Series on Information Security -(Weekly) - Phases of Hacking- Part9
Whenever we work on any project such as computer based application development, it will have different phases such as Planning, designing , development, verification, maintenance etc. Same is the case when we deal with the Information Technology Security aspects looking from the attackers perspective.
To be successful in compromising a system, an attacker follows the steps as mentioned. These are better known as phases of Hacking and are as per mentioned below.
a. Foot printing and Reconnaissance
b. Scanning and Enumeration
c. Gaining Access
d. Back-doors / Maintaining Access
e. Covering Tracks
As we progress we will go through each phase of the attack into much greater details. As of now we just need to remember that every phase of attack is very important and there is no way that we can bypass any of the phases. So let us look at them one by one.
Foot printing:
Foot printing is gathering information about an organization over a period of time that includes information about the company point of contacts, DNS records, any archive of the site, the information about the technology used in the company which we can collect from the company websites itself.
It is the first stage of hacking. In this stage the attacker will gather information about the target network. it involves information-gathering behaviors that aim to profile the target organization or network for the efficient attack tactics. These are points of access for future attacks. The information gathering means could include ping sweep, snmpwalk etc. Though the attack does not seem to be serious in nature, but one should not forget that it is the first stage to an actual attack that could bring more damage at a later stage. Hence instead of ignoring such type of attacks , more care and investigation needs to be done at this stage itself so that any further damage can be avoided and system administrators/security professionals are in a alert state. There are two aspects of reconnaissance phase namely, Technical and Social engineering. One other aspect of this phase is known as "Dumpster Diving" which means searching for information in the dustbin.
The reason of reconnaissance attack is to gather following information,
Accessible host : This can be done via ping request. It helps to find Host that are up and running. A useful tool is Angry Scanner
Open ports : It helps to find which applications and services are running. Nmap is a great tool to do that.
OS and service detection : This will help you to find the Operating systems and the service version etc. This eventually leads to exploit. Again Nmap is a tool that can be used here.
N.B : Here we will talk about the tools that are free / Open source.
In the next section we will talk about Reconnaissance.
To be successful in compromising a system, an attacker follows the steps as mentioned. These are better known as phases of Hacking and are as per mentioned below.
a. Foot printing and Reconnaissance
b. Scanning and Enumeration
c. Gaining Access
d. Back-doors / Maintaining Access
e. Covering Tracks
As we progress we will go through each phase of the attack into much greater details. As of now we just need to remember that every phase of attack is very important and there is no way that we can bypass any of the phases. So let us look at them one by one.
Foot printing:
Foot printing is gathering information about an organization over a period of time that includes information about the company point of contacts, DNS records, any archive of the site, the information about the technology used in the company which we can collect from the company websites itself.
It is the first stage of hacking. In this stage the attacker will gather information about the target network. it involves information-gathering behaviors that aim to profile the target organization or network for the efficient attack tactics. These are points of access for future attacks. The information gathering means could include ping sweep, snmpwalk etc. Though the attack does not seem to be serious in nature, but one should not forget that it is the first stage to an actual attack that could bring more damage at a later stage. Hence instead of ignoring such type of attacks , more care and investigation needs to be done at this stage itself so that any further damage can be avoided and system administrators/security professionals are in a alert state. There are two aspects of reconnaissance phase namely, Technical and Social engineering. One other aspect of this phase is known as "Dumpster Diving" which means searching for information in the dustbin.
The reason of reconnaissance attack is to gather following information,
Accessible host : This can be done via ping request. It helps to find Host that are up and running. A useful tool is Angry Scanner
Open ports : It helps to find which applications and services are running. Nmap is a great tool to do that.
OS and service detection : This will help you to find the Operating systems and the service version etc. This eventually leads to exploit. Again Nmap is a tool that can be used here.
N.B : Here we will talk about the tools that are free / Open source.
In the next section we will talk about Reconnaissance.
0