Penetration Testing: Identifying Security Weaknesses for Protection - Essay Sample

Introduction

Technology penetration testing involves the use of computer systems, network domains, or website applications in trying to identify security weaknesses that a hacker could take advantage of. Conducting penetration testing can be done either automatically using software applications or manually. In the end, the essential information about the target is gathered, which includes the access points, break-in attempts, whether real or virtual, and submitting on one's findings. The primary objectives of the penetrating test proposal are to establish security faults, test the policies of an institution, how observant an institution is in the permission of its requirements, check how conversant the employees are about the security awareness (Rani & Nagpal, 2019). Is the organization able to identify and respond to security mishaps?

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

In the gaining access phase, the organization conducting the penetration test first identifies the scope and goals of the test. What they want to achieve out of the test proposal. The pen testers identify the issues or systems for testing and determine the methods to use in the process (Denis et al., 2016). Upon identifying the approaches and systems, intelligence information is gathered like the domain and network names, mail server, among others, to enable them to understand their target and what its probable susceptibilities are. It then follows that they will try to perceive how the prey will answer to such violation attempts (Goel & Mehtre, 2015). The static and dynamic analysis helps inspect the target computer's operation code to evaluate ways how it performs while working.

Target vulnerabilities are here then uncovered using web applications like cross-site scripting, backdoors, and SQL injection. It is a safety vulnerability tester in website applications enabling hackers to introduce client-side scripts into websites beheld by other operators (Shah & Mehtre, 2015). Sometimes, it circumvents entrance controls with the same-source policy. SQL injection scanner, on the other hand, is used to perform a quick and fast scan of a target URL, helping identify vulnerabilities in web applications. It searches if parameters of the target URL are vulnerable to SQL injection attack and report the malicious pages that could affect one's website (Denis et al., 2016). The testers will try and adventure the vulnerabilities by building up the benefits, taking data without the legal rights, stopping traffic, among other attempts to perceive destruction such exploitations can source.

The resources associated with vulnerabilities include design and human errors, connectivity, poor system configuration, passwords, complexity, among others. Passwords are commonly used to prevent unauthorized access. It is recommended that one employs a strong password to avoid those guessing them from gaining access. They should not be shared, and changing them every time is crucial (Denis et al., 2016). User input is also another source of vulnerability whereby the data received electronically through SQL injection and buffer overflows can be used to attack the receiving system. Securing requires expensive and strict management; otherwise, an organization will lack behind in proper risk management, allowing vulnerability into their operations. The standard-based vulnerability management data repository of the U.S, the National Vulnerability Databases (NVD) permits security measurements acquiescence and automation of vulnerability. It ranges from all securing flaws, misconfigurations, product names to security checklists.

Maintaining Access Phase

In maintaining access, one determines whether the vulnerabilities have continued access to the systems. Upon compromising the system, the attacker has temporary access, which does not provide enough access to acquire the information of interest. If the system is power cycled or the access is interrupted, the access would be lost. The attackers have learned to take quick action upon initial compromise to maintain access (Strom et al., 2018). Thus, the attacker is given access without the need for further exploitation. One does not need lots of attempts to gain access as the admin can identify such threats and lock you out, but maintaining the access once the system is compromised becomes vital.

Software tools such as Metasploit is used to compromise a system initially and maintain access. The Metasploit uses various webs to exploit the identified target. Once the target has been compromised, the attacker has access but not enough access, and so he will escalate his privilege using Metasploit's local exploit suggester (Goel & Mehtre, 2015). Running the suggester gives access to more information allowing the hacker to have the same access as the system. Upon establishing System privileges, the hacker goes ahead to set up persistent access, which in turn allows for backdoor installation. At this point, the hacker closes down the Metasploit and powers off the victim's PC (Baloch, 2017). Reopening Metasploit allows the hacker to set up specific commands to obtain a connection using the backdoor of the victim. The victim PC is powered up again, logging in the victim while keeping in check the Metasploit support to obtain the backdoor's reverse connection. This way, the hacker has managed to have system privileges and has persistent access.

Studies have shown using the backdoor or Trojan horse to be a desirable way of establishing laidback admittance into the already established breach. The Trojan comes with inbuilt upload/download installation functionalities (Goel & Mehtre, 2015). Although it does provide access, one needs to undertake a series of installation of malware. The Trojan allows evasion of secret codes, identifications, and any subtle information that may cause alert to the admin.

The pentester uses the intrusion detection software and intrusion prevention systems to perceive any invasion as well as any extrusions. The intrusion and extrusion recognition approaches include; Detection and the transfer of file content to an outer site or inner devices, preventing session commencement between servers in your file centers and network, that not controllable (Baloch, 2017). Pen testers check for networks with odd ports and custom-made proprieties. The approached catches the infrequent durations and content stored.

