Dabarun ‘Yan Dandatsa (Hackers) da Hanyoyin Dakile Su (3)

Darasi Na (0): “Introduction to Ethical Hacking”

A kasidar da ta gabata munyi bayani a takaice kan nau’ukan darussan da ake koyarwa karkashin wannan fanni na karatu kan kariyar bayanai, wato: “Ethical Hacking.”  Sannan na nuna cewa dalilin samuwar wannan fanni na musamman, wanda kusan dukkan manya kuma hamshakan kamfanonin kasuwanci da sadarwa na duniya ke amfani da kwararru a fannin don baiwa shafukansu na Intanet kariya, shi ne yawaitar manyan badakala na sace-sace da ayyukan ta’addanci da wasu kwararru masu mugun nufi ke amfani da kwarewarsu wajen aiwatarwa a shekarun baya.

Idan mai karatu ya fahimci haka, sai ya gane cewa wannan fanni na “Ethical Hacking,” fanni da ke koya maka dabarun da ‘yan Dandatsa (Hackers) ke amfani dasu wajen kutsawa shafuka da kwamfutocin jama’a, a ko ina suke a duniya, da kuma yadda za ka baiwa kowace irin kwamfuta ko gajeren zangon sadarwa (Local Area Network) ko wani shafin yanar sadarwa kariya daga ire-iren wadannan ayyuka na ta’addanci.  Wato ana koya maka hanyoyin kama barawo ne, ta amfani da irin dabarun da barawon ke amfani dasu don yin sata.  Sai dai bambancinka da barawon shi ne, kana da horaswa ta musamman, kuma kana da takardar shedar horaswa kan hakan, sannan kuma sai da izinin mai kwamfuta ko gidan yanar sadarwa ko gajeren zangon sadarwa kake aiwatar da aikinka.  Shi yasa a ranar da za ka rubuta jarabawar wannan fanni na “Ethical Hacking”, sai an baka takarda ka sa hannu cewa daga yanzu har karshen rayuwarka, ba za ka taba amfani da wannan kwarewa taka wajen kutsawa kwamfutoci ko gidajen yanar sadarwar jama’a ba tare da izininsu ba.”

Daga lokacin da kaci wannan jarabawa aka baka takardar sheda, ka zama kwararre a fannin.  Kuma kamfanoni na iya gayyatarka ka musu gwaji don gano raunin dake tattare da kwamfutoci ko gidajen yanarsu, don basu shawara kan yadda za su samar da tsaro da hana ‘yan kutse kutsowa ciki.  Idan ka sake kayi amfani da wannan kwarewa taka wajen cutar da wasu da gangar, to, za a soke takardar kwarewarka, sannan a gurfanar da kai gaban kuliya don fuskantar hukuncin da ya dace dakai a kasarka, muddin aka kama ka.

Gabatarwa: “Introduction to Ethical Hacking”

Kamar yadda bayani ya gabata, darussa guda goma sha bakwai ne, ban da mukaddima.  Darasi na farko da za a muku mukaddima ce, inda a ciki za a wayar muku da kai kan wannan fanni, da irin hadarin dake dauke cikinsa idan mutum ya kuskure yabi son ransa, sannan a sanar daku nau’ukan ‘yan dandatsa, da dabi’unsu, da yadda ka’idar sana’ar “Ethical Hacking” ko “Penetration Testing” yake.

Abu na farko shi ne bayani kan “Hacking”, mene ne shi?  Za a sanar daku.  Sannan a bambance muku nau’ukansu; sun kai guda takwas.  Akwai “Black Hat Hackers”, da “White Hat Hackers” da “Gray Hat Hackers.”  Sauran sun hada da “Suicide Hackers”, da “Script Kiddies” da “Cyber Terrorists” da “State Sponsored Hackers,” sai kuma “Hacktivist.”  Wadannan bambance-bambance ne tsakanin wadannan mutane da ake kira “Hackers”.  A wannan darasi ne duk za a muku bayanin kowannensu.

