The best way to make sure your infrastructure is secure, is to test its defenses. Just like with backups, you don't know if your system is fully functional until you've attempted a restore and succeeded. No matter how thorough you may be with your firewalls and network systems, we all make mistakes. Not only could you have missed something, but there are constant exploits & holes being released and tested on systems everywhere.

Hence, we need to try Hacking into your own system(s). This technique is commonly referred to as Pen-Testing (Penetration Testing). This is a deep field to go into, so I will just point you in a direction to start off with, by listing some of the common tools used in this field. That being said, the tools required for Pen-Testing, are the same used by hackers, so use caution.

The main tool I use as a basis for testing is Nessus. This application is a Network Vulnerability Scanner with support for Windows, OSX and Linux. It does everything from port scans to distribution specific exploits. The database for all of it's information is kept up to date via feeds. Feeds are provided in 2 forms. Free for home and private use, and a Commercial version that is most frequently updated. The free version is usually only around 24 hours behind the commercial version.

Nessus attempts safe testing for known vulnerabilities, it's mostly non-destructive. Just enough execution to run reporting and list the weaknesses/holes in your systems. It's a very useful tool without the worries of bringing down a particular exploitable unit, although sometimes older equipment such as printers may trigger a lockup and require a restart.

The next step once you have a list of vulnerabilities, is to actually prove or attempt something such as deliver a payload via an exploit, or add a user with certain access. This is where the Metasploit framework comes in. Warning, this tool is very powerful and will allow you to use the actual exploits/vulnerabilities such as injecting a remote application or dll to gain access to a system or network.

As a Security Auditor, you could use NMap to run port scans to list open and closed ports as well as OS finger printing/identification. Then use Metasploit to gain access to a system, and simply change the status of a port to OPEN. Then you could run Nmap again, and show the newly opened ports, accessible via the exploits.

This is a deep subject matter, but this brief mention of tools should get you going in the right direction for testing your own systems. Once you have identified problems, fix them. If you can't, then find security professionals that can help you. The main thing, is identifying the problems and protecting your data.

These tools I have mentioned here are all free with the exception of Nessus having a commercial version. However, you can get started right away with all of them. They are all cross-platform. Nmap comes built in with linux. Mac OSX has Nmap built into the it's Network Utility in it's utilities folder. In Windows, you can use the Zenmap GUI or the command-line version.

These aren't the only tools available either. If you are so inclined, check out the BackTrack Live security CD. It's a bootable Linux CD that comes pre-loaded with these tools and many more. They are very complex and very powerful as well.

• Nessus
• Metasploit
• Nmap
  
• BackTrack Live