Linux.com: Point, Click, Root: System Exploitation with Open Tools

Sep 22, 2006, 11:15 (0 Talkback[s])

"IT managers face a problem determining what products and policies are best to properly secure their network. The problem with many security products is that it is hard to validate their claims. Penetration testing is a process for testing the security of networks by imitating an attacker. This process typically involves gathering information through Internet searches and other open sources, scanning and mapping the targeted network with tools like Nmap, determining vulnerabilities on targeted computers, and exploiting those computers. Conducting a successful penetration test involves a great deal of knowledge and a wide variety of software, including some of the following open source tools.

"Passwords remain one of the weakest links in the security chain. People cannot be trusted to pick random passwords. According to a UK technology blog, the 10 most common passwords in the UK include '123,' '123456,' and 'password...'"

Complete Story

Related Stories:

• Infosec Writers: Detecting Botnets Using a Low Interaction Honeypot(Mar 28, 2006)
• ZDNet: Open-Source Antivirus Tech May Get Commercial Help(Dec 14, 2005)
• NewsForge: Crackers and Honey: An Irresistible Combination for Network Security(Nov 15, 2004)