Premium Essay

What Is Penetration Testing?

In: Computers and Technology

Submitted By jsatt2000
Words 1495
Pages 6
What is penetration testing?

Penetration testing is a way of trying to exploit the weaknesses of an organizations security defenses. Penetration testing may come in many forms and test different types liabilities. A few years ago people debated as to whether or not penetration testing was even needed. Now most people realize it is absolutely necessary. Although most people, when thinking of security breaches, think of network security in relation to hackers, there are many other security areas that must be tested. Some of these areas are physical security, telecommunications security, and environmental security. Other areas that may be tested are operating systems and applications, and social engineering. All of these areas are vital to the security of an organization. A breach in any of these systems may cause great detriment to the organization financially and a degradation of customer trust. Application and username/password weaknesses may be tested by using automated tools. These tools may also be used to find harmful software (virus, malware) which may lead to unlawful access to a company’s system.
The best penetration tools supply the following options:
1. Easily deployed, configured and used
2. Scans systems easily
3. Distinguishes weaknesses based on severity
4. Verification of weakness automated
5. Test weakness previously found to make sure they are no longer viable
6. Able to produce logs and reports on the weakness of the system
Not all weaknesses can be found by automated testing. There also needs to be manual penetration testing done. This testing may be done by users who are familiar with the system and are able to leverage their knowledge during a breach attempt. The tests should continue to be repeated until the systems cannot be breached; but testing does not stop there. Penetration testing is an ongoing continuous job....

Similar Documents

Premium Essay

Operating Systems Dependency on Penetration Testing

...Operating Systems Dependency on Penetration Testing Michael S. Self University of Maryland University College-Europe Table of Contents Abstract………………………………………………………………………………..…………..3 History and Purpose of Penetration Testing……………………….......................…..………….4 Techniques and Tools for Performing Penetration Testing………….………….……..…………5 Example of Penetration Test Process………………………………....………...…….………….6 References…………………………………………………………………………………………7 Abstract This report will encompass penetration testing of operating systems. It first explains the evolution of penetration testing, and what purpose it serves. It then describes techniques and tools used to perform the tests. The report will conclude with an example of a penetration test. Operating Systems Dependency on Penetration Testing History and Purpose of Penetration Testing According to Pfleeger & Pfleeger 2011 in their book titled ‘Security in Computing’, penetration testing, or pentesting, is a technique used in computer security which an individual, or team of experts purposely tries to hack a computer system. Penetration started as a grey art that was often practiced in an unstructured and undisciplined manner by reformed or semi-reformed hackers. They used their own techniques and either their ‘home grown’ tools, or borrowed and traded ideas with associates. There was little reproducibility or consistency of results or reporting, and as a result the services were hard to integrate......

Words: 1151 - Pages: 5

Premium Essay

Is4560 Lab 1 Assessment

...Attack & Penetration Plan 1. List the 5 steps of the hacking process. * Reconnaissance * Scanning * Gaining Access * Maintaining Access * Covering Tracks 2. In order to exploit or attack the targeted systems, the first initial step I would do to collect as much information as possible about the targets prior to devising an attack and penetration test plan would be reconnaissance. I would use passive reconnaissance as this pertains to information gathering. 3. The reconnaissance phase can have many different faces, and depending on the goal of the attacker, various tools and applications can be used. Nslookup can be used to look up all the available host on a network through the DNS server. You can get IP address information of hosts on your targeted network. You can also get the information of the purpose of the hosts. Whois lookup is a protocol that can be used to interrogate the servers operated by regional internet registries which holds information about every IP/Domain registered on the internet. You can get information about your target such as; the name of the owner, address of the owner. IP ranges that a certain IP belongs to, contact information like emails and phone numbers, administrators names and server names. You can also just use your targets web site. Sometimes the targets website can reveal way too much information without realizing it, and just by looking at the information they have on there can get you what you need.......

Words: 1233 - Pages: 5

Premium Essay

Test

...Unit 1 Lab Assessment Questions & Answers 1. List the five steps of the hacking process. -Reconnaissance -Scanning -Gaining Access -Maintaining Access -Covering Tracks 2. To exploit or attack the targeted systems, what can you do as an initial first step to collect as much information as possible about the targets prior to devising an attack and penetration test plan? Collect as much information as possible through analysis. You must have all the needed data you can acquire regarding the system, network and applications. This information will be used to generate an appropriate test plan. Using NMAP can provided you with a good network survey. NMAP can provide you information regarding what Operating Systems are running as well as the type of packets, filters and/or firewalls are installed. Review old test results and reports that have been kept with all issues that have plagued the network, this will show you any previous vulnerabilities and allow you to check if a fix was implemented. 3. What applications and tools can be used to perform this initial reconnaissance and probing step? NMAP is that will allow you to collect OS information as well as packets, filters and firewall information. Nslookup will allow you to map an IP to a specified domain. The Domain Name Server (DNS) will give you information on a specific domain that is used to communicate with the network Whois will allow you to profile the organization, this will provide you with......

