...Ethical Hacking 1 Running head: ETHICAL HACKING: Teaching Students to Hack Ethical Hacking: Teaching Students to Hack Regina D. Hartley East Carolina University Ethical Hacking 2 Abstract One of the fastest growing areas in network security, and certainly an area that generates much discussion, is that of ethical hacking. The purpose of this study is to examine the literature regarding how private sectors and educational institutions are addressing the growing demand for ethical hacking instruction. The study will also examine the opportunity for community colleges in providing this type of instruction. The discussion will conclude with a proposed model of ethical hacking instruction that will be used to teach a course in the summer semester of 2006 through the continuing education department at Caldwell Community College and Technical Institute within the North Carolina Community College System. Ethical Hacking 3 Ethical Hacking: Teaching Students to Hack The growing dependence and importance regarding information technology present within our society is increasingly demanding that professionals find more effective solutions relating to security concerns. Individuals with unethical behaviors are finding a variety of ways of conducting activities that cause businesses and consumers much grief and vast amounts annually in damages. As information security continues to be foremost on the minds of information technology professionals, improvements in this area are critically...
Words: 6103 - Pages: 25
...Importance of ethical hacking Chapter 1 Introduction Ethical hacking is an emerging tools used by most of the organizations for testing network security. The security risks and vulnerabilities in a network can be recognized with the help of ethical hacking. This research completely concentrates on ethical hacking, problems that may occur while hacking process is in progress and various ethical hacking tools available for organizations. Information is the important source for any organizations while executing business operations. Organizations and government agencies have to adopt ethical hacking tools in order secure important documents and sensitive information (Harold F. Tipton and Micki Krause, 2004). Ethical hacker professionals have to be hired in order to test the networks effectively. Ethical hackers perform security measure on behalf of the organization owners. In order to bring out the ethical hacking efforts perfectly a proper plan must be executed. Ethical hacking has the ability to suggest proper security tools that can avoid attacks on the networks. Hacking tools can be used for email systems, data bases and voice over internet protocol applications in order to make communications securely. Ethical hacking can also be known as penetration testing which can be used for networks, applications and operating systems (Jeff Forristal and Julie Traxler, 2001). Using hacking tools is a best method for identifying the attacks before it effect the entire organization. Ethical hackers...
Words: 9223 - Pages: 37
...Hands-On Ethical Hacking and Network Defense Second Edition Chapter 3 Network and Computer Attacks Objectives • After this lecture and completing the exercises, you will be able to : – Describe the different types of malicious software and what damage they can do – Describe methods of protecting against malware attacks – Describe the types of network attacks – Identify physical security attacks and vulnerabilities Hands-On Ethical Hacking and Network Defense, Second Edition 2 Malicious Software (Malware) • Network attacks prevent a business from operating – Malicious software (malware) • Virus • Worm • Trojan program – Goals • • • • Destroy data Corrupt data Shutdown a network or system Make money 3 Hands-On Ethical Hacking and Network Defense, Second Edition Viruses • Virus attaches itself to a file or program – Needs host to replicate – Does not stand on its own – No foolproof prevention method • Antivirus programs – Detection based on virus signatures • Signatures are kept in virus signature file • Must update periodically • Some offer automatic update feature Hands-On Ethical Hacking and Network Defense, Second Edition 4 Table 3-1 Common computer viruses Hands-On Ethical Hacking and Network Defense, Second Edition 5 Viruses (cont’d.) • Encoding using base 64 – – – – – – – – Typically used to reduce size of e-mail attachments Also, used to encrypt (hide) suspicious code. Represents zero to 63 using six bits A is 000000… Z is 011001 Create groups of four characters...
Words: 1394 - Pages: 6
...Chapter 1 Ethical Hacking Overview Describe the role of an ethical hacker Describe what you can do legally as an ethical hacker Describe what you cannot do as an ethical hacker Hands-On Ethical Hacking and Network Defense 2 Ethical hackers Employed by companies to perform penetration tests Penetration test Legal attempt to break into a company’s network to find its weakest link Tester only reports findings, does not solve problems Security test More than an attempt to break in; also includes analyzing company’s security policy and procedures Tester offers solutions to secure or protect the network Hands-On Ethical Hacking and Network Defense 3 Hackers Access computer system or network without authorization Breaks the law; can go to prison Crackers Break into systems to steal or destroy data U.S. Department of Justice calls both hackers Ethical hacker Performs most of the same activities but with owner’s permission Hands-On Ethical Hacking and Network Defense 4 Script kiddies or packet monkeys Young inexperienced hackers Copy codes and techniques from knowledgeable hackers Experienced penetration testers write programs or scripts using these languages Practical Extraction and Report Language (Perl), C, C++, Python, JavaScript, Visual Basic, SQL, and many others Script Set of instructions that runs in sequence Hands-On Ethical Hacking...
