41⟩ Define footprinting in ethical hacking?
Footprinting refers accumulating and uncovering as much as information about the target network before gaining access into any network. The approach adopted by hackers before hacking.
Hacking
Home Basic Common Hacking
“Hacking is a criminal act, The terms hack and hacking are also used to refer to a modification of a program or device to give the user access to features that were otherwise unavailable, such as by circuit bending. It is from this usage that the term hacking is often used to refer to more nefarious criminal uses such as identity theft, credit card fraud or other actions categorized as computer crime. So get start preparation for a job interview related to the Hacking”
56 Hacking Questions And Answers
42⟩ What is Brute Force Hack?
Brute force hack is a technique for hacking password and get access to system and network resources, it takes much time, it needs a hacker to learn about JavaScripts. For this purpose, one can use tool name "Hydra".
43⟩ Define Phishing?
Phishing technique involves sending false e-mails, chats or website to impersonate real system with aim of stealing information from original website.
44⟩ Define Network Enumeration?
The hacker tries to identify the domain names and the network blocks of the target network.
45⟩ Define Open Source Footprinting?
It will look for the contact information of administrators that will be used in guessing the password in Social engineering.
46⟩ What are the common tools which are used by Ethical hackers?
★ Meta Sploit
★ Wire Shark
★ NMAP
★ John The Ripper
★ Maltego
47⟩ Define Scanning?
Once the network is known, the second step is to spy the active IP addresses on the network. For identifying active IP addresses (ICMP) Internet Control Message Protocol is an active IP addresses.
48⟩ What is MAC (Machine Access Control) address?
A MAC address is a unique serial number assigned to every network interface on every device. Mac address is like your physical mail box, only your postal carrier (network router) can identify it and you can change it by getting a new mailbox (network card) at any time and slapping your name (IP address) on it.
49⟩ What is a trojan/worm/virus?
Trojan: A program that when run by a user does an action that the
users did not expect, or the program was not designed to do.
Virus: A portion of code that attaches it self to other executable
files in the attempt to replicate and spread itself.
Worm: A stand alone program that acomplishes a task in the
background by replicating and moving though a computer
network.
50⟩ What is IP address?
To every device IP address is assigned, so that device can be located on the network. In other words IP address is like your postal address, where anyone who knows your postal address can send you a letter.
51⟩ What is Ethical Hacking?
Ethical Hacking is when a person is allowed to hacks the system with the permission of the product owner to find weakness in a system and later fix them.
52⟩ List the types of ethical hackers?
The types of ethical hackers are:
★ Grey Box hackers or Cyberwarrior
★ Black Box penetration Testers
★ White Box penetration Testers
★ Certified Ethical hacker
53⟩ What is Burp Suite?
Burp suite is an integrated platform used for attacking web applications. It consists of all the Burp tools required for attacking an application. Burp Suite tool has same approach for attacking web applications like framework for handling HTTP request, upstream proxies, alerting, logging and so on.
54⟩ What is CSRF (Cross Site Request Forgery)?
CSRF or Cross site request forgery is an attack from a malicious website that will send a request to a web application that a user is already authenticated against from a different website. To prevent CSRF you can append unpredictable challenge token to each request and associate them with user's session. It will ensure the developer that the request received is from a valid source.
55⟩ what are the tools Burp Suite consist of?
The tools that Burp Suite has:
★ Proxy
★ Spider
★ Scanner
★ Intruder
★ Repeater
★ Decoder
★ Comparer
★ Sequencer
56⟩ How to stop website getting hacked?
By adapting following method you can stop your website from getting hacked:
Sanitizing and Validating users parameters:
By Sanitizing and Validating user parameters before submitting them to the database can reduce the chances of being attacked by SQL injection.
Using Firewall:
Firewall can be used to drop traffic from suspicious IP address if attack is a simple DOS.
Encrypting the Cookies:
Cookie or Session poisoning can be prevented by encrypting the content of the cookies, associating cookies with the client IP address and timing out the cookies after some time.
Validating and Verifying user input:
This approach is ready to prevent form tempering by verifying and validating the user input before processing it.
Validating and Sanitizing headers:
This techniques is useful against cross site scripting or XSS, this technique includes validating and sanitizing headers, parameters passed via the URL, form parameters and hidden values to reduce XSS attacks.
