How to Conduct a Penetration Test

A penetration test is an assessment of yourperspectives from which to approach the testing.
network's security, including potential vulnerabilitiesBasically, your approach is determined by your
and how they could be exploited. Businesses andanswers to these two questions:
individuals perform penetration tests in order to1. Who is the hacker? (Disgruntled employee?
pinpoint and correct potential ways an individualSomeone with no inside information or connection
could gain access to their network. Penetrationto the company?)
testing is similar to ethical hacking in that a trusted2. How much (if any) notice/information will you
individual is given permission to attack a networkgive your IT staff and/or employees about the
using the same methods as those employed bytesting?
an illegal hacker.For example, if you want to know what a
The first step in conducting a penetration test isdisgruntled employee could do, the testing will
planning. Before the testing begins, you should setphysically take place within the walls of the
out goals, time tables, and parameters. That is,company, using the company's computers and
determine your major concerns, decide whichequipment. Another scenario, as mentioned above,
aspects of your network you want tested, andis one where the hacker has no special access;
decide how long and when the testing will bethey are simply working from their own
conducted.computer and attempting to breach your network
The second step consists of gathering information.via the Internet.
Here is where the tester puts themselves intoThe answer to the second questions determines
the shoes of an illegal hacker. Imagine you're thewhether, and how, you'll involve your staff and
hacker, and all you have is the name of aemployees. For instance, you may decide that
company or its website. This company is yourone of your goals is to find out if your IT staff
target, and your goal now is to dig up as muchwill be alerted to attempted break-ins. In that
information as you can to help you break intocase, you would not give them any advance
their network.notice of the testing. Conversely, you could decide
Third, the tester will manually test all of theto have your IT staff and the penetration testers
information gathered for possible vulnerabilities.work together, focusing on a specific target.
That is, they'll pull all the hacker tricks out of theirRelated to the two questions above is the issue
hat, so to speak, and see where and in whatof "zero knowledge penetration testing" versus
ways the system is vulnerable."limited knowledge penetration testing." With the
Last is the actual "break-in" itself. The testerzero knowledge approach, the testing team has
starts by selecting a target. For instance, thebeen given no knowledge or information about
tester could focus in on the network's mainthe system and network from the company.
server. From the research done during the thirdMany consider the zero knowledge approach to
step, the tester has an arsenal of weapons andbe the most realistic, given that the potential
potential ways into the network. Now it's aattacker would be starting from scratch with
matter of using that information to hack into theregards to the hacking.
targeted server.The alternative is "limited knowledge penetration
Once the testing is complete, the tester providestesting." This approach can save both time and
the company with a report detailing themoney. With limited knowledge testing, the testing
vulnerabilities and explaining how to correct them.team is given the basic knowledge that a hacker
Obviously, the overarching goal of penetrationwould have come up with on their own anyway.
testing is to uncover holes in your networkThat way, the team can move directly to the
security. There are, however, several differentvulnerability assessment phase.