Problem solve Get help with specific problems with your technologies, process and projects.

Penetration testing for Windows systems

Windows hardening expert Jonathan Hassell tells you what you need to know to give your system a proper penetration test.

What do I need to know to give my system the most effective penetration test? Are there particular tools that are better than others? How safe should I feel if my system passes the test and when should I test again?
What you need to know is how to pick the most effective tools. I know quite a few people are enamored with Metasploit, and it was featured in a couple of articles here on SearchWindowsSecurity.com. There's also a great guide to penetration testing, including goals, processes, and tips/tricks provided by Corsaire here.

As far as what to make of the results of the penetration test, I'd feel comfortable if my desktop systems passed the tests once each quarter and my Internet facing servers passed the tests at least once a month, if not more often. These tests can be automated, so it's not at all a management problem to conduct these tests on servers on a more frequent basis.

View questions and answers from all of our Windows security experts here.

This was last published in April 2006

Dig Deeper on Endpoint security management tools

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.