Hacking concepts

Hacking concepts



Hacking is the ability to gain entry into systems. Hackers can be black hat hackers who use their talent for criminal or malicious activity. Gray hat hackers tend to be more mischievous than malicious and push the envelope to see if they can gain access into a system. But the white hat hacker are security specialists who are educated on proper and ethical hacking procedures.
In addition to those types of hacking, there’s also the concept of hacktivism, which is using legal and illegal tools to attack computer systems and launch denial service attacks, possibly steal information, deface websites, protest, promote political ideology, or other causes. Hacktivists are willing to take the fall for their activity, yet do not want to risk exposing themselves, so many hang out on the dark web where they can communicate in a secure manner.

 
Well now where is the dark web? Well, if we take a look at this diagram, we see the public web. Now the public web is visible to anyone. Content is found easily using search engines such as Google or Bing and is monitored by the government. The deep web is invisible to most of us, as it cannot be searched or accessed easily. It’s protected by passwords or has meta tags so that robots don’t follow the pages. The dark web is invisible to most, as it is encrypted and uses onion routing between clients. It’s estimated to be over 500 times the size of the public web. And a lot of times, you’ll see it using onion routing, or it’s also referred to as Tor. And here I’m at this website where we can see the TorFlow.

Part of an ethical hacking exercise is vulnerability scanning. Vulnerability scans are commonly done within an organization and it checks for vulnerabilities and patch and configuration issues on networks, applications, operating systems, and devices. When a complete report is generated, it lists the results, and it also gives you a level of severity. And in some cases, it may contain false positives. Now in addition to commercial scanning, there are free scanning tools that are available as well. Now I want you to understand to keep in mind scanning should only be done on your own network or if you’re directed to do so as part of a company’s IT department. Scanning someone else’s system is a passive attack and considered a hostile act.
So let’s take a look at a couple of these sites. Nessus from Tenable is a powerful scanner and this is free for private, non-commercial use. For example, someone that might be just investigating their own network at home. And then there’s Qualys’ FreeScan, which checks SSL issues, malware, and other network related vulnerabilities.
#learn_x_in_y_minutes #hacking #ethical_hacking #concept

#Hacking #concepts

learn x in y minutes

[vid_tags]

Leave a Reply