LWITB_DB: Bad Camera System

I noticed something when I was doing a network scan at the company recently. I found the IP address of the camera systems, and I accessed the device and downloaded all the video footage. Then I found footage of people going behind my back at the company. The audio and video recordings were open. They were mobbing me. After I realized this situation, I kept working at work for a while. One day I lost my job because of these people. But I had the video tapes. When I gave the footage to the prosecutor, they investigated the case for a while and sued the firm.

It turned out to be a crime and the firm was found guilty for putting moral pressure on me. The employees are now in prison because of me, and the firm has been fined 10,000 with my country’s money. Since I deleted all the video footage, no one has figured out what happened, and the recording continues to be kept. It’s open, so it’s still there. It’s very easy to hack into a video system without a username and password.

What is Pentest?

If you are working with web projects, you have to ensure the security of your sites. If you publish your site without Pentest, you risk a lot. These risks can make your site vulnerable and cause your information to be stolen by malicious people.

What do you need to do in this situation?

By putting your site into pentest vehicles and by doing pentests, you can test your site and see how confident your projects will travel on the internet.

Pentest concept; Penetration (Test) is a concept formed by the combination of the test (test) bias. All the contents of a system yada are attacked by aggressive people (yada robots), both software; Both hardware and tested by testing; Are those that are made during software or hardware delivery in the safest manner that the end user will use.

Kali Linux provides us with all the facilities we can use during the pentest phase.

These tests include;

  • External testing
  • Internal testing
  • Blind testing
  • Double blind testing

It shaped.

External testing

They are usually attacked from outside to control internal services and to cause damage. In these attacks, information is usually collected together with the targets to be attacked. Using this information later; Infiltration attacks are done. If one of these attacks is successful, the infiltration will be done externally.

Internal testing

These attacks are usually internal. Internal services are the whole of information used to infiltrate external sources. First, the information obtained in the internal network is used to infiltrate internal systems, and depending on what is needed afterwards, the attacker may use internal resources for external resources.

Blind testing

It is a test using some strategies and simulators. Using these simulators, the pentest process is performed on the target systems and the results are reported and the information is collected. Virtualization of the re-tests related to the vulnerabilities that occur afterwards ensures that system security vulnerabilities are minimized.

Double blind testing

In addition to blind tests, it is a monitor-based monitoring of strategies and simulators and is a method used to avoid security problems that may arise in the future.

In the next article, we will examine the pentest tools and do a sample blind test. See you next article.