network penetration test

Posted on 2012-09-07
Last Modified: 2012-10-15
Hi All,

  I have taken a basic course about backtrack, i would like to run a simple pen test in my network and prepare a simple reports, can someone guide me with some tools to do that.

Question by:ITMaster1979
    LVL 25

    Assisted Solution

    by:Fred Marshall
    Well, since you've already taken a course then it's a little hard to decide what to tell you.

    How about this:
    LVL 38

    Accepted Solution

    Get permission from your CSO or other such high ranking officer. Since this is your first time, you should not do it against your production (in use) network. Use a test area, quality assurance or development environment if possible. Since you've had a course you should know how to begin, and you can do several types of scans with several different tools. Some scan's can use good credentials, usernames/passwords that are allowed to connect to your machines and get information like patches etc... Other scan's try to get you that same access without good or known usernames and passwords, these scan's can be very intrusive and take down a box or two if your not careful.
    LVL 60

    Assisted Solution

    This has quite a sample for report...need not be all but minimally the risk assessment pertaining to the discover asset and exposure should be advised in the report. Importantly the recommendation in the report as that is the call to action. Focus on the technologies not vendor solution.

    What differentiate form penetration testing and vulnerability testing need to be understood well...running tools does the minimal ;)
    LVL 25

    Assisted Solution

    I use Backtrack for vulnerability testing, beside that you could use
    1.      Nessus (Linux if you can)
    2.      Nikto (Linux)
    3.      Paros proxy (Linux if you can)
    4.      Ike-scan (Linux)
    5.      SARA (Security Auditor's Research Assistant) (Linux)
    6.      MBSA (discutable)

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Suggested Solutions

    In every aspect, security is essential for your business, and for that matter you need to always keep an eye on it. The same can be said about your computer network system too. Your computer network is prone to various malware and security threats t…
    Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now