Penetration Testing in Network Security - Report Example

Penetration testing in Network Security Student Name: Student P number: Module: Module code: Submission deadline Executive summary Network administrators in most organizations have been of good reputation for their efficiency in ensuring that a computer network is well secured from any unauthorized access. In analysis, the theoretical and conceptual aspects of a network, network administrators perform thorough penetration testing of network configurations in the organization. Thus, this paper aims to provide a report on the key aspects on the general field of penetration testing in a network. From this perspective, the report advocates to bringing out a clear picture of the penetration testing process and the key consideration for network administrators to the performance of this strategy. Particular emphasis has been laid on the main stages, tools, and techniques used in the implementation of network security through penetration testing. Table of Contents Table of Contents 3 Introduction 4 Definitions 5 Review of Penetration testing in network security 6 Analysis of the penetration testing stages 7 Diagram representing Penetration testing process 7 Planning 8 Discovery 8 Attack 9 Execution of the attack phase forms the core of the penetration testing process. Here, the vulnerability identified in the discovery stage is tested by trying to take advantage of them. Whenever an exploitation of a vulnerable point becomes successful, the information is captured and reported to management (Ali and Alabady 2010). This stage is highly significant in ensuring protection of corporate data from unauthorized access thus maintaining corporate data integrity, non-repudiation of data and confidentiality of the company. To ensure that the vulnerability point is cancelled, the discovery and attack stage are re tested. That is, a detailed analysis of the vulnerability is done to evaluate its effect to the whole network system and the major ways of bringing the vulnerability point to a halt. Consequently, this leads to repetition of the two stages until a thorough mitigation of the vulnerability is reached (Asaadorian, Pesce, and Strand 2009). 9 Diagram representing connection between discovery and attack phase 9 9 Re-testing Discovery and attack phase after mitigation 9 Reporting 9 Tools and techniques for penetration testing and their key concerns to network administrators 10 Network Map (Nmap) 10 Nessus 11 Hydra 12 Cain and Abel 13 Best practice in application of penetration testing 14 A table showing best practice in penetration testing 14 Conclusion 14 References 15 Introduction In the current speedy moving technological world, almost all day-to-day operations of individuals, government agencies, and company are based on the computer networks. Essentially, the interconnection of computer networks have become the key determinants of the operations conducted in the whole globe. However, the key challenge faced by both individuals and companies are the vast cases of network insecurity (Ciampa 2009, p 98). Computer hackers are always at the doorstep of a computer network system with a major aim of exploiting the vulnerable sections of a network. It has always been the initial requirement of a network administrator to ascertain that the network is well covered from any unauthorized network penetrations by attackers. These key issues have led to the notion of conducting penetration testing of an organization or individual’s computer network. Penetration testing entails security evaluation of a company interconnection of computer systems with an effort to circumvent the security status of its key features based on the system design and implementation of the networking services. It plays an essential role in discovering and fixing all vulnerabilities in a computer network system. Consequently, this aids in protection of organization data. Definitions Penetration testing It is a process of evaluating a network system’s defense in recognition of the strengths and weaknesses engrossed in a computer network system and the withheld network resources. Network packet A formatted unit of data that is travels through a network of computer. Network security A networking field about protecting the resources and infrastructure of connected of computer devices (Wack and Tracey 2001). Hacker One who uses knowledge of computer network to circumvent the security and gain unauthorized right of entry (Wilhelm 2010, p. 156). Network administrator A professional who handles a local and a wide area network of an organization. Review of Penetration testing in network security The ultimate goal for any organization computer system is to ensure that it plays a significant role in smooth running of the daily activities. To attain this goal, the network system has to be well configured that unauthorized access exceptionally prohibited from the system. Whenever network system integrity is violated, network administrators become the first accountable individuals as to what exactly led to the unauthorized access (Wilhelm 2010, p. 156). Thus, network administrators prefer consistent evaluation of the organization’s network. In doing this, they emulate an attacker invading the system through application of penetration testing tools and techniques. Penetration testing in a network usually done as an internal penetration test and external