EXECUTING THE PLAN
Be careful when you’re performing your ethical hacking tests.
A Hacker in your network or an employee looking over your shoulder may watch what’s going on.
This person could use this information against you.
It’s not practical to make sure that no Hackers are on your systems before you start.
Just make sure you keep everything as quiet and private as possible.
This is especially critical when transmitting and storing your test results.
You’re now on a reconnaissance mission.
Find as much information as possible about your organization and systems, which is what malicious Hackers do.
Start with a broad view of mind and narrow your focus.
Search the Internet for your organization’s name, your computer and network system names, and your IP addresses.
Google is a great place to start for this. Don’t take ethical hacking too far, though.
It makes little sense to harden your systems from unlikely attacks.
For instance, if you don’t have a internal Web server running, you may not have to worry too much about. However, don’t forget about insider threats from malicious employees or your friends or colleagues!