CEHv9 Certified Ethical Hacking – White Hat vs. Black Hat – Why Ethical Hacking is important

Home > Blogs > Security > CEHv9 Certified Ethical Hacking – White Hat vs. Black Hat – Why Ethical Hacking is important

CEHv9 Certified Ethical Hacking – White Hat vs. Black Hat – Why Ethical Hacking is important

Like This Blog 0 Mike Danseglio
Added by March 16, 2016

 


Transcription

I’m Mike Danseglio, and I’m an instructor here at Interface Technical Training. One of the classes I teach here at Interface is Certified Ethical Hacking CEHv9. I Ethical hacking is a critical skill-set for anybody to have that’s in IT Security.

Ethical Hacking is all about learning how hackers attack systems, how they look for vulnerabilities, how they examine systems, how they check security, how they use IT techniques and tools that typical IT users would use but in a negative way, in a very bad way, to try to find compromises and vulnerabilities to destroy businesses, extort money, steal, loot, and to do all kinds of very negative, nasty things.

White Hat vs. Black Hat

There’s a differences in the skill-sets here between the IT Professionals that usually Defend systems (White Hat).

They typically understand these are good practices. It’s good to have a firewall in place. It’s good to have a malware scanner in place. It’s good to isolate networks.

That’s not a bad skill-set to have, but a different skill-set is what an Attacker brings to the equation.

The attacker, or (Black Hat), typically brings to the table more of a skill-set of, “I know what the defenders are usually going to do”. They’re usually going to have a firewall. They’re usually going to have malware scanners. What kind of ways can I work around the malware scanners? What different kind of exploits or vulnerabilities can I find in the firewall so that I don’t have to worry about those firewalls stopping my attack? How do I work, how do I get my nefarious negative job, with all of those defenses in place?”

Learning those techniques of the attacker, understanding the “other-side” of IT Security helps enormously to protect a network. Because when you think as an attacker, you think, “I’m setting up this firewall, and it’s this, and it’s that, and the other.” But I wonder how an attacker would look at the firewall. An attacker might use this tool, might use this technique, might probe this way.

While I should have defenses against that, let me find out by banging on the thing, by throwing scanners, Nmap throwing Metasploit at it and other different kinds of spectrum tools, both very focus and very broad at this defense and see, “Does it hold up?” Because this is what an Attacker is going to do.

Not, in theory, theoretically, yes, that firewall should protect against this but in practice, how many times do you try to hack your own firewall to see if you can? That’s what we learned in CEHv9 Certified Ethical Hacking, being able to actually test the defenses with real tools and real techniques that attackers use. That’s the difference between just learning how to protect, and learning how to check the protection, and find the vulnerabilities before an attacker finds them.

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

Videos You May Like

A Simple Introduction to Cisco CML2

0 3877 0

Mark Jacob, Cisco Instructor, presents an introduction to Cisco Modeling Labs 2.0 or CML2.0, an upgrade to Cisco’s VIRL Personal Edition. Mark demonstrates Terminal Emulator access to console, as well as console access from within the CML2.0 product. Hello, I’m Mark Jacob, a Cisco Instructor and Network Instructor at Interface Technical Training. I’ve been using … Continue reading A Simple Introduction to Cisco CML2

Creating Dynamic DNS in Network Environments

0 641 1

This content is from our CompTIA Network + Video Certification Training Course. Start training today! In this video, CompTIA Network + instructor Rick Trader teaches how to create Dynamic DNS zones in Network Environments. Video Transcription: Now that we’ve installed DNS, we’ve created our DNS zones, the next step is now, how do we produce those … Continue reading Creating Dynamic DNS in Network Environments

Cable Testers and How to Use them in Network Environments

0 724 1

This content is from our CompTIA Network + Video Certification Training Course. Start training today! In this video, CompTIA Network + instructor Rick Trader demonstrates how to use cable testers in network environments. Let’s look at some tools that we can use to test our different cables in our environment. Cable Testers Properly Wired Connectivity … Continue reading Cable Testers and How to Use them in Network Environments

Write a Comment

Share your thoughts...

Please fill out the comment form below to post a reply.