Why Test Network Security?

Every day, we see a news story of some hacker stealing credit card information, a new virus wreaking havoc in a matter of hours, or a company pilfering personal information and selling it to some marketing company. At one time you were just a spectator to hackers breaking into some company, but you have become a target. With your home network up and running, you need to protect yourself from the vandal hordes of cyberspace.

Like any large company that performs security testing of their own Internet sites, you must do the same. You might not have vast amounts of money to spend on consultants and expensive software, but the proliferation of the Internet provides the necessary tools and information that any consumer can use to protect himself. Network penetration testing is the process of imitating the steps a hacker would take to break into your site. You do the steps to find the weaknesses in your configurations before a real hacker does. When you have finished your network design, you can begin your testing to see how easily host systems can be compromised.

An attacker aiming at your system starts out with no knowledge of it. As we have been mentioning throughout the book, an attacker can gather that information about a system in several ways. The attacker begins by finding out as much information about your system as possible. He can launch attacks against vulnerable applications you might be running. These days, script kiddies are also lurking around and can find hacker software on the Internet—and no skill is involved in many cases. Script kiddies just launch attacks against a whole range of networks with an automated tool and hope for a hit. They can usually find a vulnerable system with the automated software.

Several sites are used by hackers and security specialists to upload and download new security and hacking tools. Some of the more popular ones include

Some basic attacks that are popular today include the following:

  • Exploitation of vulnerabilities in vendor program applications, such as Outlook or Netscape

  • Exploitation of Web vulnerabilities in the programming languages used by Web servers, such as PHP, CGI, and Java

  • E-mail bombing, spamming, and relaying

  • Exploitation of misconfigured services, such as FTP, Web, and mail

  • Exploitation of named/BIND vulnerabilities

  • Denial of Services (DoS) attacks

  • Trojan horses, worms, and virus attacks

  • Taking advantage of misconfiguration of firewalls and router filter rules

  • Open connectivity to login prompts that are not necessary, using brute force attacks

The results of penetration testing of your own Internet connections present a list of possible holes in your network that need to be fixed before the attackers can find them. As you conduct tests of your site, you can check the log files and the logging capability to see if you have set them up correctly. You can determine how you will be alerted when you are attacked by the way you have configured your firewall and any intrusion detection systems you have installed. The results will help you determine what short-term fixes you must implement immediately and what you need to do over time to keep your site secure.

Caution

Testing your site security has many benefits, but the mistake that many people and companies make is that after they have completed that initial test of the environment and fixed any problems found, they do not do it again. Security is a continuous process, and a penetration test is only a snapshot in time of your security posture. A penetration test is aimed at the perimeter of your network. If your firewall is the only machine that can be attacked from the Internet and that is the only machine you secure, then you might be setting yourself up for future problems on your internal network. New vulnerabilities come out every day. A new vulnerability in the future might allow an attacker to get past your firewall and into your internal network. If all your internal systems have not been patched and secured, they will be easy targets for an attacker who makes it past the firewall. Checking your system for weaknesses or misconfigurations should be done once every two weeks for home users.

As has been discussed throughout the book, setting up firewalls and virus software is a must. To test your computer security stance, you can run port scanners to see which ports are open and close them or run vulnerability checking software to see whether any open ports you have are vulnerable to a known attack. There isn't a really great freeware vulnerability checker available. The best ones are commercial products that are very costly. Several products do some form of vulnerability checking for specific sets of checks, such as Web or Windows vulnerabilities. Several of these products that you might want to try include

Making changes over time to your network or the firewall rules could affect the security of the network. A small change that you make could open up new weaknesses, and if you haven't retested, you could be vulnerable to attack. Also, because you are not a security expert, you probably don't keep up with the latest attacks and cannot devote your time to learning security and tracking attacks against your site. If you keep your network setup basic and your firewall rules simple with minimal changes, you will decrease the risk of allowing a new vulnerability in the network.

If you run your own Web sites and e-commerce applications, most penetration testing tools will not test application security. A hacker can attack you through the programming languages that your Web server uses and that a penetration testing tool will not find. You have to lock down the operating system and the applications you are running as well as implement firewall rules and perimeter security.


..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset