How to perform a network security, penetration and vulnerability test?
Posted on 2011-03-23
I need to perform a network intrussion and penetration testing. I need some ideas on what "tools" such as software that would work. I am the network administrator and just recently under went and IT audit and this was one issue that always gets me. No Testing.
Since I am the network admin, and I know all the hardware & passwords, it is a little hard for me to just sit down and do this type of testing. First, I can not find anyone in my local area who does this type of work. Second, the people I would get - Do I really trust their testing ??
Let's say I'm Joe the Hacker and I gain access to my network. I take my laptop and plug into a network jack. What do I do? Being the hacker, I do not know anything about this network. (network doe's have static IP's). The hacker does not have physical access to any network equipment, such as the Servers, Cisco Router, PIX and or switches. All the hacker has would be his laptop and maybe a local Windows XP Pro workstation.
So what do we do to get started to find anything?