Sunday, June 3, 2012

Career in Ethical Hacking


What is Hacking? 
In computer networking, hacking is any technical effort to manipulate the normal behavior of network connections and connected systems. A hacker is any person engaged in hacking. The term "hacking" historically referred to constructive, clever technical work that was not necessarily related to computer systems. Today, however, hacking and hackers are most commonly associated with malicious programming attacks on the Internet and other networks.



Hacking vs. Cracking

Malicious attacks on computer networks are officially known as cracking, while hacking truly applies only to activities having good intentions. Most non-technical people fail to make this distinction, however. Outside of academia, its extremely common to see the term "hack" misused and be applied to cracks as well.


Cracker
One who breaks security on a system. Coined ca. 1985 by hackers in defense against journalistic misuse of hacker (q.v., sense 8). An earlier attempt to establish ‘worm’ in this sense around 1981–82 on Usenet was largely a failure.Use of both these neologisms reflects a strong revulsion against the theft and vandalism perpetrated by cracking rings. While it is expected that any real hacker will have done some playful cracking and knows many of the basic techniques, anyone past larval stage is expected to have outgrown the desire to do so except for immediate, benign, practical reasons (for example, if it’s necessary to get around some security in order to get some work done).Thus, there is far less overlap between hackerdom and crackerdom than the mundane reader misled by sensationalistic journalism might expect. Crackers tend to gather in small, tight-knit,very secretive groups that have little overlap with the huge, open poly-culture this lexicon describes; though crackers often like to describe themselves as hackers, most true hackers consider them a separate and lower form of life. It’s clear that the term cracker is absolutely meant to be derogatory. One shouldn't take the tone too seriously though, as The Jargon File is done with a sense of humor, and the above is said with a smile. As we can see from the above, illegal or perhaps immoral activity is viewed with disdain by the “true hackers,” whomever they may be. It also makes reference to cracker being a possible intermediate step to hacker, perhaps something to be overcome.

Script Kiddie


The term script kiddie has come into vogue in recent years. The term refers to crackers who use scripts and programs written by others to perform their intrusions.If one is labeled a “script kiddie,” then he or she is assumed to be incapable of producing his or her own tools and exploits, and lacks proper understanding of exactly how the tools he or she uses work. As will be apparent by the end of this chapter, skill and knowledge (and secondarily, ethics) are the essential ingredients to achieving status in the minds of hackers. By definition,
a script kiddie has no skills, no knowledge, and no ethics.

Difference between Hacking and Ethical Hacking
Hacking is getting "unauthorized" access to a computer system or a resource Ethical hacking involves  getting authorized access to resources in order to test if that resource is vulnerable against attacks. The main difference between both the terms lies in the intent of the hacker. A hacker(cracker) breaks into a system or network to use the gathered information in a illegal way whereas an ethical hacker finds the loopholes in the security system only to strengthen it.

Ethical Hacker
An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known aspenetration testingintrusion testing and red teaming. An ethical hacker is sometimes called a white hat, a term that comes from old Western movies, where the "good guy" wore a white hat and the "bad guy" wore a black hat.
One of the first examples of ethical hackers at work was in the 1970s, when the United States government used groups of experts called red teams to hack its own computer systems. According to Ed Skoudis, Vice President of Security Strategy for Predictive Systems' Global Integrity consulting practice, ethical hacking has continued to grow in an otherwise lackluster IT industry, and is becoming increasingly common outside the government and technology sectors where it began. Many large companies, such as IBM, maintain employee teams of ethical hackers.
Ethical hackers attempt to assess the vulnerability of computer systems or networks at the request of the system or network owners. By using the same methodology and resources available to criminal hackers, ethical hackers help identify the weak spots which can be exploited and then programmers are roped in to build up defences to protect the hardware or software. The information security industry is growing at a rate of 21% globally. Frost and Sullivan has estimated that there are 2.28 million information security skilled personnel around the world, which is expected to grow up to 4.2 million by 2015. Ethical hacking is also known as penetration testing, intrusion testing and red teaming


An ethical hacker’s work is  interesting in a way that s/he develops, tests and implements ways in which a network and its data can be protected. An ethical hacker is sometimes called a white hat, a term that comes from old Western movies, where the good guy wears a white hat and the bad guy wears a black hat  

Ethical Hacking as a career
  • The payoff
A fresher after successful completion of an internship can start at Rs. 2.5 lakh per annum and with a year’s experience, s/he can move to the Rs. 4.5 lakh per annum bracket Professionals with work experience of five years or more can expect somewhere between Rs. 10 lakh and Rs. 12 lakh per annum

  • Skills/TRAITS
  1. Primarily the capability to inscribe programmes in several encoding languages akin to C, C++, Perl, Python, and Ruby are a requisite
  2. Being an ethical hacker definitely calls for one to be creative in their understanding of things and coming up with out-of-the-box solutions
  3. Comprehension of assembly language is also indispensable for those into evaluating disassembled binaries
  4. Acquaintance with an assortment of operating systems like Microsoft Windows, various versions of Linux, etc, is crucial
  5. Knowledge in diverse network devices, counting switches, routers and firewalls is absolutely required 
  6. An ethical hacker should possess a fundamental understanding of TCP/IP protocol, for example, SMTP, ICMP and HTTP
  7. Besides technological dexterity, s/he also needs to have soft skills 
  8. Possibly the most essential ability, on the other hand, is flexibility. This is so because while testing software and security systems, ethical hackers cannot expect threats that might crop up, so the ability to be ingenious is imperative

  • Getting there
After passing your Class 12 examinations in science (with physics, chemistry and maths), do a bachelor’s in computer science or computer engineering from a recognised university in the country. While pursuing your undergraduate programme, you may enrol in a certificate course in ethical hacking, which might train you in the various elements in the field. These days, ethical hacking competitions are a rage in engineering colleges. If you are interested in making a career as an ethical hacker, make sure that you participate in these events. You should also enjoy working on computers because a sound base in information technology is a must to excel in this field

No comments:

Post a Comment