In This Chapter
Understanding the enemy
Profiling hackers and malicious users
Understanding why attackers do what they do
Examining how attackers go about their business
Before you start assessing the security of your own systems, you may want to know something about the people you're up against. Many information security product vendors and other professionals claim that you should protect your systems from the bad guys — both internal and external. But what does this mean? How do you know how these people think and work?
Knowing what hackers and malicious users want helps you understand how they work. Understanding how they work helps you to look at your information systems in a whole new way. In this chapter, I describe the challenges you face from hackers, the people actually doing the misdeeds, and their motivations and methods so you're better prepared for your ethical hacking tests.
Thanks to sensationalism in the media, public perception of hacker has transformed from harmless tinkerer to malicious criminal. Nevertheless, hackers often state that the public misunderstands them, which is mostly true. It's easy to prejudge what you don't understand. Unfortunately, many hacker stereotypes are based on misunderstanding rather than fact, misunderstanding that fuels a constant debate.
Hackers can be classified by both their abilities and their underlying motivations. Some are skilled, and their motivations are benign; they're ...