So you are confident your network is secure? Then you better not be. With the
number of hacking attempts on the rise, it's time to check how 'foolproof' our
security system is. An effective method to determine network security is to
periodically test the perimeter which is commonly referred to as 'penetration
testing'.
In this scenario, it is prudent on our part to pay more attention to details
on security measures to prevent any unauthorized entries that may be potentially
disastrous for enterprises.
Ethical hacking, penetration and vulnerability testing are all referred under
the same context of checking the threat perception level. A typical strong
security posture will have several layers. There will be perimeter controls
(such as filtering routers, firewalls, and intrusion detection), host based
controls, well-documented procedures and above all, security policies. It's
recommended that a part of at least one of the policies should address the issue
of verification of the entire model. And Penetration testing is one of the tools
that can provide it.
Penetration testing is an active remote assessment of the perimeter defenses
(the first of the many layers of security in a network) in places that are
designed to protect networks and computers from unauthorized access. A company
in pursuit of comprehensive security for its Internet gateway must ensure a
thorough understanding of the site's weakness. This comprehension is a very
vital process as it is difficult to address unexposed problems. Analyzing a site
for vulnerabilities is referred to as vulnerability assessment. It includes
identifying vulnerabilities in servers and internal network of the customer.
This is done once customers allow the ethical hackers to install scanners &
run them on their systems and network. This provides internal state of security
in a company. Information Security Review is a service where these hackers
review the complete security system of a company — Ethical Hacking,
Vulnerability Assessment, and audit of present security policies and procedures.
The three W's: Why, When and Where
Penetration testing is vital as it pinpoints where the loopholes are which
might be unnoticed otherwise by the network managers and sooner the better
without giving chance for a hacker to exploit. With the threat perception
undergoing constant changes, its imperative that one is adequately prepared for
any eventuality. A penetration test will determine if:
your data can be manipulated or stolen;
your core services can be compromised;
your classification barriers can be compromised because:
your network possesses design problems
your systems are inadequately configured;
your firewall is inadequately configured.
But when and how often are these conducted? Ideally, these tests are
performed on a periodic basis and carried out throughout the year and also when
significant changes like upgradation are made to the systems. As a security
expert puts it, this is not the case of "set it and forget it" concept and as
quoted earlier what is secure today is not secure tomorrow. What is important
while considering these tests is to determine whether or not you already have a
security review done- one that will give an overall assessment of your company's
system and security issues. The cost of a full security review depends on the
complexity of the job. Most companies seem convinced that a penetration test
provides the same level of detail that the existing security review provides.
Now comes the moot point as to who can actually perform the test. Can the
customers do it themselves? According to Ilantus Technologies vice president,
Satish Das, "Customers can do it themselves provided they have skills. Also, it
is not advisable, as it will not be true simulation of Hacking, as internal
people will have access to information about the infrastructure". But care
should also be taken while entrusting to others as not all firms who claim to be
href="https://www.ciol.com/content/services/ebiz/artdisplay.asp?thid=6&artid=119">
face=Arial size=2>ethical hackers practice
ethically. Otherwise, the whole purpose will be lost.
Skills required
The basic requirement is a team of people who could think like hackers
and act like troubleshooters. The team must have specialists in the areas of OS,
Networking, Firewalls, IDS, Web Servers, TCP/IP protocols and of course know how
to use Hacker Tools. If some of them posses skills to develop tools to hack into
systems, it would be an added advantage. Some of the common tools used in what
is referred to as "tiger team" attack are:
Scanner, nmap, John the Cracker, Custom Tools, SATAN, CyberCop, SAINT,
The list is exhaustive and completely depends on the discretion of the
company to choose what is best for them.
Now that we are aware of how break-ins happen, let's get onto the other side
of the fence and get to know the client's responsibilities and strategies to
ensure the mission is successful.