StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Ethical Hacking - Research Paper Example

Cite this document
Summary
This paper entitled "Ethical Hacking" investigates the cases of cyber attacks. As the author puts it, there have been many cyber attacks in the past that have weighed heavily on the shoulders of the victims. Three of the many examples are described in the paper. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER95.1% of users find it useful
Ethical Hacking
Read Text Preview

Extract of sample "Ethical Hacking"

Ethical Hacking 1. Threats There have been many cyber attacks in the past that have weighed heavily on the shoulders of the victims. Three of the many examples are described here. Black Hat Crackers worked to take advantage of computer systems, and Jonathan James has been a big name among black hat crackers. He was sentenced at the age of sixteen and told the press that all he did was for fun. One instance of his great hacking is installing a backdoor into a Defense Threat Reduction Agency server and hacking sensitive information and employees’ data. In June 2005, the computer specialist, Michael Haephrati and his wife Ruth, who belonged to London, were caught sending Trojan horse softwares to criminal parties. Due to this, the US Computer Emergency Readiness Team announced that criminals were sending email attachments with Trojan horses to anonymous people to get access to their computer systems. According to PR Log (2009), a Press Release, twenty fake identity factories had been sealed which were being operated by criminals who produced cloned driving licenses and utility bills. The Metropolitan Police was able to track down these factories in an Operation, arrested the criminals and closed the factories. If such criminals keep on getting caught, then this would be a good lesson for those who think of crossing the ethical boundaries in interacting with social media and in carrying out e-marketing. 2. Tools Black hat crackers gain access to a computer system with malicious attacks. They destroy files or steal the sensitive information and disclose it to other hackers or to the public without the victim ever knowing it. Dumpster Diving is a tool used by black hat hackers/crackers in which they gain access to the trash and recycle bins to get files that the users have deleted from their system. Then they use these files to gain access to their network. “Dumpster diving is looking for treasure in someone else's trash” (SearchSecurity.com, 2002). The main targets are the usernames and passwords. Large corporations throw away in real dumpsters as well as computers’ recycle bins sticky notes with invoices, emails, phone numbers, passwords and other sensitive information, and no one expects anyone to peep into this trash. Dumpster divers consider this trash as their real treasure. Dumpster diving has been in use since the advent of computers and works on all sophisticated operating systems. The key is never to throw in trash important information like social security numbers into trash bins. Emptying recycle bins regularly is also very necessary. 3. Networks Network security threats include malware, anti-DNS pinning, banner grabbing, backjacking, hacking, land attack, blue boxing, domain hijacking, identity theft, fraud, backdoor, DoS (Denial of Service) attacks, data flood, malicious code, document grinding, and enumeration. Anderson (2008), who works with NTI (New Technologies, Inc.) writes about an identity theft case: NTI was involved in a case where an individual assumed the identity of a past employee that had been discharged by a business. That identity was used, over the Internet, to terrorize a female Human Resources Manager who had fired the individual. After several weeks of investigation we discovered that the communications were fabricated by a peer worker within the corporation. In a network, those computers must be physically secured that hold sensitive information and network passwords on them. These may be kept in a separate room that is physically secured away from public. All sensitive servers and networks should be secured from the enemy by means of firewalls, code encryption and decryption (cryptography) and intrusion detection system because if the server has been physically accessed, then it is very easy to reboot it and gain access to its hard drives. Without an access control system, the information will be totally naked to everybody. Access control ranges from locking the door to locking the whole network from unauthorized or unauthenticated access. Firewalls should be configured to prevent links between public servers and the database components that store the cardholder’s information. The system must be secured through strong passwords that are not vendor-supplied. 4. SQL or Web An SQL injection is an attack that occurs when the hackers take advantage of such user input that is not validated by the system and which is vulnerable enough to pass malicious SQL commands through Web which causes a corrupt execution of the backend database. PC World Magazines report that many IP addresses from China have been attacking Microsoft websites through SQL injections and SQL server (Burleson, 2008). The attack used malware that corrupted users’ browsers whenever they visited Microsoft websites. Such SQL injections can be prevented by telling the developers to stop creating dynamic databases to prevent such user inputs or malicious SQL queries that hinder with the logic of the query in execution. SQL injection prevention can be made very simple if parameterized queries and stored procedures are used and user supplied input is escaped. 5. Wireless Wireless networking has gained immediate popularity in the last few years. To maintain security of wireless networks, such as smart phones and iPADs, is a bit difficult as compared to wired networks. The reason for this is that it is easier to interrupt the radio waves used by wireless networks to propagate information or signals than those pulses that are being propagated through cables and wires. However, WEP (wireless equivalent privacy) is a privacy protocol or a security system based on IEEE 802.11 which provides protection against intrusion to the WLANs. Still, WEP has been found to have discrepancies, such as, the size of WEP’s initialization vector (IV) is said to be very small along with non-specified key management. These weaknesses make many big businesses stuck to the good old wired networks until the security is made guaranteed. 6. Physical Security Physical security is generally defined as the measures taken to ensure the security of workforce, system devices and equipment, resources, documents and sensitive information stored on physical media (like hardware programs and networks) from damaging proceedings like unauthorized access, fire, espionage, burglary, theft, vandalism, accidental loss or intentional crime that could cause severe harm to an activity, organization or establishment. In addition to this, physical security also provides assistance on scheming of such structures which help in deterring hostile operations. In terms of computers and internet, physical security is defined as a blockade placed about a computing system using secured operating systems and other protective measures to prevent unauthorized access to the information stored on it. The first and foremost thing is that the system which contains sensitive and crucial information should be kept away from public place. Use the ‘lock everything’ approach. Physical security may start from as little a thing as locking the doors and windows and using security systems like burglar alarms and security cameras with automatic log footage, and end at as complex a method as securing the whole network. One must look for devices that lock the computer cases to desks and lock the disk drives and the CPU as well. There are alarms and case locks that prevent a foreign keyboard, mouse or any other electronic component to get attached to the system. Furthermore, the system must be password protected. If there is an external device attached to the system like a webcam, a microphone, a card reader, or a Bluetooth device, then it would be wise to remove them from the system during off-hours. It is important to ensure that the room or building where the network is being secured has properly locked door, windows, ceilings and gates with guards properly manned reception desks. Many organizations use card key system or human security to eliminate the risk of unauthorized access. With the help of this card key system, each employee accessing the network can be recognized separately. References Anderson, M.R. (2008). Identity theft in financial crime cases. Identity Theft: Computer Forensics to the Rescue. Retrieved September 22, 2010, from http://www.forensics-intl.com/art18.html Burleson, D. (2008). Massive SQL Injection Attacks hit Thousands. Retrieved September 22, 2011, from http://www.dba-oracle.com/oracle_news/news_sql_server_injection_attacks.htm PR Log. (2009, October 15). Fake ID Factories Raided, [Press release]. Bedfordshire: PRLog.Org. SearchSecurity.com. (2002). Dumpster Diving. Retrieved September 22, 2011, from http://searchsecurity.techtarget.com/definition/dumpster-diving Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Ethical Hacking Research Paper Example | Topics and Well Written Essays - 1250 words”, n.d.)
Retrieved de https://studentshare.org/information-technology/1391380-ethical-hacking
(Ethical Hacking Research Paper Example | Topics and Well Written Essays - 1250 Words)
https://studentshare.org/information-technology/1391380-ethical-hacking.
“Ethical Hacking Research Paper Example | Topics and Well Written Essays - 1250 Words”, n.d. https://studentshare.org/information-technology/1391380-ethical-hacking.
  • Cited: 0 times

