Firewall penetration testing

[Zia 7]

Hello,
I want to know about how to fight and defend against attempts to penetrate your machine. I have also heard that penetration testing can be also used against an Ethical Hackers. I am very desperate for an information about the Firewall penetration testing. Last time your replies were proved beneficial for me, so thought to take some more help from you guys.!!

[Steve123]

You should first understand the concepts of the firewall testing. Firewall testing is one of the most useful of a set of alternatives for evaluating the security effectiveness of a firewall. You can get number of tools to test the security of our applications. However penetrating into computer networks are sometimes bottleneck because of firewalls. There are several approaches in the fight against pirates and against all forms of intrusions and extrusions unsolicited to and from our computers. The firewall software, free or commercial, meet the financial requirements of the particular standard, the other (hardware firewall) are the professional sector.

[Big Fish]

You can practice Penetration Testing On-line. Series of online tests, free, accessible to individuals. If these tests are "bright" for the individual and serve, incidentally, to sell the firewall (firewall), they are totally insignificant to the IT department of a company. Large structures will focus on professional tools like Core Impact or hire of the world (former super-hacker, for example). You will find all the same, on this page penetration testing on-line testing of Space Security is a free Web service professionals open to individuals.

[Zachary]

A penetration test is a method for evaluating the security of a system or computer network. The method generally involves simulating an attack by a malicious user or malicious software. It then analyzes the potential risks due to improper configuration of a system, a lack of programming or a vulnerability in the tested solution. During a penetration test, we find ourselves in the position of the potential attacker. The main purpose of this maneuver is to find vulnerabilities exploited to propose a plan of action to improve the security of a system.

[Snake08]

The analysis of Penetration test can be achieved in three ways :

1. The tester is in the skin of a potential attacker , and has no information;
2. The tester has a limited amount of information;
3. The tester has the information he needs.

After finding the active programs that communicate with another network, find a flaw in these applications can lead to corrupt a whole system in a short time.

[Otto]

This test is to simulate the attack by a malicious user or a malware. Risks are then analyzed potentials due to a misconfiguration of a system, a lack of programming or of a vulnerability in this solution in the target computer system. During a penetration test, we therefore find in the position of the potential attacker. The main purpose of this maneuver is to find exploitable vulnerabilities in order to propose an action plan to improve system security.

[Norberd]

For penetration testing, the tester has several tools :

• The web : it may seem insignificant but it can become a veritable mine of information (email addresses, street addresses, phone numbers ...) on a given target (natural or legal entity) this practice becomes commonplace with social networks and search engines.
• The service DNS using nslookup and dig tools to query the servers DNS to obtain either the IP address based on a domain , or vice versa, or the domain name servers through which emails . Furthermore, the DNS records often provide useful information.
• The service whois that, even if its data are not always up to date, to retrieve various information about an IP address or domain name .