Penetration Testing with Kali Linux and the Good Guys
One of the most prevalent white hat (and black hat) security tools available is a Linux distribution called Kali Linux. It includes many security scanning, analysis and penetration tools which come preloaded.
Made by the creators of Backtrack, they learned from their previous mistakes. This slimmed down Linux image includes only relevant and non-redundant tools. For example, tools such as OpenVAS allow a user to perform a vulnerability assessment of selected nodes in a quick and semi-automated fashion. Due to the ease of use with OpenVAS, it can allow many novice users to perform these vulnerability scans with little to no knowledge. Combined with the metasploit framework, this same user can take the vulnerability results and find relevant exploits for the targeted system.
These tools are just as accessible to the bad guys as the good guys.
Defense in Depth
Protecting an organization from attacks carried out by such tools requires of a multi-layer approach (Defense in Depth - DiD). To begin with, a proper patching process must be in place to address system vulnerabilities as they are announced and known by the vendors. Second, good configuration management processes will ensure that when systems are created or modified, they align with the organization's security policy. Lastly, scheduled scans of the systems on your network should be performed either by an internal group or an external group.
Seperation of Duties
It is best to engage a group that is not directly responsible for those systems (Separation of Duties). For example, if the same group handles the setup and security, they may cover the findings or refuse to patch the vulnerability. They may have a conflict of interest.
Equilibrium's security team are experts in Penetration Testing. We have the same tools as the bad guys in our tool box, among others. We encourage penetration testing as part of a mature security program.
Would you like help reducuing your enviornment's vulnerabilities? Let's Talk.
Author: Chad Akileh
Equilibrium IT Solutions, Inc.