0 1 00:00:00,719 --> 00:00:03,120 Ethical Hackers, isn't that an oxymoron? 1 2 00:00:03,120 --> 00:00:05,579 So, we talked a little bit about all the 2 3 00:00:05,579 --> 00:00:07,109 different attackers and the hackers 3 4 00:00:07,109 --> 00:00:08,910 methodology at this point, so now we want 4 5 00:00:08,910 --> 00:00:10,620 to talk about the good guys, the ethical 5 6 00:00:10,620 --> 00:00:11,970 hackers for a moment. They do a lot of 6 7 00:00:11,970 --> 00:00:13,080 the same things, and in fact, sometimes 7 8 00:00:13,080 --> 00:00:15,360 they even use some of the same tools. So, 8 9 00:00:15,360 --> 00:00:16,590 when we look at their methodology, it's 9 10 00:00:16,590 --> 00:00:17,910 going to look very similar. The big 10 11 00:00:17,910 --> 00:00:19,109 difference is we have a step at the 11 12 00:00:19,109 --> 00:00:20,820 beginning and a step at the end for ethical 12 13 00:00:20,820 --> 00:00:22,439 hackers. So, ethical hackers follow a 13 14 00:00:22,439 --> 00:00:23,999 similar methodology, but there's a couple 14 15 00:00:23,999 --> 00:00:25,800 of key differences. One is they get 15 16 00:00:25,800 --> 00:00:27,929 permission, the second is everything they 16 17 00:00:27,929 --> 00:00:29,519 do is reversible. They're not trying to 17 18 00:00:29,519 --> 00:00:31,800 do harm to the network. The goal here is 18 19 00:00:31,800 --> 00:00:33,840 to look at the organization and identify 19 20 00:00:33,840 --> 00:00:35,490 the weaknesses, not to hurt the 20 21 00:00:35,490 --> 00:00:37,350 organization. So, when we look at the hacker's 21 22 00:00:37,350 --> 00:00:39,630 methodology, we had six steps. Now, when we 22 23 00:00:39,630 --> 00:00:41,490 put on the ethical hacker's methodology, 23 24 00:00:41,490 --> 00:00:42,810 we're going to add a step of the 24 25 00:00:42,810 --> 00:00:44,730 beginning and step at the end. The first 25 26 00:00:44,730 --> 00:00:46,440 step we're going to add is approval. 26 27 00:00:46,440 --> 00:00:48,090 We're going to get permission before we 27 28 00:00:48,090 --> 00:00:50,730 do anything. Now, the reason why this is 28 29 00:00:50,730 --> 00:00:52,560 really important, is again we've talked 29 30 00:00:52,560 --> 00:00:54,600 about it before, but hacking is illegal. 30 31 00:00:54,600 --> 00:00:56,880 You cannot hack anybody's networks. You 31 32 00:00:56,880 --> 00:00:58,140 have to have written permission from the 32 33 00:00:58,140 --> 00:00:59,430 network owner or own the network 33 34 00:00:59,430 --> 00:01:01,590 yourself. So, an ethical hacker will 34 35 00:01:01,590 --> 00:01:03,630 always have a written document, and we 35 36 00:01:03,630 --> 00:01:05,670 like to affectionately call this "the get 36 37 00:01:05,670 --> 00:01:07,409 out of jail free letter." Ethical hackers 37 38 00:01:07,409 --> 00:01:08,820 are employed, or contracted by the 38 39 00:01:08,820 --> 00:01:10,560 organization's they hack. They are 39 40 00:01:10,560 --> 00:01:12,510 brought in, and they are asked to hack 40 41 00:01:12,510 --> 00:01:14,159 those networks. You have to have that 41 42 00:01:14,159 --> 00:01:15,750 letter in writing to make sure you don't 42 43 00:01:15,750 --> 00:01:17,850 get in trouble. Remember, hacking is a 43 44 00:01:17,850 --> 00:01:19,560 felony in the United States, so you have to 44 45 00:01:19,560 --> 00:01:20,159 make sure you have that 45 46 00:01:20,159 --> 00:01:21,840 get-out-of-jail-free letter. And I can't 46 47 00:01:21,840 --> 00:01:24,180 stress this enough, always, always, always 47 48 00:01:24,180 --> 00:01:26,640 have it in writing. The writing should 48 49 00:01:26,640 --> 00:01:28,409 tell you exactly what it is you're 49 50 00:01:28,409 --> 00:01:29,790 allowed to hack, and what the scope is. 50 51 00:01:29,790 --> 00:01:31,260 For instance, if I'm going after 51 52 00:01:31,260 --> 00:01:33,390 Microsoft, maybe they only want me to go 52 53 00:01:33,390 --> 00:01:34,770 after their Hotmail service, they don't 53 54 00:01:34,770 --> 00:01:36,450 want me to go after everything, that would be 54 55 00:01:36,450 --> 00:01:38,280 in that get a jail free letter. Same 55 56 00:01:38,280 --> 00:01:39,659 thing with any organization you go after, 56 57 00:01:39,659 --> 00:01:41,520 you have to have a very clearly scoped 57 58 00:01:41,520 --> 00:01:43,530 so you know what is and what is not in 58 59 00:01:43,530 --> 00:01:45,690 bounds for the assessment. So, after we 59 60 00:01:45,690 --> 00:01:47,070 get permission, we go through the six 60 61 00:01:47,070 --> 00:01:48,180 standard steps of the hacker's 61 62 00:01:48,180 --> 00:01:50,700 methodology. So, the last step, and most 62 63 00:01:50,700 --> 00:01:53,010 important step, is reporting. Reporting is 63 64 00:01:53,010 --> 00:01:54,150 going to be that list of all the things 64 65 00:01:54,150 --> 00:01:55,770 that you found during your penetration 65 66 00:01:55,770 --> 00:01:57,479 testing. You're going to document things 66 67 00:01:57,479 --> 00:01:59,490 like how you got in, what the weaknesses 67 68 00:01:59,490 --> 00:02:01,110 were, and how you recommend that they fix 68 69 00:02:01,110 --> 00:02:02,880 them. One of the most important things 69 70 00:02:02,880 --> 00:02:04,680 you should do is provide a prioritized 70 71 00:02:04,680 --> 00:02:07,830 list. So, just because you found 15 or 20 71 72 00:02:07,830 --> 00:02:09,450 different ways of getting in, you need to 72 73 00:02:09,450 --> 00:02:10,649 tell them that this is the most 73 74 00:02:10,649 --> 00:02:12,690 important way, fix this first because 74 75 00:02:12,690 --> 00:02:14,560 this is a vulnerability I found 75 76 00:02:14,560 --> 00:02:16,180 200 of your machines, whereas the other 76 77 00:02:16,180 --> 00:02:17,380 one I might have only found it on one. 77 78 00:02:17,380 --> 00:02:18,790 Now, they're going to want to fix 78 79 00:02:18,790 --> 00:02:21,069 everything eventually, but it helps them 79 80 00:02:21,069 --> 00:02:22,360 when they're trying to figure out where 80 81 00:02:22,360 --> 00:02:23,680 should they spend their money quickest, 81 82 00:02:23,680 --> 00:02:25,390 and first, to get the most bang for their 82 83 00:02:25,390 --> 00:02:27,099 buck. And remember, your report should be 83 84 00:02:27,099 --> 00:02:29,650 clear, concise, and most importantly, be 84 85 00:02:29,650 --> 00:02:32,160 useful.