Ethical Hacking Research Paper Example | Topics and Well Written Essays - 1250 words

Ethical Hacking - Research Paper Example Blackhat crackers gain access to a computer system with malicious attacks. They destroy files or steal the sensitive information and disclose it to other hackers or to the public without the victim ever knowing it. Dumpster Diving is a tool used by black hat hackers/crackers in which they gain access to the trash and recycle bins to get files that the users have deleted from their system. Then they use these files to gain access to their network. â€Å"Dumpster diving is looking for treasure in someone else's trash†. The main targets are the usernames and passwords. Large corporations throw away in real dumpsters as well as computers’ recycle bins sticky notes with invoices, emails, phone numbers, passwords and other sensitive information, and no one expects anyone to peep into this trash. Dumpster divers consider this trash as their real treasure. Dumpster diving has been in use since the advent of computers and works on all sophisticated operating systems. The key is never to throw in trash important information like social security numbers into trash bins. Emptying recycle bins regularly is also very necessary. Network security threats include malware, anti-DNS pinning, banner grabbing, blackjacking, hacking, land attack, blue boxing, domain hijacking, identity theft, fraud, backdoor, DoS attacks, data flood, malicious code, document grinding, and enumeration. NTI was involved in a case where an individual assumed the identity of a past employee that had been discharged by a business.... Dumpster diving has been in use since the advent of computers and works on all sophisticated operating systems. The key is never to throw in trash important information like social security numbers into trash bins. Emptying recycle bins regularly is also very necessary. 3. Networks Network security threats include malware, anti-DNS pinning, banner grabbing, backjacking, hacking, land attack, blue boxing, domain hijacking, identity theft, fraud, backdoor, DoS (Denial of Service) attacks, data flood, malicious code, document grinding, and enumeration. Anderson (2008), who works with NTI (New Technologies, Inc.) writes about an identity theft case: NTI was involved in a case where an individual assumed the identity of a past employee that had been discharged by a business. That identity was used, over the Internet, to terrorize a female Human Resources Manager who had fired the individual. After several weeks of investigation we discovered that the communications were fabricated by a pe er worker within the corporation. In a network, those computers must be physically secured that hold sensitive information and network passwords on them. These may be kept in a separate room that is physically secured away from public. All sensitive servers and networks should be secured from the enemy by means of firewalls, code encryption and decryption (cryptography) and intrusion detection system because if the server has been physically accessed, then it is very easy to reboot it and gain access to its hard drives. Without an access control system, the information will be totally naked to everybody. Access control ranges from locking the door to locking the whole network from unauthorized or unauthenticated access. Firewalls should be