Linux Vulnerability Testing Types
The number-one purpose of penetration testing is to identify vulnerabilities. A penetration test is the best way to tell what services are really running on a Linux system.
When viewing such a test from this angle, it is important to understand that there are three ways of approaching it: black, white, or gray.
These three approaches differ in the amount of information you assume you have in the beginning; you can use the color with almost any other word: black box versus white box if it is a piece of software doing the testing; black hat versus white hat if is an individual doing the testing; and so on. The following discussion focuses on the individual and uses box as the preferred noun.
With black-box testing, the tests assume no knowledge of the network and look for vulnerabilities that an outsider might stumble across, such as open ports and weak passwords.
Imagine that a bored miscreant came across your network at random and decided to bring it to its knees.
With white-box testing, the test assumes that the attacker is a knowledgeable insider who’s trying to break the system.
Imagine that you just fired a system administrator and they want to get back at you by crashing your network.
Between these two extremes rests the realm of gray-box testing. Here the assumption is that an insider is behind the problem.
Imagine someone from shipping is angry about not getting the raise he or she thought was deserved, and so wants to make the company pay. The attacker doesn’t have the knowledge an administrator would, but still knows more about the systems than a complete outsider would.