Introduction
Carrying out a penetration test is an important means of recognizing weaknesses that subsist in information technology devices and systems (Covaleski, 2013). The evaluation comprises of the usage of attacking approaches similar to those used by the hackers. Trustworthy individuals undertake the process. The tests can have severe impacts on the host system or network. If it is done wrongly, it can lead to crowding or network crashing. A times, it can expose the system or network to invaders or hackers. Thus, it is very imperative that the management of the company illustrated in the case study be informed before a penetration examination is carried out.
Preparation should be conducted to make the test successful (Vladimirov, 2006). Ideally, an opening meeting ought to be done between the chief information security officer and the team tasked to carry out the penetration test. In the summit, issues on extent and goals of the penetration examination plus the personnel involved should be discussed. A critical decision that will be reached at the meeting is whether the employees of the firm would be notified of the impending test. Informing the employees is often suitable, but it can alter their performance in ways, which may influence the result of the penetration exercise.
Methodology
A comprehensive and satisfactory penetration examination comprises of penetration testers undertaking unlawful deeds on systems outside or inside a company’s network (Wilhelm, 2010). The company ought to recognize that penetration testers executing the examinations in most instances are contravening the law. In this regard, the team tasked to carry out the penetration test must ensure that the company’s chief information security officer recognizes that any figures or data acquired in the analysis will be deemed private and will be reimbursed or damaged once the assessment is completed. Before, the penetration test is carried out official forms guarding the exercise, and the company should be ratified. The above will offer a defense to penetration examiners if anything goes as unplanned in the assessment.
After undertaking the needed preparation for the enterprise, the team should collect information concerning the company’s systems or networks. Numerous tools accessed on the internet that can aid in basic data collection. A very popular tool that the team can utilize is Netcraft. Another tool that can be used is Nmap (Scambray & Kurtz, 2001). The above tool will be very useful in scanning the company’s networks. The tool will help the penetration testers to recognize the operating systems in the host system. It will also aid in the analysis of the brand of packet servers, firewalls, and router characteristics. After carrying out a system survey and collecting appropriate information concerning the company’s network, the team should undertake a port scanning.
Through this, they will be able to raise data on closed and open ports operating on the host network (Engebretson, 2013). Here, if the team identifies some classified IP addresses, which the company does not tolerate any intrusion tests be done, the team should not carry out a port scanning on them. The team should ensure that the IP addresses belong to the company. Nmap will be utilized in port scanning (Engebretson, 2013). The tool will help the team to acquire this data by carrying out an OS fingerprinting.
Soon after collecting the pertinent information on the company’s network, the team should analyze the susceptibility that subsists in the network. In this regard, the team ought to have a gathering of exploits and vulnerabilities to carry out the next step. An investigation will be undertaken on the collected data to identify potential susceptibility, which might exist. Susceptibility scanning can be done manually or automatically. It can be done manually using Dot Bug or automatically using Nessus. Nessus carries out an inspection remotely on a specified system and identifies whether susceptibilities subsists. Later, it generates a list of predispositions present in a system and recommendations required to tackle these exposures.
Detailed penetration testing (hacking) process
Attacks used
After recognizing the vulnerabilities found in the system, the team should classify the appropriate targets for a penetration analysis (Shah & Mehtre, 2014). The team will be given a week to carry out the penetration test. After selecting the appropriate targets, a penetration test should be conducted on these points. An essential exercise that is usually undertaken in the assessment process is password cracking. Usually, the team will come across services operating on telnet and FTP systems (Engebretson, 2013). The investigators should utilize password-cracking approaches to infiltrate the above systems. Some of the password cracking ways that the team can use in their testing is:
- Dictionary Attack – Utilizes a list of words or dictionary folder
- Hybrid Crack – searches for PINs that are variants of the phrase in a dictionary folder
- Brute Force – searches for PINs, which are composed of typescripts using all the permutations possible
After that, the team should utilize other methods available to try to penetrate into the network (Shah & Mehtre, 2014). There are additional approaches the team can use in their endeavors to intrude into the network. One of the methods is social engineering. Social engineering should be used with the consent of the company. The approach depends on the psychology of the workers. By using this method, the investigators will use phishing and pretexting testing techniques. Through phishing, the researchers will send emails or chats to their target audience in the company with the aim of persuading them to offer critical information that can be used by intruders to compromise the system. Pretexting comprises of calling the users and begging for crucial information from them in the pretense of somebody who requires support.
Another approach that will be used is physical attack penetration (Shah & Mehtre, 2014). Through the approach, the investigators will be needed to enter into the company in the pretense of a support technician or staff in the enterprise. The investigators will then access the business’s network and obtain subtle information. By doing so, they will prove to the firm that an intruder can bypass their security checks.
Tools used
Several tools can be utilized at several stages of penetrating texting. Brutus will be used in presetting telnet and FTP account hacking. SET tool will be used in phishing to obtain the required information.
Summary
Dependent on the nature of assessment to be carried out, penetration test may comprise of a modest test of IP addresses to recognize devices that are providing services with known susceptibilities or even taking advantage of known exposures that subsists in an unreinforced operating system. The outcomes of these assessments or attacks are then recorded and recommendations forwarded.
References
Covaleski, J. (2013). Hacking. San Diego, CA: ReferencePoint Press.
Engebretson, P. (2013). The basics of hacking and penetration testing. Amsterdam: Syngress, an imprint of Elsevier.
Scambray, J., & Kurtz, G. (2001). Hacking exposed. Berkeley: Osborne/McGraw-Hill.
Shah, S., & Mehtre, B. (2014). An overview of vulnerability assessment and penetration testing techniques. Journal Of Computer Virology And Hacking Techniques, 11(1), 27-49.
Vladimirov, A. (2006). Hacking Exposed Cisco Networks. New York: McGraw-Hill.
Wilhelm, T. (2010). Professional penetration testing. Rockland, Mass.: Syngress