| The first cause for websites being hacked is the lack | | | | automated by some programsand scripts. This is the |
| of knowledge oftheir webmasters. | | | | most important and crucial task in every attack |
| Hackers or even wannabe hackers can modify your | | | | attempt. |
| website home page,steal your website profits and | | | | And this is what an ethical hacker can't fail. |
| fame by just using ready to be downloadedexploits | | | | The second step is to get a working exploit to take |
| published into trusted and untrusted internet security | | | | advantage of the vulnerablityfound in step 1. Here is |
| portals. | | | | where protection and fixes should take place to |
| Wether you have a basic knowledge of web site | | | | *prevent* the attack and notto just cure after the |
| publishing or you arean experienced webmaster the | | | | disaster. Ethical hackers in this case would be able |
| only thing to protect yourself from hackers attacksis | | | | tomodify source codes to cover the holes or just |
| ethical hacking. | | | | reduce the success rate of the attack dramatically. |
| Ethical hacking means understanding your enemy mind, | | | | I would strongly advise to work on the first step since |
| skills, intentions andstrength, up to take the successful | | | | it is the most simpleto master wether you're not |
| countermeasures that will save your daily hard jobinto | | | | expert into security field or you just don't have enough |
| developing a successful and trusted web platform. | | | | money to hirean experienced ethical hacker. |
| Image damages causing shareholders and customers | | | | Internet security knowledge is what can save your site |
| complaints, not to mention | | | | with a very cheap price. |
| 6 figures money loss, is what led many big | | | | At the most basic level this can be achieved by |
| corporations to hire dozens of ethical hackersto keep | | | | keeping yourself informed on yourwebsites scripts |
| their networks and web site safe from "bad" hackers. | | | | well-known vulnerabilities, available patches andsecurity |
| In this article I am going to focus on the following two | | | | best practices. |
| questions: | | | | Moreover the understanding of basic attacking vectors |
| What do ethical hackers do? | | | | like Cross site scripting or SQL Injection willkeep you |
| What can I do to protect my website if I am not an | | | | safe from a big number of wannabe hackers that you |
| ethical hacker? | | | | will be able todefeat...with your knowledge! |
| The first step taken by hackers, should they be ethical | | | | So next time you will see some suspicious activity in |
| or evil, is to scan yourweb application for known | | | | your website log you will be laughing at it,since not a |
| vulnerabilities. This can be achieved through | | | | dummy tool but your own knowledge as ethical |
| apenetration testing process that can be manual or | | | | hacker will be protecting you. |