CHECK THESE SAMPLES OF Ethical Hacking

The Ethical Hacking Issues

Ethical Hacking Name: Lecturer: Institution: Course: Date: ABSTRACT The researcher provided a brief introduction of the Ethical Hacking issues and the way cybercrimes has increased due to rapid technological advancement.... hellip; It included literature materials in order to examine the way the previous scholars have argued about Ethical Hacking issues.... INTRODUCTION Ethical Hacking as a risk management technique is the use of programming skills in determining vulnerabilities in the computer system....
5 Pages (1250 words) Research Proposal

Ethical Hacking: the Three Shades White Hat, Black Hat, Gray Hat

This paper ''Ethical Hacking: the Three Shades White Hat, Black Hat, Gray Hat'' undertakes a review of the literature relating to Ethical Hacking and its related concepts.... On the other hand it is worthwhile to note that Ethical Hacking is offered as a course in some universities, as in the case of a course offering in Northumbria University, entitled Ethical Hacking for Computer Security Bsc.... This testifies to many things, among them being that Ethical Hacking is a mainstream, legitimate activity, rather than something that can be deemed as criminal....
9 Pages (2250 words) Literature review

How Hacking Can Be Helpful

Although the concept of Ethical Hacking can be helpful for companies to improve their security levels, today hacking techniques are widely used for supporting illegal purposes like credit card fraud and information theft.... The paper "How hacking Can Be Helpful" clears up the practice of hacking can help companies identify vulnerabilities in their security systems or computer networks and improve security levels.... People engage in unethical hacking to demonstrate their programming skills or earn money....
12 Pages (3000 words) Essay

Ethical Hacking as Effective Coping of Criminal Hacking

In this regard, internet has resulted in commencement of various beneficial things such as electronic commerce, e-mail, e-advertisement, and e-education; however, along with such technological advancements, there is one major issue among the various IS security related issues; hacking (McClure & Shah, pp.... In other words, a huge number of issues and threats exist in the world of information systems; however, hacking is one of the major issues that have been deteriorating the security of information security systems, which will be the focus of this report in detail....
5 Pages (1250 words) Essay

Ethical versus Unethical Hacking

The paper "Ethical versus Unethical hacking" highlights that the boundary between ethical and unethical hacking is slim, and it calls for qualities such as trustworthiness to ensure that system administrators do not use sensitive information maliciously.... hellip; hacking is a popular term today for all the wrong reasons, which include cybercrime, system intrusion, and security breaches.... As such, the relevance of hacking is something that not only considers an individual hacker but entire corporations, or national security apparatus....
10 Pages (2500 words) Research Paper

Managerial Applications of Technology (Ethical Hacking)2

This means that their actions can be ethical and still effective in that they secure an organization's IT… In securing their information systems, managers have to consider factors such as the sensitivity of the information (say like employees' private data), who the information is being revealed to (the hacker), the potential Managerial Applications of Technology (Ethical Hacking) As their goes, ethical hackers are hackers who comply with the expectations of an organization, thus cannot breach their operation codes (Hafelee, 2004)....
1 Pages (250 words) Assignment

Computer Hacking

The major focus of this argumentative paper “Computer hacking” is to analyze a number of controversies and risks associated with the existence of the Internet.... hellip; The author states that a number of ill-informed individuals have related the term of 'hacking' with the practices of cybercrime that has resulted in misunderstandings regarding the domain of hacking that plays a vital role in maximizing security in the computing field, and thus, this paper will involve efforts to argue over the importance of hacking....
14 Pages (3500 words) Dissertation

Securing Exploits and Vulnerabilities: Ethical Hacking

This essay will investigate security testing software that, if adopted, will benefit the organization's corporate information systems.... The subject of this analysis is the Metasploit security tool's penetration testing which includes password attacks, authentication bypass, and operating system security among others....
5 Pages (1250 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us