Open in app

Sign in

Write

Sign in

Ethical Hacking | Introduction To Hacking And Linux

YCL Net Suraksha
8 min readApr 7, 2022

INTRODUCTION

In this era of digital world, internet has evolved as a necessity in everyone’s life. Everyone is providing their information on the internet. That has also become an asset to every industry now ; including the world of hacking. In this time of pandemic, we have seen or heard of many cyber attacks taking place which has affected many companies.

The Demand of the people in cyber security domain has started increasing but the hackers that we are providing to the nation is very less. According to a survey, many of the people are not fully aware for securing themselves over the internet. They don’t know much about the internet. All the measures are now being taken to enhance the knowledge of people to be fully cyber aware. In this blog as you have seen the title, we will be now discussing about the term hacking. So, lets start…

What do you mean by the term hacking :

Hacking is the process of gaining unauthorized access through a vulnerability into a system or a network. And, when it is done legally or ethically ( with the permission of user or client ) , then it is known as Ethical Hacking.

Few terms that are frequently used in Hacking :

The term that are frequently used in hacking are as follows :-

  • Threat :- Potential challenge to the security. It give warnings.
  • Vulnerability :- Weakness, loopholes or system flaw that can cause system to compromise.
  • Attack :- Action or event where the exploitation is being done.
  • Exploit :- Technique to make full use of vulnerability.
  • Payload :- Script or a piece of code which is attacked along with the exploit in order to perform a specified task without the authorization of user.
  • Doxing :- When private information is publicly available.
  • Zero Day attack :- If a software has a vulnerability and the attacker attacks on the software before it is patched is known as zero day attack.
  • Daisy Chaining :- Daisy chaining is when different networks or a chain of networks are hacked with same type of information. Then, it is known as daisy chaining.
  • Botnet :- It is basically a compromised machine which are used by hackers to perform attacks like Ddos attack.

What are the types of hackers ?

The hackers are always divided into category according to the work they do. Means what kind like legal stuff, illegal stuff, etc.

  • White Hat Hacker :- They are those people who hack into a system or a network ethically or we can say only with the authorization of owners.
  • Black Hat Hackers :- They are those people who hack into a system or a network for a malicious purpose or for illegal stuff.
  • Grey Hat Hackers :- They are a mixture of both black and white hat hackers. They can do legal and illegal stuff both according to their choice.
  • Noob :- They are new born technical babies who have just entered into the field of cyber security.
  • Script Kiddies :- They are those people who steal someone’s information, method or idea of hacking and hack into a system or a network without any knowledge.
  • Crackers :- They are also known as black hats who hack into a system or a network for a malicious purpose and like the assets. They do stuffing like cracking a paid app and using it for free.
  • Hacktivists :- They hack into a system or a network for any religion , political party, to break down any government, etc.
  • Penetration Testers :- It is an art of hacking in which hacker penetrates into a system or a network only with the authorization of his client.

There are many more like blue , red , green , etc.

What are the tools which are widely used in the field of hacking ?

The tools which are used in hacking are Nmap , Metasploit Framework , Burpsuite , Accunetix , SQL map , Packet Tracer, Splunk, Wireshark, Nessus, Aircrack-ng, Snort, John the Ripper, hashcat.

What are the goals in hacking :

We should always protect the privacy of the organization been hacked by black hat hackers. Transparently report all the identified weakness in the computer system to the organization. Inform hardware and software vendors about the identified weakness.

Which are the type of viruses and how it can be prevented ?

The type of virus are as follows worms, virus, trojan, spyware, etc. Now, we will discuss about a few of them.

  • Virus :- Virus creates multiple copies of itself in the system and harms the files of the system. To prevent that an organization can have coginitive cyber security measures. Each files should be scanned before installing.
  • Trojan :- Trojans are difficult to find out in the system as they look similar to the original applications and their function is same as virus. To prevent that the authentication measures can be in the form of user id’s and strong password, smart card, biometric, etc.
  • Worms :- Worms create copies of itself in the memory of computer but does not harm any of the files. To prevent that an organization should have logical cyber security measures.
  • Spywares :- Spywares are used to spy on a specific system or a network. To prevent that we should use the efficient IPS/IDS systems in today’s cyber security era.

