Types Of Hacking:
Local Hacking: This type of hacking is done when a hacker has full access to the system to implant a virus, keylogger and RATs
Remote Hacking: Remote hacking is done on a remote system using Internet.
Social
Engineering: Social Engineering is kinda interacting skill that a
hacker uses to manipulate people giving out sensitive information. Its
kinda trick done using good verbal, social skills and understanding.
Terminologies Used Under Hacking:
Threat:
A threat is an environment or situation that could lead to a potential
breach of security. Ethical hackers look for and prioritize threats when
performing a security analysis.
An Exploit: An exploit is
a piece of software that takes advantage of a bug, glitch, or
vulnerability, leading to unauthorized access, privilege escalation, or
denial of service on a computer system.
Vulnerability: A
vulnerability is an existence of a software flaw, logic design, or
implementation error that can lead to an unexpected and undesirable
event executing bad or damaging instructions to the system. In easy word
vulnerability is weakness in system.
Payload: Payload is agent that helps in taking advantage of vulnerability in remote hacking.
Attack: An attack occurs when a system is compromised based on a vulnerability.
Types Of Attack:
1.Operating System Attack
2.Application level Attack
3.Shrink Wrap Code Attack
4.Misconfiguration Attack
Operating system attack is attack done on specific type of OS. Such
attack is done using flaws in programs and services shipped with OS.
Application level attack is done over faulty coding practices done over
software during its development. Shrink Wrap Code attack are attacks
done over UN-refined scripts used for making task simpler. Last is
misconfiguration attack, it is kinda attack which is done over
mis-configured system or a system with default settings.
Work Of An Ethical Hacker:
Job of an ethical hacker is to use all his skills and tools used by
malicious hackers to find vulnerabilities in system and then provide it
security against those vulnerabilities.
Skills Required For A Hacker
Following are some must know things for a hacker or you can say requirements of hacker.
Operating System:
As a hacker you must have upper hand skills in Operating systems
Windows, Linux and Unix. Once you master Linux and Unix you'll hardly
face problem getting yourself on MAC. As we'll move further we will
cover both of them in short and then slowly move our level to advanced.
Networking:
A hacker must have expertise in field of networking even if you don't
have them you must be knowing about some basic terms used in
networking. Please click on following links and try to grasp topics as
thoroughly as you can.
OSI Model/Internet Protocol Stack (
http://en.wikipedia.org/wiki/OSI_model)
Network Topology (
http://en.wikipedia.org/wiki/Network_topology)
The reality is that a hacker should know networking to best level.
Just knowing above terms is not sufficient though you'll not encounter
that much problem while learning. We still recommend you buying a book
on networking that should cover networking to level of pin points. My
personal favor is to book Data Communication And Networking by Behrouz
Forouzan if you want to start. Click on following link to know more,
read people's view or if you want to purchase.
Data Communications and Networking (McGraw-Hill Forouzan Networking)
(
https://www.amazon.com/dp/0072923547/ref=as_li_ss_til?tag=dolod-20&camp=0&creative=0&linkCode=as4&creativeASIN=0072923547&adid=1VVN3A0Q6J4E1PNBYKZ8&)
Knowledge About Setting Up And Configuring Servers:
Yes that is necessary for a hacker so when we will move ahead with
flow. We will cover configuring IIS 7, Apache, Vertrigo on Windows and
Apache on Linux. Both HTTP and FTP servers will be covered.
Programming:
Absolutely no one can deny all best hackers in world have master hand
in programming. Following are must know programming languages but you
can even make things work even if you don't know them. In any case I
would recommend you learn programming.
HTML, C, C++, Java, SQL, Python, Perl, PHP and Ruby.
At most basic level my advise will be you must know HTML, C, SQL, PHP and ruby.
Tools:
Backtrack is platform which is specially crafted and designed for
penetration testing. Metasploit is framework that is used to create and
experiment with exploits and payloads. Both are must for a hacker today.
Alternative to Backtrack is Knoppix Security Edition and Mautrix, if
you master Bactrack you'll easily master both of them. So I will not
leave them apart from our list, we'll also cover them.
Steps Involved In Hacking:
As mentioned earlier ethical hacker takes same steps as malicious
hacker. Following are different steps that are performed during hacking.
1.Reconnaissance:
This step involves gathering potential information about target
system. In fact hacker spends 90% of time for this phase only and next
10% time for rest of the steps.
2.Scanning:
During this phase network is scanned for vulnerability.
3.Gaining Access:
This is the step where real hacking takes place. Hacker takes
advantage of vulnerability found in scanning phase and penetrates the
victim system.
4.Maintaining Access:
After gaining access hacker makes provision to come back by planting root-kit and backdoor.
5.Covering Tracks:
In this phase hacker removes all traces of his/her presence in system by removing log files and event logs.