Your Own Penetration Test


Typical defenses against these threats include:

• A firewall to separate the corporate network from the Internet

• An intrusion prevention/detection system (IPS/IDS) to detect when typical hacker activities, such as port scans, occur and to take steps to prevent them from successfully penetrating the network

• Malware scanners to prevent malicious software getting on to the network hidden in e-mail, instant messaging or Web traffic

• The use of passwords to prevent unauthorized access to networks, computers, or data stored on them.

Every organization should have these defenses in place, but this leaves a very important question to be answered: How effective are these measures?

It’s a deceptively simple question, but it’s essential that you know the answer to it. That’s because if you don’t it may turn out that:

• Holes in your firewall leave your network vulnerable

• Your IPS/IDS is not configured correctly and will not protect your net- work effectively

• The passwords used to protect your resources are not sufficiently strong to provide the protection you require

• Your IT infrastructure has other vulnerabilities you are not aware of, such as an unauthorized and insecure wireless access point, set up by an employee.

Since the professionals at your cinema are responsible for entertainment materials which are more valuable than the contents of your local bank, this is valuable information for them.

This set of instructions include where to download the free, open-souce files, and how to install them.

These are the chapter headings. We’ll go through these one at a time at a later date.

  1. Carrying Out Your Own Penetration Tests
  2. Network Discovery: Scanning with Nmap
  3. Sniffing Your Network with Wireshark
  4. Checking Password Security with Hydra
  5. Spotting Weak Passwords Using Offline Attacks
  6. Checking Wireless Security with aircrack ng

The attached file can be downloaded by those who are registered and signed in.

Leave a Reply