I'm working at a relatively small company with less than 500 employees. I've been tasked with setting up an internal pentesting device using Kali Linux, but I'm unsure how to proceed. Is it as simple as running a vulnerability scanner like Nessus and then using Metasploit to verify the vulnerabilities? Also, how do external vendors typically manage their pentesting setups? I'm curious to know the most common practices for internal pentesting.
5 Answers
It’s a valid question, but first, you might want to clarify what your internal goals are. Is this just for regular vulnerability scanning? If you're doing this for compliance, then yes, having an internal pentesting setup makes sense.
Setting this up is a straightforward request, but don't underestimate the knowledge you need. Familiarizing yourself with pentesting methodologies is crucial. For quick testing, checking out resources like Red Canary's Atomic Red Team can be really beneficial as a starting point.
To get started, set up a Kali VM or a dedicated machine running Kali Linux. Make sure to configure a VPN so you can access it remotely. You'll want to use multiple tools for scanning to get a comprehensive view of your security posture. Running tools like responder.py could help reveal potential flaws as well.
Remember that having a "pentesting device" isn't just about the tools like Nessus or OpenVAS. It requires someone skilled in leveraging those tools effectively. In other words, it's not just about having the equipment; it's about knowing how to use it to find vulnerabilities and interpret the results accurately.
Nessus or OpenVAS are solid tools to start with, especially if you can use local machine credentials for more effective scans. Don't forget to also include some way to verify patches as well for a thorough approach.
True, but these tools alone won't give you a full pentest. They are great for scanning, but a real pentest requires deeper analysis and human expertise.
Yes, it's mainly for audit purposes since we need to perform vulnerability scans on our network quarterly. After scanning, we'll analyze the results and adjust our configurations.