The purpose of this document is to perform a penetration test using two different methodologies to exploit and gain unauthorized access to vulnerable computer systems using a set of penetration testing tools including, Nexpose, Kali Linux, and Metasploitable. These tools are designed to demonstrate common vulnerabilities and subsequently exploit them, which allows security administrators to formulate a plan in regards to remediation and prevention of an actual attack. The purpose of penetration testing is to attempt to access resources without knowing usernames, passwords, and/or any other means of authorized security authentication procedures that may exist for a particular organization or individual. An important thing to consider is the only thing differentiating a penetration tester (White Hat Hacker) from an attacker (Black Hat Hacker) is permission from the attacked to allow it to happen.
What is a MAC Address?
A MAC address is a unique identifier that’s associated to an individual network interface card (NIC). I like to think of them like a Social Security Number for a computer i.e. they are unique and only exist for that particular computer. MACs are what allows the Internet to work, for without them, there would be no Internet.
MAC addresses are also referred to as Hardware Addresses or Physical Addresses that uniquely identify network interface cards on a Local Area Network (LAN). MAC addresses are 12-digit hexadecimal numbers equaling 48 bits or 6 bytes in length. As illustrated in figure 1 below, the first 3 bytes are referred to as the Organizational Unique Identifier or (OUI). This essentially identifies the manufacturer or vender of the physical network card. The last set of 3 bytes represents the specific ID assigned by the manufacturer to that particular network adapter.
Wireless Network WiFi
I will examine Wi-Fi networks and explore the reasoning behind why certain features and options are used or not and how they affect the operation as well as the security of the network. The 802.11 suites of protocols define standards that are drafted and managed by the Institute of Electrical and Electronics Engineers (IEEE). Although most people believe that Wi-Fi and 802.11 are synonymous with each other, the fact is that Wi-Fi is actually a subset of the 802.11 protocols, which is managed by the Wi-Fi Alliance, who were formed in 1999 by several visionary companies. This paper will examine the 802.11n and 802.11ac protocols in particular.