Select Page

Penetration Testing

CISSP

Objective: Test a network’s defenses by simulating the techniques used by external intruders.

Techniques:

  • Scanning and Probing: Use of port scanners to identify open ports.
  • Demon Dialing: War dialing to find modems connected to the network.
  • Sniffing: Capturing and analyzing data packets.
  • Dumpster Diving: Searching paper disposal areas for sensitive information.
  • Social Engineering: The most common method; obtaining information by manipulating people.

Penetration Testing Types:

  • Blue Team:
    • Internal team with knowledge of the organization.
    • Can be performed frequently.
    • Least expensive.
  • Red Team:
    • External team acting as stealthy attackers.
  • White Box Testing:
    • The ethical hacker has full knowledge, including access to the codebase.
    • Views the system as a developer would.
  • Grey Box Testing:
    • The ethical hacker has partial knowledge of the system.
    • Acts as a user with some understanding of the system.
  • Black Box Testing:
    • The ethical hacker has no prior knowledge of the system.
    • Approaches the system as an external intruder would.

Stages of Penetration Testing:

  1. Planning: Define the scope and goals.
  2. Discovery: Gather information and identify vulnerabilities.
  3. Attack: Exploit vulnerabilities to gain access.
  4. Reporting: Document findings and suggest remediation.

Vulnerabilities Exploited:

  • Kernel Flaws
  • Buffer Overflows
  • Symbolic Links
  • File Descriptor Attacks

Penetration Testing Models:

  • Footprinting: Gathering information about the network.
  • Port Scanning: Identifying open ports.
  • Vulnerability Mapping: Identifying vulnerabilities.
  • Exploitation: Taking advantage of identified vulnerabilities.
  • Reporting: Documenting the findings.

Methodologies:

  • Flaw Hypotheses Methodology: Often used in operating system penetration testing.
  • Egregious Hole: If a severe vulnerability is found, it must be reported immediately.

Strategies:

  • External Testing: Simulating attacks from outside the organization.
  • Internal Testing: Simulating an attack from within the organization.
  • Blind Testing: The tester has no prior knowledge of the system.
  • Double-Blind Testing: Both the testers and defenders are unaware of the test.

Categories of Tests:

  • Zero Knowledge: No prior information is available to the tester.
  • Partial Knowledge: Some information is provided.
  • Full Knowledge: The tester has complete information about the system.

Latest Post:

Pin It on Pinterest