Series on Information Security -(Weekly) - Part5
Earlier one needs to have a good in-depth knowledge of the subject, whether it is telephone systems, TCP/IP protocol, Operating systems, Network topology and Services along with a very good programming knowledge to explore the system further and do activities such as hacking and cracking. Hence hackers were supposed to be geek or a nerd.
However as time changed so as the scenario. Now you get ready made tools, documentation, ready made setup and indeed a very sophisticated GUI to do hacking activities. Even you can get readily available scripts you just need to do minor alteration to suit to your needs and direct towards the target and run. Hence the level of skill set required and the knowledge required to do hacking attempt has came down drastically. As you have tools available which you need to just direct towards target and execute. It can do everything right from scanning the machine/network , finding out which machines are up and running, which services are running, which ports are running and of course the vulnerabilities that can be exploited on the system. Hence the hackers nowadays do not need to have in-depth understanding of the system to be attacked and the time taken to exploit the system is less.
However there are exceptions to it. There are people who find out new vulnerabilities and new exploitation methods with the help of detailed study on the subject under consideration. Otherwise we could not have observed new exploits and their patches available on regular basis. The people with less knowledge and understanding about the system and still try to attack the systems with the help of readily available tools and suites are known as Script-Kiddies. Though they are not supposed to be geeks, but still they can be equally harmful at times.
There are numerous tools that are available right from the stage of gathering information about the target to actual executing the attacks. These tools can be categorized as free tools (Open source tools) and commercially available tools that are quiet expensive and are primarily designed for Penetration Testing purpose. As there are thousands of tools that are available in the market, hence one need to have better understanding of the functionalities and capabilities of tool it supports. Here one needs to be very particular so that it matches our requirement. As we study further we will go through many of the tools that are well known in the security arena.
However as time changed so as the scenario. Now you get ready made tools, documentation, ready made setup and indeed a very sophisticated GUI to do hacking activities. Even you can get readily available scripts you just need to do minor alteration to suit to your needs and direct towards the target and run. Hence the level of skill set required and the knowledge required to do hacking attempt has came down drastically. As you have tools available which you need to just direct towards target and execute. It can do everything right from scanning the machine/network , finding out which machines are up and running, which services are running, which ports are running and of course the vulnerabilities that can be exploited on the system. Hence the hackers nowadays do not need to have in-depth understanding of the system to be attacked and the time taken to exploit the system is less.
However there are exceptions to it. There are people who find out new vulnerabilities and new exploitation methods with the help of detailed study on the subject under consideration. Otherwise we could not have observed new exploits and their patches available on regular basis. The people with less knowledge and understanding about the system and still try to attack the systems with the help of readily available tools and suites are known as Script-Kiddies. Though they are not supposed to be geeks, but still they can be equally harmful at times.
There are numerous tools that are available right from the stage of gathering information about the target to actual executing the attacks. These tools can be categorized as free tools (Open source tools) and commercially available tools that are quiet expensive and are primarily designed for Penetration Testing purpose. As there are thousands of tools that are available in the market, hence one need to have better understanding of the functionalities and capabilities of tool it supports. Here one needs to be very particular so that it matches our requirement. As we study further we will go through many of the tools that are well known in the security arena.
Replies
You are reading an archived discussion.
Related Posts
The good old crystal radio set.
I had made one more than sixty five years back. Only the local AM station would work.
The 3D printing part can be skipped....
Many of the input signals have desired frequency, waveform but this signals cannot be used because of its small amplitude. This is because the circuits or the devices need desired...
Hi everyone
Which has more strength Joining same materials(Steel+Steel) or Joining two different materials(Steel+cast iron) ?
We have all applied for jobs, haven’t we? While applying for any job does it come to your mind is there a perfect time in which our chances of getting...
Uncovering More on the Quantum Mechanical Basis of Heat Transfer