Scribd
Upload
7 views5 pages

Summary. Ethical Hacking

This document discusses ethical hacking and its objectives. It addresses key concepts such as confidentiality, integrity, and availability of information. It explains the process of evaluating information systems through penetration testing to identify vulnerabilities, in order to strengthen security without causing harm. It also distinguishes between different types of hackers and their motivations.

Uploaded by

ScribdTranslations
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
7 views5 pages

Summary. Ethical Hacking

This document discusses ethical hacking and its objectives. It addresses key concepts such as confidentiality, integrity, and availability of information. It explains the process of evaluating information systems through penetration testing to identify vulnerabilities, in order to strengthen security without causing harm. It also distinguishes between different types of hackers and their motivations.

Uploaded by

ScribdTranslations
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

ETHICAL HACKING

OBJECTIVES
GENERAL OBJECTIVE

Recognize the important aspects of information care known as


ethical hacking

SPECIFIC OBJECTIVES

Address the important concepts regarding ethical hacking


Explain the process considered for the evaluation of an information system
Expose the importance of evaluating a system to discover
vulnerabilities.
Evaluate the appropriation of concepts in the group.

INTRODUCTION

Data communication is a delicate issue and becomes even more delicate over time.
Although new technologies offer great advantages in terms of data transmission
with devices that were unimaginable in the past, however there is a dark side
that comes alongside technological advancements (Poteat, 2005) Therefore, it is necessary to take
measures that allow organizations to keep the information they handle protected.

Therefore, it is necessary for the professionals in charge of data management areas


manage relevant issues appropriately to ensure privacy and
to preserve the integrity not only of the information they handle but also of the difficulties
morals that arise from having knowledge that at the same time seeks to prevent
unauthorized accesses can be used to obtain a personal benefit.

It is important to have a clear understanding of the concepts involved in a behavior.


the information so that it can present a clear landscape when it comes to recognizing the
risks of staying in touch with the world through technologies that at the same time
they offer us advantages for our personal growth can generate complications that
They cannot be easily perceived.

CONCEPTS

The basic concepts to consider are confidentiality, integrity, and


availability, known as the CID triad (in English it is CIA for Confidentiality,
Integrity and Availability). Confidentiality ensures that information is not accessed
by unauthorized persons or processes, integrity must comply with the following
purposes:

Prevent unauthorized users from modifying information.


2. Prevent unauthorized or unintentional modification by authorized users
3. Preserve internal and external consistency
Availability ensures that authorized users of the system have access to everything
time and uninterrupted access to the information itself.

Additional factors that must be taken into account:

Authenticity
Identification
Authentication
Responsibility
Organizational security policy

In the vision of ethical hacking, other concepts must be recognized:

Threat
Vulnerability
Risk
Attack
Evaluation objective
Exploit

HISTORY OF HACKING

It begins in 1960 when students at MIT tried to learn the frameworks.


principles of computer systems to improve their skills. The phones
they were attacked by John Draper known as Captain Crunch, using a series of
packaged beeps to generate access to calls through long networks
distance from AT&T.

In 1980, hackers began sharing information and stealing passwords in newsletters.


electronics. They found hacking clubs.

In 1982, youth from the state of Wisconsin known as the 414 gang
attacks the records of the Sloan-Kettering Cancer Hospital. Two years later it makes its
the magazine for hackers 2600 edited by Eric Corley with the alias 'Emmanuel'
Goldstein”. In 1988, they spread a Morris worm on the Internet that generated a widespread denial.
service (DoS); the program was written by Robert Tappan Morris, a student of
PhD from Cornell University, infected approximately 6000 computers.

In 1990, a hacker known as Kevin Poulson entered a telephone system of a


radio station to secure victory in a call contest where the prizes were
a Porsche among others.

In 1993, the first hacking conference called Def Con was held, located in the
Vegas.
OBJECTIVES OF ETHICAL HACKING

An ethical hacker tries to replicate the attempts and actions of a malicious hacker without causing
damage. Conduct penetration tests to determine what attackers do to search
information in the systems, discover how it maintains access in the systems and how
They can be successful in their purposes without being detected.

The ethical hacker acts with the permission of the organization they are evaluating because
try to defend and strengthen the weaknesses of your information system so that it does not
can be compromised. To achieve better results in the evaluation of the systems
information the organizations do not inform the work teams in charge of
maintenance of the system on the activities carried out by the hacker. This is known
like a study operation known as the double blind.

HACKERS, CRACKERS AND OTHER TERMS.

In the history of the discovery of vulnerabilities in an information system the


The term hacker had negative connotations; hackers were people with a
strong intellectual motivation, driven by curiosity and looking to improve their
learning about computer systems tried to develop ways to
recognize their functioning and shortcomings and thus strengthen the execution of
the systems they were studying.

However, over time, people began to use their knowledge to harm and
vulnerating systems became known as hackers, which is why for
to distinguish them from the previous ones, they were given the designation of crackers. The term hacker
ycrackerse became indistinguishable terms from one another so it was added
the ethical adjective to highlight the capabilities that professionals have in the field
for defensive purposes and to enhance the security posture of the systems of
information.

Other names we can find for hackers are phreakers who


they use their knowledge to steal telephone card numbers, make free calls,
attack the PBX and illegally access communication devices. Others are the
Wrackers are novice hackers who attack WAN and wireless. One more is the
Script/kiddie are generally young people with no programming knowledge.
that use lines of code that are freely available on the Internet or other sources. For
finally, the cyber-terrorists who work for a government or group involved in the
carrying out sabotage, espionage, financial thefts, and attacks on critical infrastructure of
a nation.

STEPS FOR MALICIOUS HACKING

Recognition
a. Passive
b. Active
2. Scanning
3. Gain access
a. Operating system level
b. Application level
c. Network level
d. Denial of service (DoS)
4. Maintain access
a. Upload programs
b. Download programs
c. Change programs
5. Cover, clean traces, and install back doors

EVALUATION PROPOSAL

As an evaluation method, a test with 8 questions addressing some of the


important aspects of the exhibition.
BIBLIOGRAPHY

Eric Clark. 2005. Hacking as a form of "self-improvement". In Proceedings of the 10th


annual SIGCSE conference on Innovation and technology in computer science
education (ITiCSE '05). ACM, New York, NY, USA, 397-397.
10.1145/1067445.1067601

Krutz, R., & Vines, R. D. (2007). The CEH prep guide: The comprehensive guide to
certified ethical hacking. Indianapolis, Indiana: Wiley Publishing Inc. DOI:
www.wiley.com

Classroom ethics: hacking and cracking


(February 2005), 225-231. Retrieved from:
The provided text is a URL and does not contain translatable content.
The input text does not contain translatable content.
F.7C220EC1DD534839.046931734A5192ED.4D4702B0C3E38B35&
310807379
359256216befb5b60966

William Mitchell, Dawn Wilkins, Kim Taylor, Sheila Colclasure, and Kent C. D. Weiand.
2004. Panel discussion: ethical awareness as preparation for a career in computing.
In Proceedings of the 2nd annual conference on Mid-south college
computing(MSCCC '04). Mid-South College Computing Conference, Little Rock,
Arkansas, United States, 36-37. Retrieved from:
Invalid input or URL provided. No text to translate.
mitchell.pdf?ip=190.90.21.2&id=1041536&acc=ACTIVE%20SERVICE&key=4D9
619BEF5D5941F.7C220EC1DD534839.046931734A5192ED.4D4702
B0C3E38B35&CFID=310807379&CFTOKEN=19782523&__acm__=1396362423
_58a1cbe03945c47f5fdec6b3c5ed9066

You might also like