In PEN TEST – otherwise, Penetration Test – a series of attacks, both from the outside and internally on the network, is carried out, similar to what a hacker would do, in order to check to what extent any network weaknesses are exploitable.
The PEN TEST process is of great importance for the realistic assessment of the existing risk of penetration. The performance of the Penetration Test is conducted by an information analyst team specialized in security issues that uses commercial and open source tools as well as a number of specialized programs, many of which have been deployed internally (attack scripts, application specific code) for the final verification of the ability to exploit potential vulnerabilities.
At the same time, various applications that are freely available from the Internet are used in order to realistically simulate the movements and practices of a typical hacker who uses widely available tools.
PEN TEST is divided into four parts: The first is Port Scanning, which controls inputs into the information systems. The second is the Vulnerability Assessment, which detects the ways to exploit the inputs detected in the first stage. The third stage is the PEN TEST itself, which investigates the damage that can be done by exploiting the system weaknesses. Finally, a full report is prepared of the findings of the inspections and of the risks arising therefrom, as well as the ways of their restoration.
How is a PEN TEST carried out?
In summary, the following steps are taken:
- Performing reconnaissance checks to create a full depiction of the network, and in particular of its topology, systems, nodes and services available to it.
- Large-scale audits to identify potential areas or services that may be input points for potential hackers.
- Checks for known vulnerabilities or vulnerabilities that may arise from default settings, accounts having blanks, default or non-secure passwords, etc.
- Targeted vulnerability checks.
- Checking for recognized features for the ability to access the network.
- Classification of the vulnerabilities detected based on the ease of exploitation, the effort required for remediation and the impact that may have if an attack occurs.
- Suggestions to address security issues that require immediate repair.
- Recording recommendations to improve security and setting priorities for the address of the risk in conjunction with the significance of the vulnerabilities detected and the effort required to eradicate them.
- Transfer of the corresponding knowledge to the staff.
The methodology that is followed for the PEN TEST aims to assess the ease of making a typical attack on the basis of the existing vulnerabilities of the structure elements (internet Router, Firewall, Web Servers, Mail, etc.) for its access to the internet. In order for this test to be successful, Penetration Tests are performed outside of the Firewall system. The External Penetration Test aims to assess the “perimeter” security by including specific checks on individual points.