ABSTRACT
In today’s electronic environment, the threat of being
hacked is no longer an unlikely incident, occurring in a
few unfortunate organizations. New reports of hacker inci-
dents and compromised systems appear almost daily. As
organizations continue to link their internal networks to the
Internet, system managers and administrators are becom-
ing increasingly aware of the need to secure their systems.
Implementing basic password controls is no longer adequate
to guard against unauthorized access to data. Organizations
are now looking for more up-to-date techniques to assess
and secure their systems. The most popular and practical
technique emerging is the self-hack audit (SHA). The SHA
is an approach that uses hacker methods to identify and
eliminate security weaknesses in a network before they are
discovered by a hacker.