ABSTRACT:

Weve all heard of hackers. Many of us have even suffered the consequences of hacker actions. So who are
these hackers?
Today more and more softwares are developing and people are getting more and more options in their present
softwares. But many are not aware that they are being hacked without their knowledge. One reaction to this
state of affairs is a behavior termed Ethical Hacking which attempts to proactively increase security
protection by identifying and patching known security vulnerabilities on systems owned by other parties.

A good ethical hacker should know the methodology chosen by the hacker like
reconnaissance, host or target scanning, gaining access, maintaining access and clearing tracks. For ethical
hacking we should know about the various tools and methods that can be used by a black hat hacker apart from
the methodology used by him. From the point of view of the user one should know atleast some of these
because some hackers make use of those who are not aware of the various hacking methods to hack into a
system. Also when thinking from the point of view of the developer, he also should be aware of these since he
should be able to close holes in his software even with the usage of the various tools. With the advent of new
tools the hackers may make new tactics. But atleast the software will be resistant to some of the tools

CONCLUSION:
The research paper concludes saying that in a scenario like this in which security is the
most endangered element, ethical hacking comes into existence. Ethical hackers are the
hackers authorized by the company and with an official seal to go about hacking. They are
more intelligent than malicious hackers in the sense they penetrate into the security
system the similar way hackers do and identify the vulnerable areas within. They, the
ethical hackers, have to step into the shoes of malicious hackers and understand the extent
of danger that could be unleashed upon the system.

Table of Contents
INTRODUCTION ...................................................................................................................................................................... 1
1.

1. Security ........................................................................................................................................... 2

Ethical Hacking ....................................................................................................................................................................... 3

TYPES OF HACKING ................................................................................................................................................................. 4
1. Black Hat Hackers or Crackers ................................................................................................................................. 5
2. White-Hat Hacker .................................................................................................................................................... 6
3. Grey Hat Hackers............

INTRODUCTION
Security

Security is the condition of being protected against danger or loss. In the general sense, security
is a concept similar to safety. In the case of networks the security is also called the information security.
Information security means protecting information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction.
Usually the security is described in terms of CIA triads.
The CIA are the basic principles of security in which
C denotes the Confidentiality.
I represents Integrity.
A represents the Availability.

i.

Confidentiality

Confidentiality is the property of preventing disclosure of information to unauthorized

individuals or systems. This implies that the particular data should be seen only by the authorized
personals.
For example in the case of a CREDIT CARD transaction, the authorized person should see the credit
card numbers and he should see that data. Nobody others should see that number because they may use it for
some other activities. Thus the confidentiality is very important.
Confidentiality is necessary for maintaining the privacy of the people whose personal information a
system holds.
ii.

Integrity
Integrity means that data cannot be modified without authorization. This means that the data

seen by the authorized persons should be correct or the data should maintain the property of integrity.
Without that integrity the data is of no use.

Integrity is violated:

when a computer virus infects a computer.

when an employee is able to modify his own salary in a payroll database.

when an unauthorized user vandalizes a web site.

when someone is able to cast a very large number of votes in an online poll.

iii.

Availability
For any information system to serve its purpose, the information must be available when it is

needed. Consider the case in which the data should have integrity and confidentiality. But then the data
is not available for the user or it is not available. Hence the data is of no use even if it have all the other
characteristics. This means that the computing systems used to store and process the information, the security
controls used to protect it, and the communication channels used to access it must be functioning correctly.
All these factors are considered to be important since data lacking any of the above characteristics is useless.
Therefore security is described as the CIA trio. Lacking any one of the CIA means there is a security breach or
breaking.

Ethical Hacking
Ethical hacking also known as penetration testing or white-hat hacking, involves
the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is
legal. Ethical hacking is performed with the targets permission.
The intent of ethical hacking is to discover vulnerabilities from a hackers Viewpoint so systems can be
better secured.
Its part of an overall information risk management program that allows for ongoing security improvements.

