Penetration Testing is the name given to methodologies used to test networks, applications, and even people, for security holes. It is done by trained professionals who identify security vulnerabilities in the IT Systems of an organization, in order to eliminate them before hackers or unauthorized users exploit them.
In other words, for penetration testing, you employ a skilled (ethical) hacker to try to break your security systems to check how secure they are. This enables you to identify potential security threats & fix them early, save money, prevent lost data/reputation loss/litigation expenses, etc. Penetration Testing also provides a good case for security investments and up-gradations.
There are three main types of penetration testing:
- Network Penetration Testing.
- Application Penetration Testing.
- Social Engineering.
The first two are technical activities that test security vulnerabilities in network structure/components, and applications hosted within the company, respectively. Social Engineering tries to exploit weaknesses in the people working for a company. For example, employees can be tricked to click a malicious link sent via email or insert a USB drive with malware into their office computer, etc. to check if their systems can be compromised.
The three main areas to test are: Physical structure, logical structure & response/workflow of the system. Penetration testing can be done from an external location to simulate the activities that maybe undertaken by a potential hacker, or it can be done from within the company to evaluate the extent of damage that can be inflicted by an employee with standard access credentials.
Penetration Testing Methodologies are of three types:
- Black Box Testing: Testers have no knowledge about the test target. Like an external attacker/hacker, they have to find out loopholes from scratch.
- White Box Testing: Testers are provided with information about the test target.
- Grey Box Testing: Testers are provided with partial information about the test target.
There are Three Stages of Penetration Testing:
- Test Preparation: Determining the scope, objective, timing, downtime, legal implications, data integrity, etc.
- Actual Testing: Information gathering, vulnerability analysis, vulnerability exploits.
- Analysis: Reports, Suggestions, Corrective measures to be undertaken.
Some Techniques Used in Penetration Testing:
There are both commercial and open source tools that enable a tester to conduct penetration testing on a company’s network/application servers. Some techniques employed by penetration testers are given below –
- Network Scanning
- Port Scanning
- OS Detection, Remote OS Fingerprinting
- TCP Fingerprinting
- Web Server Fingerprinting
- Auditing Proxy and LDAP servers
- Detecting vulnerabilities, mis-configuration
- Password cracker
- Developing and executing exploit code
- SQL injection, Remote file inclusion for PHP applications
- Interceptors, etc.
A list of tools available to carry out attacks to check vulnerability, and an excellent overview of the process, is available in this document: An Overview of Penetration Testing.
You could stay up to date on Computer Networking/IT Technologies by subscribing to this blog with your email address in the sidebar box that says, ‘Get email updates when new articles are published’.