Covering Your Tracks

Upon obtaining the relevant information that a pentester sought to find, for instance, the sources of vulnerabilities or in the case of the hacker, they do try to cover their tracks so as not to be identified. The hacker/ pentester typically hides his intrusion steps by controlling any left behind marks (Kothia et al., 2019). They add intrusion prevention systems and anti-malware, private firewalls to deny access to the business administrator's access to desktops (Denis et al., 2016). It is the final stage in a pen test in technology as the rest require only paperwork. The primary goal of this phase is to obliterate the ordinal cryptograms of the test. The signs are usually indicative of the pentester's activities in the targeted PC, and so traces must be eliminated.

While in the earlier phases, the pentester succeeded in evading recognition, the primary goal of this stage is to conceal all the shreds of evidence that would be indicative of his actions or deeds (Rani & Nagpal, 2019). The covering tracks typically consist of measures to prevent detection while running (anti-occurrence response) and efforts to avoid digital evidence collection in case of a post-factum inquiry (anti-forensic). When covering up one's tracks in the case of an anti-incident response, the pentester or hacker tries to cloud and disrupt the response team (Strom et al., 2018). This activity ensures a penetration tester has the chance to acquire an extended base on the attacked network even upon detection.

The hacker secretly deploys backdoors, sets up a swift imaginative movement such that those infected are not too many, and its host is up to date. He tries to keep a diverse malware on the system, picking up speed to preclude the investigating team of what is happening (Kothia et al., 2019). They establish a system that bypasses the monitoring measures hence camouflaging with the origin of the malware program. In anti-forensic, the pen-tester uses all approaches and implements to obliterate, vary, and hide any digital evidence aiming to manipulate, destroy, and erase the digital proof.

It obstructs future investigations by diminishing the quality and quantity of digital evidence. Besides the pen testers using the anti-forensic tool to erase their tracks, other frequent users are the cyber extremists, online pedophiles, forgers, and cyber delinquents to remove evidence that may incriminate them (Shah & Mehtre, 2015). The pen testers use anti-forensic tools to undertake an exhaustive test of the security proficiencies of individual computer systems. They mask the hack and generate backdoors to exploit in the further.

Lastly, when covering up their tracks, the pen testers may decide to delete their trails to counter the forensic investigations. Usually, this is not a smart move as the deleted files can be tracked, although irreversibly erasing the evidence will leave the investigators with nothing to connect them to the hackers or pen testers (Shah & Mehtre, 2015). The information must be deleted from the hard disk until one ensures there is a successful attempt. Some pen-testers or hackers may decide to move, rename or hide or alter with the files that they cannot be identified almost immediately. Using the correct program, one can exploit the available file space named floppy space to hide significant information in plain sight, although it is a risky move.

References

Baloch, R. (2017). Ethical hacking and penetration testing guide. Auerbach Publications. https://doi.org/10.4324/9781315145891s

Denis, M., Zena, C., & Hayajneh, T. (2016, April). Penetration testing: Concepts, attack methods, and defense strategies. In 2016 IEEE Long Island Systems, Applications and Technology Conference (LISAT) (pp. 1-6). IEEE. https://ieeexplore.ieee.org/document/7494156

Goel, J. N., & Mehtre, B. M. (2015). Vulnerability assessment & penetration testing as a cyber defence technology. Procedia Computer Science, 57, 710-715. https://www.sciencedirect.com/science/article/pii/S1877050915019870

Kothia, A., Swar, B., & Jaafar, F. (2019, July). Knowledge Extraction and Integration for Information Gathering in Penetration Testing. In 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C) (pp. 330-335). IEEE. https :// ieeexplore. ieee.org/ abstract/ document/ 8859421

Rani, S., & Nagpal, R. (2019). PENETRATION TESTING USING METASPLOIT FRAMEWORK: AN ETHICAL APPROACH. http://www.academia.edu/download/60629510/IRJET-V6189320190917-59063-edkcx7.pdf

Shah, S., & Mehtre, B. M. (2015). An overview of vulnerability assessment and penetration testing techniques. Journal of Computer Virology and Hacking Techniques, 11(1), 27-49. https://link.springer.com/article/10.1007/s11416-014-0231-x

Strom, B. E., Applebaum, A., Miller, D. P., Nickels, K. C., Pennington, A. G., & Thomas, C. B. (2018). MITRE ATT&CK: Design and philosophy. Technical report. https :// ieeexplore. ieee.org/ abstract/ document/ 8859421