CHapter - 4netwrok
CHapter - 4netwrok
What is?
Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network
or web application to find security vulnerabilities that an attacker could exploit. Penetration testing can be
automated with software applications or performed manually. Either way, the process involves gathering
information about the target before the test, identifying possible entry points, attempting to break in -- either
virtually or for real -- and reporting back the findings.
The main objective of penetration testing is to identify security weaknesses. Penetration testing can also be used
to test an organization's security policy, its adherence to complains requirements, its employees' security
awareness and the organization's ability to identify and respond to security incidents.
Penetration tests are also sometimes called white hat attacks because in a pen test, the good guys are attempting
to break in.
Examples :
• Others:Wireshark,Nmap,,etc.
How to do Penetration Testing
Following are activities needs to be performed to execute Penetration
Phase 1) The reconnaissance phase
The idea of this phase is to gather as much info about the subject as you possibly can.
Some often want to:
Skip this and get straight to the fun part?
Not if you want to succeed.
It’s really important that you have a clear understanding of the client’s systems and operations before you begin expl
oiting.
Some people call this phase “foot-printing”.
Once you are satisfied that you have a good understanding of the target, you’re ready to move on to the next phase.
Phase 2)Scanning and identification phase
Once you feel you have sufficient info about the client’s systems, you can start modeling the threats that the client
would realistically face and identify vulnerabilities that will allow for those attacks.
It’s kind of a pre-attack phase in which you get everything ready.
And
All that data you gathered during reconnaissance will pay off.
You might start using scanning tools or port scanners to find open ports, live hosts, etc.
Or you may use a vulnerability scanner to find possible vulnerabilities on the network.
In short
You’re looking to get as many details about the systems as you can.
Are the systems up?
What OS are they?
Then
It’s time to start thinking like an attacker.
Think about the company’s assets and how they may be used.
Things like employee info:
Who works in what departments, what is their role, can the employee be exploited as a stepping stone in the
attack?
Phase 3) The exploitation phase
If you’ve completed all of the steps leading to this one, you are on the road to a successful penetration testing e
ngagement.
But
Don’t relax now
There’s still a lot to do.
For those who want to remain undetected, it will be imperative to undertake further steps to secure their presence.
There are different ways through which that can happen, but typically through the installation of hidden infrastructu
re for repeated and unfettered access based on backdoors, Trojan horses, rootkits, and covert channels . When this i
nfrastructure is all set to go, the pentester can then proceed to exfiltrate whatever data he considers being valuable
This weight is based on how easy it was to exploit and how much damage it could cause.
Then, always add a suggested remediation timeline.
Critical items are in the 1 – 3 month timeline and non-critical findings are in the 3 – 6 month bracket.
It's prefered to make it very easy for the client to see what they need to address, what is most critical, and just
how critical it is.
Who ?
Penetration testing can be:
• 1- automated with software applications.
• 2- performed manually.