Techniques and tools required for ethical hacking

Ethical hacker needs to understand how to find the network range and subnet mask of the target system. IP addresses are used to locate, scan and connect the target systems. Ethical hacker also should find out the geographical location of target system. This can be done by tracing the messages that are sent to destination and the tools used are traceroute, Visual route and NeoTrace to identify the route the target (Kimberly Graves, 2007). Ethical hacking should use right tools or else task accomplishment of task effectively is difficult. Many security assessment tools will produce false positive and negative or may they even miss susceptibility to attacks. In case of tests in case of physical security assessments they miss weakness. In order for ethical hacking specific tools have to be used for the task chosen. The easier the ethical hacking will become if many tools are used. The right tool must be used at right place. The characteristics in tools for ethical hacking is it should have sufficient document, detailed reports should be there on the discovered attacks regarding their fixing and explosion, Updates and support. The general tools used for ethical hacking in case to find passwords are cracking tools such as LC4, John the Ripper and pwdump (Bragg, Mark Phodes Ousley and Keith Strassberg, 2004). The general tools like port scanner like SuperScan cannot be used to crack passwords. The Web-assessment tools such as Whisker or WebInspect tools are used for analysis of Web applications in depth. Whereas network analyzer tools such as ethereal cannot give good results. While using the tools for any particular task it is better to get feedback from the simple Google searches such as SecurityFocus.com, SearchSecurity.com and Itsecurity.com will give nice feedback from the other security experts which makes ethical hacking easy and to select the right tool. Some of the commercial, freeware and open source security tools are Nmap (Network Mapper), Etherpeek, SuperScan, QualysGuard, WebInspect and LC4, LANguard Network Security Scanner, Network Stumbler and ToneLoc. The capabilities of many security and hacking tools are often misunderstood, such as SATAN (Security Administrator Tool for Analyzing Networks) and Nmap. The other popular tools used in ethical hacking are Internet scanner, Ethreal, Nessus, Nikto, Kismet and THC-Scan (Kevin Beaver, 2007). Cain and able is a ethical tool used for recovery of windows UNIX problems. This is only password recovery tool handles an enormous variety of tasks. It can recover the password by sniffing the network, cracking the encrypted passwords using Dictionary and Cryptanalysis, recording VoIP conversations, decoding scrambled passwords, revealing the password boxes, uncovering cached passwords and analyzing routing protocols. Ethereal is a fantastic open source tool used as network protocol for UNIX and Windows. It allows examining the data which is present in disk or file and can capture the data. This is also known as Wire shark. It has many powerful features which have very rich display filter language and ability to view the TCP session. Another cracking tool Aircrack is the fastest available cracking tool (John Hyuk Park, Hsiao-Hwa Chen and Mohammed Atiquzzaman, 2009). Thus proper tools and techniques has to be used for better hacking and it will be easier by using more and more tools required.