Words: 765 - Pages: 4

Premium Essay

Ethical Hacking and Network Defense Unit 2 Assignment

...application server • Credit card transaction processing occurs • The test will include penetrating past specific security checkpoints. • The test can compromise with written client authorization only. Goals and Objectives John Smith, CEO of E-commerce Sales, has requested that we perform a penetration test on the company’s production e-commerce Web application server and its Cisco network. It is our intention to run various penetration tests at irregular times in order to accurately test security measures that have been put in place. E-commerce Sales will not be aware of any of the penetration measures nor will they be aware of the times that this will be done. Information about the network will be gathered and analyzed for any open network interfaces. Success of the test is determined by determining any potential weaknesses in the network and being able to identify solutions to protect those weaknesses. Failure is determined by the inability to pinpoint any weaknesses in the system or to find weaknesses and not be able to suggest solutions. Tasks During the course of the penetration testing there are several different tasks that we will have to perform. These tasks are listed...

Words: 1705 - Pages: 7

Free Essay

Vulnerability Asses Vulnerability Assessment System Penetration and Analysis Testingsment System Penetration and Analysis Testing

...| Vulnerability Assessment System Penetration and Analysis Testing | |Memo | Internal Penetration Testing Tool and Purchase | | | | With the recent attack/hack on agency's network town police department authorities came to a decision to conduct a complete assessment on network vulnerabilities. The main goal of this memo is to assess or evaluate the network penetration tools available in the market. Compare the tools. Cost to buy and implement these tools internally. Hire a professional service to evaluate these tools. In this memo we will cover the internal implementation at high level. In the market there are many penetration tools like a. Nmap - Worlds Best Port Scanner b. Nessus - Vulnerability Scanner c. Metasploit - Exploit framework For testing Vulnerabilities I picked the above three mentioned tools which are widely used in many organizations and would be perfect for this scenario. The penetration tools that could be used to conduct a vulnerability analysis are; Nmap and Nessus which provide a number of penetration testing techniques such as port scanning, Credentialed and uncredentialed scans, enumeration,......

Words: 1156 - Pages: 5

Premium Essay

Ethical Hacking

...conducts penetration testing on networks to test the integrity of a network for any given business or corporation (White hat (computer security)). With this technique, corporations and businesses will have the assurance they need for protecting their personal identifiable information (PII) on their network. To beat a hacker, first you must think like one. Ethical hacking is an accepted hacking method of network security systems for a particular business or corporation. Ethical Hacking has provided network security administrators with the knowledge they need to continually keep their network secure. With this method of penetration testing, you can see that there is no negative effect on a business or corporation’s network security. The ethical hacker must first receive authorization. If authorization is not obtained, ethical hacking can be considered a federal offense punishable by a prison sentence of no less than five years (Computer Hacking Law & Legal Definition). “The authorization can be as simple as an internal memo or e-mail from your boss if you're performing these tests on your own systems. If you're testing for a client, have signed contracts in place, stating the client's support and authorization” (Beaver). Once authorization has been made you will need to develop a strategy that you will follow. Your strategy is the basis of how you will be conducting either password cracks or penetration tests. You will need to know what system you will be testing, what......

Words: 857 - Pages: 4

Premium Essay

Lab 8 Assessment

...1. Why is it critical to perform a penetration test on a Web application and a Web server prior to production implementation? To make sure no attackers can penetrate your web application before the Web App goes live. It is critical to perform a penetration test on a Web application because the Web application is running on an Application Server or a Web Server, if an attacker is able to access the application code for how the database is called, it may be able to retrieve information about the database (name, attributes, IP address, etc.) and or access the Web Server and attempt a DoS attack. If a Web form cannot handle the unexpected data and fails to return the expected outcome. You have uncovered a vulnerability in this form; penetration testing in this area help IT security identify the vulnerabilities a Web Application may have.  2. What is a cross-site scripting attack? The goal of an XSS attack is see if the Web Application allows the attacker to have administrative read/write access to the functionality of the Web Application. This attack is a type of computer security vulnerability typically found inweb applications that enables attacks to inject client-side script into web pages viewed and accessed by other users. 3. What is a reflective cross-site scripting attack? If the attacker can type a script in a text field and the script alters or creates a pop-up display, the attacker can use these windows to navigate users off the Web Application pages and to......

