Before you can start hacking ethically and running tests, approval must be obtained first. Make sure that what you’re doing is known to all and visible, or at least to the decision makers of the company or institution you’re working for.
Having the backing and sponsorship for the project is just as important. You need someone to authorize you and back you up when someone claims they never asked for the tests to be run or if someone claims you’re not authorized to begin with.
It can be something as simple as an internal memo from your boss. Bottom line is – everything must be black and white…documented down to the last letter. On the other hand, if you’re running the hacking tests for a customer, you must have a signed contract before working. This’ll state that you have obtained the customers authorization and support.
A Hacking Plan
So you’ve obtained the necessary documents and approval? Yeah? Cool! But before you get started, you should have a detailed plan. It doesn’t need volumes and long pages of testing procedures but it must have a well-defined scope.
Here’s what a scope should include:
- Specific systems that needs testing
- What risks are involved or may be encountered during the hacking tests
- How the tests will be performed
- What is the scope and limitation of your knowledge concerning the system to be tested
- What steps should be taken if major security vulnerability is discovered
- What reports should be produced after the tests
Before selecting the systems that you need to test, you should begin with the most critical and vulnerable of all. You may want to start a social engineering attack before moving on to other forms of hacker attacks.
A Contingency Plan
Having a contingency plan is a must for any ethical hacking process and test. You can never tell if something would go awfully wrong despite planning it well. For example, if you’re going to test your firewall or web application, how will it affect the performance of a company and the employees if you’re going to take it down?
It may even cause loss of data, reduce performance, and even cause bad publicity at worst. When testing social engineering attacks and DOS type of attacks, you should handle it with utmost care. You should determine how they will affect not just the systems you’re testing but the entire organisation that you’re working for.
What Approach To Take?
When testing, you must imitate how black-hat and unethical hackers think, behave, and attack. With that in mind, the best approach when testing is to go for an unlimited attack. However, there are some exceptions to the rule. These attacks are denial of service attacks, social engineering, and physical-security tests.
Never stop with one security hole. Keep going until you see the bigger picture…and find everything else that you need to discover that’ll help you make the system secure and a tougher nut to crack.
Check out more info on the following link - http://www.infosectoday.com/Articles/Tiller_Ethical_Hack.htm