Words: 1129 - Pages: 5
...What is Ethical Hacking Ethical hacking provides a way to determine the security of an information technology environment – at least from a technical point of view. As the name ethical hacking already tells, the idea has something to do with hacking. But what does “hacking” mean “The word hacking has two definitions. The first definition refers to the hobby/profession of working with computers. The second definition refers to breaking into computer systems. While the first definition is older and is still used by many computer enthusiasts(who refer to cyber-criminals as "crackers"), the second definition is much more commonly used.” – Definition by Internet Security Systems In the context of “ethical hacking”, hacking refers to the second definition –breaking into computer systems. It can be assumed that hacking is illegal, as breaking into a house would be. At this point, “ethical” comes into play. Ethical has a very positive touch and describes something noble which leads us to the following definition of ethical hacking: Ethical hacking describes the process of attacking and penetrating computer systems and networks to discover and point out potential security weaknesses for a client which is responsible for the attacked information technology environment. An ethical hacker is therefore a “good” hacker, somebody who uses the methods and tools of the blackhat4 community to test the security of networks and servers. The goal of an ethical hack is neither to do damage...
Words: 1321 - Pages: 6
...2014 Ethical Hacking Ethical hacking is used to describe hacking performed by a company or individual to help identify potential threats on a computer or network. An ethical hacker works passed the system security to detect the vulnerabilities or weak points of a company’s network. Then this type of information is used to improve the company’s network from the bad hackers who exploit the company in a destructive way. In 1960s, U.S military began testing their own IT systems, but when Dan Farmer a security expert from San Francisco and a security programmer at the Netherlands University of Eindhoven had posted the techniques they used to gather information to the Usenet, that could have compromised the security of a number of target networks(Langely). Their goal was to raise the overall level of security on the internet. Dan farmer and Eindhoven were elected to share their work freely on the internet for others to learn. Eventually, they gather up the work they used and developed a program called Security Analysis Tool for Auditing Networks (Langely). This tool is used to perform an audit of the vulnerabilities of the system and how to eliminate the problem. The concept of ethical hacking started emerging in 1993 (Langely). According to some, ethical hacking does not exist and they feel hacking is just hacking, no matter how you put it. Therefore the one that is doing the hacking is a computer criminal. This is not the case, so in order for hacking it to be “ethical “you...
Words: 589 - Pages: 3
...Ethical Hacking – Is There Such A Thing? Alexander Nevermind Nelson Stewart, PhD CIS 324 December 9, 2011 ABSTRACT ------------------------------------------------- When someone hears the word hacker, many things come to mind. Bad, thief, terrorist, crook and unethical are some words that may be used to describe a hacker. The reputation of a hacker is well deserved as many company networks have been compromised with viruses and spyware causing untold millions in damage, the theft of sensitive consumer information such as Social Security numbers and financial data and the unauthorized access of classified government information. To combat these issues, many companies employ individuals called ethical hackers who, by their direction and supervision look for vulnerabilities in network systems. There are naysayers who bristle at the term “ethical hacker” saying that a hacker is a hacker but those who hold such views could be missing the point. These subjects will be discussed in detail later in the text. ------------------------------------------------- Is there such a thing as “Ethical Hacking?” Define ethical hacking and support an argument in favor or against the concept. Consider who might believe/use ethical hacking and discuss if hacking, even for the purpose of protecting human rights, is ethical. You should extend the paper beyond the topics suggested in the questions within the paper description. Ethical hacking does exist, in fact, companies...
Words: 904 - Pages: 4
...As the internet is growing there has been a higher demand for network security. With the higher demand comes a new form of job known as ethical hacking. An ethical hacker is a person that conducts penetration testing on networks to test the integrity of a network for any given business or corporation (White hat (computer security)). With this technique, corporations and businesses will have the assurance they need for protecting their personal identifiable information (PII) on their network. To beat a hacker, first you must think like one. Ethical hacking is an accepted hacking method of network security systems for a particular business or corporation. Ethical Hacking has provided network security administrators with the knowledge they need to continually keep their network secure. With this method of penetration testing, you can see that there is no negative effect on a business or corporation’s network security. The ethical hacker must first receive authorization. If authorization is not obtained, ethical hacking can be considered a federal offense punishable by a prison sentence of no less than five years (Computer Hacking Law & Legal Definition). “The authorization can be as simple as an internal memo or e-mail from your boss if you're performing these tests on your own systems. If you're testing for a client, have signed contracts in place, stating the client's support and authorization” (Beaver). Once authorization has been made you will need to develop a strategy...