Words: 849 - Pages: 4

Premium Essay

It-255

...IT255 Introduction to Information Systems Security Unit 5 Importance of Testing, Auditing, and Monitoring © ITT Educational Services, Inc. All rights reserved. Learning Objective Explain the importance of security audits, testing, and monitoring to effective security policy. IT255 Introduction to Information Systems Security © ITT Educational Services, Inc. All rights reserved. Page 2 Key Concepts  Role of an audit in effective security baselining and gap analysis  Importance of monitoring systems throughout the IT infrastructure  Penetration testing and ethical hacking to help mitigate gaps  Security logs for normal and abnormal traffic patterns and digital signatures  Security countermeasures through auditing, testing, and monitoring test results IT255 Introduction to Information Systems Security © ITT Educational Services, Inc. All rights reserved. Page 3 EXPLORE: CONCEPTS IT255 Introduction to Information Systems Security © ITT Educational Services, Inc. All rights reserved. Page 4 Purpose of an IT Security Assessment Check effectiveness of security measures. Verify access controls. Validate established mechanisms. IT255 Introduction to Information Systems Security © ITT Educational Services, Inc. All rights reserved. Page 5 IT Security Audit Terminology  Verification  Validation  Testing  Evaluation IT255 Introduction to Information Systems Security © ITT Educational Services, Inc. All rights......

Words: 799 - Pages: 4

Free Essay

Attack Methodology and Countermeasures

...companies, organizations and individuals. Good hackers are considered white hat hackers. They are the ones, who are hired to break into systems as a way of testing the vulnerabilities and security issues that may be present in the computer system. Consider this: company XYZ, a mid-sized corporation, is in the middle of satisfying their regulatory compliance needs.  The manager of security at the company has been tasked by the CIO (Chief Information Officer) to report on the company’s current security posture. If the manager decided to outsource an ethical or white hat hacker in attempt to test their security measures. Over the course of this document various things the third party hacker would need from the company, things he or she would provide to the company and some predictions for the tests. In order to exploit the targeted systems the initial steps to gain as much information as possible about the targets. In this case, the manager is the contact in which questions may be posed. The hacker would have several questions, such as: how intrusive does the manager want the hacker to be? What is the physical makeup of the network? Does the manager want the hacker to stay in the Demilitarized Zone (DMZ) or go into the intranet? The hacker should ask the manager to identify the networks which need to be tested, specify the testing interval, and for approval for their plan (Beaver, 2014)....

Words: 1432 - Pages: 6

Free Essay

Soil Investigation

...Choice of a method, • Recording of data. The investigation of the geology and previous uses of any site, together with the determination of its engineering, environmental and contamination characteristics is fundamental to both safe and economic development. [pic] SOIL TESTING • Soil tests can be conducted on samples that truly represent the soil at the site. • Soil sampling, testing and test interpretation must be conducted with guidance from specially trained and experienced personnel. • Proper soil testing is proven to be a reliable basis for the design of foundations and commonly used in site investigations to indicate their potential use and limitations. • Based on the premise that the behavior of soil masses under imposed conditions can be predicted if certain soil properties can be measured. • The results of soil tests must be interpreted based on past experience, climate and the geology of the site. • Most important requirements is that design of many notable structures on difficult sites. GEONAMICS is a specialist company that can provide guidance and management of the investigation process through all phases of study, ground investigation, testing and design. Methods range from non-intrusive geophysics through to fully intrusive borehole. The...

Words: 1681 - Pages: 7

Premium Essay

Applying Owasp to a Web Security Assessment

...in your OWASP research. Lab Assessment Questions & Answers 1. Identify the four recognized business functions and each security practice of OpenSAMM. 1) Governance 2) Construction 3) Verification 4) Deployment 2. Identify and describe the four maturity levels for security practices in SAMM. 1) Implicit starting point representing the activities in the Practice being unfulfilled 2) Initial understanding and ad hoc provision of Security Practice 3) Increase efficiency and/or effectiveness of the Security Practice 4) Comprehensive mastery of the Security Practice at scale 3. What are some activities an organization could perform for the security practice of Threat Assessment? Threat Assessment involves accurately identifying and characterizing potential attacks upon an organization’s software in order to better understand the risks and facilitate risk management. 4. What are the two recommended assessment styles for SAMM, and how are they used? ✦Lightweight - The assessment worksheets for each Practice are evaluated and scores are assigned based on answers ✦Detailed - After completion of the assessment worksheets, additional audit work is...