penetration test. In performing internal penetration test, a network administrator evaluates network defense status inside the network perimeter of a corporate organization. Within this scope, determinacy of the network architecture is conducted, identification of the operating systems and their vulnerabilities. In addition, a test is performed to obtain protected data from the networked devices and their associated resources. Finally, an evaluation of the response level of the available installed intrusion detection systems is conducted. A thorough analysis of these key features aid an administrator in determining the strength of the network system in preventing any unauthorized access within the corporate intranet (Engebretson and Broad, 2011) In external penetration testing, a network administrator attempts to obtain information about the corporate network resources from a location that is outside the network perimeter of the organization. In this sense, he or she emulates an attacker trying to gain an access while outside the organization with one or all of the following network intrusion techniques. One begins by determining the network operating system and its vulnerabilities. He uses those vulnerabilities to obtain unauthorized access to the corporate internal network system and gather data stored in the network (Engebretson and Broad, 2011). In obtaining all these details, network tools and techniques are used such as, illegal network log, discovery of real corporate internet protocol address, sending of Trojan horses and, packet sniffers that monitor the organization’s network traffic. Usually data contained in these packets aid hackers in accessing essential organization details (Ali and Alabady 2010). Analysis of the penetration testing stages It is clear right from the outset that network penetration testing is aimed to replicate an attack and use tools and techniques that are implemented in a procedural mechanism. In this sense, network administrators perform this activity under authorization by the corporate management and the process of the testing is done process wise, that is, from one stage to another (Wilhelm and Andress, 2011) Diagram representing Penetration testing process Planning This is the initial and most fundamental phase of the penetration testing process. It acts as the determinant of the key expected output of the process. Here, rules of the penetration testing are clearly brought out. The corporate management has to approve conduction of the penetration testing process (Wack and Tracey 2001). Perfectly follow up of this stage guarantees that management is notified the key aspects of the process. Planning ensures that the integrity of the company, data confidentiality of organization data and non-repudiation of organization guaranteed. Generally, successful implementation of this stage ensures availability of the organization network system and maintenance of integrity. Discovery During the discovery phase, actual penetration testing takes place. It involves performing scanning of the respective network connection ports thus aiding in identifying the potential target ports. To ensure that most of the key hacker methods are tested, more sophisticated are implemented on the corporate network system and its configuration. It involves performance of techniques such as; cross-examination of the corporate domain name system, queries on the network interface card, packet capture and, network basic input and output system. It is vital to note that packet capture and network basic input and output system must be done internally to ensure that even an attacker from the internet service provider is blocked from understanding these key corporate network details. This strategically performance of the discovery phase ensures confidentiality and non-repudiation of organization data (Ali and Alabady 2010). Attack Execution of the attack phase forms the core of the penetration testing process. Here, the vulnerability identified in the discovery stage is tested by trying to take advantage of them. Whenever an exploitation of a vulnerable point becomes successful, the information is captured and reported to management (Ali and Alabady 2010). This stage is highly significant in ensuring protection of corporate data from unauthorized access thus maintaining corporate data integrity, non-repudiation of data and confidentiality of the company. To ensure that the vulnerability point is cancelled, the discovery and attack stage are re tested. That is, a detailed analysis of the vulnerability is done to evaluate its effect to the whole network system and the major ways of bringing the vulnerability point to a halt. Consequently, this leads to repetition of the two stages until a thorough mitigation of the vulnerability is reached (Asaadorian, Pesce, and Strand 2009). Diagram representing connection between discovery and attack phase Report level of vulnerability Re-testing Discovery and attack phase after mitigation Reporting Finally yet importantly is the reporting phase. In real sense, as seen in the previous three stages, the reporting phase occurs simultaneously as the three are conducted. In planning, the rules and approvals of conducting the penetration testing are provided to the corporate management. During discovery and attack phases, periodic attack logs are reported. Finally, a general report about the process should be provided. This