October 1st, 2002, 05:43 AM
Ethical Hackers are computer security professionals hired by organisations who would employ the same tools and techniques as the intruders to evaluate the target systems' security to discover vulnerabilities and then formulate instructions for its remedy.
The world is witnessing a formidable change of paradigm with the advent of Internet. However; the bedrock of advantages that the Internet offers, which is its openess, is also its greatest disadvantage. Words like Hacking and Cybercrime are dominating everybody's attention today. Sensing the alarmingly growing role of e-security of today's world of vulnerable businesses, Ethical Hacking comes into the picture.
There is a cat and mouse game going on between hackers and security experts. A company develops a "foolproof" security mechanism only to find that a hacker has broken into the system.
An acknowledged fact is that the hackers are becoming more intelligent day by day, but then an acknowledged fact also is that 'ethical hackers, the protectors' are becoming intelligent too by exploiting the vulnerabilities in existing software and products.
When there is refused access to the computers, some users are prodded to challenge the access controls that had been put inplace by stealing passwords or account numbers and getting hold of system bugs in order to be able to run the program of their choice, or just to change the limitations under which their programs were running.
Hence Ethical Hackers are computer security professionals hired by organisations who would employ the same tools and techniques as the intruders to evaluate the target systems' security to discover vulnerabilities and then formulate instructions for its remedy.
Typically, a Ethical Hacker should pocesses adequate technical skill sets in both hardware and software. These skills are necessary for the actual vulnerability testing, but are equally important when preparing the report for the organisation after the test.
Ethical Hackers should posses the quality of being honest and trust-worthy for the simple reason that while auditing and testing the security of the organisation's systems, he will uncover confidential information which has to be safeguarded by in the organisation's interest to avoid hackers breaking into the systems and causing harm.
Hence it's an issue of safeguarding the sensitivity of information gathered during an evaluation, which has to be handled by the trustworthy Ethical Hacker.
The candidate requires to continiously update himself and review his work. In the realm of computer security, the Ethical Hacker has to know the techniques of outside hackers, how their activities can be detected and controlled.
Going beyoud identifying areas of weakness they also have to offer complete solutions that address the vulnerabilities and guard the networks and applicatins against unauthorised access.
Discoveries made by Ethical Hackers during the evaluation are fomulated into a final report. This report has to intensively and extensively mention and explain all the vulnerabilties, which were found to exist. Besides, the report should educate the organisation about the potential pitfalls and guarantee robustness of its infrastructure. This exercise is highly advisable as a recurring event so that weaknesses are guarded against.
Suggestions and opinions.
October 1st, 2002, 05:52 AM
Fuc**** C&P post!!!! If you're gonna post something by someone else at least give credit. Original piece here.
\"When I give food to the poor, they call me a saint. When I ask why the poor have no food, they call me a communist.\" -- Dom Helder Camara
October 1st, 2002, 05:58 AM
wow, dude you are a genious, I bow....
October 1st, 2002, 06:28 AM
I dunno why all these 'HACKER' FAQs' begin by telling everone that ethical hacking involves some whiteguy in a suit sitting in a office while looking after a PC.
You don't have to be a corprate security executive to be a 'HACKER' yet peaple are being brainwashed into thinking that hacking is always involved in either makeing or breaking security.