Skip to main content

Steps of Ethical Hacking

Steps of Ethical hacking



  • Foot printing
  • Scanning
  • Enumeration
  • System hacking


NB: This will only be an introduction. I shall discuss the steps in details, bit by bit.

Footprinting: This is the first step in hacking. This involves gathering information about the target network, firm or organization. The information collected will help the attack successful. This step is the foundation of hacking. If data collected is inaccurate the attack is likely to fail. This happens during the  passive state of the system.

This steps target information that are carelessly handled or stored. Attack is as good as how accurate the information collected at this stage.

Information that can be collected or extracted include


  • IP addressing range
  • Phone Numbers
  • Email addressing
  • Name spaces
  • Employee information
  • facility information
  • Job information



Scanning: This stage deals with studying the system during it active time. It focuses on gathering more useful information which will help in achieving a successful outcome. Scanning give the attacker information about active hosts and how data flowed within the system.

Since this stage is about gathering information when the system is on or active, some tools or utilities have to be use.

Below are the tools used


  • Ping
  • Traceroute (in windows is called tracert)
  • Ping sweeps
  • port scanning


Enumeration: This is the second to the last step, but can be seen as the last step of gathering information. During this step, you need to go inside the system or network to get the remaining of information needed for successful hacking. Using step one and two this step will be a bit simple and easy.

Information gathered in this step include


  • Usernames
  • Passwords
  • Group information
  • Applications used
  • Hidden shares
  • Protocol information
  • Server data
  • Service information
  • Network topology


System Hacking: this is where the work is been done. Its the implementation stage of all data collected.  This step involves cracking the system, overriding of privileges,  covering of tracks, concealing of evidence and much more.
Tobe continued


Reference: Sybex CEH

Join us on Facebook: ICTmagazine BBM chanel: ICTmagazine



Labels:

Comments

Post a Comment

Popular posts from this blog

Microsoft Office for Tablet now on Google Play store

Back in November, Microsoft opened up early previews builds for its new mobile Office applications for Android tablets to those willing to sign up and wait for an invitation. After taking on feedback over the past couple of months, Microsoft has announced that it is expanding its preview scheme by releasing its Office applications to everyone directly through the Google Play Store. The new Office software for mobile unifies Android, IOS, and Windows platforms. Previously each platform had to make do with its own apps, meaning that feature sets differed depending on your operating system and updates were often slow and intermittent. By unifying the Office platform, Microsoft hopes to bring updates and new features to users in a timelier manner. There are still a couple of conditions attached to the preview builds though. Firstly, Office is still limited to ARM-based Android tablets with a screen size between 7 and 10.1 inches. Your tablet will also need to be running Ki...
Post a Comment
Read more

Tips for strong password

As we have already discussed that passwords are strong and at the same time weak! If user create password from his name, date of birth or any other combination that is related to him, cracking down his account doesn't need much technical know how. Meaning attacker who know you, can be lucky enough to access your sensitive information by only entering certain key combinations. Creating strong and almost non hackable wait!!! is there any non hackable password! I was once told that any system can be hacked! It only took time, skills and resources! You are absolutely right! But at-least one has to really suffer before getting your data! Arm robbers do rob banks! Do you think a local or common thief can rob bank? The ans is absolute NO! Strong passwords doesn't happen by chance! Below are the steps to create a very strong passwords! Passwords should be at-least 8 characters Its already becoming standard on the internet. Many websites doesn't allow less than 6 charact...
Post a Comment
Read more

Ethical hacking simplified. cryptographic hashing.

Cryptoghraphy Hashing Hashing is the process of converting plaintext into chipertext. One of the advantage of  hashing is, its  almost impossible to alter. Even if the intruder succeeded in altering the data the receiver will definitely know on receiving the message. Hashing can be seen as a one way encryption process. Its main aim is to confirm the authenticity of data. Hashing output is known as hash, hash value or message digest. How it work When you are sending the message, you will create an encryption with your private key using a particular type of hashing which we will talk about shortly. It will then create gabbled messages which is fixed length and exactly the length of the message. Bundles the chipertext with the plaintext together which are both encrypted. Upon arriving the destination, the receiver will get the public key of the sender and decrypt the message. Mind you hashing is here to confirm the authenticity of the message. After confirming the sender...
Post a Comment
Read more