Penetration Testing: An Approach Towards Network Security

With the advancement in technology, network security has been one of the major concerns for many organizations

. There are many techniques that are being used to maintain network security, penetration testing being one of them.

Penetration testing can be defined as evaluating security of a network or computer system by intentionally trying to attack the network. Sometimes it is also defined as ethical hacking where trusted individuals knowingly harm the system to check its vulnerability against security threats. The basic difference between the intruders/hackers and the penetration tester is that an intruder needs to find out only one hole to exploit the system whereas a penetration tester needs to find out as many flaws as possible. Once the test is complete, security issues, if any, are presented to the system owner along with remediation recommendations.

From a business perspective, penetration testing helps the organization to prevent financial losses caused due to insecure network system. .Before performing the penetration testing, a meeting between the business tea, product development team and the tester is held to discuss the scope, objective, time and duration of penetration tests that are to be performed. Then, as much as possible, information is gathered about the targeted systems and networks.

Many types of tools are used by testers in the penetration testing. Nmap is one of the tools which is very useful in network analysis. It helps in finding out various operating systems running on the network, various firewalls and filters that are being used, etc. The next step after gathering the appropriate information is to find out the various vulnerabilities that exist in the system on the basis of priorities as discussed earlier in the meeting.

A penetration test is divided into two categories:

Black hat penetration test

White hat penetration test

The basic difference between the two test approaches is only the information that is being provided to the penetration tester. In the black hat penetration testing, the tester is provided with very little or no knowledge about the system. They have to find out all the information on their own. It is basically performed to strengthen security from the standpoint of external attackers. On the other hand, in white hat penetration testing, the tester is equipped with complete knowledge of the system or network including the OS, IP addresses, etc. This is to strengthen security from internal attackers standpoint i.e. employees, network administrator, etc.

Although as a part of QA testing, penetration testing is one of the logical approaches to achieve network security, it does not last forever. It is just an attempt towards security of the network and not the complete security audit. One of the major drawbacks of penetration testing is that though it helps in maintaining the security, if not performed in a planned manner, it can have serious consequences on the system, leading to system congestion and crash. Therefore, proper planning is required by the organization and the penetration tester. In spite of the advantages, it should not be forgotten that none of the approaches are hundred percent foolproof.

In short, penetration testing is one of the steps towards network security that is based on the rule of finding the flaws in the system before the attackers/intruders find them.

by: Knowledge Sharing Team

POST COMMENT

The Important Of Relevant Content In Link Building How To Deal In Metal For Commodity Market The Best Comply With Ohs Legislation A Close Look Into Wordpress Hosting Linen Rentals Can Make Your Event Memorable Dining Tables For A Working Couple Steps On How To Replace Parts Of Your Honda Car What Facilities A Pg In Mumbai Provides What Is The Need To Send Encrypted Emails? Learn How To Extend The Stay In The Us Best Hindi Movie 2011 Cost Effective Disposable Surgical Instruments In The Market Advance Gear Transmission Crimping Machine