₦airaland Forum

Introduction to Ethical Hacking
from www.cybersecurityng.com

When security experts offer “safety talks” to business groups, they share definitions for VPN’s, encryption, laptop security, network security, online piracy and so on. Then, they explore instances when establishing security are ineffective: vulnerabilities are found and harmful components creep in.

At this point, the security expert introduces the idea of “Ethical Hackers,” whose primary occupation is to eliminate vulnerabilities before “genuine” Hackers do.



What are Ethical Hackers?

Ethical Hackers could be called “infiltration analyzers,” but their roles include wider efforts.

According to TechTarget, an Ethical Hacker is “a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit.”



What do Ethical Hackers Do?

In addition to the customary obligations of PenTesters, Ethical Hackers perform supplementary and various tasks. Fundamentally, they duplicate “genuine hacks” at work. Rather than abusing vulnerabilities to cause harm, they seek countermeasures to protect and seal systems using these and other techniques:

Port Filtering: Tools like Nmap and Nessus help uncover open ports. Vulnerabilities can be seen; remedial measures can be implemented.
Social Engineering:
He/she will scrounge through trash cans for passwords, graphics and sticky notes with the fundamental data, which can be used to create assaults. (To thwart such attacks, reliable companies require workers to shred unwanted paperwork and properly dispose of potentially desirable media.)
He/she “shoulder surfs” to access urgent data or uses the “game of reflection” to capture workers’ passwords.
Navigating IDS, IPS, Honeypots and Firewalls: Using different methodologies and systems sniffing, he/she tries to bypass encryption and remote division.
Identity Theft: He/she manages issues around identity theft and tablet mismanagement.



Should You Become an Ethical Hacker?

In the last few decades, there’s been an increasing demand for Ethical Hackers to protect systems from dangerous intrusions. As with any calling, you’ll need need energy and focus. These elements, coupled with effective learning management systems will empower you to make an entrance into the field of Ethical Hacking.



Basic Hacking Concepts You Should Know

1:PenTesting

PenTesting, like forensics, is as much an art as it is a science; you can only be taught so much. Technical techniques and tools are all very good, but you really need a mind that can think sideways and approach tasks from many angles.

2: Footprinting

Footprinting includes tools and tricks to get information about a computer, IP and MAC addresses and related user and system information.

3: Scanning

Before you begin PenTesting, you must have some information about a network and system. A PenTester will often scan an entire network with tools like nMap, zenmap, ping, hping, etc.

4: Enumeration

During the enumeration phase, you’ll discover hosts/devices on a network. The information collected during this reconnaissance phase is then applied.

5: System Hacking

System hacking begins with logging into a system without credentials. You’ll not only bypass the credentials, but then you may navigate into a root user position through privileged escalation.

6: Trojans

Trojans are generally non-self-replicating types of malware programs containing malicious code. A Trojan often acts as a backdoor, communicating with a controller that has unauthorized access to an affected computer. While Trojans and backdoors are not easily detectable by themselves, computers may slow due to heavy processor loads or network usage.

7: Viruses and Worms

A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections to spread. A worm is capable of replicating itself on a system. Rather than one computer sending out a single worm, it could send out hundreds or thousands of copies to yield a devastating effect.

8: Sniffing Traffic

Sniffers are programs that monitor and analyze network traffic – detecting and finding problems. Various techniques and tools are used for sniffing, such as Kali Linux, MITM attack, tshark, urlsnarf, etc.

9: Social Engineering

An example of social engineering is when Ethical Hackers create phishing pages on websites to obtain credential of users. See information above for additional examples.

10: Denial of service

A DoS attack generally consists of temporarily interrupting, suspending or downing a host connected to the Internet, usually through overwhelming amounts of traffic.

11: Session Hijacking

Session Hijacking is used to gain unauthorized access to information or services in a computer system. Session hijacking is also known as “Man in the Middle Attack.” This can be performed with the help of Kali Linux, which is based on Debian Linux.

12: Hacking Web Servers

Web servers can be hacked in various ways, including Denial of Service Attacks, Domain Name System Hijacking, Phishing etc. A short list of hacking tools include Metasploit, Mpack, Zeus, etc.

