Ethical hacking and penetration testing for securing us form Hackers

Almost all the people around the world are fully equipped with technologies and software’s. But the how many are really using it wisely, we as the creators of all technologies are being governed by such a technology itself. The software’s are being discovered every day and each one provides a new facility and a hidden disadvantage in it. Many people don’t even have the basic knowledge of what they are doing and that’s the main reason for all cyber-crimes and security breaches. It has become responsibility of every citizen who is using a tech to keep their information safe and secure from others. Be aware of what we are doing in mobiles, laptops, PCs, etc.… since a small activity could lead to great crisis.


Introduction
In today's World, Technology plays a major a role. We are evolving and moving in tech everyday also with the help of these technologies we have crossed many milestones. But have you ever taught how far these technologies can go? What are the limitations to these technologies? and what is happening in background when we really use such a technology?
Certainly not, many people don't take care of this. It is much more important to be secure in every aspect we govern these technologies. And this following paper will help you to be safe in governing technologies.
Every technology which we are handling has a great advantage and unnoticeable disadvantage too. That is mainly used as loop holes by hackers and this leads to many crimes now a days.

Hacking
Getting access to server without the knowledge of the user. The server may be internet systems, personal computer, accessing main hub, etc... the person who is doing such an activity is termed as hacker. There are different types of Hackers around the world.

White hat hackers:
The person who can get access the systems and find the loop holes and mistakes in that particular systems, and make a report to the respective organization in order to rectify the errors in the system are named as White Hat Hacker. They can also be termed as Ethical Hackers.

Black hat hackers:
These are the persons who get access into the systems without knowing the organization or the user for stealing sensitive information such as account

Grey hat hackers:
These people will be on both sides, they will be accessing the systems for stealing information's and at the same time they report to the organization for rewards. They are named as Grey Hat hackers.

Script kiddies:
They are just normal persons but they tend use the scripts and codes which are already designed by the professional hackers. In general, they don't have the knowledge of hacking.

Be an Ethical Hacker
In order to get rid of the cyber-crimes and to make our self-safe from these crimes, we should know the some basic about the technology or software what we are using. It is not necessary to be a hacker to stop these activities. We should aware of what we are doing in our systems. If we want to be hacker, we should be an Ethical Hacker.
Ethical hacker always get access into the systems by getting permission from the user or organization. And found the loop holes in the systems and help the organization to resolve it.

Importance of Ethical Hacking
In the beginning of internet crimes such as terrorists seeks the help of hackers for breaching security systems, stealing sensitive information like nuclear launch codes or to extract huge amount of money form famous personalities by introducing a malware or spyware into their systems. Now it becomes great demand for every organization to be more defensive against such cyber-crimes.
Every day new types of viruses, malwares are being developed which raises the demand for Ethical Hackers to be more secure and safe from the cyber criminals and to safeguard our privacy information.

Information characteristics
Information is much more important in today's world. Information reveals all privacy, security, and personal identity of an organization or an individual personality. Information is wealth. Some characteristics makes information more valuable. Such as

Confidential
It means that the information can be accessed only by authorized person. The main aim of confidentiality is to safe the sensitive information from cyber criminals. The privacy is usually maintained by Confidentiality. Example: Encryption.

Availability
The information which we are requesting should be available only for us. This provides us guarantee for accessing the information which we are seeking. We

Integrity
This helps us to maintain the accuracy of information when it is transmitted, stored and processed. This acts as a basic firewall between you and unauthorized person. Examples: Rsa signature, hash codes, etc.

Authentication
It is used for the verification of data, whether it is genuine or not. This feature allows only the authorized person could access the data for what he/she looks for.
Example: Asking for login credentials for particular websites.

Reconnaissance
It is the first stage in hacking. It is also known as information gathering or foot printing. It is surprise to see that google chrome itself is vulnerable to foot printing. This is the stage where we used to collect all the details about the target system. The three groups of collecting information is Network, Host and People who is involved.

Types of foot printing
 Active: It involves direct interaction with the target system to collect the information. Example is using a Nmap tool.

Gaining access
It's a third stage of getting access from the target system. It can be done with the help of some tools or chronological methods. After getting access he should raise his position to administrator level so that he can modify the entire systems.

Access Maintaining
The person who involves in hacking the systems either for testing or for stealing will have to be in a position to keep hold the access that he/she has authorized. It can be done with some types of software's and trojans. The ultimate aim is to maintain the access until the job is done.

Track clearing
All person those who are involving in crimes will always don't want to caught up. A clever cyber attacker will always clear all the traces that leads the way to trace him.
Examples: modifying the activity logs, deleting the folders that he created.

Penetration testing
It is testing that looks for security loop holes to exploit. An advance penetration testing will look for all the loop holes and major issues in the systems. It may be security issue such as vulnerable to steal sensitive information. It is done usually a time dependent process and we cannot perform all the tests that we are thinking. Even if we have done all the tests for a particular software, it is said that the system is still not fully secured. It may be vulnerable to some more attacks. The best practice in penetration testing is that to set a time limit and set a priority to important tests.

Types in penetration testing
 Black box -The person who is penetrating will not be aware of any details that what they are penetrating in.
 Grey box -In this the tester will be provided with the minimal knowledge about the systems  White box -The tester will be provided with all the knowledge of the systems to be tested.

Skills to be Ethical Hacker
Hacking into a system is like playing a game in a hard mode. The one who wish to Hack in an Ethical manner should be expert in coding and requires lot of An ethical hacker must be an expert in computer and needs lot of patience and determination to try again and again.
Also, to be an Ethical Hacker the person must clear Certified Ethical Hacker (CEH) Exam.

Strong passwords
Using different password combination and different username for various accounts such as Facebook, Instagram and various other websites will be protective. Ensure the password is tough to crack with combination of letters, numbers and special characters.

Firewall Activation
In cyber world, the frontline defense is firewall, they restrict the unrecognized connection between you and a cyber-criminal.

Antivirus software
This software helps us to check any unnoticed or hidden viruses, spyware or malware being introduced to our systems without our knowledge and helps to remove such malwares also.

Securing mobile devices
Our mobile devices which we are using is vulnerable to viruses and malware attacks. We should download each application form trustworthy sources.

Blocking spyware attacks
As said earlier we can block the spyware entering into our systems rather cleaning it after being intruded into us. Keep update antivirus software in order to achieve such protection.

Have latest version of operating system
We should always be in update with developing technologies and we should update our operating systems associated with their organizations to prevent form cyber-attacks.

Protect our information
We can separate protective methods such as turning on encryption for particular important files to be more protective from vulnerable attacks.

Be social media savvy
We should be in a position to set our profiles in private and we should be aware of the settings and privacy policy of each application that we are using in mobiles, PCs, etc. And be careful when you post something on your social media profile.

Conclusion
As the Technologies develops the drawbacks also develops along with the advantages. In today's world even medical technology has many disadvantages. We will be monitored every time even by google. As said Earlier we should be aware of things what we are doing in software's. And we should not allow the