Working of an ethical hacker
Every Ethical Hacker must follow few basic principles. If he do not follow, bad things can happen. Most of the time these principles get ignored or forgotten when planning or executing ethical hacking tests. The results are even very dangerous.
Working ethically
The word ethical can be defined as working with high professional morals and principles. Whether you’re
performing ethical hacking tests against your own systems or for someone who has hired you, everything you do as an ethical Hacker must be approved and must support the company’s goals. No hidden agendas are allowed!Trustworthiness is the ultimate objective. The misuse of information is absolutely not allowed. That’s what the bad guys do.
performing ethical hacking tests against your own systems or for someone who has hired you, everything you do as an ethical Hacker must be approved and must support the company’s goals. No hidden agendas are allowed!Trustworthiness is the ultimate objective. The misuse of information is absolutely not allowed. That’s what the bad guys do.
Respecting privacy:
Treat the information you gather with
complete respect. All information you obtain during your testing — from
Web application log files to clear-text passwords — must be kept
private.
Not crashing your systems
One of the biggest mistakes is when people try to hack their own systems; they come up with crashing their
systems. The main reason for this is poor planning. These testers have not read the documentation or
misunderstand the usage and power of the security tools and techniques.
systems. The main reason for this is poor planning. These testers have not read the documentation or
misunderstand the usage and power of the security tools and techniques.
You can easily create miserable conditions
on your systems when testing. Running too many tests too quickly on a
system causes many system lockups. Many security assessment tools can
control how many tests are performed on a system at the same time.
These tools are especially handy if you need to run the tests on
production systems during regular business hours.
Executing the plan:
In Ethical hacking, Time and patience are
important. Be careful when you’re performing your ethical hacking
tests.A Hacker in your network or an employee looking over your
shoulder may watch what’s going on. This person could use this information against you. It’s not practical to make sure that no Hackers are on your systems before you start. Just make sure you keep everything as quiet and private as possible.
This is especially critical when
transmitting and storing your test results. You’re now on a
reconnaissance mission. Find as much information as possible about your
organization and systems, which is what malicious Hackers do.Start with
a broad view of mind and narrow your focus. Search the Internet for
your organization’s name, your computer and network system names, and
your IP addresses. Google is a great place to start for this.
Don’t take ethical hacking too far, though.
It makes little sense to harden your systems from unlikely attacks. For
instance, if you don’t have a internal Web server running, you may not
have to worry too much about. However,don’t forget about insider
threats from malicious employees or your friends or colleagues!
Post a Comment