Penetration Testing

Penetration Testing

ABSTRACT

Penetration testing has been well popularized by the media. Many companies are now offering penetration services to identify vulnerabilities in systems and the surrounding processes. This report will Discuss "Penetration Testing" as a means of strengthening a corporate network's security. This report is divided into three parts. Introduction will give you a brief and basic overview of Penetration Testing and why we need Penetration Testing, The second part is the technical breakdown explains The strategy, model and type of Penetration Testing. In the conclusion, we will discuss both the value and limitation of Penetration Testing.

1. INTRODUCTION

As electronic commerce, online business-to-business operations, and global connectivity have become vital components of a successful business strategy, enterprises have adopted security processes and practices to protect information assets. But if you look at today's computing environments, system security is a horrible game of numbers: there are currently over 9,223 publicly released vulnerabilities covering known security holes in a massive range of applications from popular Operating Systems through to obscure and relatively unknown web applications. [01] Over 300 new vulnerabilities are being discovered and released each month. Most companies work diligently to maintain an efficient, effective security policy, implementing the latest products and services to prevent fraud, vandalism, sabotage, and denial of service attacks. But the fact is you have to patch every hole of your system, but an attacker need find only one to get into your environment. Whilst many organisations subscribe to major vendor's security alerts, these are just the tip of the security iceberg and even these are often ignored. For example, the patch for the Code Red worm was available some weeks before the worm was released. [02]

1.1 What is Penetration Testing?

Penetration testing - using tools and processes to scan the network environment for vulnerabilities, [03& T, J.K et al. 2002] there are many different types of vulnerability assessments. Penetration Testing focuses on understanding the vulnerabilities of components that you've made available on the network as seen from the perspective of a skilful and determined attacker who has access to that network. It will provide a thorough overview of the state of the organisation's technical security by simulating an expert attack, helps refine an enterprise's security policy, identify vulnerabilities, and ensure that the security implementation actually provides the protection that the enterprise requires and expects. A good Penetration Testing also providing an easy to understand report with corrective actions and follow up recommendations. Regularly performing penetration tests helps enterprises uncover network security weaknesses that can lead to data or equipment being compromised or destroyed by exploits.

It is important to point out that a penetration test cannot be expected to identify all possible security vulnerabilities, nor does it offer any guarantee that a company's information is secure. Penetration testing is typically conducted at a point in time. New technology, new hacker tools and changes to a company's information system can create exposures not anticipated during the penetration testing. In addition, penetration testing is normally completed with finite resources, focused on a particular area, over a finite period of time. Hackers determined to break into a company's information systems are often not bound by similar constraints.

1.2 Why Penetration Testing

By simulating the actions that a hacker might perform, and company can gain valuable insights into the effectiveness of the security controls in place over its information systems. Penetration testing can identify vulnerabilities that unauthorized users could exploit. It can also identify more pervasive gaps and deficiencies in the organization's overall security processes including, for example, its ability to identify, escalate and respond to potential security breaches and incidents.

Firstly, Protecting a company's information and systems is a business imperative ― the price of entry for successful business in a networked economy. Increasingly, management, audit committees, boards of directors, customers, consumers and other stakeholders are requiring assurance that the company is taking appropriate measures to protect its information and the information entrusted to it. Audit opinions on the adequacy of controls over information systems. [04]

Secondly, all information technology components in use today have potential security vulnerabilities. Some vulnerability are a consequence of the inherent limitations in the performance or design of the particular technology. Other vulnerabilities arise from the way the technology is configured or programmed for use. Regardless, these inherent vulnerabilities are widely publicized by technology vendors, security companies and the hacker community on the Internet, and are available to anyone with professional or malicious interest. A proliferation of powerful computers and software tools, coupled with the growing number of people who are inclined to use such tools for fun, mischief or profit, leads many to believe that the number of potential attackers and the types of potential attacks is increasing faster than the improvement in security techniques.

The term "hacker" conjures up the image of an external person attempting to exploit security vulnerabilities to gain unauthorized access to a company's information systems. Exposure to security vulnerabilities is not, however, limited to those external to the company. Internal, "authorized" users of a system also present a significant security exposure. According to a recent survey, [05] 75% of respondents cited that disgruntled employees are the most likely source of attacks. Employees or other trusted parties were those most likely to be responsible for vandalism, theft of information and sabotage of data.

Hackers, both internal and external, identify targets through choice and opportunity. A "target of choice" is one that is specifically identified and selected. Hackers penetrate targets to achieve notoriety within their community or to reap more tangible benefits from, say, information theft and industrial espionage. Large, high-profile companies, such as governments and financial institutions, are regular targets of choice. Employers and former employers

...