This action might not be possible to undo. Are you sure you want to continue?
What is Penetration Testing !?!
A method to evaluate computer and network security
by simulating an attack on a computer system or a network from external and internal threats . It involves active analysis of the system for any potential vulnerabilities (weakness) that could result from poor/improper system configuration , both known and unknown hardware or software flaws , etc,.
. And moreover management usually want to address the vulnerabilities that are present in the system found through a penetration test . scanning IP addresses). This can be carried out from the position of potential attacker . involving active exploitation of security vulnerabilities (Eg.
Two major reasons Penetration is mainly done for 1) Intrusion Detection 2) Increasing Security .
It provides information about security vulnerabilities and also develop and execute exploit code against a machine .Tools used Metasploit Framework : It is one of the most commonly used tools for penetration testing . 1. 2. .
2.Tools used Veracode : It determines whether sufficient Encryption is employed and also whether a piece of software contains any application doors . . It scans for host. services and port information . Nmap : 1. It stands for Network mmapping . 1.
2.. . Great tool to access network bag-downs .Tools used Wire Shark (packet sniffer) : Report and capture any traffic within a network . suspicious traffic . 1.etc . protocol analysis .
brute force and cryptanalysis as well as methods to decode encrypted passwords . 1. . 2. It uses dictionary attacks .Tools used Cain and Abel : Password recovery tool for windows .
It is a password cracker runs on LINUX / UNIX . MAC OSX and Windows .Tools used John The Riper : 1. . 2. It can be run against various encrypted passwords including several crypt password hash types that runs on various platforms of UNIX .
protocol and anomaly based inspection methods to detect suspicious traffic trying to enter a network . 1. 3. It uses signature . . Also used as packet sniffer and packet logger . 2.Tools used Snort : NIPS AND NIDS .
11 wireless LAN . 1. 2. Kismet can work with any wireless card which supports raw monitoring mode . etc . 3.Tools used Kismet : Powerful packet sniffer and intrusion detection system for 802. Also supports plugins which allows sniffing other media such as DECT .. .
Tools used Hping 3 : It has built in trace route mode . . Particularly used when trying to trace route hosts behind a firewall that blocks attempts using standard utilities . 1. 2.
Schematic Diagram .
It detects Penetration testing : vulnerabilities of a system and also provides an overview of the flaws exists in a system . . It gains unauthorized access to the network or system and identifies possible impacts of system flaws .Vulnerability Assessment VS Penetration Testing Vulnerability Assessment : 1. 1.
Glass box) test : It is a method of software testing that examines the functionality of an application by peering through its internal structures . White box (Clear box. .Common types of penetration testing Black box (zero knowledge) test : It is a method of software testing that examines the functionality of an application without peering into its internal structures .
Methods for penetration testing 1) 2) 3) 4) 5) 6) Planning and Preparation Gathering information and analysis Vulnerability detection Penetration attempt Reporting Cleaning up .
The important thing is . they should obtain the relevant legal documents protecting them against legal actions . .1) Planning and Preparation The prime objective of penetration test is to demonstrate the exploitable vulnerabilities in the Organization's network infrastructure . even if it is carried by staff members on their system or network . A penetration tester involves in breaking the law by intruding legally/illegally into the system or a network.
. And also the information obtained during the penetration test will be kept confidential . Avoid loading the network during penetration testing as it allows the system to crash . The potential attacker should obtain necessary information as well as time allotment from the management . This serves as a protection to penetration testers should anything go wrong during the tests .
Netcraft engineers have developed a service that made our information gathering simpler . which is a penetration tool . . There’s a wealth of tools and online resources available for getting necessary information . An important method is done by Nmap .2)Gathering information & Analysis There are many ways to gather information .
Vulnerability Detection Weakness of a system or a network can be done found in two ways 1. Ex: Microsoft have discovered a vulnerability called “dot-bug” in their personal web server and its still existing in Windows 95 . . Manually : The penetration tracker will search for the vulnerabilities in the system .
Ex : With the help of NESSUS tool . a security scanner which takes steps for addressing the vulnerabilities . the attacker can find the open as well as closed ports . etc. Automatically : This can be done with the help of penetration tool called “Nessus” .2. networks . .. This helps them in penetrate through the network .
3. 2. 1.Penetration Attempt The prime importance thing of penetration attempt are the time estimation and the target . int_surfing) will reduce time as well as to attack the target . Naming the machines (like sourcecode_pc . One can also do Dumpster Diving to penetrate a system or network . .
ii. There are some penetration tools available to penetrate a target . Also penetrating tool called ‘Brutus’ employed in automatic password cracking for telnet and ftp . iii. Cracking a password involves i. Dictionary attack : Uses a word list or dictionary file. Brute force : Tests for all combination of passwords .4. . Hybrid crack : Test for passwords that are variations for words in the dictionary file . Ex : Password cracking is normal in practice .
It is usually carried out by Phishing (Internet or Phone) Baiting Tailgating . Also an important method in hacking system is Social Engineering : It is nothing but the art of manipulating people into performing actions or obtaining confidential information from them .
Summary of any successful penetration attempt . Suggestions to resolve the vulnerabilities found . Detailed description of all the vulnerabilities found . Highlights on High and Low threatening vulnerabilities . .Reporting Overall analysis .
. Removes all executable . If possible use secure method to delete files and folders so that the important documents cannot be removed .Cleaning up To clean up any mess (unwanted information)as a result of penetration testing . It should be done securely . so that it does not affect system’s normal operations . scripts and temporary file from the system . A good example is the Removal of user accounts .
if it is not reviewed periodically . since it is a time estimated one .Limitations It can cause Congestion and System crashing . Also it is not a best way . It alone provides no information in security of a computer or a network . . It does not provide any information about the new vulnerabilities after the test has been carried out . it does not mean that the hacker would not . If pentesters cannot be able to break into the system .
. as it does not able to find all the vulnerabilities exists in a system .Conclusion Penetration testing involves a ‘real world’ attack of the system . It provides the address of vulnerabilities present in the system which helps the management to fix it and also it helps the management to make decisions . It should be performed after careful consideration . It is not a best way . notification and planning since it has a high factor of risk than vulnerability scanning .