Network Security Risk Assessment
Network Security Risk Assessment
Network Security Risk Assessment
It is clear from the information available that there is a breach in the company’s network. It is also possible that the direct competitor has breached the network and is directing traffic meant for the business’s website to their own website. A network penetration test is necessary in this case to determine the extent of the breach, and to determine the steps necessary to secure the network. A network penetration test is a network test that is conducted to determine the security of a network and to identify the security vulnerabilities in place. A network penetration test usually involves attacking the network to determine whether the network is vulnerable to such an attack. The attack is done by the security authorized to perform the attack. Tests can differ from simple testing procedures to complex procedures that may involve patching up faults in an operating system (Chung et al., 2013).
To ensure a successful network penetration test, the following steps need to be followed:
Planning and preparation
The process of penetration is an involving task that may be time-consuming as well. A great deal of planning usually goes into the preliminary stage of the testing process. First, a meeting should be scheduled between the business’s management and the penetration test team. The preliminary meeting is very important to streamline the steps that will be carried out, get approval and to explain the kind of tests that may be carried out. It is also important to note that penetration test may have serious consequences for the business such as crashing the network or slowing it down by congesting the network (Chung et al., 2013). Such scenarios need to be discussed with management and necessary adjustments and scheduling should also be done. The testing can be scheduled to be done at night or during the weekend when online users are at a minimum.
Penetration tests are illegal because penetration testers may be able to access personal and confidential information they should not access. It is, therefore, prudent for the management team to have the necessary forms for the penetration team to sign. Ideally, the forms inform the testers of the confidentiality of the information that they access or obtain during the testing procedures. The information should be returned to the organization management and subsequently destroyed to ensure that it is not compromised.
Gathering information and Analyzing
The second stage of the network penetration process will involve gathering as much information about the business as possible. For online systems such as the business in question, online sources and tools are crucial in this stage. The information gathered in this stage includes information such as the hosts, the operating system on which the online system is running, the servers to which the system is connected to, as well as the hosts that are visible on the online platform.
A network survey is also important in acquiring information. A network survey will reveal the systems that constitute the online platform, the internet service provider, IP addresses as well as the network map (O’Gorman, Kearns & Aharoni, 2011). The Nmap tool is an important tool for doing a network survey and can help in providing the above information.
The third step of the process involves detecting vulnerabilities in the system. Having a list of possible vulnerabilities is important at this stage as it will help in carrying out the penetration tests. Knowledge of potential vulnerabilities and exploits is important at this stage. After an exploit, the obtained information is analyzed to determine the existence of a vulnerability or lack thereof. Tools such the Nessus tool come in handy at this stage as they can help in identification of potential vulnerabilities. After this stage, a list of potential targets will be obtained for in-depth checking.
Attempting to Penetrate
Before attempting an actual penetration attempt, it is important to choose carefully the targets to attempt a penetration on. Choosing and estimation help at this stage as it helps in reducing the amount of time required to make the attempt, and to avoid redundant work. Freely available tools on the internet will be used at this stage, though these tools normally require customization to fit the particular situation. Just knowing that a vulnerability exists in a given target does not imply that the vulnerability can be exploited. Some vulnerabilities are theoretically possible, but not practically possible (Harris et al., 2011). It is, therefore, important to avoid such exploits as they may turn out to be time wasters.
Analyzing and reporting
After all the tasks above have been conducted, a report will be generated to document the entire process. The report should have an overview of how the penetration exercise was conducted, and the vulnerabilities that were identified in the process. It is important to ensure that the more vital vulnerabilities should be highlighted first. The prioritizing will help the management in making a decision on what vulnerabilities to tackle first. The report should also have a list of the successful penetration attempts and recommendations on how to secure them as well.
The Clean-up process naturally follows the penetration exercise. The Clean-up process is important to ensure that vulnerabilities caused by the penetration test exercise are dealt with. A complete list of all the hosts that were penetrated and attempted on should be kept. The organization’s staff should verify that the clean-up process has been done successfully.
The penetration testing procedure involves a number of parties within the organization. It is vital that the penetration exercise be as discreet as possible to avoid external parties who might want to take advantage of the exercise (Cole, 2011). Sometimes, employees might be involved in the breaching of the network. Informing the business’ employees of such an exercise may cause a change in their habits and render the entire exercise less effective. Ideally, a few people should be aware of the exercise and any information obtained by the penetration testers should be returned to the company and subsequently destroyed. Necessary paperwork should be used to legally bind involved people in case customers’ personal data is compromised.
In this particular case, the hypothesis is that the competitor has breached the network and is redirecting the users to their site after the users commit to register to the business’ online platform. It is also possible that the competitors are obtaining the information that the users are entering on the company’s website to contact them and offer them competing offers. The timeline for penetration testing should not go beyond two weeks. The report and presentation to the management of the organization should have a week. Therefore, the entire exercise should take about three weeks. The severity of the exercise calls for urgent measures. Organizing for a meeting with the management of the business, one of the preliminary stages of the penetration test exercise, should be done within the next few days after the penetration test team is contracted to do the test. Software tools are crucial in the penetration testing exercise. Finding the right online tools is essential in effectively conducting the exercise and uncovering the issue behind the organization’s woes (Cole, 2011). The Brutus tool is an online tool that is usually used in the cracking of passwords. This tool is essential in the attempting stage. Manually cracking passwords is almost impossible, therefore, underlining the importance of having such a tool. The Nessus tool is another online tool that network penetrators usually find handy in detecting network vulnerabilities. The tool does an automated network vulnerability test and audits a network remotely. The tool also presents the testers with guiding steps to help in addressing the vulnerabilities that have been identified. Netcraft.com is an online tool that is used to collect and gather information about a particular network. It is essential for testers to use a tool in the second stage of the process. The Netcraft.com tool is efficient in gathering data before the testers can embark on a network survey process.
Chung, C. J., Khatkar, P., Xing, T., Lee, J., & Huang, D. (2013). NICE: Network intrusion detection and countermeasure selection in virtual network systems. IEEE transactions on dependable and secure computing, (4), 198-211.
Cole, E. (2011). Network security bible (Vol. 768). John Wiley & Sons.
Harris, S., Ness, J., Eagle, C., Lenkey, G., & Williams, T. (2011). Gray Hat Hacking: The Ethical Hacker’s Handbook. McGraw-Hill.
O’Gorman, J., Kearns, D., & Aharoni, M. (2011). Metasploit: the penetration tester’s guide. No Starch Press.