Black and red Alliance Penetration Testing Services: 1. Training courses: http://vip.2cto.com 2. Security Testing Services: http://www.hhsafe.com
Jack zhai penetration testing is a common method used by information security personnel to simulate hacker attacks and discover vulnerabilities in the information security defense system. But it is different from real hacker attacks. First, most hacker intrusions are quietly carried out in the same way as a spy, while penetration testing requires prior agreement with the user. Second, penetration Testing is performed to discover and verify the impact of security vulnerabilities. It focuses on possible channels for intruders rather than sensitive information of users. Therefore, penetration testing is a security service.
Reasons for poor penetration services in China:1. High technical requirements. Penetration is the same as actual intrusion. penetration requires strong reverse thinking and the ability to mine certain vulnerabilities. penetration only uses conventional intrusion methods to face users with high security awareness, the penetration effect will be unsatisfactory. With the latest "0-day" resources for penetration, the cost is too high. At the same time, this method will bring psychological panic to users. To be recognized by users, you must master this degree. Without profound technical skills, you can only get out of the service door. 2. User tangle. As a manager of enterprise information security, I certainly don't want my own hard-built security defense system to be said to be in full trouble. If I have to spend money to penetrate the system, I will definitely "go to Beijing to take an exam; if penetration fails, you cannot explain the necessity of such a service to the leaders, verify your security achievements, and do not expose the seriousness of the problem. It is also difficult for the leaders to pay attention to the security assurance work. Therefore, the mood is complex. How to measure the effect of penetration services is the primary problem. 3. Concerns of user leaders. It is obviously necessary to verify whether the current security defense system is robust by means of penetration, for example, "Practice drills. After all, penetration enters the network from a place you do not know. It is difficult to make sure that the penetration is controllable. In addition to the final report, do you know anything else? Leaders must have concerns. 4. The tangle of the penetration. Penetration is to verify the defects of the user's defense system. After each penetration service, the system notifies the user of the discovered vulnerabilities. Of course, the user is expected to block the vulnerabilities, but the next penetration time, you need to discover new vulnerabilities. Otherwise, penetration will fail. Discovering valuable vulnerabilities is not an easy task. Even if your technology is good, you may also have many accidental components; as a result, the penetration is very tangled. If you know it all, your work will become more and more challenging in the future. After all, this is a business. If you do not know it, it seems unfair to users, it also violates the professional ethics of information security personnel. In addition, after all, some vulnerabilities are verified, and there are also a lot of unverified vulnerabilities, maybe not enough time, or you have not found a suitable method, however, this is not what other people can't do. people engaged in technology are in a complicated mood.Locate the target of penetration service correctly:The benefits of this work are well known. "It's time to take care of the whole day ." The only way to maintain the effectiveness of the security mechanism is regular "live ammunition drills", and penetration services are "live ammunition drills ". In the face of the complex mood of various personnel, the key is to correctly locate the specific goal of the penetration testing service and determine the role of everyone. When the goal is clear and the responsibility is clear, everyone's concerns can be dispelled.Penetration testing is a security service, not a reproduction of hacker intrusion scenarios.The goal of penetration service is to partially verify the extent to which security vulnerabilities can be exploited and the damage they can cause to users. To put it simply, the penetration Service determines how much damage a vulnerability can cause to users, so that it can assess whether the cost of fixing these vulnerabilities is worthwhile. Through the penetration service, the benefits of users are diversified: 1. The overall information security system has been "hands-on drills" to train the security maintenance team's ability to respond in practice; 2. The system evaluates the business system. In terms of technology and O & M, the manager understands the level of intrusion attacks that the current defense system can defend against; 3. Vulnerability Detection in security management and system protection can be reinforced and rectified in a targeted manner; 4. Regular penetration services can not only gradually improve the defense capability of system security, in addition, it can maintain the vigilance of management personnel and enhance the awareness of prevention;How to determine the assessment target of penetration service:Many penetration testing services (many of which