Just as in sports or warfare,
knowledge of the skills
and techniques of your opponent
is vital to your success.
Movies, the work that ethical hackers do demands a lot
of time and persistence. This is a critical trait, since
criminal hackers are known to be extremely patient
and willing to monitor systems for days or weeks
while waiting for an opportunity. A typical evaluation
may require several days of tedious work that
is difficult to automate. Some portions of the evaluations
must be done outside of normal working
hours to avoid interfering with production at “live”
targets or to simulate the timing of a real attack.
When they encounter a system with which they are
unfamiliar, ethical hackers will spend the time to
learn about the system and try to find its weaknesses.
Finally, keeping up with the ever-changing world of
computer and network security requires continuous
education and review.
One might observe that the skills we have described
could just as easily belong to a criminal hacker as
to an ethical hacker. Just as in sports or warfare,
knowledge of the skills and techniques of your opponent
is vital to your success. In the computer security
realm, the ethical hacker’s task is the harder
one. With traditional crime anyone can become a
shoplifter, graffiti artist, or a mugger. Their potential
targets are usually easy to identify and tend to
be localized. The local law enforcement agents must
know how the criminals ply their trade and how to
stop them. On the Internet anyone can download
criminal hacker tools and use them to attempt to
break into computers anywhere in the world. Ethical
hackers have to know the techniques of the criminal
hackers, how their activities might be detected,
and how to stop them.
No comments:
Post a Comment