Monday, December 10, 2012

Offensive Security

Everyone knows that networking is the backbone of business. For most businesses today, a breach in network security can mean a lot of losses. Everything from information to assets are at risk when they are stored on a networked computer. Unfortunately this knowledge has not translated into businesses taking their network security seriously enough (al a Playstation & others).
The truth of the matter is: If these companies had taken the initiative with Offensive Security, they wouldn't have put thousands of people at risk!

What can you or your business do to protect the network? Think and act like a Hacker! On your own network only of course.
Now I will endeavor to explain to you some of the keys to successfully testing your networks security.

1. Get a method - When I provide a network security analysis I use the Open Source Security Testing Methodology. You can get a copy of the latest O.S.S.T.M. Manual from http://www.isecom.org/osstmm/
2.  Do your (p)research - Even if you are testing your own network you should see what the major search engines know about your network. Try searching for specific file names, I.P.s, MAC addresses, etc. You may be surprised what you come across.
3. Collect your tools - Whether you will be testing from a Windows, Mac, or Linux box you will need some special types of software to help you in your tests. I use a Linux laptop for the majority of the testing with a back-up Windows laptop if I am doing something that would benefit from two laptops.