3.8 Scanning Pen Testing

Scanning Pen Testing

  • Pen testing a network for scanning vulnerabilities determines the network's security posture by identifying live systems, discovering open ports, associating services and grabbing system banners to simulate a network hacking attempt.
  • The penetration testing report will help system administrators to:
    • Close unused ports
    • Disable unnecessary services
    • Hide or customize banners
    • Troubleshoot service configuration errors
    • Calibrate firewall rules
  • Check for the live hosts using tools such as Nmap, Angry IP Scanner, SolarWinds Engineer's toolset, Colasoft Ping Tool, etc.
  • Check for open ports using tools such as Nmap, Netscan Tools Pro, SuperScan, PRTG Network Monitor, Net Tools, etc.
  • Perform banner grabbing/OS fingerprinting using tools such as Telnet, Netcraft, ID Serve, etc.
  • Scan for vulnerabilities using tools such as Nessus, GFI LANGuard, SAINT, Core Impact Professional, Retina CS Management, MBSA, etc.
  • Draw network diagrams of the vulnerable hosts using tools such as Network Topology Mapper, OpManager, NetoworkView, The Dude, FriendlyPinger, etc.
  • Prepare proxies using tools such as Proxy Workbench, Proxifier, Proxy Switcher, SocksChain, TOR, etc.
  • Document all the findings.

results matching ""

    No results matching ""