Skip to main content

Ten Important Rules Of Ethical Hacking

The world of ethical hacking too is bound by a set of rules and principles, here are 10 crucial ones! 

Time and again we have been bringing you valuable resources on ethical hacking since we know and understand the nature of things as far as security goes. Ethical hacking is picking up steam each day with more and more organisations spending heftily to maintain the sanctity of their systems and data. As such, ethical hacking is a glorious career option in the current scheme of things.



1.Set your goals straight

To begin with, an ethical hacker must start thinking like the intruder. He must be able to identify the loopholes on the target access points or networks that are prone to attack, he must be aware of the repercussions of these loopholes and how the intruder can use it against the same. An ethical hacker then has to find out if anyone at the target notice the intruder's attempts to carry out his/her acts. Finding out and eliminating unauthorised wireless access points is always the top most priority of an ethical hacker.

2.Plan your testing process

You can never be sure when something or the other comes along that could make you take a backseat. Money, personnel, or time is not in your hands, therefore constraints might knock on your door anytime without prior notice. As such, to avoid any untoward incidence, you must identify the networks you intend to test and decide before hand the time period for this process. Once the basics are set right you must specify a testing process that you'll carry out. Planning is crucial and sharing it with all the concerned personnel advisable. An approval of the testing process by all stakeholders involved is also necessary. 

3.Ask for permission

Getting permission for your deeds is a must to avoid any legal repercussions that might turn up against you in the future. This permission must be in written and must clearly state that you hold the authorised rights to carry out the particular test you intend for and that the said organisation will back you at all times in case any criminal charges come up against you. 

4.Work ethically, work professionally

Refrain from stepping out of the said plan, stick to the set goals and plan. Also, refrain from sharing any information regarding your plan and testing to anyone outside your set domain. As an ethical hacker you're bound to confidentiality and non-disclosure of events that unfold during your hacking process to anyone other than the organisation and concerned authority. 

5.Always keep records

Spending countless hours within the confines of a lowly-lit room with a computer and a piping pot of coffee doesn't mean you start to loose it with time. Always maintain formal records of what you do and what you test and what results you get. Notes can be either in paper or electronic, in all cases they must be well maintained.

6.Respect the privacy of others

You're bound to gain access to private information (encryption keys for instance) while on your quest, however, how you use this information is key to being a good ethical hacker and a good human being most importantly. Getting first hand information about others' private lives doesn't give you access to intrude. There's a thin line here that must not be crossed, with great power comes great responsibility, remember?

7.Respect others' rights

It's only human to be proud of your achievements. Once you get through a locked window, chances are you'd want to pry further. However, you must understand that your deeds must not cause harm to the rights of others. Also, use tools of the trade wisely. The same tool you use for an attack might in turn have long lasting implications, a denial of service for instance.


8.Use a scientific process

Follow a scientific/empirical approach while hacking. To begin with set a goal that is quantifiable, meaning you know when you've reached it rather than going around in circles. Your test must be consistent to your findings. If the same test brings out two different results when done twice in the same case scenarios, there's something terribly wrong about how you're going about it. 


9.Pick one tool and stick with it

The internet is rife with countless good tools to carry out your process, both free and commercial tools are available. However, rather than being overwhelmed by the sheer quantity, it's ideal you pick up one tool and stick with it.

10.Provide timely progress updates

Many a times the time duration of your test might extend beyond the set interval (over a week for instance). In all such cases, you must provide your organisation with progress updates from time to time rather than waiting for the process to reach a completion. 

Comments

  1. This ethical hacking tutorial is really important for software engineers. Thanks for posting.

    ReplyDelete
  2. This ethical hacking tutorial is really important for software engineers. Thanks for posting.

    ReplyDelete
  3. Mobile Phone Security Apps Assac Networks’ mobile phone/smartphone security app provides 360° protection against tapping and data theft from your mobile phone.

    ReplyDelete
  4. I must say life saving rules foe all hackers. a ton of information i gathered from this blog. CEH Training in India is a qualification obtained by assessing the security of computer. Good work.

    ReplyDelete

Post a Comment

Popular posts from this blog

Here Are 7 Brilliant Cheat Sheets For Linux/Unix

There's nothing better than a cheatsheet when you are stuck and need a reference. So here bringing to you 7 brilliant free cheat sheets. 




1. Unix Tool Box: An incredibly exhaustive reference for all things Linux. This document is a collection of Unix/Linux/BSD commands and tasks which are useful for IT work or for advanced users.

2. One page Linux Manual: Great one page reference to the most popular Linux commands, it is a summary of useful Linux commands.

3. Linux Reference Card: One great reference published by FOSSwire.

4. Linux Command Line Cheat Sheet: This is an interestingly sorted and helpful cheat sheet by cheatography.

5. Linux Command Line Tips: This is a linux command line reference for common operations. Cleanly sorted and well described.

6. Treebeard’s Unix Cheat Sheet: A great reference that shows command comparisons with that of DOS. So if you are someone who was a DOS user and has switched to Linux, this is the best one too have!

7. Linux Shortcuts and Commands:…

WhatsApp is illegal, will soon banned in India : Government

WhatsApp could have accidentally entered into troubled waters here in India by enabling its end-to-end encryption for all. The new security feature by WhatsApp is not what is required by the Indian telecom rules and WhatsApp could face a ban, if the rules are not adhered to. But not yet.
In India, companies need to follow the country’s rules and adhere to specific types of encryption, which WhatsApp does not currently use. WhatsApp’s end-to-end encryption on its chat service means that WhatsApp or anyone else won’t be able to crack open its contents.  Only the sender and the recipient are able to read the encrypted data. WhatsApp uses a 256-bit key for encryption of all chat messages, which is only known to the sender and the recipient.
Why is it not possible for WhatsApp to help decrypt users’ messages? "No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us," WhatsApp founders Jan Koum and Brian Acton wrote on their blog. How…

3 Mega Acquisitions in last week affects the Internet Space of India

Qihoo 360 buys Opera in $1.2 Billion Opera Software intends to accept a $1.2 billion acquisition offer from a group of Chinese companies. The Chinese consortium includes Internet security company Qihoo 360, Internet firm Beijing Kunlun (which invested roughly$93 millioninto Grindr earlier in the year) and investment group Golden Brick and Yonglian. According to Opera, the $1.2 billion is a 56 percent premium over Opera's share price during the last 30 trading days. Despiteclaiming350 million users, the company's browser has struggled in the oversaturated Western market. China could be a profitable arena for Opera, in part because Google's Chrome browserdoes not come preinstalled on Android phones in China like it does elsewhere. In addition, doing business in China without local partners is nigh impossible, but Opera could leverage the networks of Kunlun and Qihoo 360 if the deal goes through.


Snapdeal Buys Freecharge in $400Million e-commerce marketplace Snapdeal has acquired …