Tentang sudut pandang, terkadang sebagian orang beradu mulut karena gara gara berbeda sudut pandang dan ada pula sebagian orang yang berubah kehidupannya menjadi lebih baik, lebih bersyukur, atau pun…
Ethical Hacking and Penetration Testing-COMP6210|Binus International
Someone who employed by companies to perform a penetration tests to their own system (with the owner’s permission).
legal attempt to break into a company’s network to find its weekest link. (Tester only reports findings and offers solutions to secure or protect the network)
Someone who access computer system or network without authorization. (breaks the law can go to prison)
Someone who breaks into the systems to steal or destroy the data (U.S. Department of Justice calls both hackers)
Young inexperienced hackers (copy codes and techniques from knowledgeable hackers)
Examples : Practical Extraction and Report Language (Perl), C, Python
Set of instructions that runs in sequence
Collection of Oss and hacking tools. To help penetration testers and security testers conduct vulnerabilities assessments and attacks.
Why do we need penetration testing ?
Because we need to make sure that our system is secure. We use the Penetration Testing to test the vulnerabilities of our system and find the solution and make our system more secure.
The Process
2. Performing the pen-test
3. Reporting and delivering results
Tester is told everything about the network topology and technology.
Tester is authorized to interview IT personnel and company employees
Makes tester job a little easier
Company staff does not know about the test
Tester is not given details about the network
Tests if security personnel are able to detect an attack
Hybrid of the white and black box models
Company gives tester partial information
Common Techniques
2. Open Source Monitoring
3. Network mapping and OS fingerprinting
To know what the version of Operation System.
4. Spoofing
For instance: A tries to attack B and C.
Normally B and C will know that A is attacking them.
By spoofing techniques A can attack B and C as other person. A can attack the B as C and the B will know that the one who attacked him is C not A.
In simple its about how you attack other people by using other people.
You attack other IPs in the world by using another IPs.
5. Network Sniffing
Is the real-time monitoring of data packets in network.
People who defends the system, monitoring and checking the security of the systems.
People who performs the pen-test and attacking the systems.
Guatemala is one of the countries in Central America affected by the coffee rust disease. In fact, the country declared coffee rust a national emergency in 2013. The coffee production was massively…