Friday, April 2, 2010

Introducing ethical hacking

Ethical hacking the process where an individual uses tools to strengthening the strength of your computer by testing the security of your system through physically (electronically actually) hacking it. It is a form of hacking (breaking into a computer system) that is legal (to the best of my knowledge). But I caution readers to check laws before proceeding because laws are different depending on area and change over time.

Many IT practitioners conduct these tests to confirm that their security system can stop the real hackers. Ethical hacking allows one to test their computer security policies and plug up holes before the real bad guys get to it.

From Hacking for Dummies, Chapter 1:

You need protection from hacker shenanigans. An ethical hacker possesses the skills, mindset, and tools of a hacker but is also trustworthy. Ethical hackers perform the hacks as security tests for their systems.

If you perform ethical hacking tests for customers or simply want to add another certification to your credentials, you may want to consider the ethical hacker certification Certified Ethical Hacker, which is sponsored by EC-Council. See www.eccouncil.org/CEH.htm for more information.

Ethical hacking — also known as penetration testing or white-hat hacking —involves the same tools, tricks, and techniques that hackers use, but with one major difference: Ethical hacking is legal. Ethical hacking is performed with the target’s permission. The intent of ethical hacking is to discover vulnerabilities from a hacker’s viewpoint so systems can be better secured. Its part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.

For anyone interested in the topic, I will continue to post more on the topic. Also check out Hacking for Dummies to anyone really interested or urgently need to revise their security policy. >> Ethical Hacking Cont.

No comments:

Post a Comment