Summary

This chapter covered how to attack UNIX, Microsoft, and Novell servers. You learned that a proper penetration test against these servers has three components:

• Privilege escalation Gaining access as administrator/root/supervisor

• Vulnerability scanners Testing the server against databases of known vulnerabilities

• Rootkits Hiding processes/files

Privilege escalation techniques are often done through buffer overflow exploits. (For more on buffer overflows, see Chapter 14, "Understanding and Attempting Buffer Overflows.") If you are able to gain access as a user on a system, you can perform one of the privilege escalation techniques to gain full access.

Vulnerability scanners save you time in testing a host or network. Every penetration tester should have vulnerability scanners in his toolbox of software tools.

Installing rootkits is important for the penetration tester because it shows proof of concept that you can install files without being detected. A good penetration test is not just looking to see what access he can gain, but what access he can gain without being detected.

Finally, this chapter concluded with some basic steps you can take to secure your servers. This chapter included numerous references that you should review to learn how to secure your environment. Securing your servers is an ongoing process, so be sure to keep their patches up to date and continually research new methods of protecting them.