As most of us know, Penetration Testing will need to follow a few step in order to testing the server and network. Below are the manual that need to be doing during the Penetration Testing activity
STEP 1 – RECONNAISSANCE
The main objective is to gather information about the target system which can be used in a
malicious manner to gain access to the target systems. Successful reconnaissance can often be successfully achieved through passive steps such as social engineering. Active reconnaissance refers to the probing of a network in order to detect possible routes to access.
These may include:
• Accessible hosts
• Open ports
• Location of routers
• OS details
• Details of services
STEP 2 – SCANNING AND ENUMERATION
Scanning and Enumeration are intelligent ways of gathering sensitive information about the target company’s network architecture. Information relating to the company’s IP addresses, OS, DNS servers and Zone Transfer information can sometimes be extracted using specialist techniques that fall into this category. Scanning can essentially be considered the rational extension of reconnaissance. Scanning involves steps such as intelligent system port scanning which is used to determine open ports and vulnerable services. In this stage the attacker can use different automated tools to discover system vulnerabilities.
Other techniques used in this phase include:
• Network Mapping
• Sweeping
• Use of Diallers
• Vulnerability Scanners
STEP 3 – GAINING AND MAINTAINING ACCESS
This phase is where the ethical hacker will attempt to actually gain access to the target systems or
network. The exploit could occur over a LAN, the internet, offline or as deception or theft.
After the scanning phase where the ethical hacker has established all necessary information about
target network, he will try to exploit possible system vulnerability to get into the actual network.
Additional vulnerabilities could also be created using backdoor Trojans.The Security Consultant might need to use ‘sniffer’ techniques in order to capture data packets from the target network.This is the most important stage of penetration testing in terms of establishing the potential damage to the target systems. During a real security breach it would be this stage where the hacker can utilize simple techniques to cause irreparable damage to the target system. What a hacker could and couldn’t would primarily depend on four influencing factors:
• Architecture
• Configuration of the target system
• Individual skill of the hacker
• Initial level of access obtained
STEP 4 – COVERING TRACKS
The final stage of penetration test or ethical hacking is to check whether the ethical hacker can erase
or cover the mark that has been created in earlier stages of the test.At present, many successful security breaches are made but never detected. This includes cases where firewalls and vigilant log checking were in place. From this stage we can establish what attacks and exploits a hacker is able to cover up and which we can easily detect. In order that the target company’s security engineer or network administrator cannot detect the evidence of attack, the hacker needs to delete logs files and replace system binaries with Trojans.
The attacker can use automated scripts and automated tools for hiding attack evidence and also to
create backdoor for further attack.