CIS 4688 Lecture Notes - Lecture 1: Linux Distribution, Information Security, Penetration Test

Systems and network are vulnerable to a variety of attacks. Denial of service and distributed denial of service. Network security: as more and more important information is stored in multiple places in systems and networks (the internet) The access to information is also increased for unauthorized users. Good people: information security professionals to use hacking to uncover vulnerabilities. Criminals: using malicious software and devices in criminal activities for financial gain. Ideologues: carrying out hacking activities to achieve ideological or political goals. Justification or motivation is based on the perception of victimless crime, the robin hood ideal, national pride/patriotism, some educational value of hacking or just curiosity! Common hacking methodology (not all steps have to be used in an attack) Reconnaissance: passively acquiring information about the intended system/network. Scanning: actively acquiring information about the intended system/network. Access extension: creating ways to support future access . Obfuscation: covering their tracks (meaning not alerting anyone to their activities )