Following up with networking penetration tests

Following up with networking penetration tests

Tags:   Intrusion detection and analysis  network vulnerabilities  penetration testing

By David Meier | Feb 3, 2010

You've done it; your first enterprise network penetration test is now complete.  The only problem is that you have what seems like a mountain of vulnerability information, but don't know how to not only parse it to identify the truly relevant weaknesses you've uncovered, but also use that information to strengthen network defenses.

While the thought of starting a network penetration test analysis may make your head spin, in this tip we'll detail a step-by-step process for analyzing and acting on penetration test results data.

During the network penetration testing design process, there are boundaries that need to be laid out to prevent scope creep, namely which devices, services and networks will be tested and which won't; this scope will depend on the objectives of the test.  Be sure to document and save this plan, as after the test it will serve as your framework of what the results should (and shouldn't) encompass.

For instance, say your scope included all routers and switches within the organization and the task was to check for any vulnerability that could be associated with those devices.  In the process of your scan, the data shows a Windows box that has a vulnerable FTP server on it.  While the vulnerable service poses a risk, spending time evaluating a device that is out of scope can impact your penetration test analysis timeline.  Such a discovery may be indicative of a minor privilege access management issue or a more serious breach, but either way, simply report the oddity informally and store the information collected.

If time and requirements allow for it, the data can be used in an addendum to your report, presenting a high-level overview of out-of-scope vulnerabilities discovered that need further review.  Either way, never destroy results that could be pertinent, but not directly part of the deliverable until given the go ahead.

 
 
123

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <img /> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <embed> <object> <strike> <caption>
  • Lines and paragraphs break automatically.
  • Use <!--pagebreak--> to create page breaks.

More information about formatting options

 

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Today's top security priorities
Attacks based on vulnerabilities in websites are skyrocketing, and not many solutions are available to protect organizations against them. How do you deal with this and other key security issues today?
Taking a holistic business-centric approach to security
Today’s CIOs face multiple challenges, including the need to innovate in an extremely competitive business climate, address highly dynamic regulatory and compliance challenges, speed ROI to counter shrinking IT budgets, and secure their organizations against a wide barrage of sophisticated threats.
 
 
 
UTM product offers Logansport Savings Bank superior protection
Astaro Security Gateway’s IPS was able to block attacks that other intrusion prevention systems (IPS) missed at Logansport Savings Bank.
Hong Leong Financial opts for Juniper Networks at new Malaysia head office, data center
Hong Leong Financial Group Berhad builds complete and seamless data center and office network infrastructure with Juniper switches, security devices and Junos software.
 
 
 

Recent popular content

Most Read
WhiteHat Security reveals top 10 Web hacking techniques
Top 10 tips for protecting sensitive data from malicious insiders
Today's top security priorities
Rustock botnet increases spam traffic
UTM product offers Logansport Savings Bank superior protection

Site map
Search Security Asia
About Us
Print/Digital Subscription
Sales
Feedback
Security Tips
Expert Opinions
Research
White Papers
Case Studies

Blogs
Topics
Application security
Disaster recovery and business continuity
Identity management and access control
Information security careers, training and certifications
Topics
Network and Internet Security
Security best practices
Security threats
Surveillance and facilities management
Media
Videos
Podcasts
Webcasts
News
RSS