doesn't need much technical know how. Meaning attacker who know you, can be lucky enough to access your sensitive information by only entering certain key combinations. Creating strong and almost non hackable wait!!! is there any non hackable password! I was once told that any system can be hacked! It only took time, skills and resources! You are absolutely right! But at-least one has to really suffer before getting your data! Arm robbers do rob banks! Do you think a local or common thief can rob bank? The ans is absolute NO! Strong passwords doesn't happen by chance! Below are the steps to create a very strong passwords! Passwords should be at-least 8 characters Its already becoming standard on the internet. Many websites doesn't allow less than 6 charact...
Post a Comment
Read more