phase is very important in clarifying what exactly happened during the process. Reporting phase ensures that organization integrity and confidentiality is maintained through consistent update of the management of the exact status of the process (Wack and Tracey 2001). Tools and techniques for penetration testing and their key concerns to network administrators Sophistication in this technologically driven world has resulted into innovation of highly complex network sniffing and penetration tools. Hackers have come up with well-strategized techniques for accessing organization network systems and cause extensive harms without notification (“An overview of network security”, 2000). On the other hand, due to need to understand the major techniques employed by hackers, network administrators have had to exploit the networking field to comprehend the exact ways that hackers can use to gain unauthorized access to a network system. Among the most commonly, applied tools with their in-built techniques that network administrators must thoroughly comprehend include the Nmap, Nessus, Hydra, Cain, and Abel. Network Map (Nmap) Nmap is one of the world’s most sophisticated too for invading a network system. Hackers prefer using this tool in most of their attack operations. This tool has wide range technical abilities of which hackers exploit in their fight to gain unauthorized access to a computer system. For network administrators to avoid exploitation of their network system, they must have to understanding of the key technical abilities (Asaadorian, Pesce, and Strand 2009). The fundamental features available in the Nmap include port scanning, limited vulnerability scanning, service, and operating system identification, a functionality to trace the route of a network packet (traceroute) and support for Internet Protocol Version Six (IPV6). These aspects should be of key concern to network administrators. Most network host operating system firewall and intrusion detection systems do not look for (IPV6). Attackers take advantage of this limitation in network host operating systems to perform an attack (Asaadorian, Pesce, and Strand 2009). Thus in penetration testing, network administrators have to carefully evaluate this issue. In addition, Nmap can perform a network device’s port scan and gain details about the real Internet protocol address configuration and the access control list used for securing the device. Traceroute technique available in Nmap aids hackers in tracing the exact source of a packet. This information further aids a hacker in understanding the whole network configuration, security details, operating system in use and its vulnerability. Network administrators should take key concern on these aspects thus aiding them in protecting the network system from unauthorized network access (Asaadorian, Pesce, and Strand 2009). Nessus Nessus is another extremely complex networking tool that can be used in penetrating a network. It is highly common in scanning the vulnerability of a network system. It provides a user with all vulnerable points in a network system that he or she can exploit. Hackers extremely prefer using this system since it directly reveals the attack points in a system. Therefore, network administrators should always ensure they are up to date with the key techniques provided by this tool (Asaadorian, Pesce, and Strand 2009). Upon execution, Nessus clearly presents a list of the network vulnerable ports in system. It also brings at hand all open file sharing sections in a network. In addition, it provides scanning permissions and comparing the details with a corporate network’s baseline network configuration. To make things more complex, this tool can be hooked up with Nmap to maximize the chances of accessing a network system. It is thereby vital to acknowledge that network administrators explore the functionalities of the Nessus in penetration testing. Administrators should use this tool in identifying the vulnerable network ports. More concern and exploitation should be laid on its integration with other network tools such as Nmap in maximizing attack chances (Asaadorian, Pesce, and Strand 2009). Hydra Hydra involves use of encrypted and plain texts to brutalize an organization’s website into authenticating a guessed password hence revealing login details used in accessing company system data and operations. A hacker applying this technique makes use of a password dictionary in performing his activities. In addition, a highly sophisticated hacker can apply psychological aspects of human beings in setting passwords. Here, hacker uses the password dictionary in conjunction with psychological basis and test multiple corporate accounts with a single password. In most cases, professional hackers in using this tool end up cracking a corporate key online network password (Asaadorian, Pesce, and Strand 2009). It is thereby essential that network administrators put this key concern in their penetration testing of a network. Otherwise, if exploitation of this unpredictable hacking technique is not covered, an organization can end up losing fundamental data thus confidentiality, non-repudiation and integrity of the organization becomes completely violated. Cain and Abel This is a critical MITM tool used by network attackers in invading an organization’s network configuration. It is fundamental that network understand the major techniques