Читать книгу Hacking For Dummies - Kevin Beaver - Страница 29

One of the biggest mistakes I’ve seen people make when trying to test their own systems is inadvertently crashing the systems they’re trying to keep running. Crashing systems doesn’t happen as often as it used to given the resiliency of today’s systems, but poor planning and timing can have negative consequences.

Although you’re not likely to do so, you can create DoS conditions on your systems when testing. Running too many tests too quickly can cause system lockups, data corruption, reboots, and similar problems, especially when you’re testing older servers and web applications. (I should know; I’ve done it!) Don’t assume that a network or specific host can handle the beating that network tools and vulnerability scanners can dish out.

You can even accidentally create accounts or lock users out of the network without realizing the consequences. Proceed with caution and common sense. Either way, be it you or someone else, these weaknesses likely exist on your network, and it’s better that you discover them first!

Most vulnerability scanners can control how many requests are sent to each system simultaneously. These settings are especially handy when you need to run the tests on production systems during regular business hours. Don’t be afraid to throttle back your scans. Completing your testing will take longer, but throttling back may save you a lot of grief if an unstable system is present.