Words: 574 - Pages: 3

Premium Essay

Computer and Technology

...Security testing Security testing is a process intended to reveal flaws in the security mechanisms of an information system that protect data and maintain functionality as intended. Due to the logical limitations of security testing, passing security testing is not an indication that no flaws exist or that the system adequately satisfies the security requirements. Typical security requirements may include specific elements of confidentiality, integrity, authentication, availability, authorization and non-repudiation. Actual security requirements tested depend on the security requirements implemented by the system. Security testing as a term has a number of different meanings and can be completed in a number of different ways. As such a Security Taxonomy helps us to understand these different approaches and meanings by providing a base level to work from. Confidentiality A security measure which protects against the disclosure of information to parties other than the intended recipient is by no means the only way of ensuring the security. Integrity A measure intended to allow the receiver to determine that the information provided by a system is correct. Integrity schemes often use some of the same underlying technologies as confidentiality schemes, but they usually involve adding information to a communication, to form the basis of an algorithmic check, rather than the encoding all of the communication. Authentication This might involve......

Words: 844 - Pages: 4

Free Essay

It 234 Unit 7

...safeguard your network. One way is running a vulnerability scan. The other is running a penetration test. Both are useful in their own way and used together can help keep your network safe. A vulnerability scan is a scan that is continuously runs on a network. It is looking for new vulnerabilities that may be on a network. There are many was a new vulnerability can be made in a network, a new program was installed or something has weakened security of network. This scan will give you a list of any and all new vulnerabilities that now exist in your network. A penetration test is something that should be done once a year. During this test your network gets intentionally attacked. The attacker is given permission to try to gain authorized access to system so you know where it is at its weakest and what needs to be addressed. When someone is attacking in this manner it is an ethical hack. Black box testing is when the attack has no knowledge of the internal workings of the system. This type of testing would be done in a penetration test. A gray test the attacker has some knowledge of the system they are trying to access. White box testing is when attacker has full knowledge of the system they are trying to gain access to. White box testing would be more of a vulnerability test. With both types of test being performed it will increase your chances of keeping your network safe. One type of testing would be ok but you would leave yourself open for either a long term or short......

Words: 999 - Pages: 4

Premium Essay

Ipad and at&T

...Business Enterprise Instructor:  Alan Tillquist Abstract In this paper, I plan to determine if hacking a Web site system is justifiable and explain why Goatse Security hacking of AT&T was. Then, explain why IT Hack Solutions, a computer security firm would encourage hacking. Next, I plan to discuss why and how companies like Gawker Media are socially responsible for finding threats. Third, I plan to explain how CEOs should respond to security breach in the IT network. Finally. I will write an email by AT&T to customers explaining informing, the security breach and what was done to correct the issue. Determine if hacking into a Web site is ever justifiable, applying your theory to a real-world case in which someone hacked into a system, including the name of the company and details. Yes, there are justifiable means for web site and network system to be hacked. Hacking is both a science and an art what isn’t taught by colleges. Companies that are hacked can suffer significant losses, and their customers made vulnerable to other crimes, privacy violations, and unwanted contact. However when a company wants to get business or show off skills then, hacking is like building a resume. Once hackers have proven themselves, they can show off their resume to both government and corporation for business. For example, the AT&T and Apple IPad hacking by Goatse Security was justifiable for three reasons. One showing a security breach, two exposing privacy to the public, and......

Words: 1126 - Pages: 5

Premium Essay

Lab #3: Case Study on Pci Dss Non-Compliance: Cardsystems Solutions

...compliance assessment, what is your assessment of the auditor’s findings? That he either did not do a full audit of the company just showed him part of what he needed to see to pass them so they could operate without prying eyes 3. Can CardSystems Solutions sue the auditor for not performing his or her tasks and deliverables with accuracy? Do you recommend that CardSystems Solutions pursue this avenue? No they did not and if they had credibility then yes they should sue but if they are at fault then they will be brought to trial in civil court 4. Who do you think is negligent in this case study and why? The company and the auditor because neither one did their job to the fullest extent and it cost the company 5. Do the actions of CardSystems Solutions warrant an “unfair trade practice” designation as stated by the Federal Trade Commission (FTC)? Yes it does because they did not comply with the standards that were put before them 6. What security policies do you recommend to help with monitoring, enforcing, and ensuring PCI DSS compliance? They should have had the firewalls in place that had monitoring built in to it, their website should have watched much more closely, and antivirus that would have protected their servers. Also they should have blocked all ftp ports 7. What security controls and security countermeasures do you recommend for CardSystems Solutions to be in compliance with PCI DSS requirements? See 6 8. What was the end result......

Words: 559 - Pages: 3