Home
Topics
Data backup security
What's the best methodology to use when testing for storage security vulnerabilities?

FAQ

What's the best methodology to use when testing for storage security vulnerabilities?

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

Storage security information

Why and how your storage environment will be attacked

Five must-have storage security testing tools

Protect your data from hidden threats

It's like any other type of information security testing. First, perform your reconnaissance; see what others can see within the network or looking in from the Internet. Next, scan your ports and enumerate your systems to see what services are loaded and available. Now, check for vulnerabilities using testing tools such as those in my article "Five must-have storage security testing tools, and look for missing patches, poor configurations and other loopholes. Finally, try exploiting those vulnerabilities.

I normally recommend that you try to exploit your vulnerabilities as long as there is no negative impact on the production environment or on the integrity of your storage. I feel that the exploitation process can add a lot of value and help get the attention of network administrators, developers and even upper management. A screenshot of a remote command prompt on a server or some other host in your storage environment can be a powerful vehicle for change.

Be sure to wrap your testing into a higher level ethical hacking methodology that includes planning things out so that everyone knows what is being tested. Next, perform the testing and analyze the results from your testing tools and manual assessments. Prioritize your findings and make recommendations before reporting the results. Finally, implement your changes to address any issues that you might have discovered.

Listen to the Storage Security FAQ audiocast here.

Go to the beginning of the Storage Security FAQ Guide.

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in March 2007

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

More from Related TechTarget Sites

Solid State Storage
Virtual Storage
Cloud Storage
Disaster Recovery
Storage
Storage UK
Storage Channel

searchSolidStateStorage
- Flash storage arrays take center stage at Storage Decisions
  
  Storage Decisions conference attendees received the lowdown on flash storage arrays, along with advice not to ignore other storage tiers.
- Intel S3500 Series SSDs intended for cloud computing
  
  The Intel S3500 Series lineup of solid-state drives is intended to move data centers to an all-SSD model.
- What is SCSI Express designed to accomplish?
  
  Independent storage expert Marc Staimer answers a SCSI Express question in this Expert Answer.
Virtual Storage
- Avoid VDI performance issues with monitoring, testing and tools
  
  Steer clear of VDI performance issues with freeware monitoring and internal testing methods, and free up storage and staff resources as well.
- Nutanix Inc. ships larger, smaller converged storage platforms
  
  Nutanix brings out two new versions of its converged storage systems, one for remote offices and a more storage-intensive data center version.
- VMTurbo takes its talents to the storage level
  
  VMTurbo expands its Operations Manager software for virtual infrastructure into the storage level -- providing your storage is NetApp filers.
CloudStorage
- Users consider combo of Red Hat OpenStack with Red Hat Storage
  
  Red Hat integrates its storage software with its Red Hat OpenStack open source cloud distribution and updates roadmap for year-old storage server.
- OpenStack Swift object storage: How does data placement work?
  
  OpenStack Swift uses regions, zones, servers, drives for data placement and places three copies of each object in unique-as-possible locations.
- Are cloud storage sales to blame for storage slowdown?
  
  Many people say cloud storage companies such as Amazon are eating away at storage sales and revenues. But others say the numbers don't add up.
searchDisasterRecovery
- Expert advice: Using replication in your DR strategy
  
  Replication is increasingly finding its way into organizations' DR strategy. Check out our recent expert advice on the topic.
- Expert advice: Considerations for a facility DR/BC plan
  
  Learn about creating a disaster recovery and business continuity plan for your organization's facility with this collection of expert advice.
- Building an incident response plan
  
  Learn how incident response plans offer a starting point for responding to a situation and then deciding how to proceed in this tip from Paul Kirvan.
searchStorage
- Imation upgrades Nexsan Assureon object-based storage archive
  
  Imation makes first product upgrade since acquiring Nexsan, delivering Assureon 7 for object-based storage archiving.
- Following Dell acquisitions, users find platform integration enticing
  
  Customers want to see the storage products Dell has gained through acquisitions better integrated with common management.
- Converged systems offer turnkey storage and server bundles
  
  Storage vendors are packaging their products with servers and networking gear to create ready-to-run converged systems. Could this be the end of best-of-breed deployments?
searchStorageUK
- Dell cloud storage plans remain hazy
  
  News of a Nirvanix partnership filled in some details about Dell's cloud storage strategy, but the company still treats its cloud plans as a secret.
- Storage Radio: Riverbed Whitewater appliance chases enterprise
  
  In our latest Storage Radio podcast, SearchStorage.com editors discuss the Riverbed Whitewater cloud data backup appliance for enterprise backups.
- Finding data deduplication solutions for DR
  
  Deduplication is an important strategy for disaster recovery. Learn more about data dedupe solutions in this expert tip by Paul Kirvan.
searchStorageChannel
- Hitachi Data Systems Partner Program Checklist
  
  Learn the benefits of becoming a Hitachi Data Systems reseller partner with our Partner Program Checklist.
- Yosemite Technologies Partner Program Checklist
  
  Learn the benefits of becoming a Yosemite Technologies reseller partner with our Partner Program Checklist.
- CommVault, Inc. Partner Program
  
  Learn about data management software vendor CommVault, Inc.'s partner program in this standardized checklist.

All Rights Reserved,Copyright 2008 - 2013, TechTarget