Hello all, I’m writing this post with no background research. I am simply jumping off into this because I’ve been planning to write about this since long time but my heavy schedule has never permitted me to do it. So, being a hacker, I come across lot of people and friends who are interested to know what this hacking stuff is all about. Many times it turns out that whatever I explain to them is a total bouncer. They don’t really seem to understand the terms and jargon. Its even that I feel I’m terrible at explaining stuff. Here in this post I’ll try to magnify over answers to the questions that people generally ask about hacking. This post is meant for a complete layman in non-technical background and I’ll try to keep things as simple as possible just for the purpose of understanding.
So, what is exactly Hacking?
Probably you’ve heard of this term as analogous to robbery or taking over controls of something. That’s not wrong at all. According to me, Hacking –u can say- is:
Breaking into or gaining access to computers, networks, systems or accounts which allows the hacker to perform something he’s not supposed to do, or gain access to sensitive information he’s not supposed to have.
One more important thing, hacking is NOT magic. Actual hacking is much more complicated, it needs research about your target and exactly your purpose behind hacking. If you think you can just write some C++, Java program, run some software and can hack anybody’s facebook or email account within minutes, I’m afraid you’re terribly wrong.
This was all in a nutshell.
Isn’t this illegal to do so?
Yes, it is illegal to break into someone’s computer, web server or steal their passwords. There are two sides of the coin. There is malicious hacking, where a person illegally gains access to somebody’s PC, bank accounts, transfers money, steals passwords and does anything else which can land him in jail. On the other hand, there is something called as, Ethical hacking. Ethical hacking follows the same techniques and attacks as malicious hacking does, what makes the difference is the intent of doing it. Ethical hacking is hacking for gaining knowledge. Learning ethical hacking allows you to get into the shoes of hackers and perform hacking, but in such a way that it does not break the law. Ethical hacking is performed in lab environment or your own computers. Here you have permission from the owner whose systems or computers you are trying to hack. So, ethical hacking all about gaining knowledge and skills on hacking, and utilizing it for good purposes, like, improving security of an organization.
Can hackers be called as criminals?
No, no. This is a big misunderstanding in public, courtesy to media and movies. Hackers are not at all, like the way they’re depicted in movies. Hackers are actually good people, who are curious about working of technology. They enjoy exploring into software and hardware to understand the nitty gritty details of security and operation, and see if they could fix it or a better alternative could be employed. This leads us to the discussion of types of hackers.
There are broadly three types of hackers.
1. Black hat hackers – Black hat hackers or crackers are the actual criminal guys you see in movies. They do malicious hacking for fun, profit, challenge or whatever. They try to break into web servers, computers in what we call illegal way. They generally misuse the sensitive information obtained from hacks. Sometime in their life, they may get arrested for doing wrong things and tried in court.
2. White hat hackers – These are the good guys. They’re ethical hackers. They perform hacking with permission from owner. This ethical hacking is performed to test the security of computer networks. Ethical hackers need to be updated with latest threats and security flaws that hit the web. Ethical Hacker is actually a job role in IT sector. Ethical hackers are paid to carry out penetration testing and vulnerability assessment on computer networks and servers. They need to be aware of latest technologies emerging out as crackers may quickly employ them to target their organization. With the knowledge of methodology and principles used by crackers, these people can improve the security and mitigate the risk of hacking and stealing of sensitive data.
3. Gray hat hackers – This is a fine line between white hat and black hat. Gray hat hackers have something from both the worlds. They maybe sharply skilled black hats who may help a company to analyze and mitigate security threats or they may help a government agency to track down a criminal black hat. Also gray hat may include some good white hat fellows who may have taken wrong path sometime and did some sort of malicious hacking he was not supposed to do.
What is the difference between legal hacking and illegal hacking?
The difference is all about the intent of doing it. If someone allows you to break into their computers sheer for you to gain knowledge and acquire skills, it is legal. If an organization hires you to perform penetration testing (it is basically finding security flaws and risks within an organization and fixing it), it is legal as well. If you happen to hack into web servers of some reputed e-commerce website and stole all their usernames, passwords and credit card numbers and start using it with bad intentions, it is illegal hacking. Hope you get my point.
What do I need to have to be a hacker?
One thing I’d like to clarify here. The way hacking is depicted in movies and media, is totally false. There is this hacker guy, who opens up his laptop, types in some strange looking commands, his screen shows some ‘connecting target’ dialogue box and poof! Within minutes, a damn government agency is under his control! :P
Hacking is never like that. Hacking is never that simple. There is no single software which can do all kinds of hacking automatically for you. You see, there are lot of different techniques, tools and methods used in hacking. It is a vast field and it is expanding every day. The tools and techniques vary depending upon your target and exactly what is your purpose of hacking. There are different methods of hacking a social network account, a web server, a company’s internal network, a website, hacking a windows password, linux, viruses, Trojans and this list goes on… There are numerous different tools and exploits available depending upon the platform or OS your target is running, as well as softwares running over it.
To start off in hacking, you need to be fluent in atleast a couple of programming languages. C, C++, Java, Python, Ruby and many of them are out there. I’d recommend at least you should be able to program in C and Python if not any other language. Also HTML and JavaScript is a must-know. Although its not mandatory, learning a server side scripting language like PHP is always beneficial. Then, you should have a good understanding of networking, OSI layers and TCP/IP. Without the knowledge of these, you won’t really have the fun of understanding what goes on inside during a hack.
Last but not the least, your interest, patience, and ability to deal with challenges is what matters the most. If you’re really not curious to know hacking, but just want to learn it to hack someone’s facebook account or impress your girlfriend, better back off right now otherwise you’ll end up rounding the circle or will get scammed. If hacking fascinates you and you’re really eager to learn these things with enthusiasm, the world of hacking is waiting for you! Second most important thing to have is patience. It takes lot of time to get to know your target from a hacker’s perspective, analyzing its software, its services, identifying its weaknesses, figuring out how the exploitation can be done, how to gain more and deeper access to the systems and covering your tracks.
How do I learn hacking?
The internet is indeed a rich source of information. You can learn almost anything on internet for free. Lots of hacking and security ebooks are available on the net. One google search might reveal them. There are many different hacking forums where hackers from different parts of world interact. You should definitely join few of them and keep visiting and posting on them often. Many hard copy books are written on hacking and security. You can purchase them from amazon or ebay if not from your local bookstore. The internet is full of resources, the more you dig in, the more you get. If, at any point, you get a question about how to learn hacking, you can always use google. Google is always there to help you out in any situation you come across. Also you can post on any hacking forums. Spend some time in learning different tools. That practice helps a lot when you come across real world scenarios. If you’re ready to take up hacking and security as your profession, there are certifications like Certified Ethical Hacker you can take up. One last thing, don’t expect everything to be spoon fed and don’t give up early.
Comments and suggestions are welcomed!
No comments:
Post a Comment