Penetration testing involves performing various reconnaissance scans against your perimeter defenses, boundary routers, firewalls, switches, network devices, servers,and workstations to allow you to see which devices are within your environment and to determine the overall plan of the network and topology. Once this has been gathered, you can then collate this information and then look at an attack vector to try
and penetrate identified systems to see if they can be compromised by using known vulnerability scans, attacks and denial of service attacks. When performing penetration testing you are essentially taking on the role of the hacker. You will be looking at using tools like PING to detect if hosts are live, port scanners for any hosts that may deny ICMP Echo/Reply requests (PING’s) and to also identify which ports are open on devices enabling you to create a footprint of what these devices are used for.The overall plan is to map out the entire network and to make sure any vulnerabledevices are known and patched frequently.
Why do we perform Penetration testing
Hackers like to spend most of their time finding holes in computer systems where mostly bad coding are to blame in creating vulnerabilities. Hackers then like to take this knowledge and apply it to real world scenarios by attacking your network. Theymay be doing this as a grudge because they weren’t hired by your company, or perhaps was fired at some stage or even they don’t like your company, or just want toget a Kudos kick out of saying, been there, done that! To try and protect our computer systems from these hackers, we need to check for known vulnerabilities andexploits ourselves within our systems. Vulnerabilities can comprise of bugs, application back doors, spy ware that have entered into the coding of the application, operating system or firmware at development time of the product or files that have been replaced at a later date in the form of viruses or Trojans. Over the past two years we’ve seen many hackers performing denial of service attacks against ISP’s (1), Banks (2), and even world governments (3). Carnegie Mellon Software Engineering Institute a Computer Emergency Response Team (CERT) and many other CERT’s collate known and new vulnerabilities across all systems, platforms and applications and publish these to the security community and to the companies who have created the systems in a hope that people will become more aware of vulnerable systems and also to allow the creator’s of these products to create and distribute patches for their products. In the event of a patch taking a while, in most cases a technical work around is published to harden the systems that may be affected by this vulnerability.
Who should perform Penetration testing
Most auditing companies now provide some level of Penetration testing either from within their company, or sub contracted out to third party security companies. If your company would like a penetration test performed on your current infrastructure, you can outsource to one of these companies to perform tests Many companies are now looking at creating their own internal security teams that provide a constant day-to-day monitoring of networks and devices, and also spend valuable time researching the latest vulnerabilities from CERT’s and collate the relevant security patches in-house under advisement from the Security Community to apply to company systems that are deemed vulnerable or compromised. Unfortunately even if you are patching systems you will always be one or two steps behind the hackers and this is unavoidable, but it’s much better than being 20 or 30 steps behind them by failing to identify and patch your systems and becoming vulnerable to attack or even worse, allowing your networks to attack other companies networks which is now in the process of being made illegal in several countries. The UK government are already looking at making it part of UK law that you will be fined if you are found attacking other companies or systems on the internet unless you can provide proof that you are taking security seriously within your organization and applying all available patches regularly to try and stop future attacks from happening. The UK government is also trying to push more responsibility onto ISP’s, so that ISP’s should be looking out for attack vectors, and if they find attacks coming from their customers or within their networks, they are at liberty to cease infected services until the system is made safe. Penetration testing can be performed by anyone who is either knowledgeable in this area and keeps up to date with the latest security news, penetration applications and researching ways of attack, or has had extensive experience on penetration system testing or is certified.
source: hackerstorm.com