Hacker : A hacker is a person who is interested in a particular subject and have an immense knowledge on that
subject. In the world of computers a hacker is a person intensely interested in the arcane and recondite workings
of any computer operating system. Most often, hackers are programmers with advance knowledge of operating
systems and programming languages.
Eric Raymond, compiler of The New Hacker's Dictionary, defines a hacker as a clever programmer.
A "good hack" is a clever solution to a programming problem and "hacking" is the act of doing it.
Raymond lists five possible characteristics that qualify one as a hacker, which we paraphrase here:
A person who enjoys learning details of a programming language or system .
A person who enjoys actually doing the programming rather than just theorizing about it .
A person capable of appreciating someone else's hacking
A person who picks up programming quickly

3. Types Of Hackers.

Hackers can be broadly classified on the basis of why they are hacking system or why they are indulging
hacking. There are mainly three types of hacker on this basis.

Black Hat Hackers or Crackers

.
A black

hat

hacker are individuals with extraordinary computing

skills,

resorting

to

malicious or destructive activities.That is black hat hackers use their knowledge and skil for their own
personal gains probably by hurting others.

White-Hat Hacker

White hat hackers are those individuals professing hacker skills and using them for defensive
purposes. This means that the white hat hackers use their knowledge and skill for the good of others and for
the common good.

Grey Hat Hackers

These are individuals who work both offensively and defensively at various times. We cannot predict their
behaviour. Sometimes they use their skills for the common good while in some other times he uses them for
their personal gains.

4. ETHICAL HACKING
Ethical hacking is also known as penetration testing, intrusion testing or red teaming. With the
growth of the Internet, computer security has become a major concern for businesses and governments.
They want to be able to take advantage of the Internet for electronic commerce, advertising, information
distribution and access but they are worried about the possibility of being hacked. At the same time,
the potential customers of these services are worried about maintaining control of personal information that
varies from credit card numbers to social security numbers and home addresses. In their search for a way
to approach the problem, organizations came to realize that one of the best ways to evaluate the intruder
threat to their interests would be to have independent computer security professionals attempt to break into
their computer systems. This scheme is called Ethical Hacking.
While testing the security of a client's systems, the ethical hacker may discover information about the
client that should remain secret. In many cases, this information, if publicized, could lead to real
intruders breaking into the systems, possibly leading to financial losses.
5. WHAT DOES AN ETHICAL HACKER DO ?
An ethical hacker is a person doing ethical hacking that is he is a security personal who tries to
penetrate in to a network to find if there is some vulnerability in the system. An ethical hacker will always
have the permission to enter into the target network.
An ethical hacker will first think with a mindset of a hacker who tries to get into the system. He will first find
out what an intruder can see or what others can see. Finding these an ethical hacker will try to get into the
system with those information in whatever method he can. If he succeeds in penetrating into the system then
he will report to the company with a detailed report about the particular vulnerability exploiting which he got
in to the system.

6. General Hacking

Ethical hacking is a process in which an authenticated person attacks a security system on behalf of its owners,
seeking vulnerabilities that a malicious hacker could exploit. In order to test the system an ethical hacker will
use the same principles as the ethical hacker uses, but reports those vulnerabilities instead of using them for
their own advantage.

Analogy with Building Robbing

The methodology of a hacker is similar to the one used for usual thefts. Lets consider the case of a bank
robbery. The first step will be to find information about the total transaction of the bank, the total amount of
money that may be kept in the bank, who is the manager, if the security personals have a gun with them etc.
This is similar to the foot printing phase of hacking.
The next step will be to find the ways through which we can enter the building, how many doors are present in
the building, if there is a lock at each door etc. This is similar to the second stage the scanning in which we will
check which all hosts are present, which all services are running etc.
The third step will be to enter the building which is similar to gaining access. For entering in to a
building we need some keys. Like that in case of network we need some ids and passwords. Once we entered
the building our next aim will be to make an easier way inside when I come next time which is analogous to
the next step maintaining access. In the hacking case we use Trojans, back door worms etc like placing a
hidden door inside the building. Then the final step in which we will try to hide the fact that I entered the
building which is analogous to the clearing of tracks in the case of hacking.

Methodology of Hacking

As described above there are mainly five steps in hacking like foot printing, scanning, gaining access,
maintaining access and clearing tracks. But it is not the end of the process. The actual hacking will be a circular
one. Once the hacker completed the five steps then the hacker will start foot printing in that stage and the
preceding stages to get in to the next level.

The various stages in the hacking methodology are

1. Foot Printing
The literal meaning of the word foot printing means a preliminary survey to gain information. This is the first
stage in the methodology of hacking. This is the stage in which the hacker collects information about the
company which the personal is going to hack. This is one of the pre-attacking phases. Foot printing refers to the

preparatory phase where an attacker learns about all of the possible attack vectors that can be used in their plan.

