concept of hacking


 • Hacker is a computer person who is very curious and wants to learn as much as possible 
about computer systems.  
• Hacking was developing and improving software to increase the performance of 
computing systems. 
• Hacking has a lot of meanings depending upon the person’s knowledge and his work 
intentions. Hacking is an Art as well as a Skill. It is the knowledge by which one gets to 
achieve his goals, anyhow, using his skills and power. 




Ethical Hacking 
 • Ethical Hacking is testing the resources for a good cause and for the betterm
• Technically Ethical Hacking means penetration testing which is focused on S
Protecting IT Systems. 
Types of Hackers 
 • White Hat Hacker 
• Black Hat Hacker 
• Grey Hat Hacker 
White Hat Hacker 
 • A White Hat Hacker is computer guy who perform Ethical Hacking. 
These are usually security professionals with knowledge of hacking and 
the hacker toolset and who use this knowledge to locate security 
weaknesses and implement countermeasures in the resources. 
• They are also known as an Ethical Hacker or a Penetration Tester. They 
focus on Securing and Protecting IT Systems. 



Black Hat Hacker 

• A Black Hat Hacker is computer guy who performs 
Unethical Hacking. These are the Criminal hackers or 
Crackers who use their skills and knowledge for illegal or 
malicious purposes. They break into or otherwise violate the 
system integrity of remote machines, with malicious intent
• These are also known as an Unethical Hacker or a Security 
Cracker. They focus on Security Cracking and Data stealing.


Grey Hat Hacker 
 • A Grey Hat Hacker is a Computer guy who sometimes acts legally, sometimes in good 
will, and sometimes not. They usually do not hack for personal gain or have malicious 
intentions, but may or may not occasionally commit crimes during the course of their 
technological exploits. 
• They are hybrid between White Hat and Black Hat Hackers.

Classification of Hackers
• Coders 
• Admin 
• Script Kiddies 
 • Coders are the programmers who have the ability to find the 
unique vulnerability in existing software and to create working 
exploit codes. 
• These are the individuals with a deep understanding of the OSI 
Layer Model and TCP/IP Stacks.

 • Admin the computer guys who have experience with several operating systems, and 
know how to exploit several existing vulnerabilities.
• A majority of Security Consultants fall in this group and work as a part of Security Team.
Script Kiddies 

• Script Kiddies are the bunnies who use script and programs 
developed by others to attack computer systems and Networks.
• They get the least respect but are most annoying and dangerous 
and can cause big problems without actually knowing what they
are doing. 


Steps Performed by a Hacker 
 1. Performing Reconnaissance 
2. Scanning and enumeration 
3. Gaining access 
4. Maintaining access and Placing backdoors 
5. Covering tracks or Clearing Logs 




Phase I: Reconnaissance 
 • Reconnaissance can be described as the pre-attack phase and is a systematic attempt to 
locate, gather, identify, and record information about the target. The hacker seeks to find 
out as much information as possible about the target. 
Phase II: Scanning and Enumeration 
 • Scanning and enumeration is considered the second pre-attack phase. This phase 
involves taking the information discovered during reconnaissance and using it to examine 
the network. 
• Scanning involves steps such as intelligent system port scanning which is used to 
determine open ports and vulnerable services. In this stage the attacker can use different 
automated tools to discover system vulnerabilities. 
Phase III: Gaining Access 
 • This is the phase where the real hacking takes place. Vulnerabilities discovered during the 
reconnaissance and scanning phase are now exploited to gain access. The method of connection the hacker uses for an exploit can be a local area network, local access to a 
PC, the Internet, or offline. Gaining access is known in the hacker world as owning the 
• During a real security breach it would be this stage where the hacker can utilize simple 
techniques to cause irreparable damage to the target system.  
Phase IV: Maintaining Access and Placing Backdoors 
 • Once a hacker has gained access, they want to keep that access for future exploitation 
and attacks. Sometimes, hackers harden the system from other hackers or security 
personnel by securing their exclusive access with backdoors, rootkits, and Trojans.  
• The attacker can use automated scripts and automated tools for hiding attack evidence 
and also to create backdoors for further attack. 
Phase V: Clearing Tracks 
 • In this phase, once hackers have been able to gain and maintain access, they cover their 
tracks to avoid detection by security personnel, to continue to use the owned system, to 
remove evidence of hacking, or to avoid legal action.  
• At present, many successful security breaches are made but never detected. This includes 
cases where firewalls and vigilant log checking were in place.


Proxy Servers 
 • A proxy server is a server that acts as an intermediary between a workstation user and the 
Internet so that the enterprise can ensure security, administrative control, and caching 
• Hackers generally use the Proxy server on the Internet to make their Identity invisible to 
the target. 



Web Proxies 
 • A Proxy site is a web page which allows you to browse your favorite web sites -- even 
though your access to those web sites might be blocked by a content filter. 
• If you find that you are blocked from your favorite websites, use one of these web proxy 
sites to get around the block. 
How Proxy Sites Work 
 Proxy sites enable you to bypass your own Internet provider and browse through the proxy web 
site. All that you have to do is type the web site address you would like to visit in the form they 
provide, and start browsing. Once you keep browsing using that form, you are protected and 
your real IP address is not being logged. 

Given below is a list of Web Proxies: 
Anonymous Proxies 

• An anonymous proxy is a piece of software designed to protect the privacy and 
anonymity of web browsers from web site operators, Internet snoops, and even 
unfriendly governments.

• The anonymous proxy software resides on a proxy server. The web browser connects to 
the proxy server and the proxy server connects to the web server. 
• The web server does not know who you are, it only knows who the proxy server is. The 
proxy server does know who you are -- so you had better choose a proxy server that you 
In addition to hiding your IP address, an anonymous proxy server will typically remove 
traffic such as:
• Cookies 
• Pop-ups 
• Banners 
• Scripts 
• Referrer information  
Some of the Anonymous Proxy Servers are: 
 • Ultrasurf 
• Freegate