Words: 857 - Pages: 4
...Internet, different aspects of it are achieving the highest peak of growth. An example of it is e-commerce. More and more computers get connected to the Internet, wireless devices and networks are booming and sooner or later, nearly every electronic device may have its own IP address. The complexity of networks is increasing, the software on devices gets more sophisticated and user friendly – interacting with other devices and people are a main issues. At the same time, the complexity of the involved software grows, life cycles are getting shorter and maintaining high quality is difficult. Most users want (or need) to have access to information from all over the world around the clock. Highly interconnected devices which have access to the global network are the consequence. As a result, privacy and security concerns are getting more important. In a word, information is money. There is a serious need to limit access to personal or confidential information – access controls are needed. Unfortunately most software is not bug free due to their complexity or carelessness of their inventors. Some bugs may have a serious impact on the access controls in place or may even open up some unintended backdoors. Security therefore is a hot topic and quite some effort is spent in securing services, systems and networks. On the internet, there is a silent war going on between the good and the bad guys – between the ones who are trying hard to keep information secured and the ones who are trying to...
Words: 8365 - Pages: 34
...offline by hackers, Sony’s PlayStation Network brought to its knees, a cyber defense contractor named Stratfor had its servers hacked and corporate emails leaked. Everything that people know about hacking can be summed up in news articles written by the uninformed. Hacking is bad, and there is no arguing that… Or is there? Most of what people know of hacking comes from the news or Hollywood movies such as Hackers and Swordfish. What they see is only one facet of this fascinating, yet misunderstood world. Hacking is not the evil act that some make it out to be. Hacking can also be a good thing. Enter the White Hat, or Ethical Hackers. These are the network security professionals in which no movies are based. Ethical hacking is used to help analyze networks for security flaws, stop attacks in progress and help keep companies in compliance with government regulations such as PCI or SOX. What is Ethical Hacking? Ethical hacking sounds like an oxymoron, but it does exist and is a very handsomely paying career field. The average ethical hacker can make anywhere from $24,760 a year to $111,502 (InfoSec Institute, n.d.). It does not stop there however. Some contracts can net an ethical hacker up to $17,500 in bonuses. (Computer Hope, n.d.). The main role of the ethical hacker is to penetrate a business network in order to recognize and fix security flaws before a “Black Hat” hacker can get to it. There is no such thing as a “fully secure” network,...
Words: 2096 - Pages: 9
...Ethical Hacking Computer Ethics – CIS 324 Dr. Nelson Stewart June 7, 2013 INTRODUCTION When most people hear the term “hacker” they think of an evil person committing crimes by hacking into their computers to steal, destroy and/or steal identities. This is so in some cases, but not all hackers are bad. Hackers are merely curious technically skilled individuals who gain unauthorized access to computers, networks of various companies, organizations and individuals. Good hackers are considered white hat hackers. They are the ones that are hired to break into systems as a way of testing the vulnerabilities and security issues that may be present in the computer system. Bad hackers are considered black hat hackers. They are the “evil” hackers, or should I say “crackers” who hack into systems to steal identities, information, crack into software programs and create nasty viruses. What is Ethical Hacking? Ethical hacking provides a way to determine the security of an information technology environment – at least from a technical point of view. As the name ethical hacking already tells, the idea has something to do with hacking. But what does “hacking” mean? The word hacking has two definitions. The first definition refers to the hobby/profession of working with computers. The second definition refers to breaking into computer systems. While the first definition is older and is still used by many computer enthusiasts (who refer to cyber-criminals as “crackers”), the...
