Ethical Hacker’s Test’

Posted by Milind Koyande | 6:45 PM | 0 comments |

Wanna know what exactly Ethical Hackers Do to Secure Networks? Just Check this out

Securing any network (or system) consists of several tests. Based on the results of these tests, ethical hackers secure the weakness of that network. Depending on such tests ethical hacking is classified as following:

White Box Testing: Ethical Hacker, who is performing this test have fill knowledge of the network. He knows the basic hierarchy of the network. Also he knows which operating systems are running, what the security measures are taken, which software company uses for their work and every single detail of it.

And then he plans how to find the system’s vulnerabilities and attack it. But this type of test is not effective, as he already knows where weakness is in the system. He can directly intrude there and perform the task. So such tests are preferred in low priority sections of network.

Black Box Testing: From the above explanation you might have guessed that how black box is performed. In this test ethical hacker has no knowledge of the network, not even the infrastructure of the company. He doesn’t know how network is classified and what is going on ‘in there’. This is where the skill of every ethical hacker is waiting for. So what he will do now?

He tries to get information from the outside. Every detail of the company, its history, or from some past employees of the company is helpful for him. From all information he gathered, he makes fingerprint of the company network. Fingerprint diagram is made on a paper with details he received. He fails to get access to some details obviously, so he assumes them and prepares a fingerprint of the same. (Not one, two or three – if one fails he uses the other)

Then he attacks from the network from outside. (By using the internet)

And then he finds vulnerabilities of the network as criminal hacker do. This is where network is actually subjected to its security test. This is best for securing network and every company prefers it.

Now again, the above test consists of two parts named vulnerability and penetration testing. The vulnerability assessment is done by automated tolls and hackers just checks the results and secures weakness. For penetration test, hacker actually finds vulnerabilities, tries to exploit every single of it, and then determines how this would affect the network. Based on result he eliminates some of them whichever possible and remaining are secured one bye one.

Some prefer either the black box or the white box test, and others prefer both. Doesn’t matter what kind of test you are performing, aim is only one- “Security”.