Читать книгу Hacking For Dummies - Kevin Beaver - Страница 32

As in any project, if you don’t have the right tools for your security testing, you’ll have difficulty accomplishing the task effectively. Having said that, just because you use the right tools doesn’t mean that you’ll discover all the right vulnerabilities. Experience counts.

Know the limitations of your tools. Many vulnerability scanners and testing tools generate false positives and negatives (incorrectly identifying vulnerabilities). Others skip vulnerabilities. In certain situations, such as testing web applications, you have to run multiple vulnerability scanners to find all the vulnerabilities.

Many tools focus on specific tests, and no tool can test for everything. For the same reason that you wouldn’t drive a nail with a screwdriver, don’t use a port scanner to uncover specific network vulnerabilities or a wireless network analyzer to test a web application. You need a set of specific tools for the task. The more (and better) tools you have, the easier your security testing efforts will be.

Make sure that you’re using tools like these for your tasks:

 To crack passwords, you need cracking tools such as Ophcrack and Proactive Password Auditor.

 For an in-depth analysis of a web application, a web vulnerability scanner (such as Acunetix Web Vulnerability Scanner or Probely) is more appropriate than a network analyzer (such as Wireshark or OmniPeek).

The capabilities of many security and hacking tools are misunderstood. This misunderstanding has cast a negative light on otherwise excellent and legitimate tools; even government agencies around the world are talking about making them illegal. Part of this misunderstanding is due to the complexity of some of these security testing tools, but it’s largely based in ignorance and the desire for control. Whichever tools you use, familiarize yourself with them before you start using them. That way, you’re prepared to use the tools in the ways that they’re intended to be used. Here are ways to do that:

 Read the readme and/or online help files and FAQs (frequently asked questions).

 Study the user guides.

 Use the tools in a lab or test environment.

 Watch tutorial videos on YouTube (if you can bear the poor production of most of them).

 Consider formal classroom training from the security-tool vendor or another third-party training provider, if available.

Look for these characteristics in tools for security testing:

 Adequate documentation

 Detailed reports on discovered vulnerabilities, including how they might be exploited and fixed

 General industry acceptance

 Availability of updates and responsiveness of technical support.

 High-level reports that can be presented to managers or nontechnical types (especially important in today’s audit- and compliance-driven world)

These features can save you a ton of time and effort when you’re performing your tests and writing your final reports.