In our last blog post on penetration testing, we focused on the value behind the service and that every business requires regular pen tests to ensure that your company’s intellectual property and trade secrets remain secure. In this, part two of our series, we look at network penetration testing and a basic methodology for assessing how secure your network really is.
Network penetration testing and your business
Your IT network is one of the most important ecosystems in your business. It allows you to share important documents, access and store files, and communicate sensitive information in a safe space.
But the security of your network is only as strong as the measures you have in place.
Your network comprises a collection of devices, each with their own purpose. When it comes to network penetration testing, the goal is to determine which of these devices or the applications they run is/are the weak link/s.
Penetration Testing Execution Standard is one of the most common penetration testing methodologies, involving seven stages which help pen testers determine where your network is weakest.
Here’s an overview of each stage.
Because pen testing is such a broad field, the first step pen testers take is to determine what the customer wants tested. Defining the scope is critical, as all actions a pen tester takes need to be documented. Without a plan in place, testing might never end.
Network mapping, banner grabbing, and service enumeration are all ways in which a tester gathers information about a network and what applications and hardware it is using. This stage is all about mapping the network.
Once this information is collected, it is documented for use in the threat identification stage.
Once your network has been mapped, the next step is to uncover vulnerabilities. Your pen tester will start this stage by initiating a series of automated scans to test your environment. Manual testing also takes place, and various assets (sensitive documents, intellectual property and trade secrets, financial information) are grouped into threat categories.
This stage involves the documenting and analysis of all vulnerabilities exposed in stages one to three.
Here, the tester is focused on developing a list of the most obvious and common vulnerabilities and other weaknesses that are to be researched later. This is where a tester develops the attack plan that will be deployed in the exploitation stage.
The exploitation stage is time-intensive. This is where all uncovered vulnerabilities are exploited to understand exactly what risk they pose to your network, or if they are at all exploitable.
Here, the tester is careful to exploit vulnerabilities but not bring the network down.
Once all vulnerabilities have been exploited, the tester sets out discovering which computer is the most valuable machine on the network. The most valuable computer is the most vulnerable machine within a network. The tester then determines whether it’s possible to retain control of the computer.
As part of this process, the tester looks for a fine thread that can be pulled to expose how the valuable computer makes the rest of the network and business vulnerable.
Questions a tester tries to find answers to include:
- How sensitive is the data stored on the computer?
- What configuration settings does the computer use?
- Which communication channels does the machine use?
- Which other devices (and computers) is the vulnerable computer linked to on the network which can be exploited?
Possibly one of the most important steps in the network penetration testing process, reporting is where all stakeholders are made aware of the results from the pen testing exercise.
Typically, a presentation is made, either via a web conference or in person. This allows stakeholders to ask questions and comment on certain aspects of their network and security issues.
Network penetration testing is the process where a penetration tester deploys a series of automated scan and manual testing techniques to determine how secure your business network is by uncovering the vulnerabilities that exist within it.
Do you know where your IT network is weakest?
Contact us today on +27 23 004 0196 to arrange your penetration test.