Ethical hacking pdf

With the growth of the Internet, computer security
has become a major concern for businesses and gov-
ernments. They want to be able to take advantage
of the Internet for electronic commerce, advertis-
ing, information distribution and access, and other
pursuits, but they are worried about the possibility
of being “hacked.” At the same time, the potential
customers of these services are worried about main-
taining control of personal information that varies
from credit card numbers to social security numbers
and home addresses.
2

In their search for a way to approach the problem,
organizations came to realize that one of the best
ways to evaluate the intruder threat to their inter-
ests would be to have independent computer secu-
rity professionals attempt to break into their com-
puter systems. This scheme is similar to having
independent auditors come into an organization to
verify its bookkeeping records. In the case of com-
puter security, these “tiger teams” or “ethical hack-
ers”
3
would employ the same tools and techniques
as the intruders, but they would neither damage the
target systems nor steal information. Instead, they
would evaluate the target systems’ security and re-
port back to the owners with the vulnerabilities they
found and instructions for how to remedy them.