Words: 1280 - Pages: 6
... HACKING 1. Learn about hardware - basicly how your computer works. 2. Learn about different types of software. 3. Learn DOS.(learn everything possible) 4. Learn how to make a few batch files. 5. Port scanning. ( download blues port scanner if it's your first time) 6. Learn a few programming languages HTML,C++,Python,Perl.... (i'd recommend learning html as your first lang) 7. How to secure yourself (proxy,hiding ip etc) 8. FTP 9. TCP/Ip , UDP , DHCP , 10. Get your hands dirty with networking 11. Learn diassembler language (its the most basic language for understanding machine language and very useful to ubderstand when anything is disassembled and decoded) 12. Learn to use a Unix os. (a Unix system is generally loaded with networking tools as well as a few hacking tools) 13. Learn how to use Exploits and compile them. (Perl and c++ is must) ETHICAL HACKER Traditionally, a Hacker is someone who likes to play with Software or Electronic Systems. Hackers enjoy Exploring and Learning how Computer systems operate. They love discovering new ways to work electronically. Hacker is a word that has two meanings: 1-Recently, Hacker has taken on a new meaning someone who maliciously breaks into systems for personal gain. 2-Technically, these criminals are Crackers as Criminal Hackers. Crackers break into systems with malicious Intentions An ethical hacker is a computer and network expert who attacks a security system...
Words: 2587 - Pages: 11
...ict director, alpine data insight company | from: | [Your Name] | subject: | PROposal for a research project on ethical computer hacking course | date: | November 9, 2014 | | | Proposal Synopsis Ethical computer hacking is one of the most essential penetration testing tools that has been used over time. Following the previous discussions, this proposal seeks to present the viability of a research project on the Ethical Computer Hacking course. Furthermore, apart from the benefits and associated shortcomings of a course on ethical hacking as a solution, this document presents the methodology for the execution of the research project and further illuminates the qualifications of the research personnel. Project Description Over time, more businesses are increasingly integrating information systems with their core business processes to increase efficiency and the overall output. Information systems have therefore become an integral part of business processes – IT is a key driver of business and governmental processes. In fact, studies assert that both government agencies and business have migrated their data and processing units to the ‘cloud (Vacca, 2012)’. In this sense, both the security threats and attacks on information systems have increased in the same magnitude over time. Corporate data centers have become the center of interest for most security attacks. Unfortunately, even though there have been several incidences of data theft and violation of data integrity...
Words: 1135 - Pages: 5
...Danish Jamil et al. / International Journal of Engineering Science and Technology (IJEST) IS ETHICAL HACKING ETHICAL? DANISH JAMIL Department of Computer Engineering, Sir Syed University of Engineering & Technology, Main University Road, Karachi, Sindh-75300,Pakistan mallick251@hotmail.com MUHAMMAD NUMAN ALI KHAN Department of Computer Engineering, Sir Syed University of Engineering & Technology, Main University Road, Karachi, Sindh-75300,Pakistan mallick89@yahoo.co.uk Abstract : This paper explores the ethics behind ethical hacking and whether there are problems that lie with this new field of work. Since ethical hacking has been a controversial subject over the past few years, the question remains of the true intentions of ethical hackers. The paper also looks at ways in which future research could be looked into to help keep ethical hacking, ethical. Keywords— Ethical hacking, hacking, hackers, education and training, risk management, automated security I. INTRODUCTION Understanding the true intentions of the general public is quite a hard task these days, and it is even harder so, to understand the intentions of every single ethical hacker getting into vulnerable systems or networks. Technology is ever growing and we are encountering tools that are beneficial to the general public, but in the wrong hands can create great controversy, breaching our basic right to privacy, respect and freewill. The constant issues highlighted by the media always reporting some type...
Words: 3974 - Pages: 16
...2011 Ethical Hacking & Penetration Testing ACC 626: IT Research Paper Emily Chow 20241123 July 1, 2011 I. Introduction Due to the increasing vulnerability to hacking in today’s changing security environment, the protection of an organization’s information security system has become a business imperative . With the access to the Internet by anyone, anywhere and anytime, the Internet’s “ubiquitous presence and global accessibility” can become an organization’s weakness because its security controls can become more easily compromised by internal and external threats. Hence, the purpose of the research paper is to strengthen the awareness of ethical hacking in the Chartered Accountants (CA) profession, also known as penetration testing, by evaluating the effectiveness and efficiency of the information security system. 2 1 II. What is Ethical Hacking/Penetration Testing? Ethical hacking and penetration testing is a preventative measure which consists of a chain of legitimate tools that identify and exploit a company’s security weaknesses . It uses the same or similar techniques of malicious hackers to attack key vulnerabilities in the company’s security system, which then can be mitigated and closed. In other words, penetration testing can be described as not “tapping the door” , but “breaking through the door” . These tests reveal how easy an organization’s security controls can be penetrated, and to obtain access to its confidential and sensitive information asset by hackers...
Words: 11999 - Pages: 48