Translate

Wednesday 3 December 2014

HACKING PHASES

There are five phases in Hacking they are:

Reconnaissance <> Scanning <> Gaining Access <> Maintaining Access <> Clearing Tracks



Reconnaissance:


  • Reconnaissance refers to the preparatory phase where an attacker seeks to gather information about a target prior to launching an attack
  • Reconnaissance could be the future point of return, noted for ease of entry for an attack when more about the target is known on a board scale
  • Reconnaissance target range may include the target organization's clients, employees, operations, network, and systems

Reconnaissance are of two types:

  1. Active Reconnaissance
  2. Passive Reconnaissance

Active Reconnaissance

  • Active reconnaissance involves interacting with the target directly by any means
  • For example, telephone calls to the help desk or technical department

Passive Reconnaissance

  • Passive Reconnaissance involves acquiring information without directly interacting with the target
  • For example, searching public records or news releases

Scanning:


  • Pre-Attack Phase


Scanning refers to the pre-attack phase when attacker scans the network for specific information on the basis of information gathered during reconnaissance

  • Port Scanning


Scanning can includeuse of dailers, port scanners, network mappers, ping tools, vulnerability scanners, etc.

  • Extract Information

Attackers extract information such as live machine, port, port status, OS details, device type, system uptime, etc. to launch attack


Gaining Access:


  1. Gaining access refers to the point where the attacker obtains access to the operating system or applications on the computer or network
  2. The attacker can gain access at the operating system level, application level, or network level
  3. The attacker can escalate privileges to obtain compete control of the systems. In this process, intermediate systems that are connected to it are also compromised
  4. Examples include password cracking, buffer overflows, denail of service, session hijacking, etc.

Maintaining Access:


  1. Maintaining access refers to the phase when attacker tries to retain his or her ownership of the system
  2. Attacker may present the system from being owned by other attackers by securing their exclusive access with Backdoors, RootKits, or Trojans.
  3. Attackers can upload, download, or manipulate data, applications, and configuration on the owned system
  4. Attackers use the compromised system to launch further attacks

Clearing Tracks:


  • Hiding
Covering tracks refers to the activities carried out by an attacker to hide malicious attacks

  • Intentions

The attacker's intentions include:
  • Continuing access to the victims system
  • Remaining unnoticed and uncaught
  • Deleting evidence that might lead to his prosecution

  • Overwriting

The attacker overwrites the server, system,and application logs to avoid suspicion


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)