are currently provided together with the Security Evaluation Service) report a large number of vulnerabilities to users, telling you to patch and buy devices, and some virtual security management suggestions. Users often do not understand the threats of these vulnerabilities, and are at a loss in the face of so many strange vulnerabilities. First, because of the fear of affecting business operations, it is impossible to add all patches, which must be applied, and which can be left empty. Second, even if a patch is installed, I am not at ease, is the funnel missing? The next check is for the same number of vulnerabilities, and the patches will never be completed. In fact, discovering a vulnerability is only the first step of the service. www.2cto.com verifies which vulnerabilities can be used and to what extent can be used, which is what the penetration service really should answer, for example, you can obtain system administrator privileges, tamper with system data, and implant Trojans. In this way, you will have a personal understanding of the vulnerability threat. Penetration service simulates hacker intrusion, but it is not a real intrusion. As a commercial service, how do users determine the assessment target of penetration service? Let's first analyze the hacker attack methods. From the process of intrusion attacks, we can see that there are several types of intrusion attacks: 1. Positive attacks: DDOS attacks, regardless of the bandwidth of the network entry, or the service processing capability (also known as CC attacks), in the form of positive attacks, resulting in damage that users can see at a glance. 2. Trusted intrusion: there are various access methods, including social engineering, spam, vulnerability overflow, and password cracking. The purpose is to quietly enter the target, the behavior after entering the target can be divided into: a) stealing specific target information: directly collecting target information, such as QQ account password, bank card password, and specific user files, you can destroy yourself by sending emails or accessing a specific website and eliminate traces. B) Control "zombie": conceal yourself, establish a backdoor channel, and accept and execute remote control commands, attackers can remotely operate on this computer. c) tamper with specific target information: directly modify the target information to their own settings, such as database data and system-specific files, and then self-destructively eliminate traces. Such intrusions are often used to prepare for other intrusion methods. d) specific tasks: hiding yourself for a long time and performing actions such as logical bombs and modifying system information when conditions are ripe; it is critical to conceal itself from being discovered or prolong the time of being discovered in intrusion, especially as a necessary means for APT attacks, hiding yourself and repeated intrusions are inevitable choices. common technologies such as rootkit, process injection, and driver hooks are used. Once the intruders successfully intrude into the system, they often create multiple latent points, set the trigger conditions respectively, and monitor each other. As long as not all the hidden points are detected, they can refresh and finally implement the scheduled task. For different types of intrusion attacks, the focus of penetration services is obviously different: 1. Positive attacks: penetration services need to discover the key points that can be positively attacked, and the impact of different attack intensity on the business; 2. Intrusive intrusion: penetration services must discover not only the channels that may be infiltrated, but also the vulnerabilities that can be successfully exploited, in addition, it is necessary to verify the possible losses caused by intrusion, and finally identify whether there is an intrusion in the system. Currently, there are not many requirements on the test services for front-end attacks. Many system builders calculate this data based on the theory of processing capabilities. However, as an enterprise that provides public services, cloud computing, and other services, it should have a more accurate understanding of the weak points in its system, the limits of its ability to withstand attacks, and implement real-time monitoring. This is like how many years of flood a dam can withstand, and how many earthquakes a building can withstand. In many cases, the sudden growth of business is very similar to the impact of CC attacks on the system. The results of penetration service delivery against disruptive intrusion are interesting, because whether you have the ability to access is one aspect. Whether you can successfully steal and tamper with data is another aspect. In terms of information security, if you enter the target system, you only have the possibility of successful theft and tampering. The subsequent work is often not done if you successfully exploit the vulnerability. From the analysis of the results of the intrusion attacks, we can conclude that the delivery of the penetration service should have a "result effect", that is, the final goal to be achieved:Attackers can steal specific information from the target.ØModified specific information in the target.ØEstablishes a backdoor channel for remote control.ØSuccess lurking in the target is not found