Weak infrastructure network is the foundation of all technical security issues in your systems. These low-level vulnerabilities affecting everything works on your network. That's why you need to test for them and eliminate them if possible.
Your focus for ethical hacking tests on your network infrastructure should be to find weaknesses that others can see in your network so you can quantify the level of your network exposure.
Many issues are related to the security of your network infrastructure. Some issues are more technical and need to use different tools to evaluate properly. You can assess others with a good pair of eyes and a logical thinking. Some questions are easy to see from outside the network, and others are easier to detect within your network. When you evaluate your company security infrastructure network, you need to look at areas such as:
• If devices such as a firewall or IPS are placed on the network and how they are configured.
• What hackers see when they perform port scans, and how they can exploit the vulnerabilities of your network hosts.
• network design, such as Internet connections, remote access capabilities, defenses layers and placement of hosts on the network.
• Interaction of safety devices such as firewalls, IDS, antivirus, etc..
• What are the protocols used.
• commonly attacked ports that are not protected.
• Network host configuration.
• Network monitoring and maintenance.
If an attacker exploits a vulnerability in one of the above or anywhere in your network security, bad things can happen:
• An attacker can use a denial of service, which can take your Internet connection - or even your entire network.
• A malicious employee using a network analyzer can steal confidential information in e-mails and files transferred over the network.
• An attacker can create backdoors in your network.
• An attacker can attack specific hosts by exploiting local vulnerabilities across the network.
Before going ahead with assessing the security of your network infrastructure, do not forget the following:
• Test your systems from outside, inside to outside and internal (ie between segments of internal network and DMZ).
• Obtain permission from partner networks that are connected to your network to verify the vulnerabilities of their extremities, which can affect the security of your network, such as open ports, without a firewall or a misconfigured router .
Choose the right tools
Your tests require the right tools - you need scanners and analyzers, and tools for vulnerability assessment. Excellent commercial tools, shareware and freeware are available. I describe some of my favorite tools in the following sections on Hacking For Dummies. Just keep in mind that you need more than one tool and no tool does everything you need.
If you are looking for easy to use with security tools all-in-one package, you get what you pay for - mostly - especially for the Windows platform. Tons of security professionals swear by many free security tools, especially those that run on Linux and other UNIX operating systems. Many of these tools offer great value - if you have time, patience and willingness to learn their ins and outs.
No comments:
Post a Comment