Table of Contents
Penetration Test Definition
A penetration test (pen test) is a test to check the security of a computer system through an externally connected network such as the Internet and to detect vulnerabilities in the system and network while attempting actual attack methods by hackers. It will be a check.
Also Read: What is Time Based One Time Password (TOTP)? – Definition, and More
The necessity of a penetration test
It is important to experience the attack before completing system development and public/operational. In that case, use the penetration test. This is because not only can you defend yourself, but you can also create more effective defenses by learning how attackers attack.
Penetration testing does more than just test whether you can break into a system. Aside from that,
-
- What information can be gained from the system
- For example, how long can you withstand a DDoS attack?
- How much damage will occur when invaded
- The purpose is also to investigate.
- There is no need for penetration tests, once before the system goes into operation.
External cyber attacks are evolving every day. It is essential to continually review security measures and improve the system if there are any problems. Therefore, it is necessary to perform penetration tests periodically.
Penetration test method
The method of performing the penetration test differs depending on the tools and services used, but it is generally performed as follows.
- #1. Hearing and preparation: Consider the network configuration of the system under test, the storage status of personal and confidential information. And the status of acquisition of access logs, etc., and create scenarios to determine what kind of diagnosis and testing should be performed.
- #2. Attack/penetration test: Perform attacks and intrusions according to the created scenario and record the results.
We can make attacks and intrusions in a variety of ways, including tests that perform automatically and tests and confirmations that perform manually. - #3. Preparation of report: Summarize the test results and create a report.
When attackers attack, they may start with social engineering as one of information gathering, instead of suddenly gaining unauthorized access over the network.
Attempts to steal system and confidential information using multiple methods. There are many cases where the stolen information exploits, to attack or invade the system.
In addition, there are four major methods for attack and penetration testing.
White-box testing
- This test on which to understand the internal structure of the target system, perform the analysis with the content tailored to the customer.
Black Box Test
- This test verifies functions that can grasp from outside without considering the internal structure of the system under test.
External penetration test
- This is a test that assumes that an attacker attacks from outside the system.
Internal penetration test
- This test assumes that an attacker has already penetrated the system.
Generally, when performing a penetration test, a combined test is performed by combining a white box test and a black box test.
- Perform a black box test assuming an attack from the outside via the Internet.
- Alternatively, a test may perform in advance by assuming an attack method, such as performing a white box test considering an insider crime.
- After the pen test, you may create a report.
This report summarizes the number and time of successful attacks, the route for acquiring administrator privileges, and other information. Where It presents vulnerabilities that exist, specific countermeasures.
Also Read: What is Wireshark? – Definition, Uses, Features and More