| I l@ve RuBoard | |
This chapter begins our discussion of the general process for performing penetration testing that we have developed during our experience. While the procedures discussed are not set in stone and we never cease to examine and refine our own techniques, we would like to stress that the approach laid out is both an efficient means of compromising a network and an effective means of evaluating the security posture of that network.
That is not to say it is the only means of examining the security posture of a network. Other security professionals have different and valid testing techniques. This process is one that has proven to be effective.
Having a defined, organized methodology provides for an efficient penetration test with a consistent level of detail. Professional consultants hired to perform penetration testing attempt to compromise the target network during a given time period, often a matter of weeks or even days. This is substantially different than hackers who can spend as much time as they want in attempting to gain root access to a network. Therefore, we need a well-defined methodology that allows us to systematically check for known vulnerabilities and pursue potential security holes in the time allotted. In addition, following a single methodology helps ensure a consistent level of reliability in results across multiple engagements.
The overall methodology for penetration testing can be broken into a three-step process.
Network enumeration: Discover as much as possible about the target.
Vulnerability analysis: Identify all potential avenues of attack.
Exploitation: Attempt to compromise the network by leveraging the results of the vulnerability analysis and following as many avenues identified as time allows.
Throughout our discussion of this process, we reference the tools we have found most useful for accomplishing these tasks.
| I l@ve RuBoard | |