Читать книгу Penetration Testing For Dummies - Robert Shimonski - Страница 27

When you’re ready to pen test, these are the general steps you’ll take:

1 Download and run a pen test tool in a safe environment such as your home. Running a pen test in a production environment that causes an outage is a denial of service attack, which prevents other people from using your system. Make sure you’re doing things safely and as controlled as possible to test and find risks, not create outages and impact. I discuss denial of service attacks more in Chapter 6.

2 Download a free tool and start to investigate.I discuss many available tools in Chapter 3, but for a basic test, I recommend using a vulnerability scanner. Figure 1-7 shows Retina CS from BeyondTrust (www.beyondtrust.com), which allows you to run scans to see what a host is susceptible to and what threats are exposed.

3 Scan a single host by its IP address, or an entire IP subnet with many hosts on it.This step helps you identify target systems that need to be reviewed based on the reports they generate for threats and exploits that may exist on them.

4 Document the host or hosts you’re testing and then which attacks you want to try based on the information you have gathered.Your goal here is to find vulnerabilities.

5 Penetrate.This is the part of the pen test that actually conducts the known hack to see if you can execute it.

6 Follow up with your findings.You can report the findings, fix the issues, monitor the issues that don’t have fixes, contact the vendors to get fixes, block access, and so on.

FIGURE 1-7: Examining a Retina CS scan.