Information Security is very important these days, I have made a listing below of a few penetration testing tools that are very useful for finding weaknesses in the security of your business. This is good when you have a network connected to the Internet, you must ensure that only necessary ports are open to the web. Testing if this is the case is important. A Virtual Private Network can be used instead of exposing multiple services to the Internet, instead, you can log into the one exposed VPN connection, then access the other services over one encrypted connection. This makes your business much more secure. And this still offers enough network speed.
My chosen penetration testing tools
There are a few penetration testing tools that are available on Linux. One famous tool is Nmap.
Wireshark
Wireshark is a wireless scanning tool that allows the capture of all packets travelling over the network. This will be used to see what type of devices are on the network, as the contents of the packets include information on the type of router that is routing packets. This can be used to see if there are any vulnerabilities on that hardware. Researching the hardware can be used to find the default login information for that device, it could have been configured with the unchanged details and this could be used to gain better access to the network.
Wpscan
Wpscan allows scanning of WordPress websites to find various vulnerabilities in the version of WordPress installed upon the webserver. If a vulnerability is found it will be listed with a URL that will give more information about the vulnerability.
Nmap
This is a port scanning tool that is capable of scanning for open ports on remote systems to test the security of that machine. This is used to test the security of a firewall or equivalent security practice to ensure that only critical ports are opened to the world. Nmap may also reveal what operating system is running on the remote machine; and what kernel version. This is important when deciding upon the attacks that will be required.
Using an Amazon AWS cloud instance
An Amazon AWS account has been compromised in the past, but they did not manage to actually gain access to the server itself, only the AWS console (Goodin., 2014). This allowed the attacker to delete backups and snapshots of the instances though. A secure account with a very strong password would alleviate the risk of this occurring. Two-factor authentication would be another way to prevent security breaches on an AWS account and the subsequent loss of data. Amazon does have Multi-Factor Authentication, this would be a strong security method to secure the console from unwanted access. One concern is the OpenVPN vulnerability to the bash shellshock bug (Mimoso, 2014). But the proper configuration of the OpenVPN server will avoid this security risk. The security group on the instance needs to be configured properly to only allow certain traffic through to the instance. If I only have one port open, the others will not be visible.
The cloud instance would be consuming power and this would result in an amount of CO2 released into the environment. Virtualizing a server allows fewer resources to be used to deploy a server instance. This only creates more usage of the server CPU and more RAM is used to run the extra Hyper-V virtualized virtual machine. Using one powerful machine to run virtual servers results in less air conditioning required compared to running a whole server farm of physical servers. Networking is easier, you do not need a whole range of physical switches and cabling. The virtual machine may use a virtual switch to create subnets and manage connections between the server(s) and the client machines. Not using physical switches also results in a cost-saving for the business. Switches have fans and generate heat. As well as consuming power during operation. And a virtual switch may be deleted and remade whenever you wish to change the configuration of the virtual network.
Virtualized hard disk drives are another advantage of the Hyper-V technology over physical drives. Having a large array of physical drives means more heat released into the room and again, this requires more air-conditioning. These measures ensure that the carbon footprint of the virtual network is much lower than a real physical network (Citrix, n.d.) Less space is taken up by the server hardware in the data centre. This means that once again, we have lower costs and far less air-conditioning required. (Malmborg, 2012) 1 Therefore we have:
- Lower costs due to a virtualized server instance.
- Less space is taken up by server racks and switches.
- Less lighting required for the server rooms. They can be remotely managed.
- If a certain VM only needs a certain amount of server resources, then it does not make sense to dedicate a physical machine to run the server instance. A Citrix XenServer or Hyper-V instance can run this with lower costs and less power usage.
Bibliography
Citrix. (n.d.). Akuity.com.
Retrieved from Green IT.: http://www.akuity.com/wp-content/uploads/2013/11/green_it_wp.pdf
Goodin., D. (2014, Jun 19). AWS console breach.
Retrieved from Ars Technica: http://arstechnica.com/security/2014/06/aws-console-breach-leads-to-demise-of-service-with-proven-backup-plan/
Malmborg, D. (2012, Jul 23). How Exactly Does Virtualization Reduce Your Carbon Footprint?
Retrieved from Green data centre news.: http://www.greendatacenternews.org/articles/461317/how-exactly-does-virtualization-reduce-your-carbon/
Mimoso, M. (2014, Sep 30). OpenVPN Vulnerable to Shellshock Bash Vulnerability.
See more at http://threatpost.com/openvpn-vulnerable-to-shellshock-bash-vulnerability/108616#sthash.xNQZ1H5l.dpuf.
Retrieved from Threat Post.: http://threatpost.com/openvpn-vulnerable-to-shellshock-bash-vulnerability/108616