Ethical hacker: Difference between revisions
imported>David Drever (Created page with "{{subpages}} <!-- Please ignore (but don't delete) any formatting that you are not familiar with. Others will probably chime in to help you set things up. --> An '''ethical''' o...") |
imported>David Drever |
||
Line 25: | Line 25: | ||
==What an ethical hacker looks for== | ==What an ethical hacker looks for== | ||
A White Hat will use ethical hacking methods to answer three basic questions: | A White Hat will use ethical hacking methods to answer three basic questions: | ||
#What can an intruder see on the target systems? | #What can an intruder see on the target systems?<ref name=Ethical>{{cite web | ||
| url= http://pdf.textfiles.com/security/palmer.pdf | |||
| title= Ethical hacking | |||
| author=C.C.Palmer | |||
| accessdate=2012-03-10 | |||
}}</ref> | |||
#*What data is available to a hacker should he\she gain access to the systems? This could be anything from pictures to business documents to information databases. | |||
#What can an intruder do with that information?<ref name=Ethical/> | |||
#*Can the intruder read the data, copy the data or even delete the data? Can they modify the data they gain access to in any way? | |||
#Does anyone at the target notice the intruder’s attempts or successes?<ref name=Ethical/> | |||
#*Are there any alerts should a hacker gain access to the target system? This is probably the most important question that a White Hat will answer because it indicates how long an attacker may attempt to gain access to a system before they succeed fully (and they will eventually given enough time). | |||
==References== | ==References== |
Revision as of 19:13, 10 March 2012
An ethical or “white hat” hacker is the term given to an expert in information technology security. Ethical, meaning they do not use their skills to access systems for personal gain (this is the term given to a “black hat” or non-ethical hacker), but instead use their knowledge and experience to test systems for exploits and vulnerabilities to protect these systems.[1]
History of the Ethical Hacker
Ethical hacking began as early as the 1970’s when the US government attempted to hack it’s own system.[2] Later, in the 1980’s ethical hacking moved into the telecommunications business where they had been targets of “cybervandals” trying to damage local telephone companies. In the 1990’s as banks became more available online, they too began to make use of ethical hacking to protect themselves. Following shortly behind the banks came e-commerce websites (think Amazaon) who also made use of ethical hacking to protect themselves.[3]
What an ethical hacker looks for
A White Hat will use ethical hacking methods to answer three basic questions:
- What can an intruder see on the target systems?[4]
- What data is available to a hacker should he\she gain access to the systems? This could be anything from pictures to business documents to information databases.
- What can an intruder do with that information?[4]
- Can the intruder read the data, copy the data or even delete the data? Can they modify the data they gain access to in any way?
- Does anyone at the target notice the intruder’s attempts or successes?[4]
- Are there any alerts should a hacker gain access to the target system? This is probably the most important question that a White Hat will answer because it indicates how long an attacker may attempt to gain access to a system before they succeed fully (and they will eventually given enough time).
References
- ↑ wiseGeek. What Is Ethical Hacking?. Retrieved on 2012-03-10.
- ↑ Marilyn Leathers. A Closer Look at Ethical Hacking and Hackers. Retrieved on 2012-03-10.
- ↑ Bill Coffin. It Takes a Thief: Ethical Hackers Test Your Defenses. Retrieved on 2012-03-10.
- ↑ 4.0 4.1 4.2 C.C.Palmer. Ethical hacking. Retrieved on 2012-03-10.