“There are hackers capable of penetrating almost any system. The
good ones get paid for it. The bad ones pay for it. What is a
hacker’s approach to penetration testing? What tools do they use?
In this column, Carole Fennelly asks noted security specialists
Brian Martin, Mark Abene, and Rain Forest Puppy for their
perspective.”
“I recently heard of yet another penetration test in which the
vendor charged $150,000 for two days of testing. It seemed pretty
expensive to me, but I assumed that the testers must have brought
in some major security gurus who ran uber-elite secret exploits
against the systems. In fact, they ran ISS Scanner.”
“Don’t get me wrong; ISS Scanner is a useful tool that tests for
all known vulnerabilities. (I’m not picking on ISS; there are other
tools like this as well.) It’s just that for $150,000, I want
Robert Redford testing my system. (Ok, who hasn’t seen Sneakers? Go
rent it!) … What is a hacker’s approach to penetration testing?
What tools do hackers use? I decided to find out.”