by Si Biles
In an earlier article, many moons ago (Sorry Jamie !), I stated my
opinion that Forensics and Security were opposite sides of the same
coin. I’ve felt very strongly that my skills as a Security Consultant
have only been strengthened and expanded by the experiences I’ve gained
with Forensics, both as part of the Forensic Focus community (again,
apologies for my absence) and as part of my MSc (an ongoing epic
spanning two Universities and many years).
There is a particular area of Security work that I think mirrors the
skill set of Forensics more closely than others – and that is
Penetration Testing. PenTest is probably the most bleeding edge,
exciting and intellectually challenging thing in the InfoSec field – no
matter how much I try, I struggle to get as excited about writing an
“Acceptable Use Policy” as I do given free rein to attempt a “capture
the flag” task on a corporate network. (That’s not to say that AUPs
don’t have their own excitements … nah, I’m kidding, but they are
important – like eating your vegetables…) – at the same time though, the
same measured and methodical approaches and investigative skills that
apply in Forensics, apply in PenTest.
Over the next few articles ( I don’t know how many yet, I’ve not
written them – but I’m aiming to get an update to you fortnightly ) I’d
like to take you through a high level PenTest methodology, showing you
some of the tools and toys that you can play with along the way, at the
end of it all, my intent is to run a competition (with a small prize for
the winner – something like an iPod Nano perhaps?) of a live machine (
or machines … ) connected to the internet that you can all have a pop at
– rules and scoring criteria yet to be determined – and will have to
write a short report on. ( Not that report writing will phase a single
Forensicator! )
In any case, let’s start with outlining the basic methodology –
remember, like Forensics, many parts of a PenTest methodology are
iterative, as you learn more in one phase, you may want to return to an
earlier phase and see what further advances you can make with your
new-found knowledge.
Read more
1 comment:
Please review the work already well underway over at the Penetration Testing Execution Guidelines. (http://www.pentest-standard.org/index.php/Main_Page)
Post a Comment