A Systematic Process
Although portrayed otherwise in Hollywood films and in television
shows, hacking is a systematic, tiresome process in which the attacker
attempts methodically to locate computer systems, identify their
vulnerabilities, and then compromise those vulnerabilities to obtain
access. Experts have identified six steps that are generally followed in
the hacking process. These include (1) footprinting (reconnaissance);
(2) scanning; (3) enumeration; (4) penetration; (5) advance; and (6)
covering tracks.
The first technique often used by hackers is called footprinting. The
objective is to gather information essential to an attack and enable an
attacker to obtain a complete profile of an organization's security
posture. During this phase, the hacker might gain information about the
location of the company, phone numbers, employee names, security
policies, and the overall layout of the target network. Often, hackers
can perform this work with a simple web browser, a telephone, and a
search engine. Unfortunately, humans are often the weakest security link
in a corporation. A clever phone call to the technical support
department can often compromise critical information: "Hi—this is Bill
and I forgot my password. Can you remind me what it is?
0 comments:
Post a Comment