Monday, August 26, 2013

Penetration Testing

Penetration testing is the process of simulating attacks on a network and the systems
that make it up at the request of the owner, usually senior management.
The goal of penetration testing is to identify vulnerabilities, estimate the true protection the security mechanisms within the environment are providing, and
how suspicious activity is reported.
The penetration teammust have signed consent fromthe owner of the environment
outlining what is to be accomplished in the test and to what degree the
vulnerabilities should be tested. The team then goes through a process made up
of five steps, outlined here:
• Discovery Footprinting and gathering information about the target.
• Enumeration Performing port scans and resource identification
methods.
• Vulnerability mapping Identifying vulnerabilities in identified
systems and resources.
• Exploitation Attempts to gain unauthorized access by exploiting
vulnerabilities.
• Report to management Documentation of findings of test goes to
management along with suggested countermeasures.
The team can have varying degrees of understanding of the target before the
tests are actually carried out:
• Zero-knowledge Team does not have much knowledge of target and
must start from ground zero.
• Partial-knowledge Team has some information about target.
• Full-knowledge The team has intimate knowledge of target.
It is important that the team start off with only basic user-level access to
properly simulate different attacks. They need to utilize a variety of different
tools and attack methods and look at all possible vulnerabilities because this is
how actual attackers will function.

No comments:

Post a Comment