Introduction to Ethical hacker
We hear about hacking on the news all the time—from Anonymous to fake news to denial of service attacks to data breaches, it seems like the bad guys are always wreaking havoc. And it’s true; the bad guys are doing all kinds of damage, from the annoying (spam) to the destructive (cyber attacks that steal personal data—or worse).
But did you know there are good guys with the same skills? These are ethical hackers. But what is ethical hacking?
Ethical hacking definition
An ethical hacker (also known as a white hat hacker) is the ultimate security professional. Ethical hackers know how to find and exploit vulnerabilities and weaknesses in various systems—just like a malicious hacker (or a black hat hacker). In fact, they both use the same skills; however, an ethical hacker uses those skills in a legitimate, lawful manner to try to find vulnerabilities and fix them before the bad guys can get there and try to break in.
An ethical hacker’s role is similar to that of a penetration tester, but it involves broader duties. They break into systems legally and ethically. This is the primary difference between ethical hackers and real hackers—the legality.
Who is an Ethical hacker
If you think that all hackers are bad , let set the record straight because some hackers are good
The good hackers are known as ethical hacker or white hat hackers they are security experts who attempt to hack into an organization’s computer system, application, network and other computer resources to find security vulnerabilities and then fix them
Responsibilities of an Ethical hacker
- Ethical hackers scan the system of an organization’s to find open port that can be attacked, once there issue is found , they study the port and take remedial measures to stop potential attacks
- They search the deep corners of an network, rummaging through digital thrash bins to find chats, password and crucial information that could make the organization vulnerable to an attack
- Ethical hacker examine patch installations to make sure that they are up-to-date
- Ethical hacker also help to handle issues related to online employee fraud and the theft of systems and laptops
What is ethical hacking?
Apart from testing duties, ethical hackers are associated with other responsibilities. The main idea is to replicate a malicious hacker at work and instead of exploiting the vulnerabilities for malicious purposes, seek countermeasures to shore up the system’s defenses. An ethical hacker might employ all or some of these strategies to penetrate a system:
- Scanning ports and seeking vulnerabilities: An ethical hacker uses port scanning tools like Nmap or Nessus to scan one’s own systems and find open ports. The vulnerabilities with each of the ports can be studied and remedial measures can be taken.
- An ethical hacker will examine patch installations and make sure that they cannot be exploited.
- The ethical hacker may engage in social engineering concepts like dumpster diving—rummaging through trash bins for passwords, charts, sticky notes, or anything with crucial information that can be used to generate an attack
- An ethical hacker may also employ other social engineering techniques like shoulder surfing to gain access to crucial information or play the kindness card to trick employees to part with their passwords.
- An ethical hacker will attempt to evade IDS (Intrusion Detection systems), IPS (Intrusion Prevention systems), honeypots, and firewalls.
- Sniffing networks, bypassing and cracking wireless encryption, and hijacking web servers and web applications.
- Ethical hackers may also handle issues related to laptop theft and employee fraud.