<![CDATA[Latest posts for the topic "Network Vulnerability Scanning Process and Network Penetration Test Pr"]]> /hvaonline/posts/list/8.html JForum - http://www.jforum.net Network Vulnerability Scanning Process and Network Penetration Test Pr /hvaonline/posts/list/36964.html#227253 /hvaonline/posts/list/36964.html#227253 GMT Network Vulnerability Scanning Process and Network Penetration Test Pr http://nmap.org/. Nmap contains a series of rules and fingerprints to identify the services and operating systems of different machines on a network. It compares the responses from a target against its massive database to provide the penetration testing team with more specific data about a target. Figure 3 shows results generated by the nmap tool + Penetration testers may take the results from an nmap automated scan against the network and import it into commercial tools like the Nessus Vulnerability Scanner available at http://www.nessus.org/nessus/. The Nessus Vulnerability Scanner maintains a large database of vulnerable software and services and connects to different hosts and servers to determine whether they are vulnerable to any of these exploits. The Nessus Vulnerability Scanner, depicted in Figure 4, provides the penetration testing team with an overview of vulnerable services by host and port. Figure 4: The Nessus Vulnerability Scanner + For attacking web applications, a team may use an automated scanner such as Nikto http://cirt.net/nikto2) to determine vulnerabilities. Nikto connects to webservers, looking for over 6,400 potentially dangerous files/scripts, and checks for outdated versionof over 1,000 servers. Using Nikto, a penetration testing team can identify a vector such as cross-site-scripting, file-upload, or remote-file-inclusion to attack a server.Additionally, as depicted in Figure 5, the results of Nikto may steer the penetration testing team toward exploits that would succeed against the target Figure 5: The Nikto Web Vulnerability Assessment Toolkit - Once the team identifies a vulnerability, the team move into the next phase: exploitation. This is the pivotal phase in the cycle, by actively attacking the service orhost the penetration tester roves the systems are vulnerable to an exploit. Finally, theteam wraps up their work with successful documentation of their efforts in a penetration testing report that is provided to the client. Although we have described this order linearly, it is important to note that penetration testers move back and forth fluidly between several of the phases. For example, a penetration testing team will not necessarily document all of the vulnerabilities found before moving to exploitation. This ensures the team has results it can show a client, who usually has the team on a very tight time schedule + When preparing to exploit a target, the penetration testing team may choose to use an all-encompassing framework such as MetaSploit to attack the attack. The MetaSploit development team makes the project freely available under the BSD license and allowable for download at http://www.metasploit.com. Figure 6 depicts a screenshot of MetaSploit being used to attack a Windows XP SP2 machine. In the figure, the user selects an exploit, MS08-067 (Conficker), and a payload, the meterpreter shell. As a result of the exploit, the attacker can remotely command the target via the shell. ]]> /hvaonline/posts/list/36964.html#227447 /hvaonline/posts/list/36964.html#227447 GMT