Εφαρμογή πλαισίου δοκιμής διείσδυσης για την αξιολόγηση της ασφάλειας
Application of a penetration testing framework for security assessment
View/
Keywords
Penetration test ; Security assessment ; MetasploitAbstract
In today's distributed computing environment where computer networks and the Internet are the means of communication and information exchange, security is becoming more and more important. Security in computer networks and the Internet has serious implications for the current dynamic work environment. Security is now a basic requirement because distributed computing is insecure. In an organization, regardless of its size and volume, it is very important to improve the security of computer infrastructure. However, with the rapid emergence of new vulnerabilities and exploits, at some point even a fully-fledged system or network has security flaws. There are different security measures that can be applied to secure the network or system. The best way to ensure that your network or system is secure is Penetration Test, which can provide a realistic security assessment by identifying vulnerabilities and exploits in a network infrastructure. Penetration Test uses the same principles as hackers to infiltrate the computer network infrastructure and thus verify the presence of defects and vulnerabilities and help confirm security measures.
The thesis begins with defining the theoretical background of a penetration test. It then proceeds to the phases that exist in a penetration test and the appropriate methodology. In the practical part we will see a simulation of attacks on a network with partial knowledge of the system or network. Open source tools for network monitoring, port scanners, vulnerability scanners and penetration test framework will be used.
The aim of this thesis is to identify and explain a suitable methodology for penetration test, to illustrate relevant open source tools as well as to implement a vulnerability framework that can be used to ensure that an organization's network and systems are secure.