Ask the Expert

Penetration testing for Windows systems

What do I need to know to give my system the most effective penetration test? Are there particular tools that are better than others? How safe should I feel if my system passes the test and when should I test again?
What you need to know is how to pick the most effective tools. I know quite a few people are enamored with Metasploit, and it was featured in a couple of articles here on There's also a great guide to penetration testing, including goals, processes, and tips/tricks provided by Corsaire here.

As far as what to make of the results of the penetration test, I'd feel comfortable if my desktop systems passed the tests once each quarter and my Internet facing servers passed the tests at least once a month, if not more often. These tests can be automated, so it's not at all a management problem to conduct these tests on servers on a more frequent basis.

View questions and answers from all of our Windows security experts here.

This was first published in April 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: