Phase 1 | Reconnaissance
Information Gathering and getting to know the target systems is the first process in ethical hacking. Reconnaissance is a set of processes and techniques (Footprinting, Scanning & Enumeration) used to covertly discover and collect information about a target system.
During reconnaissance, an ethical hacker attempts to gather as much information about a target system as possible, following listed below
- Gather initial information
- Determine the network range
- Identify active machines
- Discover open ports and access points
- Fingerprint the operating system
- Uncover services on ports
Reconnaissance takes place in two parts − Active Reconnaissance and Passive Reconnaissance.
In this process, you will directly interact with the computer system to gain information. This information can be relevant and accurate. But there is a risk of getting detected if you are planning active reconnaissance without permission. He can file a case against you.
In this process, you will not be directly connected to a computer system. This process is used to gather essential information without ever interacting with the target systems.
Phase 2 | Scanning
The phase of scanning requires the application of technical tools to gather further information on your target, but in this case, the info being sought is more commonly about the systems that they have in place. A good example would be the use of a vulnerability scanner on a target network.
Phase 3 | Gaining Access
The Phase of gaining Access is where real hacking takes place. By using the information gathered by the phase 1 & 2 , Hacker built a plan or strategy attack to Gain Access to the target. The attack based on the vulnerabilities which were identified during phase 1 & 2.
Phase 4 | Maintaining Access
Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Once the hacker owns the system, they can use it as a base to launch additional attacks.
Maintaining access requires taking the steps involved in being able to be persistently within the target environment in order to gather as much data as possible. The attacker must remain stealthy in this phase, so as to not get caught while using the host environment.
Phase 5 | Covering Tracks
The final phase of covering tracks simply means that the attacker must take the steps necessary to remove all his presence of detection. Any changes that were made, authorizations that were escalated etc. all must return to a state of non-recognition by the host network’s administrators. In such a way that the host should not know that the attack was happened.
- Do not post information on social media that can be related to challenge questions
- Use passwords that cannot be broken by brute force or guessing.
- Consider 2 factor authentication when possible.
- Verify source of contact.
- Try to retype the link instead of directly clicking on it . This protect from Phishing page which looks exactly Original.
- Before clicking a link, check the URL properly it.
- Always scan a file and never click on batch files.
- Be sure to have a anti-virus installed and set root passwords for installation.
- Log out of sessions and clean the cache.