Google

Google is one of the most famous search engines used in the Internet. Using some kind of specialized keywords
for searching we can find much such information that is put in publicly. For example if we use some keywords
like for internal use only followed by the targets domain name we may get many such useful information.
Some times even if the company actually removed from its site, it sometimes gets preserved in the Googles
caches.
One of the main advantages of Google is its advanced search option. The advanced searches have many options
like searching for particular domain, documents published after a particular period of time, files of particular
format, particular languages etc.

Sam spade

Sam spade is a simple tool which provides us information about a particular host. This tool is very much
helpful in finding the addresses, phone numbers etc
.

FIG OF Sam spade

The above fig represents the GUI of the Sam spade tool. In the text field in the top left corner of the window
we just need to put the address of the particular host. Then we can find out various formations available. The

information given may be phone numbers, contact names, IP addresses, email ids, address range etc. We may
think that what is the benefit of getting the phone numbers, email ids, addresses etc.
2. Scanning
Scanning is the second phase in the hacking methodology in which the hacker tries to make a blue print of the
target network. It is similar to a thief going through your neighborhood and checking every door and window
on each house to see which ones are open and which ones are locked.

Super Scan

Super Scan is a powerful TCP port scanner that includes a variety of additional networking tools like ping, trace
route, HTTP HEAD, WHOIS and more. It uses multithreaded and asynchronous techniques resulting in
extremely fast and versatile scanning. You can perform ping scans and port scans using any IP range or
specifies a text file to extract addresses from. Other features include TCP SYN scanning, UDP scanning, HTML
reports, built-in port description database; Windows host enumeration, banner grabbing and more.

Fig of super scan

3. System Hacking
This is the actual hacking phase in which the hacker gains access to the system. The hacker will make use of all
the information he collected in the pre-attacking phases. Usually the main hindrance to gaining access to a
system is the passwords. System hacking can be considered as many steps. First the hacker will try to get in to
the system. Once he gets in to the system the next thing he wants will be to increase his privileges so that he can
have more control over the system. As a normal user the hacker may not be able to see the confidential details
or cannot upload or run the different hack tools for his own personal interest.

4. Password Cracking

There are many methods for cracking the password and then get in to the system. The simplest method is to
guess the password. But in order to make this work easier there are many automated tools for password
guessing like legion. Legion actually have an inbuilt dictionary in it and the software will automatically. That is
the software it self generates the password using the dictionary and will check the responses.
Many types of password cracking strategies are used today by the hackers which are described below.

Dictionary cracking

In this type of cracking there will be a list of various words like the persons childrens name, birthday etc. The
automated software will then make use of these words to make different combinations of these words and they
will automatically try it to the system.

Social Engineering

The best and the most common method used to crack the password is social engineering. In this technique the
hacker will come in direct contact with the user through a phone call or some way and directly ask for the
password by doing some fraud.
5. Maintaining Access
Now the hacker is inside the system by some means by password guessing or exploiting some of its
vulnerabilities. This means that he is now in a position to upload some files and download some of
them. The next aim will be to make an easier path to get in when he comes the next time. This is
analogous to making a small hidden door in the building so that he can directly enter in to the building
through the door easily. In the network scenario the hacker will do it by uploading some softwares like
Trojan horses, sniffers, key stroke loggers etc.

Key Stroke Loggers

Key stroke loggers are actually tools which record every movement of the keys in the keyboard. There
are software and hardware keystroke loggers the directly records the movement of keys directly. For
maintaining access and privilege escalation the hacker who is now inside the target network will upload
the keystroke logging softwares in to the system.
The software keystroke loggers will stay as a middle man between the keyboard driver and the CPU.
That is all the keystroke details will directly come to the software so that the tool keeps a copy of them
in a log and forwarding them to the CPU.

Fig of keylogger

6.Clearing Tracks
A good hacker can always clear tracks or any record that they may be present in the network to prove that he
was here. When ever a hacker downloads some file or installs some software, its log will be stored in the
server logs. So in order to erase those the hacker uses many tools.
One such tool is windows resource kits auditpol.exe.

REFERENCES
1. http://www.google.com
2. http://netsecurity.about.com
3. http://www.eccouncil.org
4. http://www.ethicalhacker.net
5. http://www.securitytube.com
6. http://searchsecurity.techtarget.com
7. http://www.youtube.com