While practicing in the field of Hacking, every hacker should be aware of the ITA section cyber laws made by the government. And if someone did any crime according to that crime what punishment they will get. So, here are some of the laws that we will be talking about…

Section 43 :- Penalty and compensation to damage to computer and computer system. Punishment for 3 years and fine of 1 lakh.

Section 65 :- Tampering with the computer source documents. Punishment for 3 years and fine of 2 lakhs or both.

Section 66 :- Computer related offences. ( This section contain laws from 66A-66F )

Section 66A :- Punishment for sending offensive messages through communication service.

Section 66B :- Dishonestly receiving or retaining any stolen computer resource or communication service.

Section 66C :- Identity Theft ( Like PAN card , Aadhar card , etc ).

Section 66D :- Penalty for false personation through any computer device or communication service.

Section 66E :- Violation of Privacy

Section 66F :- Punishment to cyber terrorism.

Section 67 :- Punishment for transmitting or publishing any obscene material in electronic form.

Section 71 :- Penalty for misrepresentation.

Section 72 :- Breaching Of confidentiality and privacy.

Section 73 :- Punishment for buying and creating electronic false signature certificates.

What is an asset

The Asset is a thing which is valuable like money , information , etc. If we ask a common man that what is an asset for him. He will definitely say money. But for a hacker or a cyber security person someone’s information is the main asset for him/her. Now what are the types of assets for a hacker. There are two types of assets which are as follows :-

  • Digital Asset :- Any information which is available online like Aadhar card , PAN card , cloud storage.
  • Physical Asset :- Any information which is physical available or which we can touch like pen drive , hard disk , memory card, etc.

After, the discussion of the types of assets. Now, we should also know about their security. It promotes and tells us about the component of security.

CIA TRIAD :- The CIA triad are the components of security. These are basically three pillars of security. C for confidentiality, I for integrity and A for Availability.

  • Confidentiality :- Confidentiality tells us about Preventing disclosure of information to unauthorized person.
  • Integrity :- Integrity tells us that data must not be modified by an unauthorized person.
  • Availability :- Availability tells that data must be available all the times. It should be provided at correct time.

Phases in Ethical Hacking

In hacking, there are few phases that are universal and everyone needs to follow them to perform hacking. All these phases are in sequential form. Those phases are as follows:-

Information Gathering :- Information Gathering means gathering different kinds of information about the target. It is basically, the first step or the beginning stage of Ethical Hacking

  • Scanning :- In this phase, we scan the victim and try to find the ports , vulnerabilities , services running on those ports , etc.
  • Gaining Access :- In this field , we try to gain access into a system or network through any vulnerability.
  • Maintaining Access :- In this phase, we try to maintain the access into the system until our work is completed.
  • Clear Tracks :- In this phase, as our is done in the victim pc or network we try to clear the logs so they should not know that someone entered into their system or not.

Types of Operating System:-

Linux is the OS which is used in hacking. But there are many flavours and distributions like Kali Linux, Parrot OS, Ubuntu, Black Arch, Red Hat, etc. Each and every OS provides different services for hacking. So, we will be discussing about few of them.

Kali Linux

Logo of official Kali Linux Operating Systems

It is a Debian-based Linux distribution which is basically used for advanced penetration testing and security auditing purposes. It contains several hundred tools which are used for various information security task such as Penetration Testing, Security Research, computer forensics and reverse engineering.

Parrot OS

Hackers Operating system Parrot OS

Parrot OS is a GNU/Linux distribution based on Debian and designed with Security and Privacy in mind. It includes a full portable laboratory of tools for penetration testing, digital forensics, etc. It is a very popular OS used by many of the hackers.

Ubuntu OS

Logo of Ubuntu OS

Ubuntu is a Debian Linux distribution composed of free and modern open-source software. It is available in three version which is enterprise server, desktop, cloud, and IoT. All the edition can run on one computer alone.

I hope you liked our blog, Share this post to spread the information among your friends……

Kali Linux
Ethical Hacking
How To
Cybersecurity
Cybercrime

--

--

YCL Net Suraksha

Written by YCL Net Suraksha

1 Follower

It is an infosec community which helps to build safe cyberspace with an aim to spread cyber awareness among people and help college and school students

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams