View Feed
group-icon
Coffee Room
Discuss anything here - everything that you wish to discuss with fellow engineers.
12914 Members
Join this group to post and comment.
Rahul Jamgade
Rahul Jamgade • Jan 11, 2018

Series on Information Security -(Weekly) - Part5

Earlier one needs to have a good in-depth knowledge of the subject, whether it is telephone systems, TCP/IP protocol, Operating systems, Network topology and Services along with a very good programming knowledge to explore the system further and do activities such as hacking and cracking. Hence hackers were supposed to be geek or a nerd.

However as time changed so as the scenario. Now you get ready made tools, documentation, ready made setup and indeed a very sophisticated GUI to do hacking activities. Even you can get readily available scripts you just need to do minor alteration to suit to your needs and direct towards the target and run. Hence the level of skill set required and the knowledge required to do hacking attempt has came down drastically. As you have tools available which you need to just direct towards target and execute. It can do everything right from scanning the machine/network , finding out which machines are up and running, which services are running, which ports are running and of course the vulnerabilities that can be exploited on the system. Hence the hackers nowadays do not need to have in-depth understanding of the system to be attacked and the time taken to exploit the system is less.
However there are exceptions to it. There are people who find out new vulnerabilities and new exploitation methods with the help of detailed study on the subject under consideration. Otherwise we could not have observed new exploits and their patches available on regular basis. The people with less knowledge and understanding about the system and still try to attack the systems with the help of readily available tools and suites are known as Script-Kiddies. Though they are not supposed to be geeks, but still they can be equally harmful at times.

There are numerous tools that are available right from the stage of gathering information about the target to actual executing the attacks. These tools can be categorized as free tools (Open source tools) and commercially available tools that are quiet expensive and are primarily designed for Penetration Testing purpose. As there are thousands of tools that are available in the market, hence one need to have better understanding of the functionalities and capabilities of tool it supports. Here one needs to be very particular so that it matches our requirement. As we study further we will go through many of the tools that are well known in the security arena.

Share this content on your social channels -