"IT managers face a problem determining what products and
policies are best to properly secure their network. The problem
with many security products is that it is hard to validate their
claims. Penetration testing is a process for testing the security
of networks by imitating an attacker. This process typically
involves gathering information through Internet searches and other
open sources, scanning and mapping the targeted network with tools
like Nmap, determining vulnerabilities on targeted computers, and
exploiting those computers. Conducting a successful penetration
test involves a great deal of knowledge and a wide variety of
software, including some of the following open source tools.
"Passwords remain one of the weakest links in the security
chain. People cannot be trusted to pick random passwords. According
to a UK technology blog, the 10 most common passwords in the UK
include '123,' '123456,' and 'password...'"