A wannan marhala ce dai har wa yau za a muku bayanin matakan aiwatar da wannan aiki na “Hacking”, wadanda duk bas u wuce uku.  Matakin farko shi ne samun kafar da za samu isa ga kwamfuta ko shafin yanar da suke bukatar kutsawa ciki.  Wannan mataki shi suke kira: “Gaining Access.”  Sai mataki na biyu, wanda ya kunshi neman tabbata a mahallin da suka kutsa.  Wannan shi suke kira: “Maintaining Access.”  Wannan matakin na tabbata musu ne ta hanyar kirkirar kafofin da zasu iya dawowa mahallin, wato: “Backdoors” kenan.  Sai mataki na uku, wanda suke kira: “Clearing Tracks.”  Wannan mataki na karshe ya kunshi share duk wata alama dake nuna an shiga ko an taba ko an gauraya bayanan da ke mahallin ne.  Wato kada mai kwamfuta ko gidan yanar sadarwa ya gane an ma shiga, balle yasan irin barnar da aka gudanar.  Wadannan matakai uku, ba wai ga ‘yan Dandatsa kadai ba, duk wani barawo a duniya da wadannan matakai uku yake amfani.  Na farko ya samu daman shiga.  Idan ya samu abin da yake so, ya kirkiri hanyar da zai iya dawowa ba tare da mai gida ya sani ba.  Na uku, kafin ya fita, duk abin da zai sa mai gidan ya gane anyi sata, zai shafe shi.

Sannan za a karantar daku siffofin bayanai ta bangaren gurbata ko inganci.  Ma’ana, ta wasu hanyoyi ake bi wajen tabbatar da kariya da ingancin bayanai a kwamfuta ko Intanet ko gajeren zangon sadarwa (Local Area Network)?  Wannan shi ake kira: “Information Assurance” (IA), kuma yana dauke ne da matakai wajen guda takwas.  Duk za a koya karantar daku su.  Sannan za a koya muku yadda ake iya gane an kai wa kwamfuta ko wani gidan yanar sadarwa hari na ta’addanci, ta la’akari da bayanan da kwamfutar tat askance, da hanyoyin da ake bi wajen gano raunin dake jikin kwamfuta ko wani zangon sadarwa.

Bayan haka, a karkashin wannan darasi na mukaddima dai har wa yau, za a koya muku ka’idojin kariya guda hudu, wadanda ake amfani dasu wajen aiwatar da kariya ga bayanai a ko ina ne.  Wadannan ka’idoji dai su ne: “Promiscuous Policy,” da “Permissive Policy” da “Prudent Policy” da kuma “Paranoid Policy.”  Kowanne daga cikinsu yana da nasa tsari da hanyar da ake aiwatar dashi.  Bayan haka, duk za a kawo muku misalan wadannan ka’idojin kariya a kwamfuta, ku gani a bayyane.

Daga cikin abin da za a koya har wa yau a wannan darasi na farko, akwai tsarin kariya ga harabar da kwamfutoci suke, a ko ina ne kuwa.  Wannan ya hada da amfani da na’urorin kariya irin su na’urar daukan hoton bidiyo a gidaje da ofisoshi, wato: “Security Cameras” ko “CCTV Cameras.”  Da kuma yadda za a tabbatar da kariya ga bayanai a yayin girgizar kasa ko ambaliyar ruwa ko gobara ko wani hari na ta’addanci ya auku a inda kwamfutoci suke ajiye a kamfani ko ofishi.

A karshe kuma, za a kawo muku samfurin dokokin da ake amfani dasu a duniya wajen tabbatar da kariya ga kwamfutoci da bayanai a duniya.  Kowace kasa tana da dokokin da take amfani dasu wajen ba da kariya ga bayanan jama’a a Intanet da wajen Intanet.  A wannan bangare na darasi za a kawo muku su, sannan da irin tanadin da aka yi ga duk wanda ya karya wadannan dokoki.  Wannan gargadi ne, domin kada dalibi ya ga ya samu wannan kwarewa ya koma ya kama shirme.  Domin idan ka kware a wannan fanni, gani zaka kamar kowace kwamfuta ma tsirara take.

A makon gobe za mu kawo bayani kan darasi na daya, wato: “Foot Printing and Reconnainsance.”  A ci gaba da kasancewa tare da mu.