(W01M01) Base Knowledge - Free access
This is a brief article with the goal of introducing the reader to the awesome world of Kali Linux. This is not an exhaustive introduction to this Operating System (OS), but its purpose is just to give an idea of the many possibilities provided by this Linux OS which is born as Pen Testing distro but can be used in several others ways.
Introduction
Hacking has always been an interesting topic for new comers to the field of information technology and information security. It is difficult to imagine the total number of graduates from the computer science who starts their careers in the field of information technology; however, it is possible to count the individuals who have reached a real success. The question is why there is so few survivors? The answer is simple! If you want to be successful in information security, you need to have something that no other individual can present at the same time and with the same level of competence. The tutorials of “Hakin9 – how to become certified ethical hacker” will give you theoretical and practical knowledge on how to become a real White Hat security professional, as well as how to prepare yourself for the ethical hacking certification.
What we will cover
If you have a look on current version of requirements for the ethical hacking certification, you will see that it is very wide and covers hundreds of topic; however, it is clear that: “This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure”. The course will not teach you how to work with computer, or how TCP/IP protocols operates. It will teach you how to hack systems and will help to understand the mechanism around it. You should already have the basic knowledge of computer systems, networking, servers and web applications.
Be Ethical
We expect from our trainees to be ethical and not to use the training tutorials and lab access for any illegal activities. According to the law of different countries, any damage or illegal act can lead to financial penalties or imprisonment.
Certification
Our ethical hacker tutorials will prepare your for the EC Council CEH Certification theoretically and give you a solid foundation.
What’s not included?
These tutorials will not strictly cover the topic-by-topic learning as it is written in the official slide. Nonetheless, you will receive the most required expertises and security concepts that will help you to for become a certified ethical hacker!
Who is a hacker?
Any individual who illegally breaks or attempts to break any security measures in order to get an access or authorization to the system, to which he or she doesn’t have any connection.
Nowadays, information security industry has categorized these types of individuals according to their their goals.
Types of Hackers
Generally, information security industry devide hackers into three types:
Black Hats
The experts in computer security with wide range of extra ordinary computer hacking and cracking skills. Their goals are always destructive or malicious. They are also called 'crackers' and usually, offensive by nature.
Gray Hats
The security experts with wide range of information security experience and computer hacking skills. Their goal in not always destructive. They may work both, offensively and defensively. They may be placed between white hats and black hats. Sometimes, they find bugs & vulnerabilities in various applications and systems, and directly report to the vendors to help them to improve their security.
White Hats
Information security professional’s who have gained experience, skills and industry recognitions through the cooperation with different vendors. They are usually hired by different organizations. They are certified ethical hackers and always defensive by nature. In the information security industry there are also other types of hackers:
Script kiddies (unskilled hackers who only used scripts and tools)
Spy hackers (insiders hired by organizations for penetrating)
Suicide hackers (aim to bring down the critical systems and not worried of facing 30 years in jail)
Cyber terrorists (group formed by terrorists organizations)
State sponsored hackers (formed by governments to gain access to sensitive information of other governments)
Hacktivism
Hacktivism in defined as anything in hacking, which has a political agenda. It can be performed by any type of hackers with the exception of white hats. An individual who performs such act is termed as hacktivist. So far, in our tutorial we have presented the key information on different types of hackers and the main goals of hacking. At this stage its pretty much clear that you want to be a White Hat Hacker.
Lets move forward to the next level.
Nowadays, to become a certified ethical hacker is not an easy task. You should have enough experience in IT Security area of knowledge and should be up to date with the current IT Security practices. Why? Because organizations believe that YOU will protect them from malicious hackers!
Pre-requisites
Ethical hacking is the real time hacking which is legally performed by security professionals with the aim of finding bugs and vulnerabilities in organizations. Hence, ethical hacker should be an expert in computer networks, application security, networking concepts and other information security concepts. And last but not least, the hands-on experience in Windows and Linux environment, altogether with thenetworking operating systems, will help to become a good security professional.
Hackers Methodology
Many books will provide you with different methodologies and frameworks on how to hack or, simply, how to perform penetration testing. Lets look at the hacking phases.
The five key hacking phases make the complete cycle of how hacking occurs and how hacker steals or performs destruction.
Reconnaissance
Scanning
Gaining Access
Maintaining Access
Clearing Tracks
Nevertheless, these are the set phases and every hacker has his own way of hacking into systems. The main idea of presented hacking process is to show how exactly hacking is performed.
Essential terminologies in Information Security
Before we start explaining the hacking phases, lets have a look at the following key IT Security terminologies, which are widely used and important for understanding the overall hacking cycle.
The CIA Triangle
In the field of information security CIA stands for Confidentiality, Integrity and Availability.
Confidentiality
It is assurance that the information that is supposed to be accessed only by specific individual is, actually, only accessible to those people.
Integrity
Information is accurate, unchanged and reliable.
Availability
Is the assurance that systems, applications, resources and data are available on request. In real world, hackers do targets the CIA triangle in order to either access the necessary information or create downtime and make resources unavailable. They may compromise the integrity of the resources and information, which lead to compromising the CIA triangle of the entity.
Essential terminologies in Hacking
It is very important for an ethical hacker to have a deep understanding of the following issues:
Vulnerabilities
Threats
Exploits
Payloads
Zero-day attack
What is Vulnerability?
Vulnerability is generally defined as the weakness. It could be in the design, source of the application, configuration of the IT environment, including people –processes – technologies.
What is Threat?
It is a combination of vulnerability and the motivation factors. Threat is also defined as a set of any circumstances or processes that lead to disastrous outcomes.
What is Exploit?
A malicious piece of software code that is written to gain an illegitimate access to the IT environment. Exploits are written to use the weakness of the respective environment. It is simply design in a way to break the information security controls.
What is a payload?
Payload is simply a part of an exploit; payload is an actual piece of code that is written to perform specific tasks.
What is Zero-Day attack?
An attack in which hacker exploits certain vulnerability before launching any patch from the vendor for this vulnerability.
The phases of Ethical Hacking
These are the various phases of hacking:
1) Reconnaissance – the preparatory phase
Reconnaissance is the information-gathering phase in the ethical hacking phases cycle. In this phase Hackers collect as much information about the target as possible. They learn more about the target and prepare strategy for next phases.
Types of reconnaissance
There is two types of Reconnaissance based on the information:
Passive Reconnaissance
Active Reconnaissance
Passive Reconnaissance
This type of information gathering is performed when hackers doesn’t want to interact with the targeted system or IT environment directly. In this type hackers use publicly available information about target. Example: Social Engineering, Dumpster Diving, and Whois Lookup.
Active Reconnaissance
Similarly, active reconnaissance is performed when the hacker gains more accurate information about the targeted IT environment through direct interaction. Example: Port Scanning.
2) Scanning
Sometimes scanning overlaps with active reconnaissance and can be called logical extension of the active reconnaissance. Scanning is performed to gain more information about the live systems, informational networks, services running on these systems, and the applications, hosted within the DMZ environment.
Types of Scanning
Scanning can be further categorized into different types, based on the information you are trying to gain about target. Generally, scanning is divided into following three following types:
Live Systems Scanning
Ports Scanning
Vulnerability Scanning
Live System Scanning
Performing all these types of scanning in one go is sometimes quite risky and generates more alerts. Usually hackers and security professionals first, check how many systems that are out of targeted range available (up and running). This is usually performed with the help of live system scanners. ICMP Sweeps are commonly known techniques for gaining this information.
Port Scanning
Port scanning is the next step after understanding which system is live. Now, hackers try to find which ports are open and gather information about the services hosted in these systems. Port scanning is performed by the use of port scanners.
Vulnerability Scanning
This is the last step in scanning phase. It occurs at the end of scanning phase and before the beginning of exploitation. On this phase, hackers identify vulnerabilities in the discovered services from the previous phase. Vulnerability Scanning is performed by use of vulnerability scanners.
3) Gaining Access
This is the phase in which the real hacking attempts are performed. Here, hackers gain the access to all sensitive information. Hackers reach the goal by achieving the set motive, for instance, gaining the access to databases or operating system or defacing the public website of the targeted organization. Actual damage occurs in this phase. This is the most critical part of hacking phases.
4) Maintaining Access
In this phase hackers use the compromised system to further propagate their access and, by applying the similar methodology, use the compromised system as base system. For such purposes deployment of Trojans are useful.
5) Clearing Tracks
Once the system is compromised and hackers have played with the system and performed the tasks to maintain the access, they clean their tracks by means of clearing log trails. At this stage you understands the basics of how hackers compromise the system by using set of methodologies and different phases.
Summary
In this module we have presented the introductory information to build the knowledge base, which will help you in other modules.
Lab Requirement
This module doesn’t require lab hands-on training separately; however, upcoming modules labs will inherently cover this module.