Lee Munson of Security-FAQs.com takes a look at penetration testing, and explains that it’s not just big companies that can take advantage of it – you can even apply the principles of penetration testing to your home computer.
Penetration testing (also known as “pen testing”) is a simple term that means you are looking at your computer system to determine if it has any security vulnerabilities that could be exploited.
You usually do this by imagining you are a hacker trying to get into the system. You could use the same tools that the bad guys might use and in the same manner.
Some people might think that you have to be a superhero security expert to be able to do this, but that isn’t really the case. If you have the right software tools you can do this on your own computer as well. It is not as hard as it seems but sometimes it can take some time.
How do you get started?
Getting started with pen testing really all depends on how technical you want to get.
If you are not someone who is technically minded then there are still ways that you can run a homemade pen test on your own system.
First of all, you can try to get a technical friend to help. If you don’t know any such person, then grab a trusted friend who is non-technical and ask them to run a couple of small tests on your system.
First, have them try to get on your system by guessing your login passwords. As they know you, they might start by trying words that are familiar to you or some of the most commonly chosen passwords
But that won’t work since you already know how to make a strong password, right? 🙂
If, however, they do manage to crack your password then you should change it right away because it is clearly far too simple to guess.
After that, try to have them log into your home wireless network – which should be password-protected. This should be the same story. They should not be able to log on even if they know you – because they shouldn’t be able to guess the password.
Remember, your non-technical friend is neither a security professional nor a hacker so if they are able to get into your system then anyone can.
Now check the passwords on all of the websites that you use. Do you have the same password on more than one site?
If you do use the same password for multiple websites, you are going to have to take action – regardless of how “strong” your password is.
If a hacker steals your password from one website that you use then they could then use that same password on any other site that you frequent.
Now, the last thing that you should do is check to see if your anti-virus software, security patches and firewall are correctly installed and up-to-date. Security software like this, and good common sense, should protect you from the majority of the attacks you might encounter on the web.
If you are a technical user
If you are someone who can handle a high level of technical situations then there a number of tools that are available to you. Fortunately a lot of the professional pen test tools are open source which means they won’t cost you anything.
If you go to websites such as sectools.org or pentesttools.com you will find a lot of security tools that – if used with care – can help you check your system is defended from outside attacks.
Leave a reply