13: Webapplication

Webapplication is used to intercept the proxy as an intruder, as a repeater, etc. – after hacking a website. Webapplication is used to upload injections and scripts in websites, like the popular “c99 injection.”

14: SQL Injection

SQL injection is used to insert a query and confuse the database of system to gain unauthorized access. Hackers can use SQL injections to extract the data from a website without credentials.

15: Wireless Intrusion

Ethical Hackers study various types of wireless interfaces and how to exploit them. Concurrently, they can also learn associated encryption formats like WEP, WPA, WPA2, etc.

16: Mobile Hacking

Ethical Hackers learn how to sniff a network for mobile apps, hack another user’s Smartphone, extract the data from a Smartphone and how to root the Smartphone, etc.

17: IDS, Firewalls and Honeypots

IDS stands for Intrusion Detection System. IDS is a device or software application that monitors network or system activities. Firewalls are used to set rules for inbound and outbound traffic. There are two types of firewalls: software and hardware. Software firewalls are less expensive then hardware firewalls.

18: Buffer Overflows

A buffer overflow occurs when a program attempts to put more data in a buffer than it can hold. Normally, this can occur due to the vulnerabilities in system drivers. When drivers start performing improperly, the system can crash, causing the dreaded “blue screen.”

19: Cryptography

Cryptography is the study and application of techniques that conceal the real meaning of information by transforming it into non-human readable formats and vice-versa.

The process of transforming information into non- human readable form is called encryption.
The process of reversing encryption is called decryption.
Decryption is done using a secret key, which is only known to the legitimate recipients of the information.




Conclusion

Everyone should be concerned about falling prey to hack attempts. From my perspective, the thrill of being a Ethical Hacker, and helping people stay safe, is truly unmatched.

from www.cybersecurityng.com

Hello Guys

I want to discuss about a new blog known as www.cybersecurityng.com
This blog teaches you how to be a hacker in order to secure your business and your online activities.
The level of hacking in the society is very high now, and we usually visit the internet without knowing
whats going on over the internet

This new blog will teach you alot of things about hacking but the blog focuses on Ethical Hacking Activities,
anything you learn from this blog is only for educational purpose.

So, HACK TO LEARN, NOT LEARN TO HACK

www.cybersecurityng.com

The Lagos State Environmental Protection Agency has sealed a hotel owned by ex-Super Eagles player, Kanu Nwankwo, on Victoria Island.Continue...




The hotel was among other hotels, churches and mosques sealed across the state on Monday over alleged air and noise pollution. No fewer than 30 facilities were shut in areas, including Ketu, Ikorodu, Ibeju-Lekki, Victoria Island and Surulere.

According to Punch, LASEPA said the owners of the facilities had been contacted several times in the last one year, adding that they refused to fully complied with LASEPA’s instructions.

However, the mosque was sealed for allegedly not complying fully with LASEPA’s instruction. Other places also sealed include the Rain of Power and Miracles Ministry Church, Lekki; Christ Apostolic Church, Lekki; Duckland Hotels and Suites, Ikorodu; and Mela Rossa Club, Victoria Island.

At the Hardley Apartments, it was noticed that the generators powering the hotel had large exhaust pipes facing the road.

The Director of Enforcement, Kayode Bello, ordered that one of the generators be tested, and it was discovered that it gave off thick gaseous emissions.

Bello said,

“Even the sound is going to be more than 45 decibels at night. We want you to comply ─ that is the reason we are here. We have been on this for more than a year.”

The doors and gates of the hotel were subsequently chained, and plastered with the LASEPA seal.

Jackieriel:
For payment channel use vogue. the have modules that you can easily install and work on. visit https://voguepay.com/21776 to register.

Bro what about to have a registration form, which will be stored in d database... Like MYSQL

ZinoFego: You can download it FREE from my site: http://JoomlaExtended.com.

hello master, am unable to get it on ur website.... pls hw do i get it

ZinoFego: I just email my Joomla 3.x Simplified eBook to you. Sorry for the delay.

pls sir... dis is my email sammytech4real@gmail.com
dis is wat i av been looking for. i would be happy to see d ebook my master. tnx

guy we re waiting lets go there

hello guys, visit www.vm-techno.com to study your SAP training at a cheap price.... meet professionals (i.e oil & gas staff)that will show you the way to success on SAP