Footprinting is about information gathering and is both passive and active. Reviewing the company’s website is an example of passive footprinting, whereas calling the help desk and attempting to social engineering them out of privileged information is an example of active information gathering. Scanning entails pinging machines, determining network ranges and port scanning individual systems. The EC-Council divides...

One well-known open sourced methodology is the OSSTMM. The OSSTMM divides security assessment into six key points known as sections. They are as follows: Physical Security Internet Security Information Security Wireless Security Communications Security Social Engineering The OSSTMM gives metrics and guidelines as to how many man-hours a particular assessment will require. Anyone serious about learning more about security...

Attackers follow a fixed methodology. To beat a hacker, you have to think like one, so it’s important to understand the methodology. The steps a hacker follows can be broadly divided into six phases, which include pre-attack and attack phases: Performing Reconnaissance Reconnaissance is consideredthe first pre-attack phase and is a systematic attempt to locate, gather, identify, and record information about the...

If we want to detect intrusions, we should understand the actions needed to compromise a target. The five phases described in this section—reconnaissance, exploitation, reinforcement, consolidation, and pillage are not the only way for an intruder to take advantage of a victim. Reconnaissance Reconnaissance is the processes of validating connectivity, enumerating services, and checking for vulnerable applications....

Berikut ini 8 aturan yang harus di ketahui dalam mengamankan sistem / jaringan komputer 1. Rule of Least Privilege 2. Rule of Change Management 3. Rule of Trust 4. Rule of the Weakest Link 5. Rule of Separation 6. Rule of the Three-Fold Process 7. Rule of Preventative Action 8. Rule of Immediate and Proper Response Semoga bermanfaat.