Analysis of Penetration Testing

The following is a comprehensive analysis of penetration testing. Please point out the shortcomings.
----------------------------------

1. What is penetration testing?

2. Why do you choose penetration testing?

3. Select a service

4. Various Methods

5. Results

----------------------------------

1. Introduction: What Is penetration testing?

Penetration testing is a process of product-level evaluation of your information security measures. There are some methods that can be done, but the most common is to product-level analysis of design defects, technical defects and weaknesses of security measures; provide the executive, management, and technical personnel with a comprehensive security report.

2. Why does penetration testing: Why did you choose it?

There are several reasons for the Organization to perform penetration tests. From the most common technology to the business:

* Determine the threats to the Organization's information resources. You can refer to risk quantification to fully describe expenditures.
* Reduce the IT security cost of the organization, provide better security, safeguard the investment income (Francesco), discover and solve existing vulnerabilities, and understand the basic technology, design, and implementation defects of vulnerabilities.
* Ensures a comprehensive and thorough security architecture for the Organization, including evaluation policies, processes, design and implementation.
* Industry management and maintenance (BS7799, HIPAA, etc.) for obtaining certificates ).
* Best practices are applicable to legal and industrial rules.

3. Select a service: What test methods are provided?

* Traditional penetration testing methods for external penetration testing. testing focuses on servers, including infrastructure and infrastructure software goals. no leakage of on-site informed (Black Box) or topological environment (crystal box) is allowed ). this test usually requires the public information of the target network to analyze and determine the behavior of the security facilities of the target host, such as the analysis of firewalls and routers. determine and verify the impact of the Vulnerability Assessment on the target host.
* The Internal Security Evaluation provides more comprehensive security considerations based on similar external testing methods. the test starts from the Network Access Node and describes each logical and physical segment. for example, hierarchical network and DMZ environment, company network, and line interface of company partners.
* The purpose of application security evaluation is to assess threats to the application system by the Organization. applications provide interactive access to protect sensitive materials, which must be evaluated. First, ensure that basic application software and services are not attacked. Second, malicious users cannot use, modify, or damage data and system services. even in secure configuration and deployment, application vulnerabilities can leak the maximum access permissions of the Organization, which poses unacceptable risks.
* Wireless/remote access security assessment: mobile staff are facing increasing security risks. household Workers use 802.11 Wireless Access to the Internet to expand the traditional network boundaries. Many emerging remote access technologies greatly increase the risks of enterprises. it is important to design and deploy security to ensure effective management of related risks.
* Telephone security assessment security problems involve the company's speech processing technology, including abuse of external telephone lines, payment calls from the other party and secure deployment mailboxes, illegal use of VOIP, and other related risks.
* Social engineering targets non-technical intrusions. It relies on human interaction. It often includes cracking normal security procedures by Using Human Tricks. Social engineering is usually a scam and deception by authoritative people. Or other technologies such as searching for valuable information from the spam, viewing the access password records of certain owners, or using passwords that are easy to guess.

4. Two different testing methods: black box testing and white box testing

Penetration testing can be performed in two aspects: black box testing (testing without knowledge of the Infrastructure) or white box testing (testing with a complete understanding of the structure ).

Some penetration testing providers think that black box testing is the best method, because it can simulate real hacker attacks. this is an interesting theory, especially incorrect. first, it is impossible for an attacker to understand your system structure. if someone attacks your organization, it is likely that you are familiar with the Organization's systems and processes (non-employees do not know the information ). In this case, there will be serious consequences. they understand the comprehensive system. If the security you designed relies on single point of protection, you actually do not have security protection. then, hackers are not limited to any time limit and can be used for penetration testing. theoretically, they can not only spend a week to discover available vulnerabilities, but also spend years to discover problems.

There are also economic benefits. Black box testing takes some time to discover the relationship between the nature of the project and its infrastructure. Obviously, time is spent on Discovery rather than actual testing of vulnerabilities.

This does not mean that the dark box test has no value. How to find the best information system weakness through other information (such as the mail header file. In the selection of a dark box test, pay attention to spending the same time on the Access Vulnerability test, otherwise you must allocate more time to the project.

5. Results: How much do you get from the cost?

The penetration test system analysis includes all the security measures. A comprehensive solution will cover part or all of the following:

Network Security

* Network Survey
* Port Scan
* System recognition
* Service identification
* Vulnerability discovery and Verification
* Application testing and code review
* Vro Test
* Firewall Test
* Test the intrusion detection system.
* Trusted System Test
* Password cracking
* Dos Testing
* Control measure test

Information Security

* File Protection
* Competitive intelligence reconnaissance
* Privacy Review

Social Engineering

* Test invitation
* Guidance Test
* Trusted Test

Wireless Security

* Wireless Network Test
* Wireless communication test
* Privacy Review
* Infrared System Testing

Communication Security

* Telephone switch Test
* Message Test
* Fax Review
* Modem Test

Physical security

* Access Control Test
* Border review
* Supervised Review
* Emergency Response Test
* Site review
* Environment Review

Although a lot of work has been done in the early stage, the true value of penetration testing is reflected in the report and report of the later work. If the report is not clear and understandable, the value of the entire process cannot be maximized. the perfect report should introduce the intrusion process targeting the test target, the risk analysis and the description of the solution. The layman needs a concise understanding of the solution, and the technical manager needs the overall solution, the system administrator must solve the vulnerability step by step.