With the increasing focus on cyber security and foreign-based attacks, I have been looking into the world of ethical hacking. 

(“Ethical hacking” is an attack on a system by or on behalf of the system owners.  It’s done to test for vulnerabilities.)

I reviewed several tools used to penetrate systems and analyze networks.Most tools are free and straight-forward to use, like the Nessus or Wireshark network scanners.  These tools are well built and easy to learn, however understanding what captured data means may require some knowledge of IP traffic analytics. 

One of the more interesting and powerful tools I reviewed was BackTrack 3, an open-source application marketed as the complete penetration-testers’ toolkit.  BackTrack has been around for years, but its latest release is more functional and easier to use than previous versions.  BackTrack is small enough to fit on a CD or USB drive, but powerful to enough to help even novices penetrate systems.

BackTrack is best utilized as a bootable CD or USB drive, where the user has access to a modified version of the Linux operating system loaded with a quick and dirty penetration toolkit offering more than 300 powerful tools.  Users access the tools with a simple graphical user interface through a Linux kernel resembling a standard Windows desktop.

I have some experience with software development, so  I understand the concepts upon which these tools are built, and the level of knowledge and manual effort required to develop exploits such as cross-site scripting vulnerabilities and SQL injections.  Attackers would need to have an in-depth understanding of specific system vulnerabilities, an attack method to exploit them, and the ability to develop the exploit.  BackTrack removes some of these obstacles and includes tools to automate many of the more intensive attacks. 

One of the key features of BackTrack 3 is the inclusion of the Metasploit Framework.  This feature allows users to customize exploits and the payload, with only minimal knowledge about the target system – which can be gleaned from OS fingerprinting by one of the port-scanning tools in BackTrack. 

This toolkit allows penetration testers to develop malicious code exploits quickly and easily, without much knowledge of coding.  Google can be a powerful resource to combine with this toolkit.  With openly available resources and “how to” instructions on the internet, anyone can become adept in vulnerability exploits. 

Whenever a new ethical hacking tool is released, it reminds us that information security must evolve continually – to meet continually evolving threats.  Those of us who are security professionals must evolve as well, continually building on our foundational knowledge.  Getting a certification like the CISSP ensures that we’re starting from a solid foundation, ready to meet whatever challenges are next.

Let us hear from you – what security challenges is your company facing, and how are you developing as a security professional to meet those challenges?

Chris