Kali Linux - Penetration test e forensic analysis Linux Iso
https://www.alessandromazzanti.com/2017/11/kali-linux-penetration-test-e-forensic.html
Today I would like to discuss about some Vulnerabilities Assessments & Penetrations Tests concerns.
Vulnerabilities Assessments
They are normally low-risk activities, given that after collecting information they start verifying outdated systems firmware/software versions (both devices and servers located in LAN/DMZ) associating this information with exploits databases.
They work smoothly and they are rarely aggressive and harmful..
In this case you might consider using an appliance located in both DMZ and LAN.
Penetration Tests
It is certainly, by its truly nature, more intensives, aggressive and - depending on the client's wishes - articulated on several tests.
Facing problems possibilities or creating disasters are very easy.
Due to these reasons contractual parts and responsibilities clarifications are very important - but an attacker does not warn you that he is 'hackering' you ... :)
Afterwards I would like to mention this article, coping and past some paragraphs, to highlight some interesting concepts and concerns.
https://www.secureideas.com/knowledge/what-are-the-risks-of-a-penetration-test/
"....Sometimes outages or breakages occur that even the most cautious of penetration testers can't avoid. An application may have software flaws that result in a Denial of Service condition. A network device may be misconfigured such that it handles some types of network traffic poorly. We have all seen these types of issues in our testing.
Unfortunately, there is no surefire way to eliminate this kind of problem. It can be reduced through best practices such as patching, change management, and thorough code reviews. Damage from this type of issue can be minimized by closely monitoring the systems being tested and being prepared to halt automated tools at the first signs of trouble. This can also be improved by ensuring the testers are experienced in how the systems being tested work....."
"....The next significant risk to consider is that of inadvertently exposing confidential information or system access. Your penetration testers are searching for vulnerabilities and running exploits. For example, they may find a vulnerability that allows them to open up a backdoor. If they do so, but fail to protect the backdoor, a real attacker may discover and use it for malicious purposes. Another type of exposure if the tester is accessing data insecurely. For example ,they could transfer PII over an unencrypted channel...."
Here they are other concerns or attention points:
- Be Aware to advice SOC or whitelist IP scanner device tool could not intercept real attacks that might occur during assessment time period.
- System Outages and lost of productivity might occur.
- False negatives could raise due to penetration tools that do not find security holes that unfortunately exists.
- Unethical IT professional operating assessment and penetration tests.
