CHAPTER 2 Hacking Environmen

CHAPTER 2 Hacking Environmen

The very first thing that you need is a virtual machine. As I said before, I have Ubuntu as 
my default operating system and inside my virtual machine I have installed two operating 
systems—one is Windows XP and the other is Kali Linux.
Technically, from now on I would mention Windows XP and Kali Linux as my virtual 
machines. Kali Linux is a Linux distribution that comes up with many useful hacking 
tools. So I strongly suggest using it as your virtual machine. You may also read the 
documentation page of Kali Linux, which will also be an immense help.
At the same time, I’d not suggest using Windows of any kind for the ethical hacking 
purpose. Some may argue that few hacking tools can be used in Windows, so why you 
are suggesting otherwise? The point is: in the ethical hacking world, you need to be 
anonymous all the time. You won’t want to keep your trail, anyway, so that you can be 
traced back. Remaining anonymous is a big challenge. In Linux it is fairly easy and you 
can stay anonymous for the time being.
Keeping that in mind, I explain that technique of being anonymous in great detail 
so that before jumping up into the big task, you make your defense much stronger. Being 
anonymous is the most important thing in the world of ethical hacking. Keeping yourself 
anonymous in Windows is not possible. So it is better to adapt to the Linux environment 
first. Another important thing is, most of the great hacking tools are not available in the 
Windows environment.
If you have never heard of any Linux distribution, don’t worry. You can either install 
user-friendly Ubuntu inside your Windows system or you can easily partition your disk 
into two parts and install Ubuntu and Windows separately as your two default operating 
systems. It is preferable to do the latter. Installing and uninstalling parallel operating 
systems always teaches you something new. If you are familiar with Windows, I won’t tell 
you to simply dump it for the sake of learning ethical hacking. You can keep it and use it 
for your daily work. There is no problem in doing this.
In the Internet world, Linux is used more. So you need to learn a few Linux commands. 
Software installation in Linux is slightly different from Windows environments. There 
are Linux distributions like Fedora or Debian, and many more. I named Ubuntu just 
because it is extremely popular and Windows users find themselves comfortable inside 
it. The operations are more or less the same, including the software installations. For 
beginners, it is not a good idea to install Kali Linux as your default OS. You must read Kali 
documentation, where it is clearly stated that Kali is more for developers. You are going to 
install it inside your Virtual Box. Kali Linux is a kind of Linux distribution that comes with 
lot of hacking tools. You need to know them and use them in the course of ethical hacking.

Installing Virtual Machine is a very important step as the first step of building 
your environment. In the next chapter I will show you how you can do that for different 
operating systems. Another important thing is learning a programming language that will 
really help you learn ethical hacking better.
The obvious choice is Python. At the time of writing this book, Python 3.x has already 
arrived and is considered the future of this language. It is very quickly catching up with 
the old Python 2.x version, which has been around the market for a while. The official 
Python download page provides the repository of Python installers for Windows, Mac 
OS X and Linux operating systems. If you download an installer, it is of immense help 
because it comes with the Python interpreter, standard library, and standard modules. 
The standard library and built-in modules are specifically very important because they 
offer you several useful capabilities that will help you achieve your goal as an ethical 
hacker. Among the useful modules, you will get cryptographic services, Internet data 
handling, interaction with IP protocols, interoperability with the operating system, 
and many more. So go ahead, pick up any good beginner’s book on Python, read the 
official documentation and know that it is a part of your learning schedule. Python is an 
extremely easy language to learn.
To create an ideal ethical hacker’s environment, a few steps are extremely important. 
The steps include: installing Virtual Machine or Virtual Box (VB), having a basic 
knowledge about networking, and learning a useful programming language like Python. 
Let us first have a look at the basic networking knowledge

Ethical Hacking and Networking

A basic knowledge about internetworking is extremely important if you want to learn 
ethical hacking. As you progress and want to go deeper, it is advisable to learn more about 
networking. Ethical hacking and internetworking are very closely associated. As you 
progress through this book you will find words like “packet,” “switch,” “router,” “modem,” 
“TCP/IP,” “OSI,” and many more.
The very first thing you need to know is: data travels through many layers. Ethical 
hackers try to understand these layers. Once they have understood the movement, they 
either want to track and block the data or they want to retrieve data.
In this chapter, we will very briefly see how internetworking models work. We will 
look into the different types of networking models. We will also learn about the devices 
that comprise a network.

What Does Network Mean?

A network is a collection of devices that are connected through media. One of the main 
characteristics of a network is: devices contain services and resources. Devices contain 
personal computers, switches, routers, and servers, among others. What do they do 
basically? They send data and get data either by switching or by routing. Actually, they 
connect users so that users ultimately get full data instead of getting it by pieces. So the 
basic services these devices provide include switching, routing, addressing, and data 
access.

We can conclude that a network primarily connects users to avail these services. That 
is its first job. The second job is also very important. A network always maintains a system 
so that the devices allow the users to share the resources more efficiently.
Now a problem arises—not a trivial problem. Hardware and software manufacturers 
don’t know each other. They belong to different countries and share diverse cultures. 
When the conception of networking first came to the fore, it was found that hardware and 
software weren’t matching. As I said before, a network is a collection of devices. These 
devices are mainly built of hardware and software that are talking in different languages.
To solve this problem, a common network model with communication functions is 
needed so that dissimilar devices can interoperate.
The importance of internetworking models consists of a few main concepts. First, 
they encourage interoperability. Second, they provide a reference through which data will 
be communicated. Third, they facilitate modular engineering.
There are two types of internetworking models.
They are Open Systems Interconnection (OSI) reference model and Transmission 
Control Protocol/Internet Protocol (TCP/IP) model. Both models are widely used today.
The Open Systems Interconnection (OSI) reference model was developed by the 
Internet Standards Organization (ISO) and it has seven layers in all. The layers are as 
follows: application (layer 7), presentation (layer 6), session (layer 5), transport (layer 4), 
network (layer 3), data link (layer 2) and physical (layer 1).
Let us very briefly try to understand how this model works. Suppose a user tries to 
open a web page. The very first thing he does is send a request to the server that is located 
several thousand miles away. Here, the server’s hard disk or hardware is the last layer 
(layer 1) which is termed as “physical.” So, the user’s request first knocks the “application” 
layer (7) which is the nearest and then it proceeds. Every process in each layer involves a 
complicated “bits and bytes” functioning. A computer only understands 0 and 1. But the 
user does not like to see a video in 0 and 1.
Let us break the process into more detail.
In the application layer (7), the user interacts with the device that could be a 
personal computer or smart phone or anything you might guess. So the application 
layer basically handles the user’s interaction. The name of the datagram is “data.” The 
user requests the data and ultimately retrieves the data. What happens when the user 
sends requests from layer 7? It enters into the next layer: (6) presentation. The process 
of encapsulation starts. Data is formatted and encrypted. Next, the layer 5 or session 
enters into the scene. This layer manages end-to-end communication. Suppose you type 
a password and log into your social media account. This layer maintains the end-to-end 
(user-to-server) communication so that you can remain logged into your page. Tell this 
layer the name of the datagram is “data.”
To assist you in maintaining your session, the next three layers work very hard. They 
are: transport (layer 4), network (layer 3), data link (layer 2), respectively. The name of 
the datagram of transport layer is “segment.” Why is this called “segment”? It is called 
“segment” because it breaks your request into several fractions. First, it adds source and 
destination port numbers. Next, it tries to make it reliable, adding sequence numbers. So, 
in a nutshell, it provides flow control, sequencing, and reliability.
What happens next?
Your request enters into the layer 3 that is called network. The name of the datagram 
is “packet.” It adds source and destination IP addresses. It also makes sure that your 
request finds the best path to reach the destination.

Now your data request almost reaches the final stage. It enters into the layer 2 that is 
data link. It is nearing the end point that is the server’s hardware. So this layer adds source 
and destination Media Access Control (MAC) addresses. Next, it goes through Frame 
Check System (FCS) processes. It checks frame by frame whether the source requests 
reach the right destination. That is why the datagram is known as “frame.”
Now it has entered into the final destination that is layer 1 or physical. There are only 
bits over the physical medium. The name of the datagram is “bits and bytes.”
Now we can imagine a small office with one router, two switches and a few desktops, 
laptops, printers, and servers. The router is connected to the switches and the switches 
are connected to the devices like desktops, laptops, printers, and servers. Here desktops, 
laptops, printers, and servers belong to the layer 1 that is physical. The switches belong to 
the layer 2 that is data link, and the router fits in the layer 3 that is network.
Routers are layer 3 devices and perform a few definite tasks. They are: packet 
switching, packet filtering, path selecting, and finally communicating. The task of packet 
switching involves the process of getting a packet to the next device. Here, the next device 
is the switches. Packet filtering suggests in its name what it actually does. It either permits 
or blocks packets depending on certain criteria. Path selecting is determining the best 
path through the network to the destination. Communication is another important part 
of this layer. Routers communicate with other networks like the Internet.
Between routers, layer 3 devices, and the end application, physical, layer 1 devices, 
there are switches which are layer 2 devices. In some cases, switches perform the task 
of layer 3 devices. Switches basically deal with frame filtering and forwarding. It also 
maintains the connection between layer 3 and layer 1.

Summary

Let us quickly recap what we have just learned about the relations between ethical 
hacking and internetworking.

1. Internetworking models encourage interoperability between 
    different devices, providing a reference to describe the data 
    communication. At the same time, it facilitates modular 
    engineering.
2. There are two types of internetworking models. They are OSI 
     Reference Model and TCP/IP Model.
3. The OSI Model has seven layers. They are: application (layer 7), 
    presentation (layer 6), session (layer 5), transport (layer 4), 
    network (layer 3), data link (layer 2), and physical (layer 1).
4. The TCP/IP Model has four layers. They are: application (layer 4), 
    transport (layer 3), network (layer 2), and network (layer 1).
5. An ethical hacker tries to understand this process of data 
    communication and penetrates according to the vulnerability.

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow