Sunday, February 2, 2020

Blog 2

This week was about an introduction to penetration testing.

Penetration Processes and Types
  • Ethical hacking is exploiting vulnerabilities in a system so that weaknesses can be found and remedied.
  • There is a red team and a blue team. The red tries to break into a system and the blue team tries to keep them out. 
  • There are five phases in ethical hacking.
    •  First is reconnaissance, which includes gathering information about the network or system to be hacked. This can include finding passwords, social engineering, and publicly accessible information.
    • Next is scanning/enumeration. This is using tools to gain information about open ports, computer systems, etc. Extracting information like usernames, computers systems. etc., is called enumeration.
    • Gaining access is when the hacker exploits the vulnerabilities to gain access to the system. 
    • Maintaining access is when the hacker installs a backdoor in the system to achieve permanent access. 
    • Clearing your tracks is when the hacker overwrites log files to hide that they were there.
  • The last stage in penetration testing is not clearing your tracks, it is reporting. You must report your findings.  
  • There are three types of penetration testing.
    • A black box test is when the ethical hacker has no information about the target or the network. This is great for completely outside attacks with no inside information. 
    • A white box test is when the ethical hacker is given all information for the systems, network, and infrastructure. 
    • A gray box test is when the ethical hacker is given partial information about networks and systems. 
Threat Actors

  • A white hat hacker is an ethical hacker. They help companies find vulnerabilities and fix them.
  • A black hat hacker gains access for malicious, illegal purposes.
  • A gray hat hacker usually has good intentions but may cross ethical lines.
  • A suicide hacker is only concerned with taking down their target for a cause. They don't care if they get caught or go to jail.
  • A cyber terrorist is motivated by religious or political beliefs and only wants to create disruption or fear.
  • A state sponsored hacker is employed by a government to hack other governments.
  • A hacktivist gains access to protest other companies or campaigns.
  • A script kiddie uses other's programs to hack computers as they have limited knowledge themselves on how to do it. 
The Article
  • This was about Nation-State actors that breached two US municipalities. They used a vulnerability in Microsoft Sharepoint servers. It doesn't really say if the hackers were caught. 
  •  https://www.zdnet.com/article/fbi-nation-state-actors-have-breached-two-us-municipalities/
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)