under this tool. In addition, this tool should be highly implemented during penetration tests since it offers a wide range of features that can reveal vulnerability of a network (Wack and Tracey 2001). Some of the key techniques under Cain and Abel networking tool include, password recovery, Address resolution protocol spoofing, and wireless scanning. In addition, this tool provides a mechanism for spoofing unencrypted voice over internet protocol (VOIP). Clearly, from the above listed features of the tool, it can impose great losses to an organization’s computer network system. Address resolution protocol spoofing aids in obtaining the network address configuration of an organization. Wireless scanning spoof can result into accessing all details passing from one wireless antenna to another. When attacker gets all details about data travelling in a corporate network, it means there are great chances of getting essential account information and login details (Wack and Tracey 2001). Furthermore, (VOIP) scanning means all data relayed in a corporate telephone network will be captured by the attack thus shutting down the integrity and confidentiality of organization data. Therefore, in conducting penetration testing, network administrators have to put this tool into close consideration and ensure that it is exploited in trying to access the organization network thus aiding in mitigating the vulnerable points of the network (Asaadorian, Pesce, and Strand 2009). Best practice in application of penetration testing Corporate network administrators should ensure that the network system is perfectly configured to avoid any attack by an unauthorized used. This can be achieved by staying in touch with current and upcoming technological advancements. In addition, penetration testing should be conducted in a timely strategized scale to ensure that whenever vulnerability occurs, it is mitigated in time (Wack and Tracey 2001). The following table shows the best practice in performing penetration testing. A table showing best practice in penetration testing Penetration Test type Frequency Risk Benefit Vulnerability scan Every 3 months High -Provides timely set of vulnerable corporate host computers -help validate operating system and applications that need security patches Network mapping Every 3 months Medium -identifies unauthorized hosts and services connected to corporate network -identifies open ports in time thus providing room for mitigation Password cracking Monthly Low -verifies that network password authentication policy works perfectly. -confirms that passwords selected by user comply with corporate network policy requirements Log reviews Weekly Low -Validates internet protocol addressing and domain name service conforms to corporate network policy. War dialing 6 months Low -Detects unauthorized modems and blocks unauthorized access Integrity checkers Daily High -Provides a timely detection of unauthorized file modifications Conclusion It is vital to acknowledge that for any corporate organization to maintain its integrity and avoid revealing of confidential data to third parties; penetration testing of the corporate network has to be perfectly conducted by the network administrators (Ciampa 2009, p 98). This will guarantee that corporate data is and network system is protected from any unauthorized access. References Ali, Q and Alabady, S 2010. “Applying Penetration Tests on a Highly Secured Cooperative Network” International Arab Journal of e-Technology, Vol. 1, No. 3 pp. 1-7. http://www.iajet.org/iajet_files/vol.1/no.3/Applying%20Penetration%20Tests%20on%20a%20Highly%20Secured%20Cooperative%20Network.pdf Asaadorian, P, Pesce, L and Strand, J 2009. “Best of network Penetration testing tools” Paul dotcom enterprises, LLC. pp. 1-51. Retrieved from http://pauldotcom.com/TriplePlay-NetworkPenTestingTools.pdf Ciampa, M 2012, Security+ guide to network security fundamentals. Australia, Course Technology, Cengage Learning. Retrieved from http://mbzir.com/wp-content/uploads/Security+-Guide-To-Network-Security-Fourth-Edition-2012.pdf Engebretson, P and Broad, J 2011. The basics of hacking and penetration testing: ethical hacking and penetration testing made easy. Waltham, MA, Syngress. Retrieved from http://www.worldcat.org/title/basics-of-hacking-and-penetration-testing-ethical-hacking-and-penetration-testing-made-easy/oclc/731372835 Wack, J and Tracey, M 2001. “Draft Guideline on Network Security Testing” National Institute of Standards and Technology, United States. pp. 1-68. Retrieved from http://scadahacker.com/library/Documents/Assessment_Guidance/NIST%20-%20Guideline%20on%20Network%20Security%20Testing.pdf Wilhelm, T and Andress J 2011. Ninja hacking unconventional penetration testing tactics and techniques. Amsterdam, Syngress/Elsevier. Retrieved from http://www.worldcat.org/title/ninja-hacking-unconventional-penetration-testing-tactics-and-techniques/oclc/677829108 Wilhelm, T 2010, Professional penetration testing: creating and operating a formal hacking lab. Burlington, Mass, Syngress Pub. Retrieved from http://books.google.co.ke/books/about/Professional_Penetration_Testing.html?id=AcscdZ6Bs40C&redir_esc=y “An overview of network security analysis and penetration testing”, 2000. The MIS corporate defense solutions limited., Network security Team. Pp. 1-26. Retrieved from http://www.windowsecurity.com/uplarticle/1/wp-over-pentest.pdf Read More