I do not know the difference between penetration testing and other forms of security testing. Could anyone experienced in that area tell me the differnces? I would really appreciate it. On the side note, is there any testing that simulates DoS? I do not know how to defend against it.
12
votes
5 Answers
22
votes
I am penetration tester, and i'm happy to answer this question.
Penetration testing is a usually a form of black box security testing. In a pen test you are trying to break into the server as many times as possible and report back on how they where able to break in. This is often done multiple times to make sure that the patches hold water. This is an important type of security testing because its as real world as it gets. Regular penetration testing is a requirement of the PCI-DSS. Common tools for web application penetration testing are Acunetix($), NTOSpider($$$), w3af(open source) and Wapiti(Open Source). For other types of penetration testing it is common to use Metasploit(open source), OpenVAS(open source), NMAP and THC-Hydra.
By contrast in it white box testing you have full access to the source code. You can enable drugging on the application to get better test results from scanners like Acuenetix. You can also use Source Code Analysis Tools such as RATS(Open Source) and Coverity($$$$$).
There are 2 different forms of Denial Of Service attacks. The most simple is a Distributed Denial of service attack in which the hacker is using a bot net to flood your server with traffic. This traffic could be an ICMP Ping, or even a simple HTTP GET request. Cisco has a number of very expensive products to help prevent this type of attack.
Another form of Denial Of Service is when there is a problem with the server its self. When this type of security flaws are found its often given a CVE number becuase it is a violation of CWE-400. This is commonly due to an arithmetic overflow or stack/heap based memory corruption (a buffer overflow or dangling pointer). To prevent these types of attacks you should make sure that your software is up to date. Its not often that an 0-day DoS attack is used in the wild.
2
votes
Penetration testing involves analysis of a particular system to check for potential vulnerabilities to an external hacking attempt and other types of security testing types are, Vulnerability scanning, Vulnerability testing, Security testing, Security Auditing, Ethical hacking etc.
The main difference between the penetration testing and the other type of testing is that vulnerability scans and vulnerability assessments, search systems for known vulnerabilities and a penetration test attempts to actively exploit weaknesses in an environment. A penetration test requires various levels of expertise. I did the penetration testing for my organization from Help AG and it is recommended to perform this tests from an reputable and professional solution.
0
votes
There are mainly three types of penetration testing . 1-Black box 2-white box 3-Grey box
1-Black box P.T(Penetration testing): In this type of testing goal of tester is to gather as much of information of network or system.
2-White box P.T : It provides whole ranges of information in details like O.S,IP Address , Source code etc
3-Grey Box P.T : In this type of P.T Tester generally provides limited information about the system details .so we can count as a external attacker attack .
DOS Simulate Tools: 1-Nemessy : http://packetstormsecurity.com/files/25599/nemesy13.zip.html 2-Blast : http://www.opencomm.co.uk/products/blast/features.php
0
votes
First DoS and DDoS are totally different and I think you can not achieve the DoS with penetration testing. Even if the Pentester submits the DoS vulnerabilities, and if a vulnerability has no confidentiality and integrity, then the bug will be a useless crash.
-1
votes
Securing a computer system is not something that can be done effectively by a layperson.
If you are not willing to invest the time to gain a solid foundation in systems security, hire a reputable consultant and trust their advice.
Insecure systems are everywhere. For instance, almost every single for-pay Wifi hotspot in use at hotels, coffee shops, and the like can have their paywall circumvented by someone with sufficient skill. If you don't know what you're doing, you won't even be aware that the vulnerability exists at all.
